Except NetIntercept is available now, and DragNet is avaialable in 2003. Oh, and NetIntercept comes with SSH2 decryption by default. (It involves compromising one half of the connection.) And NetIntercept is silent on the monitored wire, making it difficult to detect or tamper with.
There is also Raytheon's SilentRunner and Niksun's NetDetector. But while the privacy wonks
are running scared, they are missing the essential usefulness of these tools. It's for forensics - something goes wrong, you can go back and see what it was. I can't comment for the other tools, but NetIntercept makes digging 500,000+ connections from 2 weeks ago easy.
Yes, I work for Sandstorm. Our motto, "Tools with Sharp Edges". Its a fun company.
Thanks for plugging your product, but try to get the details straight. The product Mr. Garfinkel is talking about, NetIntercept, is recording packets directly off of a network interface, not analyzing log files.
From a forensics point of view, packets are more reliable than logs. The work that these products are doing is not even comparable, in terms of accuracy of network forensics. The packet based method gives you greater detail.
After a competent system compromise,the best you can hope for with distributed logfile analysis is discrepancy checking between systems and flagging of suspicious data. Having a packet history allows you to reconstruct the session, and figure out how what got recorded in your logs happened.
It is somewhat more difficult to go from logs back to packets, eh?
According to a friend of mine at the Whitehead Institute at MIT, which is part of the HGP, Celera has sequenced the data from one person, not assembled it. To have all the data sequenced is the equivalent of having every character from the source files for the linux kernel, but not knowing what order they are in.
HGP as of mid March had completely sequenced and assembled 2/3 of the genome, based on 6 individuals. Current amount complete is closer to 75%.
This really trashes Celera's business plan, which as far as I know is to sell the sequenced data to companies like Amgen for them to assemble and profit from. At least 2/3 of the information is already available gratis, already assembled.
Of course, this also makes Celera's work easier, since it can use the 2/3 of assembled data as a backbone against which to assemble the remaining third. But by the time they finish that, how much more will the HGP have published.
I've read/. and AMDzone for a while now. I use and advocate for the use of AMD products. When reading previews of new tech, I like to know who wrote the piece, and what the connection between the tech and the author is. AMDZone is ran by Chris Tom, aka ruiner. Highlight the name attached to most posts on the site and check the email address. The site ruiner.net makes reference to his work on AMDZone.
The intentional use of "they talk about" in the post here, which indicates to the reader a separation between the poster and the site referenced, is definitely misleading. There is only one thing worse than faking impartiality, getting caught doing it. No, this is not a major sin, but it is a common marketroid sin, and it is one I prefer not to see either of my regular reads getting into. Ya gotta teach'em while they're stil youngins, else they never learn.
This is just an FYI for those of us who know preview is another word for marketroid. There is probably some meaty goodness in the article, but remember the source.
Katz wastes bandwidth. If he wants a a forum with a built-in audience, let him seek it elsewhere. I could see this post as a link in a quickie, but only if it offered some insight on the movie as commentary on technophobic escapism beyond the obvious. But it doesn't, it reads like someone trying be Gene Shallit to the geek set. There are already numerous hype and review sites, slashdot does not need to become one. Even the simpsons movie post was more targetted to promote discussion on this board than this.
Perhaps this is a misguided attempt to boost readership. Perhaps someone thinks that slashdot is too "nerdish" and could use a generic movie review to attract a mainstream audience. Slashdot is not about readership, its about discussion. Most of us who read here do so for the content provided by other readers, not to read the editor's attempt at being a movie reviewer. This post did nothing to create new or interesting user content. It's fluff.
I don't want to see him banned from Slashdot, sometimes what he writes shows a modicum of insight and thought that I have come to expect from slashdot. I just don't want him submitting posts without going through some editorial process. The rest of us have to do it. Katz has clearly shown less restraint and good judgement than any other editor, put him back down to the level of any other poster, where he belongs.
If you feel that Jon Katz has wasted enough space with articles that are poorly editted, poorly thought out, or just off topic, please follow this message up with a vote in the affirmative.
I will be doing something that I never wanted to do, and shutting off all posts by a/. editor.
Does anyone edit your writing? While the ideas behind the article are worthwhile, you fail to evaluate any of the ideas critically. Admittedly, you have a forum full of critical thinkers to do that for you. Still, the sheer redundancy of phrases and the disconnected paragraphs of your post indicates that you write to impress us rather than express to us.
You've got decent ideas, but their unrefined, redundant presentation gets in the way. You waste 1140 words on what could have been luxuriantly expressed in under 500.
We aren't paying you by the word. In fact, quite the opposite. As technical professionals, we prefer clean, thorough text to self-aggrandizing redundancy. Please consider this when submitting your next piece.
how do atheists respond to the following argument:
Atheism denies the existence of God. To deny God's existence demands omniscience on the part of the denyer - who would then be (by many definitions) God. So Atheism is not intellectually credible.
Atheism leads to agnosticism by this argument.
That is one of my favorites, it has so many responses. It also gives me the opportunity to use the phrase "invisible pink unicorns playing ragtime silently behind your back when you aren't looking. "[1] Ask yourself the following about that phrase:
Have you evaluated all the possibilities that this could be happenning so as to assure that it is not?
Is it allowable to adjust the definition of unicorns, (or any other word used) to make it more possible? Say unicorns don't have to horse size, etc.
If some one told you that these pesky unicorn would not bother you if you just chanted their name, would you do it?
If the belief became fashionable, would you lend it credulity?
What burden of proof would you place upon yourself to disprove it, and what burden of proof would you place upon those who claimed it?
How much does the risk/reward ratio have to be adjusted for you to shift the burden of proof?
Now let's suppose someone claimed that there is a god to me. First they claim horrible loss if I fail to believe. I take a look around and see that there are numerous people making the same offer, but that none of their products are identical. So I put the burden of proof on them. They present me with their body of evidence, which I go through methodically and either
refute specific claims.
show as unreachable without an assumption of first principle.
or show other examples of similar style or pathology (thus denying the unique divinity of based on the claim that "no other has ever done this". C.S. Lewis favorite Lord Liar Lunatic)
Their claim, having failed on these counts, is rejected. I do not believe in their god , (or insurance plan, or get rich quick scheme, or tax doctrine,....) For N claims, repeat N times.
Put succinctly, Atheism is not merely the denial of the existence of god(s). That would be anti-theism, which is sometimes referred to as strong atheism. Anti-theism is a favorite misconception among Christians for explaining away atheist (we're angry with your god), while it only explains a relatively small portion of atheist. Weak Atheism (a name I truly despise, because the connotation is wrong.) is life without attachment to a personal belief in God one way or the other. This differs from agnosticism, which claims that it is unknowable one way or the other. The unicorns should not occupy your thoughts for more than a moment, as you can patently see that it is a waste of time (or maybe, a form of paranoia). The presense of another person's belief in them should be concretely addressed. While I do not put belief in gods, I do believe that there exists a belief in God in others that I must deal. When I find my ambivalence on the subject attacked, I respond with a critique of the attachment to the belief.
Just because one does not believe in the divinity of scripture does not mean that one automatically fails to use any knowledge held therein. As my reading list should indicated, I know the subject fairly well.
One sig put it best, "When you understand why you don't believe in any other gods but yours, you will understand why I don't believe in yours."
For one who is so well versed in the arguments for and against the existence of god, I am sad to see that you have next to no knowledge of the Christian theology you bad mouth with such vigor.
Ah, yes, unknowledgeable on Christian Theology am I? Lets see, a casual perusal of the theology section of the library in my house shows....
Bible: KJV, NSRV, Catholic Standard and Apocrypha.
The Confessions of St. Augustine
The apologies of C.S. Lewis
The Gnostics
The Other Bible (a collection of pre-Catholic writings)
The Jefferson Bible
The Glorious Quran
Science and Health, with Key to the Scriptures (relatively modern Gnostic)
Yep, that's me, woefully under educated on this stuff. I should just not comment. After all, what leg do I have to stand on?
Funny, how if you read that together with the other books on my shelf, such as Power and Prospects by Noam Chomsky and The Demon Haunted World by Carl Sagan you can look at it a bit more analytically.
Lastly, please do not put words into my mouth. I never said that every Christian was foolish. I just made the point that most shouldn't take casual swipes at atheists every time they get the itch to be evangelical. Most thinking Christians I know aren't Bible literalists or anti-evolution. They understand the beauty of the contradiction of faith and accept it as a choice. Most ignorant Christians I know have crumbled when they've chosen to debate the bible with me, invoking the falacies I listed.
I'll make you a deal, you go read The Demon Haunted World and I'll go get Hans Kung's book.
Forgive me if I don't jump in the air and scream "At last! Non-belief in God is intellectually credible! I can stop this Christianity lark and go out into the evil, bad world as an atheist with my intellectual pride intact..."
As an atheist who finds this quantum evolution to be utter tripe, more akin to the dogma of religion than science, I find your comments offensive. Just because one person writes something half-assed, you decide to take a swipe at atheists. Well, I got a few questions for you.
Since when is Belief in God intellectually credible? Please don't bother with any of the following arguments, as any educated atheist can tear them to shreds.
Pascal's Wager.
Arguement from incredulity (Well I can't believe that this happened, so there must be a (insert bullshit proposition here)).
Argument from design.
Affirmation of the consequent. Saying A ->B, B is true, therefore A is true.
Argument from Antiquity. Millions of people have been mislead for thousands of years, therefore its right.
Evolution violating the second law of thermal dynamics. The earth is not a closed system.
In your world, is atheism solely the result of pride?
Does massive unlikelihood always cause your mind to boggle? What about literal interpretations of the bible?
Are you still clinging to a belief that the earth is only 5000 years old? (A much smaller, less mind boggling number)
Is your self-loathing religion the only source of decency? Are you only capable of acting ethically with the threat of your supernatural diety sending you to torture and torment hanging over your head?
Perhaps you can't conceive of other people being stronger than you are, acting ethically by reason rather than threat. Perhaps the evil, bad world you live in is an after effect of seeking moral guidance from an outdated book, which you allow some other man in a collar to re-interpret for you on a weekly basis rather than expending the mental energy to read and think for yourself.
There is no IGC. All the Geek Cities in the US attract people for different reasons.
Boston: Intellectual climate. Where else can you attend a Rivest or Chomsky lecture on your lunch hour? Great public transportation.
SV: Weather, vast ocean of different jobs, vast ocean period. When you are in the SV you are two hours tops away from any type of terrain/activity. Intellectual climate: Stanford, Berkeley.
San Diego: Weather.
NYC: It _is_ the center of the world.
Atlanta: CNN, lots of telecom.
It requires a seed group of people to create a place of interest. What seeds were planted in Pittsburgh?
"The difficulty with computer security is that programmers write code to allow a course of action, not to prevent another. In order for computer security to become a reality, the design methodology must be changed."
Any programmer worth their check does program defensively. Certain languages support the writing of "safe code" more easily than others. It requires less fore-thought to program defensively in Java than it does in C. The results, however, will not be as fine tuned. Any methodology for designing and producing safe code must take this, the experience of those implementing it, the environments the product could be used int, into account. L0pht has compromised many designs. Have you seen any design/impl (hardware or software) methodologies that yield more secure results than others? Could you give reference to them?
In my experience, it has always been a matter of refinement. Security is relative.
Slashdot Mirror
There is also Raytheon's SilentRunner and Niksun's NetDetector. But while the privacy wonks are running scared, they are missing the essential usefulness of these tools. It's for forensics - something goes wrong, you can go back and see what it was. I can't comment for the other tools, but NetIntercept makes digging 500,000+ connections from 2 weeks ago easy.
Yes, I work for Sandstorm. Our motto, "Tools with Sharp Edges". Its a fun company.
From a forensics point of view, packets are more reliable than logs. The work that these products are doing is not even comparable, in terms of accuracy of network forensics. The packet based method gives you greater detail.
After a competent system compromise,the best you can hope for with distributed logfile analysis is discrepancy checking between systems and flagging of suspicious data. Having a packet history allows you to reconstruct the session, and figure out how what got recorded in your logs happened.
It is somewhat more difficult to go from logs back to packets, eh?
According to a friend of mine at the Whitehead Institute at MIT, which is part of the HGP, Celera has sequenced the data from one person, not assembled it. To have all the data sequenced is the equivalent of having every character from the source files for the linux kernel, but not knowing what order they are in.
HGP as of mid March had completely sequenced and assembled 2/3 of the genome, based on 6 individuals. Current amount complete is closer to 75%.
This really trashes Celera's business plan, which as far as I know is to sell the sequenced data to companies like Amgen for them to assemble and profit from. At least 2/3 of the information is already available gratis, already assembled.
Of course, this also makes Celera's work easier, since it can use the 2/3 of assembled data as a backbone against which to assemble the remaining third. But by the time they finish that, how much more will the HGP have published.
I've read /. and AMDzone for a while now. I use and advocate for the use of AMD products. When reading previews of new tech, I like to know who wrote the piece, and what the connection between the tech and the author is. AMDZone is ran by Chris Tom, aka ruiner. Highlight the name attached to most posts on the site and check the email address. The site ruiner.net makes reference to his work on AMDZone.
The intentional use of "they talk about" in the post here, which indicates to the reader a separation between the poster and the site referenced, is definitely misleading. There is only one thing worse than faking impartiality, getting caught doing it. No, this is not a major sin, but it is a common marketroid sin, and it is one I prefer not to see either of my regular reads getting into. Ya gotta teach'em while they're stil youngins, else they never learn.
This is just an FYI for those of us who know preview is another word for marketroid. There is probably some meaty goodness in the article, but remember the source.
Katz wastes bandwidth. If he wants a a forum with a built-in audience, let him seek it elsewhere. I could see this post as a link in a quickie, but only if it offered some insight on the movie as commentary on technophobic escapism beyond the obvious. But it doesn't, it reads like someone trying be Gene Shallit to the geek set. There are already numerous hype and review sites, slashdot does not need to become one. Even the simpsons movie post was more targetted to promote discussion on this board than this.
Perhaps this is a misguided attempt to boost readership. Perhaps someone thinks that slashdot is too "nerdish" and could use a generic movie review to attract a mainstream audience. Slashdot is not about readership, its about discussion. Most of us who read here do so for the content provided by other readers, not to read the editor's attempt at being a movie reviewer. This post did nothing to create new or interesting user content. It's fluff.
I don't want to see him banned from Slashdot, sometimes what he writes shows a modicum of insight and thought that I have come to expect from slashdot. I just don't want him submitting posts without going through some editorial process. The rest of us have to do it. Katz has clearly shown less restraint and good judgement than any other editor, put him back down to the level of any other poster, where he belongs.
If you feel that Jon Katz has wasted enough space with articles that are poorly editted, poorly thought out, or just off topic, please follow this message up with a vote in the affirmative.
I will be doing something that I never wanted to do, and shutting off all posts by a /. editor.
Does anyone edit your writing? While the ideas behind the article are worthwhile, you fail to evaluate any of the ideas critically. Admittedly, you have a forum full of critical thinkers to do that for you. Still, the sheer redundancy of phrases and the disconnected paragraphs of your post indicates that you write to impress us rather than express to us.
You've got decent ideas, but their unrefined, redundant presentation gets in the way. You waste 1140 words on what could have been luxuriantly expressed in under 500.
We aren't paying you by the word. In fact, quite the opposite. As technical professionals, we prefer clean, thorough text to self-aggrandizing redundancy. Please consider this when submitting your next piece.
Atheism denies the existence of God. To deny God's existence demands omniscience on the part of the denyer - who would then be (by many definitions) God. So Atheism is not intellectually credible.
Atheism leads to agnosticism by this argument.
That is one of my favorites, it has so many responses. It also gives me the opportunity to use the phrase "invisible pink unicorns playing ragtime silently behind your back when you aren't looking. "[1] Ask yourself the following about that phrase:
Now let's suppose someone claimed that there is a god to me. First they claim horrible loss if I fail to believe. I take a look around and see that there are numerous people making the same offer, but that none of their products are identical. So I put the burden of proof on them. They present me with their body of evidence, which I go through methodically and either
- refute specific claims.
- show as unreachable without an assumption of first principle.
- or show other examples of similar style or pathology (thus denying the unique divinity of based on the claim that "no other has ever done this". C.S. Lewis favorite Lord Liar Lunatic)
Their claim, having failed on these counts, is rejected. I do not believe in their god , (or insurance plan, or get rich quick scheme, or tax doctrine,....) For N claims, repeat N times.Put succinctly, Atheism is not merely the denial of the existence of god(s). That would be anti-theism, which is sometimes referred to as strong atheism. Anti-theism is a favorite misconception among Christians for explaining away atheist (we're angry with your god), while it only explains a relatively small portion of atheist. Weak Atheism (a name I truly despise, because the connotation is wrong.) is life without attachment to a personal belief in God one way or the other. This differs from agnosticism, which claims that it is unknowable one way or the other. The unicorns should not occupy your thoughts for more than a moment, as you can patently see that it is a waste of time (or maybe, a form of paranoia). The presense of another person's belief in them should be concretely addressed. While I do not put belief in gods, I do believe that there exists a belief in God in others that I must deal. When I find my ambivalence on the subject attacked, I respond with a critique of the attachment to the belief.
Just because one does not believe in the divinity of scripture does not mean that one automatically fails to use any knowledge held therein. As my reading list should indicated, I know the subject fairly well.
One sig put it best, "When you understand why you don't believe in any other gods but yours, you will understand why I don't believe in yours."
Cheers,
Ah, yes, unknowledgeable on Christian Theology am I? Lets see, a casual perusal of the theology section of the library in my house shows....
Yep, that's me, woefully under educated on this stuff. I should just not comment. After all, what leg do I have to stand on?
Funny, how if you read that together with the other books on my shelf, such as Power and Prospects by Noam Chomsky and The Demon Haunted World by Carl Sagan you can look at it a bit more analytically.
Lastly, please do not put words into my mouth. I never said that every Christian was foolish. I just made the point that most shouldn't take casual swipes at atheists every time they get the itch to be evangelical. Most thinking Christians I know aren't Bible literalists or anti-evolution. They understand the beauty of the contradiction of faith and accept it as a choice. Most ignorant Christians I know have crumbled when they've chosen to debate the bible with me, invoking the falacies I listed.
I'll make you a deal, you go read The Demon Haunted World and I'll go get Hans Kung's book.
Cheers,
As an atheist who finds this quantum evolution to be utter tripe, more akin to the dogma of religion than science, I find your comments offensive. Just because one person writes something half-assed, you decide to take a swipe at atheists. Well, I got a few questions for you.
In your world, is atheism solely the result of pride?
Does massive unlikelihood always cause your mind to boggle? What about literal interpretations of the bible?
Are you still clinging to a belief that the earth is only 5000 years old? (A much smaller, less mind boggling number)
Is your self-loathing religion the only source of decency? Are you only capable of acting ethically with the threat of your supernatural diety sending you to torture and torment hanging over your head?
Perhaps you can't conceive of other people being stronger than you are, acting ethically by reason rather than threat. Perhaps the evil, bad world you live in is an after effect of seeking moral guidance from an outdated book, which you allow some other man in a collar to re-interpret for you on a weekly basis rather than expending the mental energy to read and think for yourself.
Cheers,
There is no IGC. All the Geek Cities in the US attract people for different reasons.
Boston: Intellectual climate. Where else can you
attend a Rivest or Chomsky lecture on your lunch hour? Great public transportation.
SV: Weather, vast ocean of different jobs, vast ocean period. When you are in the SV you are two
hours tops away from any type of terrain/activity.
Intellectual climate: Stanford, Berkeley.
San Diego: Weather.
NYC: It _is_ the center of the world.
Atlanta: CNN, lots of telecom.
It requires a seed group of people to create a place of interest. What seeds were planted in Pittsburgh?
I read something to the gist of this recently:
"The difficulty with computer security is that programmers write code to allow a course of action, not to prevent another. In order
for computer security to become a reality, the design methodology must be changed."
Any programmer worth their check does program defensively. Certain languages support the writing of "safe code" more easily than others. It requires less fore-thought to program defensively in Java than it does in C. The results, however, will not be as fine tuned.
Any methodology for designing and producing safe code must take this, the experience of those implementing it, the environments the product could be used int, into account. L0pht has compromised many designs. Have you seen any design/impl (hardware or software) methodologies that yield more secure results than others? Could you give reference to them?
In my experience, it has always been a matter of refinement. Security is relative.