I honestly thought it was a typo in the summary when I read, "metric and English" units and had a bit of a chuckle to myself. "hee hee, the mix up between metric and metric units". England are on the metric system too and I don't know anyone that refers to the Imperial system as the 'English' system.
I just found this description on nasas site that has a nice summary of the state of the metric system:
Most of the world uses the metric system. The only countries not on this system are Burma, Liberia, Muscat, South Yemen, and the United States of America.
There's also a nice summary of the history of the metric system in the US here. Too bad we missed out on our chance to measure things in decades, roods and furlongs as proposed by Thomas Jefferson in his own metric system equivalent.
Besides the fact that you're trying to solve the wrong problem, requiring the end user to have a cert will address the end user not changing their password, but there are horrendous obstacles to get through trying to get your end users to adopt PKI to access your web applications. The lifecycle management and maintenance is prohibitive. The bank I work for can attest to that. It was adopted years ago and abandoned.
The issue that he's talking about is the web application talking to the database, or other backend system, as a system user. This has absolutely nothing to do with the end users identity, or their password.
All of the enterprise scale systems I've been involved with employ Mutually Authenticated SSL (MASSL) between back end servers. There are not only no unencrypted communications between back end servers, but no passwords involved at all. This does require lifecycle management of certs on the backend, but that's the price you have to pay. Certs expire and need to be re-issued, but these in conjunction with firewalls means no one can take them and connect to servers without getting onto the boxes that you need to connect from and write an application that uses the certificate stored on the box you need to connect from.
If you can do that, then the least of your problems are related to passwords.
Regardless of whether there are technical inaccuracies in the reporting on the story or in the conclusions reached about the cause, the story itself is fact. It was on the news on TV earlier today.
The fire department, for whatever reason, did take the jacket. They showed it hanging up in the fire station next to a fireman discussing it and holding a volt meter.
They showed the burnt carpet, plastic from the car and interviewed a number of witnesses.
As a Security Architect for a major bank in my country and an "I don't do windows" user at home (OS X, linux), I found this document to be a brilliant guide to securing an OS X client.
I had already applied some of the security recommendations, such as enabling security on Open Firmware, but I've just learned there are a plethora of other security options available on Mac OS X 'out of the box'.
There are options in Tigers security preferences that allow swap space to be encrypted and to avoid passwords being accessible in the clear when stored in memory and swapped to disk. Kernel core dumps can be be disabled for similar reasons.
Password policies! I had no idea Tiger could do that.
After going through this article and learning a bit more about how KeyChain works, I've started creating my own keychains to store 'Secure Notes' and I've finally accepted that Safari does do 'auto-logon' securely in the way it uses KeyChain.
All generalizations are lies. I'm 28. I first got into Zelda with the Ocarina of Time. I loved it. I'd stay up all night playing it and the feeling of accomplishment when I finally finished it was amazing.
I was extremely disappointed when I saw the first screenshots and movies of Wind Waker, but I bought it anyway. I finished that as well, but not in nearly the same amount of time, even though it was a lot easier than Ocarina, because I wasn't as drawn into the game.
I thought the graphics in Wind Waker were very well done, but it wasn't what I wanted to see. But graphics aside, it didn't have the types of game play that I loved about Ocarina. I loved being in a huge world that I could explore, find people and get in adventures. In Wind Waker I spent most of the time either on tiny islands or out on an endless ocean.
Like a lot of people having been posting, both are valid styles, but I don't want a cel-shaded Zelda. I want to get drawn into the game and I personally don't get drawn into a cel-shaded Zelda.
I don't think it was Network World that he was talking about. I assume he was referring to 'The Security Awareness Company'
There are links to it from his blog.
Slashdot Mirror
Insurgents will soon be issued with blankets to drop over the robots cameras and thus rendering them useless.
So the government gets all of the nice law abiding people to hand over their private keys. Do they assume the criminals will do so as well?
I honestly thought it was a typo in the summary when I read, "metric and English" units and had a bit of a chuckle to myself. "hee hee, the mix up between metric and metric units". England are on the metric system too and I don't know anyone that refers to the Imperial system as the 'English' system.
I just found this description on nasas site that has a nice summary of the state of the metric system:
Most of the world uses the metric system. The only countries not on this system are Burma, Liberia, Muscat, South Yemen, and the United States of America.
There's also a nice summary of the history of the metric system in the US here. Too bad we missed out on our chance to measure things in decades, roods and furlongs as proposed by Thomas Jefferson in his own metric system equivalent.
The issue that he's talking about is the web application talking to the database, or other backend system, as a system user. This has absolutely nothing to do with the end users identity, or their password.
All of the enterprise scale systems I've been involved with employ Mutually Authenticated SSL (MASSL) between back end servers. There are not only no unencrypted communications between back end servers, but no passwords involved at all. This does require lifecycle management of certs on the backend, but that's the price you have to pay. Certs expire and need to be re-issued, but these in conjunction with firewalls means no one can take them and connect to servers without getting onto the boxes that you need to connect from and write an application that uses the certificate stored on the box you need to connect from.
If you can do that, then the least of your problems are related to passwords.
The fire department, for whatever reason, did take the jacket. They showed it hanging up in the fire station next to a fireman discussing it and holding a volt meter.
They showed the burnt carpet, plastic from the car and interviewed a number of witnesses.
I just had a look quick look ADC Site, but I don't know where to find the demo. Can you point me at the right location?
I had already applied some of the security recommendations, such as enabling security on Open Firmware, but I've just learned there are a plethora of other security options available on Mac OS X 'out of the box'.
There are options in Tigers security preferences that allow swap space to be encrypted and to avoid passwords being accessible in the clear when stored in memory and swapped to disk. Kernel core dumps can be be disabled for similar reasons.
Password policies! I had no idea Tiger could do that.
After going through this article and learning a bit more about how KeyChain works, I've started creating my own keychains to store 'Secure Notes' and I've finally accepted that Safari does do 'auto-logon' securely in the way it uses KeyChain.
This is a very good article.
Done. Now for the 'write a virus' bit...
I was extremely disappointed when I saw the first screenshots and movies of Wind Waker, but I bought it anyway. I finished that as well, but not in nearly the same amount of time, even though it was a lot easier than Ocarina, because I wasn't as drawn into the game.
I thought the graphics in Wind Waker were very well done, but it wasn't what I wanted to see. But graphics aside, it didn't have the types of game play that I loved about Ocarina. I loved being in a huge world that I could explore, find people and get in adventures. In Wind Waker I spent most of the time either on tiny islands or out on an endless ocean.
Like a lot of people having been posting, both are valid styles, but I don't want a cel-shaded Zelda. I want to get drawn into the game and I personally don't get drawn into a cel-shaded Zelda.
I don't think it was Network World that he was talking about. I assume he was referring to 'The Security Awareness Company' There are links to it from his blog.