Point taken, let me alter the scenario a little bit.
You are the admin of a small company, the only person who knows the passwords and is able to solve the technical problems that can occur there. Like any other human being, you're enjoying your weekend, watching a movie at the cinema.
Obviously, there are armies of admins who *know* the stuff, but will any of them be able to deal with that particular task in a reasonable amount of time?
This 'solution' creates another problem - it prevents communication from happening.
It is one thing when a person in a cinema uses their phone - lack of education. And it is another thing when someone receives an SMS, being notified by vibra, without disturbing anyone. What if the SMS bears news about an emergency, or something that is of a critical importance?
Do you think it is 'cool' when you have a problem and your doctor is notified via SMS while they're watching a movie in a cinema or having dinner in a restaurant that uses this uber-paint?
We need to solve the original problem, not substitute it with a different one. My guess is that the answer lies within ourselves - self improvement, educating our children, etc. Paint will not change the human nature, only humans will.
How can that be possible? The DBMS itself sits on top of a file system; you can hide this detail from the user using a layer of abstraction, but the file system is still there.
Can someone comment TripleDES? They DES it once, then decrypt it with the wrong key, then DES again the output obtained at step #2.
Does this really have a positive effect on security? It seems that it does not (according to the other comments), but why did they use such an approach?
There is another type of cascade - apply the same algorithm twice, this is especially effective with ROT13...
Check out Private Disk, it has a 'password quality meter', a built-in brute forcer, and a nifty feature called 'disk firewall' among other things. It is not open-source.
As for your original problem - TrueCrypt uses various command line parameters, you can write a script that generates strings that match the xxxxsomethingxxxx pattern and then calls TrueCrypt with the respective command line args. Such a script is easy to write, and your typing speed won't be the bottleneck anymore.
why it writes to the registry really needs to be addressed, i wish...
The program uses a driver. Each driver is listed ini the registry, along with its startup mode, friendly name, and the full path to it.
Actually, there is no need to write anything directly to the registry, Windows will do it for you when you call the Service Manager's functions (that's what you do when you install or start a driver).
how about emulating a compatible interface?
on
Marvin Minsky On AI
·
· Score: 1
For communication to occur, the parties must be thinking at about the same speed to begin with.
Hmm... but how about the fact that any advanced system can emulate any other system? All we need is an interface to connect to; what happens 'behind' it makes no difference to us.
When we design such a system it is important not to miss this; otherwise we may end up with a creation we don't understand; and at that point we can only communicate with it if it decides to 'talk' to us.
I doubt it; after all - the individuals who use these systems are not grandmas who brely know how to move the mouse. These systems are designed for use by experienced folk; I think it's just a blunder.
one pissant ME country wanting to destroy another pissant ME country
and
..if Iran attacks Israel, THEN we can get involved.
There is a difference there; in the first case it is the intention, in the second - it is the actual action. One could say that Iran were simply taking advantage of 'freedom of speech' (not that it would make sense in that country).
So yes, vigilante also possessed the child-porn, at least for a moment or two.
What if the trojan is designed in a way that it has a built-in web-server, so he viewed the images by fetching them from the server (vs. a file-transfer mechanism, like FTP, which requires the file to be downloaded and stored locally before being viewed).
The image is transferred to his computer but not stored anywhere, other than in the memory allocated to the process of the web-browser; maybe the browser has no cache, thus technically speaking, the attacker never had the file itself. Only for a moment or two it was shown on his screen.
There are no traces of pr0n.jpg in the file-table, nor in the list of recently accessed files, etc.
It is OK if you play turn-based strategies. In fact, this is not a problem at all for games that are not designed to be played in real-time. For instance, nowadays I have no time for games, but I would love to play one that doesn't take much time during the day and does not require me to be while(1) focused on it.
When I saw the.sol in the presentation I was pretty impressed... theres a little bit of future proofing in that one....
Hmm... let's see:.sol - three characters in length, 26 symbols to choose from... Yep, this is just enough for the gazillion of galaxies and planetary systems out there.
The idea is nice, and I certainly love it. But this approach won't scale well, so another method will be needed eventually.
Hmm, I believe it is a bit different. If there is a sign that says "no dogs allowed", then the neighbor who owns the dog will be responsible for the pet's behaviour.
Why should they invest resources and manpower into filtering/blocking network traffic, when they can prohibit certain activities in the policy and expect people to follow it?
I think it is great that the company trusts the employees and does not apply any filtering.
Imagine that you have Z versions of a program: A, B, C, D,.. , Z
There are users all over the planet who use all these versions
Therefore you need to keep multiple deltas, one is for an A-B update, another is B-C, etc
Time goes by and there is version ZZZZ, but there should still be a set of deltas for each of the previous versions
Even though space is dirt cheap, it's not free, so I am not sure this is economically optimal. Maybe this can help cut bandwidth costs (which is reasonable, if bandwidth is more expensive than storage is). And maybe the solution to the problem I pointed out would be to simply download the whole thing if your version is too old (i.e. there will be no need to have an archive of deltas)
MSIs are one of the best ideas for Windows in a while: No more dealing with poorly-written homebrew installers or 10-year old, 16-bit InstallShield programs. Instead you have a fully scriptable installer that's transaction-based and has near 100% support coverage.
MSI is not the best thing since sliced bread; you cannot install a newer version of a program unless you also have the.MSI file of the older version, otherwise it won't update.
I am not sure this is a global problem, but it definitely happened to me with at least four different programs, one of them being PDFCreator.
I think it is counter-intuitive that I should keep the MSI of a program I installed a long time ago.
Well, you seem to be missing a point - GPL software is also the result of somebody's intellectual work. Saying "I'm indifferent" is not a nice thing to do.
First of all, I'm glad to find out there is another person from Moldova reading slashdot:-)
software will actually be paid for, people will have nowhere to go and will buy their products.
I cannot agree with this. Why do you exclude the possibility that they will switch to Linux? Taking into account the latest news about BSA and their checks that will soon encompass the offices in Moldova, many company leaders ask themselves what they will do if BSA knocks at their door. Several people asked me for advice and I told them to give Linux a chance.
Most of them were asking about ease of use, whether it had a nice graphical interface, whether there are text editors and software for browsing the Internet, etc. More advanced folk asked whether they would encounter problems with drivers.
I realized that they're asking the same questions I was asking myself before I switched to Linux. Somebody needs to explain these people that Linux is a much more user-friendly OS now. If they understand this, then I am sure most of them will choose the way of Linux, instead of "nowhere to go and buy their software".
So in the long term, Microsoft would have nothing to win if they fight piracy here. That's why they don't.
I am sure Microsoft is now beginning its campaign against piracy here in Moldova; I hope those who don't really need Windows (ex: if they develop something for this platform) will consider switching to Linux.
Everyone on the crew is given drugs to heavily limit sexual desire.
Hmm... This is not reliable, because some may choose to 'forget' to take the pills one day, which will bring disbalance into the crew. Perhaps a better approach is to have this drug mixed with every food item on the space-ship, so taking it is not an option... and it's not even "taking it" - it becomes a part of the 'environment'.
Slashdot Mirror
Point taken, let me alter the scenario a little bit.
You are the admin of a small company, the only person who knows the passwords and is able to solve the technical problems that can occur there. Like any other human being, you're enjoying your weekend, watching a movie at the cinema.
Obviously, there are armies of admins who *know* the stuff, but will any of them be able to deal with that particular task in a reasonable amount of time?
This 'solution' creates another problem - it prevents communication from happening.
It is one thing when a person in a cinema uses their phone - lack of education. And it is another thing when someone receives an SMS, being notified by vibra, without disturbing anyone. What if the SMS bears news about an emergency, or something that is of a critical importance?
Do you think it is 'cool' when you have a problem and your doctor is notified via SMS while they're watching a movie in a cinema or having dinner in a restaurant that uses this uber-paint?
We need to solve the original problem, not substitute it with a different one. My guess is that the answer lies within ourselves - self improvement, educating our children, etc. Paint will not change the human nature, only humans will.
How can that be possible? The DBMS itself sits on top of a file system; you can hide this detail from the user using a layer of abstraction, but the file system is still there.
Can someone comment TripleDES? They DES it once, then decrypt it with the wrong key, then DES again the output obtained at step #2.
Does this really have a positive effect on security? It seems that it does not (according to the other comments), but why did they use such an approach?
There is another type of cascade - apply the same algorithm twice, this is especially effective with ROT13...
Check out Private Disk, it has a 'password quality meter', a built-in brute forcer, and a nifty feature called 'disk firewall' among other things. It is not open-source.
As for your original problem - TrueCrypt uses various command line parameters, you can write a script that generates strings that match the xxxxsomethingxxxx pattern and then calls TrueCrypt with the respective command line args. Such a script is easy to write, and your typing speed won't be the bottleneck anymore.
Actually, there is no need to write anything directly to the registry, Windows will do it for you when you call the Service Manager's functions (that's what you do when you install or start a driver).
When we design such a system it is important not to miss this; otherwise we may end up with a creation we don't understand; and at that point we can only communicate with it if it decides to 'talk' to us.
I doubt it; after all - the individuals who use these systems are not grandmas who brely know how to move the mouse. These systems are designed for use by experienced folk; I think it's just a blunder.
In SOVIET Russia flying spaghetti monster trust YOU!!
So what if they have a great reserve of oil?
Other countries looking for alternatives = planning ahead, working towards a stable future;
Iran looking for alternatives = OMFG they want to pwn us!
As for wiping things off maps, read the comments above; it seems to be yet another case of ideas 'accidentally' lost in translation.
The image is transferred to his computer but not stored anywhere, other than in the memory allocated to the process of the web-browser; maybe the browser has no cache, thus technically speaking, the attacker never had the file itself. Only for a moment or two it was shown on his screen.
There are no traces of pr0n.jpg in the file-table, nor in the list of recently accessed files, etc.
It is OK if you play turn-based strategies. In fact, this is not a problem at all for games that are not designed to be played in real-time. For instance, nowadays I have no time for games, but I would love to play one that doesn't take much time during the day and does not require me to be while(1) focused on it.
The idea is nice, and I certainly love it. But this approach won't scale well, so another method will be needed eventually.
I think the original poster meant that the case is that the ship was built on the moon, thus "you have to get there first" is out of the calculation.
Hmm, I believe it is a bit different. If there is a sign that says "no dogs allowed", then the neighbor who owns the dog will be responsible for the pet's behaviour.
Why should they invest resources and manpower into filtering/blocking network traffic, when they can prohibit certain activities in the policy and expect people to follow it?
I think it is great that the company trusts the employees and does not apply any filtering.
Maintaining this thing will be pretty difficult.
Even though space is dirt cheap, it's not free, so I am not sure this is economically optimal. Maybe this can help cut bandwidth costs (which is reasonable, if bandwidth is more expensive than storage is). And maybe the solution to the problem I pointed out would be to simply download the whole thing if your version is too old (i.e. there will be no need to have an archive of deltas)
I am not sure this is a global problem, but it definitely happened to me with at least four different programs, one of them being PDFCreator.
I think it is counter-intuitive that I should keep the MSI of a program I installed a long time ago.
Well, you seem to be missing a point - GPL software is also the result of somebody's intellectual work. Saying "I'm indifferent" is not a nice thing to do.
I wonder if anyone knows where the original version of that can be found. You know, translations can be very tricky...
First of all, I'm glad to find out there is another person from Moldova reading slashdot :-)
I cannot agree with this. Why do you exclude the possibility that they will switch to Linux? Taking into account the latest news about BSA and their checks that will soon encompass the offices in Moldova, many company leaders ask themselves what they will do if BSA knocks at their door. Several people asked me for advice and I told them to give Linux a chance.
Most of them were asking about ease of use, whether it had a nice graphical interface, whether there are text editors and software for browsing the Internet, etc. More advanced folk asked whether they would encounter problems with drivers.
I realized that they're asking the same questions I was asking myself before I switched to Linux. Somebody needs to explain these people that Linux is a much more user-friendly OS now. If they understand this, then I am sure most of them will choose the way of Linux, instead of "nowhere to go and buy their software".
Except they do: http://www.anrti.md/ro/acte/Legea%20cu%20privire%2 0la%20informatica.htm, http://www.server.md/Microsoft%20critical.pdf (see the last paragraph on the first page). From the doc - "a penalty of up to 20000 Lei (USD ~1500) OR 180..240 hours of community services OR 3..5 years of prison". Companies also receive brochures which explain why it is much cooler to pay for software than it is not to ;-)
I am sure Microsoft is now beginning its campaign against piracy here in Moldova; I hope those who don't really need Windows (ex: if they develop something for this platform) will consider switching to Linux.
I once read that in one of the islamic states, if you attempt to commit suicide, you will be given a death sentence.
How about a matrix-like approach, where one can tame their desire by interacting with a virtual character?
Hmm... This is not reliable, because some may choose to 'forget' to take the pills one day, which will bring disbalance into the crew. Perhaps a better approach is to have this drug mixed with every food item on the space-ship, so taking it is not an option... and it's not even "taking it" - it becomes a part of the 'environment'.