I enjoyed what this guy had to say, too, but I was curious about what he is going to do for facebook. For that matter, what AI can do for facebook. The closest I could find was this:
Facebook can potentially show each person on Facebook about 2,000 items per day: posts, pictures, videos, etc. But no one has time for this. Hence Facebook has to automatically select 100 to 150 items that users want to see -- or need to see.
I thought the whole point of facebook was to keep up with your friends. *shrug*
The six universities involved are Norwich University in Vermont (the oldest military college in the United States), the University of Washington, George Mason University, the University of Texas at San Antonio, Drexel University and the University of Colorado.
The only one of these universities with a respectably ranked CS program is U of Washington.
Google requires you to have a Google account, but it explicitly says that data such as URLs you've visited or communication content will NOT be associated with your google account. There is no mention of targeting ads to your browsed websites or deep packet inspection or anything like that.
I'm not saying Google is a saint or anything, but that privacy policy looks about as good as you can expect from a private company operating in the US.
Just think - telecoms are accumulating petabytes of data from call setup and cellular handoffs EVERY FEW MONTHS. And this data can be cross referenced with subscriber data and sliced and diced in almost infinitely many different ways.
If you're the one reciting stats like that with wide open eyes, you're a Data Scientist.
If you just shrug and say, "Yeah. So?" like everyone else, you're not.
I agree, and playing with that kind of data actually sounds fun.
The big question is, though, what can you do with that information? You could study commute patterns (interesting to a scientist but low-value to a telecom, and more easily found with GPS tracking on a sample, anyway) or you can use this for capacity planning (but the statistics are so trivial you don't really need a data scientist).
I think people (especially marketers) tend to have inflated expectations of what you can actually accomplish with data science.
For example, despite all facebook's claims to having a treasure trove of profile data, their ad placement does not seem to be any better than google's keyword-driven ad placement.
It is evolving from a server/desktop OS to one that will run the same codebase across devices such as TVs, desktops, tablets and smartphones.
I think part of the problem we are seeing is that distros are trying to handle the server, desktop, and mobile markets with one codebase, and, as a result, they are not great at any one them.
I like CentOS too, but CentOS 7 will have systemd for reasons I don't understand.
Here is a page with systemd advantages for CentOS (https://linuxacademy.com/blog/linux/centos-7-take-the-plunge-into-systemd/), and I don't need any of this:
Read Ahead
Socket Based Activation of Service
Device Based Activation of Service (i.e. USB)
System Snapshotting (Virtualization, ZFS, or otherwise
SELinux Full Integration (Kernel level, not service level)
Device Dependency Configuration (udev rules)
Service Respawn without Connectivity Drop
Service SSL Cert/LUKS Password Handling (including Console, wall and Gnome Agents)
Interactive Bootup (Dependency Based with Confirmation of Service Start)
Reliable Termination of User Sessions During Shutown
NO, by the time those blogs post a domain name, it is not being used anymore. The malware will generate another domain name based on the date/time, and you will not have that domain name in your blacklist.
See subject: I'm protected if an entry's blocked in hosts, period. Yes, I have any DGA generated hostnames. I get them from my sources in the security community I noted.
Do you understand what words mean? I've walked you through it, but you still don't understand the difference between DGAs and Fast Flux. I even gave you a link to an opendns blog that explains what DGAs are. I guess you will never get it.
LMAO - listen you little ARROGANT NOBODY:
Has your work EVER been a FINALIST @ Microsoft TechEd, 2 yrs. in a ROW, in its HARDEST CATEGORY? Mine has. It also went into commercially sold ware to this day because of it. * How about you? You pick on my shareware here, where's YOURS that does a BETTER JOB?? It's not.
APK
P.S.=> Unbelievable - I've been writing code professionally AND SECURING PC's before you were out of diapers I'd strongly wager!
Uh, no, you have never written any commercially sold code.
I've developed security products for actual security companies, and work as a security engineer. Where do you "work," your mom's basement?
* See Gar Warner's blog (has many DGA botnets' C&C + payload servers listed).
Thus - I don't *HAVE* to predict them in hosts: I simply block them as they are added.
If they last longer than 1 second, I get them added as blocked by 12 reputable sources in the security community OR from security blog articles (like Mr. Warner I mentioned).
It works simply because DGA uses hostnames.
NO, by the time those blogs post a domain name, it is not being used anymore. The malware will generate another domain name based on the date/time, and you will not have that domain name in your blacklist.
You still don't get it, so I guess I'm giving up. This is like explaining Calculus to a housecat.
P.S.=> No matter what you say, as long as I get entries for ANY KIND of threat online as blocked entered in hosts (and I do by the truckloads every hour here due to my program being automated to pickup that data), they cannot harm me
This is not true! Malware has so many ways it can circumvent a hosts file. A hosts file is great for blocking ad domains, but it does NOT provide strong security.
Here are just some of the ways malware can completely bypass your hosts file:
It can hardcode a C&C IP address, like the Sony Pictures malware did
It can hardcode IP addresses for a peer-to-peer network, like the new Zeus variants do
It can just send the UDP port 53 packets to resolve DNS itself, bypassing the system calls that would check the hosts file
It can disable checking of the hosts file
I could keep going. There are a LOT of ways to bypass the OS hosts file.
The odds of me hitting a domain that lasts 1 second? Near zero.
Nobody said DGAs use domains that last 1 second. I said 1 hour. Some malware might use domains that last 24 hours. But, the point is that the domain name calculated by the malware changes faster than you can update your blacklist.
Again, clue: Hosts block a domain name, no matter what, I can't be harmed by it
I say again, by the time you know the domain name, it is no longer being used. Your hosts file program does not magically predict domain names.
That article doesn't even mention hosts files or your program.
Don't try to bullshit me. You and I both know you have never had any commercial success. You are a pest who spams your crap "hosts file manager" all over the forums here.
Your hosts file approach doesn't even address hardcoded IPs or domain-generating algorithms. Start working on another approach or shut the fuck up.
I think part of FuturePower's point is that you have too many words, so it isn't clear what you are trying to communicate. Your whole paragraph about Howard Stark is confusing and irrelevant.
Not trying to criticize - trying to help
I find it's best to pick maybe 3 points and stick to those. One key point should be WHAT you are offering. Is it a hosts file for whitelisting? A hosts file for blacklisting? A software program that intercepts DNS requests? How do you choose good domain names? I honestly can't tell.
Here in America, we don't even audit our damn voting machines.
Unmodified, general purpose COTS non-voting software (e.g., operating systems, programming language compilers, data base management systems, and Web browsers) is not subject to the detailed examinations specified in this section. However, the accredited test lab shall examine such software to confirm the specific version of software being used against the design specification to confirm that the software has not been modified. Portions of COTS software that have been modified by the vendor in any manner are subject to review.
The parts of the standard that actually cover auditing the voting code aren't exactly thorough, either. After all, democracy, schmemocracy!
I read the infosec part. The report criticizes DHS for concentrating on vulnerability management and using signature-based detection, which it suggests is not worthwhile because of zero-day vulnerabilities. It criticized the DHS for not following best practices itself.
That criticism is fair, but also applies to almost all infosec efforts, both in the public and private sector.
The only suggestion offered by the report was to cite a "cybersecurity expert" who says we should focus on deterrence. The report did not explain what deterrence means in this context. What are they suggesting? We hang malware to death to set an example? We sanction North Korea every time we think maybe they sponsored an attack that we traced back to China? The metaphor to warfare does not hold, and that failure is lost on the author[s] of the report. They don't get it.
Slashdot Mirror
You're being sarcastic, right? "Obamacare" doesn't insure people. There was no public option In the healthcare debate.
This will definitely provide fodder for all the class action lawsuits that are in the works.
I wonder just how reckless a business has to be with their security before they risk charges of criminal negligence.
I enjoyed what this guy had to say, too, but I was curious about what he is going to do for facebook. For that matter, what AI can do for facebook. The closest I could find was this:
I thought the whole point of facebook was to keep up with your friends. *shrug*
Here's part of the problem:
The only one of these universities with a respectably ranked CS program is U of Washington.
What part of that privacy notice bothers you?
Google requires you to have a Google account, but it explicitly says that data such as URLs you've visited or communication content will NOT be associated with your google account. There is no mention of targeting ads to your browsed websites or deep packet inspection or anything like that.
I'm not saying Google is a saint or anything, but that privacy policy looks about as good as you can expect from a private company operating in the US.
I agree, and playing with that kind of data actually sounds fun.
The big question is, though, what can you do with that information? You could study commute patterns (interesting to a scientist but low-value to a telecom, and more easily found with GPS tracking on a sample, anyway) or you can use this for capacity planning (but the statistics are so trivial you don't really need a data scientist).
I think people (especially marketers) tend to have inflated expectations of what you can actually accomplish with data science.
For example, despite all facebook's claims to having a treasure trove of profile data, their ad placement does not seem to be any better than google's keyword-driven ad placement.
Understood. My point was that these distros do not have a clear focus, purpose, or identity.
From http://www.itworld.com/article/2856604/with-unity-8-ubuntu-will-bring-pure-linux-experience-to-mobile-devices.html
I think part of the problem we are seeing is that distros are trying to handle the server, desktop, and mobile markets with one codebase, and, as a result, they are not great at any one them.
Yeah, but RHEL has the systemd suite now (I don't need it on my servers), and both Fedora and Ubuntu have moved towards mobile-oriented GUIs.
I like CentOS too, but CentOS 7 will have systemd for reasons I don't understand.
Here is a page with systemd advantages for CentOS (https://linuxacademy.com/blog/linux/centos-7-take-the-plunge-into-systemd/), and I don't need any of this:
Read Ahead
Socket Based Activation of Service
Device Based Activation of Service (i.e. USB)
System Snapshotting (Virtualization, ZFS, or otherwise
SELinux Full Integration (Kernel level, not service level)
Device Dependency Configuration (udev rules)
Service Respawn without Connectivity Drop
Service SSL Cert/LUKS Password Handling (including Console, wall and Gnome Agents)
Interactive Bootup (Dependency Based with Confirmation of Service Start)
Reliable Termination of User Sessions During Shutown
Earlier BOOT Logging
This.
I would personally like to see three flavors of Linux:
Server - lean, NO systemd or plug-and-play crap, focus on security
Desktop - includes whatever bells and whistles people need for a modern, useable desktop; focus on productivity
Mobile - similar to desktop, but with a focus on low power consumption and small screens
I don't need a tablet GUI on my desktop, and I don't need hotplug support for webcams and printers on my server.
What we're talking about here sounds more like civil law (e.g. lawsuits for product liability), not criminal law.
But, there is such a thing as criminal negligence: http://en.m.wikipedia.org/wiki...
No, the burden of proof is on him after his allegation that this started under the Obama administration.
So you're admitting you don't actually have a job, and nobody likes or respects you?
I'm not contacting Eric or telling you where I work, idiot.
Look back through the comments in this Slashdot post and see if there is a single person who likes you or has any respect for you.
Do you understand what words mean? I've walked you through it, but you still don't understand the difference between DGAs and Fast Flux. I even gave you a link to an opendns blog that explains what DGAs are. I guess you will never get it.
Uh, no, you have never written any commercially sold code.
I've developed security products for actual security companies, and work as a security engineer. Where do you "work," your mom's basement?
Arrogant and stupid are a bad combination.
NO, by the time those blogs post a domain name, it is not being used anymore. The malware will generate another domain name based on the date/time, and you will not have that domain name in your blacklist.
You still don't get it, so I guess I'm giving up. This is like explaining Calculus to a housecat.
This is not true! Malware has so many ways it can circumvent a hosts file. A hosts file is great for blocking ad domains, but it does NOT provide strong security.
Here are just some of the ways malware can completely bypass your hosts file:
Nobody said DGAs use domains that last 1 second. I said 1 hour. Some malware might use domains that last 24 hours. But, the point is that the domain name calculated by the malware changes faster than you can update your blacklist.
I say again, by the time you know the domain name, it is no longer being used. Your hosts file program does not magically predict domain names.
You still don't understand. The botherder registers a new domain, has it resolve to the C&C server for an hour, then throws the domain away.
By the time it makes it to your list, it's too late.
As I said, that is the point of DGAs.
Do you understand how DGAs work?
The malware hits an ephemeral domain and then the bot herders throw that domain away. The domain may only exist for an hour.
That is the whole point of domain-generating algorithms. They defeat blacklists. That is the whole point.
Also, you dodged my point about hardcoded IPs, which is just one technique malware can use to circumvent host files.
That article doesn't even mention hosts files or your program.
Don't try to bullshit me. You and I both know you have never had any commercial success. You are a pest who spams your crap "hosts file manager" all over the forums here.
Your hosts file approach doesn't even address hardcoded IPs or domain-generating algorithms. Start working on another approach or shut the fuck up.
I think part of FuturePower's point is that you have too many words, so it isn't clear what you are trying to communicate. Your whole paragraph about Howard Stark is confusing and irrelevant.
Not trying to criticize - trying to help
I find it's best to pick maybe 3 points and stick to those. One key point should be WHAT you are offering. Is it a hosts file for whitelisting? A hosts file for blacklisting? A software program that intercepts DNS requests? How do you choose good domain names? I honestly can't tell.
Really? A typical person making $140k base gets $100k/year in stock?
Here in America, we don't even audit our damn voting machines.
The parts of the standard that actually cover auditing the voting code aren't exactly thorough, either. After all, democracy, schmemocracy!
He never said it came from North Korean IPs; he said it came from IPs known to be used by North Korea.
At best, this means some IPs in China that have been tied to attacks on South Korea.
At worst, it's completely meaningless.
I read the infosec part. The report criticizes DHS for concentrating on vulnerability management and using signature-based detection, which it suggests is not worthwhile because of zero-day vulnerabilities. It criticized the DHS for not following best practices itself.
That criticism is fair, but also applies to almost all infosec efforts, both in the public and private sector.
The only suggestion offered by the report was to cite a "cybersecurity expert" who says we should focus on deterrence. The report did not explain what deterrence means in this context. What are they suggesting? We hang malware to death to set an example? We sanction North Korea every time we think maybe they sponsored an attack that we traced back to China? The metaphor to warfare does not hold, and that failure is lost on the author[s] of the report. They don't get it.