Sure, the price is dropped to less than a dollar, but you'd be paying the phone back twice in the monthly contract fees. Wake me up when the phone is 99 cents without a contract or a lock.
They have vast botnets, once an IP gets blocked, they just continue from the next IP. I haven't seen brute forcing coming from the entire botnet by default myself, but I'm sure there are crackers that have figured this out by now. You're merely obfuscating the weakness with your solution. Sure, it's effective against quite a few types of drive-by attacks, but the only solution is to stop accepting passwords and require PKI for ssh auth.
You do this so you can tell that somehow your design and security measures have failed. If these accounts get used, whether it is with the proper password or just the username (or other user data in your databases) you can be sure that you have a data leak somewhere. By smart placement of the data and adding new "honey data" regularly, you should be able to predict where and when you had a breach. Don't just use user/password combinations for this concept, but also put other "honey data" that might get stolen in, so someone that steals your address database or entire customer data (internal theft by employees) will get caught. Depending on how your system is built up and used and the type of data, you can even use it to pinpoint the employee or exact server that has been compromised.
Techniques like this have been in use for many many years. Most maps have on purpose flaws in them so illegal copies are identifiable. Most address databases for sale commercially have fake addresses in them as well. I've used this sort of techniques before on large customer databases. I'm surprised that this is getting so much attention, I thought it was "industry best practice" for a while now?
In most cases it's just simple straight forward porting of the application and it's no rocket science. They probably have a zillion workarounds with spreadsheets and whatnot to work around missing functionality already. A decent software architect can probably design a better system that can be built with off the shelf components in little time in as little as a week. Building those systems often doesn't take that long and providing people are using off the shelf components and libraries, the amount of custom code that may mess up will be rather limited. By designing with failure and insecurity in mind, catastrophic failures will be very unlikely, since the built in checks should prevent those before any escalation is possible. Not everyone uses large, interlinked systems. Most are just a single task single system setup. To upgrade those isn't complex or expensive.
Most tablet users own a laptop. They rather use the full laptop to do actual office work and use the tablet for media consumption and touch screen apps. Sales of the different devices clearly show that the vast majority of people isn't interested in hybrids, regardless the OS or applications on them. Windows 8, Android and iOS all have a very limited amount of users working with a tablet-with-keyboard style hardware device.
In telco land, they count each connection, even to an answering service, at least one minute. Actual talk time is much less than those 459 minutes. It's probably less than 2 hours. Any silence during those calls is not recorded, you probably have less than 60 minutes per month to record and that is per two telephones, since there's nothing to record if there aren't two telephones connected to each other.
But cell phones typically use only 8Kbps "on air". This means that a factor 8 compression of "uncompressed" 64Kbps is feasible and that's probably what they achieve, maybe even more, if they wanted to record it all.
Maybe Postgres is a better DB in a theoretical way. It could be that in a brand new design for an application, it will be better in practice as well. However, if you run existing code or use an "off the shelf" open source application, chances are, it will be tested and developed on MySQL/MariaDB and not on Postgres. Until the choice is just as easy to make as the choice for either MySQL or MariaDB, I doubt it's "better" for 90+% of all MariaDB/MySQL users. Those users have a choice for either something that works, or something that will need a lot of porting and testing done. It may seem small and insignificant to Postgres experts to do that, but to those 90+%, it ishttp://developers.slashdot.org/story/13/05/05/2050220/there-is-no-reason-at-all-to-use-mysql-mariadb-mysql-founder-michael-widenius?utm_source=rss1.0mainlinkanon&utm_medium=feed# most likely far beyond their capabilities, probably cost prohibitive and in a lot of cases just not an option at all.
If you want the "free" version, there isn't a significant difference for 95% of users, agreed. However, MariaDB support is miles better and cheaper than Oracle's "Enterprise MySQL" support is. Also, calling Monty names is cheap and rather unfounded.
The whole Sabre engine is still conceptual and not one working engine has flown anywhere. Also, the SABRE relies totally on liquid helium to cool air and can't use any other gas. Since Helium supplies are very limited and the price is kept artificially low, no large commercial flight will ever be possible with this technology.
Until recently, almost all desktop monitors were 86 DPI/PPI. Any oddballs were professional graphic designer displays or a few extremely expensive laptops and of course the UNIX X displays on SGI, HP and SUN systems. Now we have retina displays, tablets, multiple-display setups and what not. Most operating systems now have some form of support for PPI independent rendering in place, but almost no applications support this yet. Try putting your laptop display next to an external display and getting the windows and fonts to be the same physical size and moving them from one screen to the other to see what I'm talking about. Embedding 8pt and 12pt fonts at 86DPI made a lot of sense when this standard was being devised. It wasn't until portable displays started becoming popular that 86DPI wasn't the standard anymore.
Putting Dubai on the list will make the entire Arab region stop selling oil to the USA and all of it's allies. Morality is nice, but not if it threatens your cheap gasoline. It will never happen.
If the seller believes in his product, or if he's forced by law (like in many countries in Europe) they would offer the warranty as a standard. Did you know that in some countries Europe if a car wears significantly faster than should be expected, they have to replace parts and pay labor completely for the entire economic life of the car? That's 10 years and 200000 KMs for a family gasoline car. Warranty against manufacturing defects on consumer electronics is a mandatory 2 years. These laws have resulted in better quality products and manufacturers having to replace a lot of "bad designs" and improve on them. Government regulation isn't always bad. The only negative is that there are no real class action lawsuits possible in Europe, so it often takes a consumer organization to make a manufacturer proactively recall/replace faulty products. Government regulation isn't always bad.
Gartner is so incredibly wrong here. You can't control a plethora of devices connecting to your office network. In reality, you'll have to assume that all devices that connect to you are inherently evil and users using them will be snooped on and their logon credentials will get sniffed. This means you first have to "weaponize" every application you run on your IT infrastructure and make it available as a web service. You'll have to issue two-factor authentication that uses a dynamic element such as a challenge/response hardware key generator. Only when you have everything like that in place, you can "safely" start using BYOD in a corporate environment. By then, there is no more need for people to actually be in the office to do their work, apart from meetings. For meetings, you can always call in or video conference from home. Effectively, the only way to pay for this is to quit renting office space and go completely virtual. Because you no longer rent office space, renting a separate server room will cost you dearly and you'll need your admins to have office space close to that room, so you're still running a brick company. Going to "the cloud" will be more or less mandatory for such a company, from an economic view point. I don't see a significant amount of companies do all this within the next four years. I do see a lot trying to save a few bucks on the abysmal hardware budgets they already have and fail horribly at productivity and security and reverse their decisions, spending much more in the process and not gaining anything.
Every person in the money factory for the federal reserve gets to bring his own dollar printing device and takes it home in the evening. Splendid idea. What could possibly go wrong.
By admitting they let people play a machine that contained buggy software, the casino admits they committed a federal offense. The guy that's being charged now was just playing the machine by the rules the machine gave him. Nothing more, nothing less. The truth, the whole truth and nothing but the truth. They might want to make you believe a small part of their explanation of the truth, but they are leaving large bits of it out that is incriminating them, not the guy that has pulled the money out.
Gambling machines are probably better tested for bugs and flaws that most military computer equipment. I'm not kidding, the amount of testing vendors *and* the US government puts gambling machines through before they get set loose on the general public is humongous. If both the vendor and the US government didn't classify this bug in their rigorous testing, it's not a bug. Either that, or *all* gambling machines are tested inadequately and should be pulled from casinos immediately. I wonder what costs more, pulling all gambling machines and retesting them with a new to devise method, or just letting this guy keep the money and pulling only video poker.
Several people died in the explosions on the drilling rig. However (un)important the damage to the economy and the wildlife is, no human being gets away with killing someone and getting convicted to "only a fine", but a company like BP does.
The whole architecture of the internet is built around decentralized management. If one part fails, other parts take over and people will replace the failing parts with what resources they can get available. "The Net interprets censorship as damage and routes around it." -- John Gilmore
Slashdot Mirror
Sure, the price is dropped to less than a dollar, but you'd be paying the phone back twice in the monthly contract fees. Wake me up when the phone is 99 cents without a contract or a lock.
They have vast botnets, once an IP gets blocked, they just continue from the next IP. I haven't seen brute forcing coming from the entire botnet by default myself, but I'm sure there are crackers that have figured this out by now. You're merely obfuscating the weakness with your solution. Sure, it's effective against quite a few types of drive-by attacks, but the only solution is to stop accepting passwords and require PKI for ssh auth.
You do this so you can tell that somehow your design and security measures have failed. If these accounts get used, whether it is with the proper password or just the username (or other user data in your databases) you can be sure that you have a data leak somewhere. By smart placement of the data and adding new "honey data" regularly, you should be able to predict where and when you had a breach. Don't just use user/password combinations for this concept, but also put other "honey data" that might get stolen in, so someone that steals your address database or entire customer data (internal theft by employees) will get caught. Depending on how your system is built up and used and the type of data, you can even use it to pinpoint the employee or exact server that has been compromised.
Techniques like this have been in use for many many years. Most maps have on purpose flaws in them so illegal copies are identifiable. Most address databases for sale commercially have fake addresses in them as well. I've used this sort of techniques before on large customer databases. I'm surprised that this is getting so much attention, I thought it was "industry best practice" for a while now?
In most cases it's just simple straight forward porting of the application and it's no rocket science. They probably have a zillion workarounds with spreadsheets and whatnot to work around missing functionality already. A decent software architect can probably design a better system that can be built with off the shelf components in little time in as little as a week. Building those systems often doesn't take that long and providing people are using off the shelf components and libraries, the amount of custom code that may mess up will be rather limited. By designing with failure and insecurity in mind, catastrophic failures will be very unlikely, since the built in checks should prevent those before any escalation is possible. Not everyone uses large, interlinked systems. Most are just a single task single system setup. To upgrade those isn't complex or expensive.
Most tablet users own a laptop. They rather use the full laptop to do actual office work and use the tablet for media consumption and touch screen apps. Sales of the different devices clearly show that the vast majority of people isn't interested in hybrids, regardless the OS or applications on them. Windows 8, Android and iOS all have a very limited amount of users working with a tablet-with-keyboard style hardware device.
In telco land, they count each connection, even to an answering service, at least one minute. Actual talk time is much less than those 459 minutes. It's probably less than 2 hours. Any silence during those calls is not recorded, you probably have less than 60 minutes per month to record and that is per two telephones, since there's nothing to record if there aren't two telephones connected to each other.
But cell phones typically use only 8Kbps "on air". This means that a factor 8 compression of "uncompressed" 64Kbps is feasible and that's probably what they achieve, maybe even more, if they wanted to record it all.
Maybe Postgres is a better DB in a theoretical way. It could be that in a brand new design for an application, it will be better in practice as well. However, if you run existing code or use an "off the shelf" open source application, chances are, it will be tested and developed on MySQL/MariaDB and not on Postgres. Until the choice is just as easy to make as the choice for either MySQL or MariaDB, I doubt it's "better" for 90+% of all MariaDB/MySQL users. Those users have a choice for either something that works, or something that will need a lot of porting and testing done. It may seem small and insignificant to Postgres experts to do that, but to those 90+%, it ishttp://developers.slashdot.org/story/13/05/05/2050220/there-is-no-reason-at-all-to-use-mysql-mariadb-mysql-founder-michael-widenius?utm_source=rss1.0mainlinkanon&utm_medium=feed# most likely far beyond their capabilities, probably cost prohibitive and in a lot of cases just not an option at all.
If you want the "free" version, there isn't a significant difference for 95% of users, agreed. However, MariaDB support is miles better and cheaper than Oracle's "Enterprise MySQL" support is. Also, calling Monty names is cheap and rather unfounded.
The whole Sabre engine is still conceptual and not one working engine has flown anywhere. Also, the SABRE relies totally on liquid helium to cool air and can't use any other gas. Since Helium supplies are very limited and the price is kept artificially low, no large commercial flight will ever be possible with this technology.
... presses the enhance button repeatedly to view the person from another angle and 20ft away, using satellite images.
Until recently, almost all desktop monitors were 86 DPI/PPI. Any oddballs were professional graphic designer displays or a few extremely expensive laptops and of course the UNIX X displays on SGI, HP and SUN systems. Now we have retina displays, tablets, multiple-display setups and what not. Most operating systems now have some form of support for PPI independent rendering in place, but almost no applications support this yet. Try putting your laptop display next to an external display and getting the windows and fonts to be the same physical size and moving them from one screen to the other to see what I'm talking about. Embedding 8pt and 12pt fonts at 86DPI made a lot of sense when this standard was being devised. It wasn't until portable displays started becoming popular that 86DPI wasn't the standard anymore.
Putting Dubai on the list will make the entire Arab region stop selling oil to the USA and all of it's allies. Morality is nice, but not if it threatens your cheap gasoline. It will never happen.
As I understand it, the state of decomposition of his body suggested that he was dead weeks before the bombings.
If the seller believes in his product, or if he's forced by law (like in many countries in Europe) they would offer the warranty as a standard. Did you know that in some countries Europe if a car wears significantly faster than should be expected, they have to replace parts and pay labor completely for the entire economic life of the car? That's 10 years and 200000 KMs for a family gasoline car. Warranty against manufacturing defects on consumer electronics is a mandatory 2 years. These laws have resulted in better quality products and manufacturers having to replace a lot of "bad designs" and improve on them. Government regulation isn't always bad. The only negative is that there are no real class action lawsuits possible in Europe, so it often takes a consumer organization to make a manufacturer proactively recall/replace faulty products. Government regulation isn't always bad.
+++ATH0 +++ATH0 +++ATH0 If you're still here, you're not on an imitation Rockwell modem.
Actually, a few toothpaste manufacturers put arginine or a comparable product in. This stuff (and the comparable products too) actually works http://www.colgateprofessional.gr/LeadershipGR/ProfessionalEducation/Articles/Resources/pdf/Journal_of_Clinical_Dentistry_Pro-Argin_Special_Issue_2011.pdf and I usually shop for toothpaste with such an additive.
Gartner is so incredibly wrong here. You can't control a plethora of devices connecting to your office network. In reality, you'll have to assume that all devices that connect to you are inherently evil and users using them will be snooped on and their logon credentials will get sniffed. This means you first have to "weaponize" every application you run on your IT infrastructure and make it available as a web service. You'll have to issue two-factor authentication that uses a dynamic element such as a challenge/response hardware key generator. Only when you have everything like that in place, you can "safely" start using BYOD in a corporate environment. By then, there is no more need for people to actually be in the office to do their work, apart from meetings. For meetings, you can always call in or video conference from home. Effectively, the only way to pay for this is to quit renting office space and go completely virtual. Because you no longer rent office space, renting a separate server room will cost you dearly and you'll need your admins to have office space close to that room, so you're still running a brick company. Going to "the cloud" will be more or less mandatory for such a company, from an economic view point. I don't see a significant amount of companies do all this within the next four years. I do see a lot trying to save a few bucks on the abysmal hardware budgets they already have and fail horribly at productivity and security and reverse their decisions, spending much more in the process and not gaining anything.
Every person in the money factory for the federal reserve gets to bring his own dollar printing device and takes it home in the evening. Splendid idea. What could possibly go wrong.
By admitting they let people play a machine that contained buggy software, the casino admits they committed a federal offense. The guy that's being charged now was just playing the machine by the rules the machine gave him. Nothing more, nothing less. The truth, the whole truth and nothing but the truth. They might want to make you believe a small part of their explanation of the truth, but they are leaving large bits of it out that is incriminating them, not the guy that has pulled the money out.
Gambling machines are probably better tested for bugs and flaws that most military computer equipment. I'm not kidding, the amount of testing vendors *and* the US government puts gambling machines through before they get set loose on the general public is humongous. If both the vendor and the US government didn't classify this bug in their rigorous testing, it's not a bug. Either that, or *all* gambling machines are tested inadequately and should be pulled from casinos immediately. I wonder what costs more, pulling all gambling machines and retesting them with a new to devise method, or just letting this guy keep the money and pulling only video poker.
Several people died in the explosions on the drilling rig. However (un)important the damage to the economy and the wildlife is, no human being gets away with killing someone and getting convicted to "only a fine", but a company like BP does.
The whole architecture of the internet is built around decentralized management. If one part fails, other parts take over and people will replace the failing parts with what resources they can get available. "The Net interprets censorship as damage and routes around it." -- John Gilmore
Was it the Chadd? No, the Chadd was great! Kudos dude.
What is happening here? Heretics dare to use GNU code on a BSD system? Sacrilage!