So "Personal Accounts" will be cordoned off. That don't mean much. Will the Facebook/databases/ be cordoned off? If not, it just means you won't be able to access personal accounts from at work, but Facebook will still link everything in the background. Won't it be so fun to have Facebook automagically add all your coworkers to prospective friends on your personal account. And what if you change companies? Do those accounts exist in a single "work facebook" database? or does each corporate account have its own isolated database?
Way to many questions that I doubt will be answered when this is launched, or even afterwords.
(I don't facebook, don't have one, don't want one, and would be pissed if my employer decided to jump on this bandwagon.)
And, while I forgot about it at first, TrueCrypt should be encrypting the hibernation file if you are using System Encryption (on Windows) and the hibernation file is stored on the system drive (generally is). So again, this appears as it would be even more limiting for finding keys in a file, since someone who is "security conscious" most likely has their system drive encrypted, and is making sure hibernation file is on it.
As a result, you would actually be further ahead to hibernate your computer for your little bathroom break than you would be to sleep it (Since sleep leaves everything in RAM).
*I say should because there are various little nuances to that, OS, hibernation file placement, TrueCrypt Version, etc that may result in your key being written in a non-encrypted state.
Security conscious people never hibernate or sleep a machine.
FTFY.
Or at least they don't do it leaving their encrypted containers in an accessible state. You can sleep and hibernate all you want, so long as you dismount your containers prior to doing so, and ensure the keys are wiped from RAM.
I'm assuming the request can be as specific as one call/SMS to basically a data dump of a cell tower (Basically everything about every phone within range of a certain tower.)
So, optimistically we're talking between 1.3 Million (low end) and 1.3 Billion (high end [assuming 1,000 devices within range of a given tower or group of towers for triangulation]) data points of information. Everything from who someone was talking to, when, to text message conversations, to where was this customer and who may have been with them in the area (via tower dump of one or multiple neighbor towers to allow triangulation)?
(The tower information dump was not mentioned within this article, but I recall reading about that practice recently, and I believe it was another article on/.)
I think one way you could make KeePass multiuser is the following setup. Keepass itself isn't, but by utilizing the existing groups of AD/*nix I think you could actually have an efficient way of doing this.
Create Keepass (v2.x) databases, one per group that you have. All the databases can share a common password if you want (won't affect security). When you create them, ensure all have a keyfile as well as a password. I would suggest naming them something like : Database-General, Keyfile-General; Database-Local Admins, Keyfile-Local Admins; Databasse-Group C, Keyfile-Group C. Distribute the common password to those individuals who need access to the shared passwords.
Simply set the read permissions on the various key files to the respective groups that these individuals should be a member of. (Alternative would be just set the read permissions on the databases as well, but if you have local keyfiles you can post the databases to a intranet website, while spreading the access key files around the file system into default drives/directories.
This means you will have multiple databases, but it shouldn't be unmanageable unless you use uber-fine granularity (3 people need one password, but are three different groups and nobody else needs that password.)
One benefit to keepass as well is in certain situations you can create a config file that will over-ride user preferences. Read the help file, I've never had a need to configure it but I think with AD policy you could make use of it.
I second this one. In my safety deposit box, I have some letters prepared for certain events from my grandmother she wrote before she passed. Marriage, First Child, Etc. They're clearly labeled to be opened at certain events. Do the same, key events in their lives. Granted you don't want to go overboard with them (IE every special event), but perhaps for the next few years, you can pre-write Birthday cards through X age for each, Driver Licenses, Graduation, the same list as above.
It'll be a way for her to pass on her knowledge and life experience in a timely manner to them, and be able to still participate in a bit of their raising long after she's gone.
I'll also weigh in on a comment above. Do document, don't over-document. Unless you're going to be editing the footage down to some reasonable quantity, it'll mostly be for naught. Remember, every minute recorded takes a minute to watch. If you have two hundred hours of footage, most aren't going to want to sit through it unless looking for something. Diaries, journals, are excellent in this regard. They can be read much faster than written, can be picked up and put down for most with little need to go back and re-read the last half an hours worth to get back in your mind where you were. That, and if she's going through treatments during these final days, her personal image is going to start to degrade. It's going to be hard to watch it personally, but do you want your children to watch the entire thing? Probably not. Books let you maintain your own image of her, even when she looks her worst. Of course you will want key things recorded and that's OK, but most want to be remembered at or near their best, not arguably their worst.
Damn, you beat me to it. When I watched that episode, I was thinking that somehow the consoles changed shape (such as micro-bladders beneath the surface to give a 'raised' surface) but this definitely makes a lot more sense. Yet again, Star Trek is leading the way in predicting things.
Now all they have to do is get the touch screen to interpret the difference between 'feeling' the screen to locate the button, and the intent to press the touchscreen button. And get it to do it well, and consistently. (Yes, I know most touch pads have this feature to prevent 'palming' them, but how reliable would they be in this scenario?
In addition, the TrueCrypt user community lately is getting the shaft from the "TrueCrypt Foundation".
Case in point, if you visit their forums, starting about 6 months ago, around the time of release of v6, the forum administrators now delete anything "critical" of TrueCrypt. Basically, your only allowed to discuss the positives of the software, or problems with the intended operation of it. Any "bugs" or "weaknesses" mentioned result in having the thread either locked, more than likely deleted, and if you push an issue, open a second thread on a 'deleted thread' your likely to have your account locked.
5.1a was the last version released before this new policy of "only positives". Not to mention that the forums are already so heavily locked down (No public email addresses to register accounts, no private messages on the board, no threads that are not 'on topic'). Some of us tried (semi-successfully) to have frequent contributors meet over on Wilder's Security forums. (http://www.wilderssecurity.com/) Difficult though since they started deleting our postings since they weren't on topic, and private messages are impossible.
Sadly, as a result of this, I used to heavily endorse TrueCrypt, but I can no longer stand behind them until they let the community get re-involved, for the good and the bad.
I just canceled my account, after individually deleting each section, and replacing undeletable information with 'garbage' data.
One thing I did notice, I recently changed my password (On 17JAN09) and was not prompted to change my password upon login. It makes me wonder when this breach happened, and if anyone will be prompted to change their passwords, or if I had already changed my password after the breach, but prior to the official notification.
I don't know how I got to that article then since I'm usually a bit better screening my news... *Thwaps head.
Ah. Now I know. Bad title + link from an article from today (was about Win 7).... There should be rules against putting 'Breaking' in a title that is static and doesn't disappear after time.
New tag system apparently. Mouse over the various tags and you'll see there are three tag types--Top, System, and Type. I'm presuming that since there are more stories submitted than anything, the Story tag will be on almost every entry.
I guess now the *AA can now start telling us what hardware we're allowed to play movies/music on, and simply loading it into RAM on a non-approved device constitutes copyright infringement, as a copy is being made in a way not granted under the license.
Lets here it for vinyl. Nothing is ever removed, just vibrations sent down the needle to the speaker. (Talking about the old phonographs.)
Actually, only every transaction within them states.
If you live in Denver and a Distro Center is in Colorado, you pay sales tax. If you live in Michigan, and there is no distro center, then you don't pay sales tax.
So residents of those 8 states would pay sales tax on purchases from Amazon, but the remaining 42 would not.
The argument goes, Prior to passing customs you are not inside the US, and as such the constitution does not apply. Your effectively in "International Waters" until Customs allows you in, and as such they can do anything they want.
I think VALVe is on the right track here. They already have good story lines (Half-Life Series), and now with the acquisition of the studio developing "Left 4 Dead", they are going to have an effective "AI" for controlling the gameplay elements. (Look for information on the "Game Director." The Game Director AI is going to handle all the placement and spawning of the enemies in the game, based on the current situation. Once you have an AI that can effectively do this, you can start adapt the software to create a Story Director and when you combine the two, you have the next generation of game.
I noticed this. XP Home is not what the power users are going to use because of missing features. So this isn't as good of news as everyone thinks it is.
I still think that its outrageous that someone can patent a persons genetic code. Since when is DNA sequences NOT "Prior Art." Your parents designed you so shouldn't they hold the patent?
Hopefully this would fall under that. I might argue that if you could create a specific genetic sequence in the lab of a unique nature it might be worth considering, but anything that happens in nature defiantly should be off limits.
Imagine if someone patented the genetic code of the oak tree, then demanded to charge a royalty on every sale of an oak tree. Its.. a nightmare. Good Luck to ending these patents.
The interesting thing is this would definitely cover drugs though. What would all the drug companies do once they can no longer monopolize and extort US Citizens for every dime they can, from those in the most need.
For those who aren't aware, its common practice for Lobbyists to pay professional "line waiters" in Washington D.C.
Since lines form hours ahead of time for meetings and other public discussions, its a waste of time to force the lobbyist themselves to be waiting in line for 2-3 hours, so they pay someone to hold a place. I believe it was the Colbert Report that actually did a piece on this within the last couple of months. I think there was possibly some legislation being floated that would make some judgments on this practice.
The only thing I can say, is I've started some major "learning" about encryption and various other personal privacy applications.
So far, what I've found and like are: TrueCrypt - "On-The-Fly" Disk/Storage Encryption. Actually, I've been using this for 24 hours and love it. I've also seen great reviews of this, and some of its very interesting features, such as plausible deniability. Oh, and its Free Open Source Software. Available for Windows 2K/2K3/XP/Vista, Linux, and soon MacOS (v5.0, due in Jan 08) KeePass - Encrypted Password Storage Database. I've been using this for years, and love it. Also good reviews. If you wish to try it, there are two versions, v1.x and v2.x. v1.x (1.10 being current) is the original independent version. Can be run standalone, no system requirements (.Net or the like). Can be run from a USB Key. v2.x (2.04 being current) is a total rewrite of the application based on the.Net libraries and are required. This version is ALPHA quality and does not yet meet the current functionality of the 1.x branch. This was started due to the fact of people requesting features that would require significant rewrites to implement. Also FOSS. Available for Windows 98/98SE/ME/NT/2K/XP/2K3/Vista 32 and 64 bit. Third party ports also available for PocketPC, Linux, MacOSX, J2ME, Blackberry, PalmOS. Gnu Privacy Guard - An open source PGP implementation. I use a port of this, GPG for Windows. It seems a bit clunky, and am actively looking for something to replace it so suggest away if you do know something better. I will say though that it does work as advertised, and its FOSS. GPG is distributed mainly as source code I believe, where as G4W is as binaries.
People have looked at some of us who use PGP/GPG, and other encryption/digital signatures for a few years with the look of "why do I need that, I have nothing to hide." I keep waiting for people to finally wake up and realize that the concept of "inherent privacy" (meaning anything not actively publicly published is not publicly known) is gone. We have entered the age of "explicit privacy." If you want something to be private, you must make explicitly so, especially on your computer, with these recent news articles of laptops being fair searching territories at Customs, or the reports that the NSA has feeds from AT&Ts offices to intercept everything.
I read somewhere, possibly on/. that W3C had just released its first working draft for HTML5. How about have a tag in HTML5 that signifies the page as HTML5 (Which I'm sure it will) and then/all/ browsers are supposed to handle it as written. No "strict" or "loose" rendering. No quirks. Just all pages written in HTML5 (or revised up to the new standard) are required to be written correctly, and rendered "strictly.". This will give Microsoft a way out of the hole they've made, while saving some face. Leave the quirky rendering engine in place for all HTML4/Earlier pages out on the net. In a few years, drop the other renderers from the software (say around IE11) and the rest and then it will be a much nicer playground for everyone. Kind of like the Vista idea of stop being backward compatible (plan for it) so we can clean out all the trash.
In 5 years, when the old engines are removed leaving just the one way to render a page, ancient stuff written to specification will still work, the only thing is pages that are effectively "broken" will need to be fixed in 5-10 years... if there are any still around.
Slashdot Mirror
Not to use Microsoft Mail. Thanks for that! I was really worried about having to find a bad reason to not use it, but you gave me a good one.
Absolutely nothing bad can come of this.
So "Personal Accounts" will be cordoned off. That don't mean much. Will the Facebook /databases/ be cordoned off? If not, it just means you won't be able to access personal accounts from at work, but Facebook will still link everything in the background. Won't it be so fun to have Facebook automagically add all your coworkers to prospective friends on your personal account. And what if you change companies? Do those accounts exist in a single "work facebook" database? or does each corporate account have its own isolated database?
Way to many questions that I doubt will be answered when this is launched, or even afterwords.
(I don't facebook, don't have one, don't want one, and would be pissed if my employer decided to jump on this bandwagon.)
And, while I forgot about it at first, TrueCrypt should be encrypting the hibernation file if you are using System Encryption (on Windows) and the hibernation file is stored on the system drive (generally is). So again, this appears as it would be even more limiting for finding keys in a file, since someone who is "security conscious" most likely has their system drive encrypted, and is making sure hibernation file is on it.
As a result, you would actually be further ahead to hibernate your computer for your little bathroom break than you would be to sleep it (Since sleep leaves everything in RAM).
*I say should because there are various little nuances to that, OS, hibernation file placement, TrueCrypt Version, etc that may result in your key being written in a non-encrypted state.
Security conscious people never hibernate or sleep a machine.
FTFY.
Or at least they don't do it leaving their encrypted containers in an accessible state. You can sleep and hibernate all you want, so long as you dismount your containers prior to doing so, and ensure the keys are wiped from RAM.
I'm assuming the request can be as specific as one call/SMS to basically a data dump of a cell tower (Basically everything about every phone within range of a certain tower.)
So, optimistically we're talking between 1.3 Million (low end) and 1.3 Billion (high end [assuming 1,000 devices within range of a given tower or group of towers for triangulation]) data points of information. Everything from who someone was talking to, when, to text message conversations, to where was this customer and who may have been with them in the area (via tower dump of one or multiple neighbor towers to allow triangulation)?
(The tower information dump was not mentioned within this article, but I recall reading about that practice recently, and I believe it was another article on /.)
Little scary isn't it?
I think one way you could make KeePass multiuser is the following setup. Keepass itself isn't, but by utilizing the existing groups of AD/*nix I think you could actually have an efficient way of doing this.
Create Keepass (v2.x) databases, one per group that you have. All the databases can share a common password if you want (won't affect security). When you create them, ensure all have a keyfile as well as a password. I would suggest naming them something like : Database-General, Keyfile-General; Database-Local Admins, Keyfile-Local Admins; Databasse-Group C, Keyfile-Group C. Distribute the common password to those individuals who need access to the shared passwords.
Simply set the read permissions on the various key files to the respective groups that these individuals should be a member of. (Alternative would be just set the read permissions on the databases as well, but if you have local keyfiles you can post the databases to a intranet website, while spreading the access key files around the file system into default drives/directories.
This means you will have multiple databases, but it shouldn't be unmanageable unless you use uber-fine granularity (3 people need one password, but are three different groups and nobody else needs that password.)
One benefit to keepass as well is in certain situations you can create a config file that will over-ride user preferences. Read the help file, I've never had a need to configure it but I think with AD policy you could make use of it.
I second this one. In my safety deposit box, I have some letters prepared for certain events from my grandmother she wrote before she passed. Marriage, First Child, Etc. They're clearly labeled to be opened at certain events. Do the same, key events in their lives. Granted you don't want to go overboard with them (IE every special event), but perhaps for the next few years, you can pre-write Birthday cards through X age for each, Driver Licenses, Graduation, the same list as above.
It'll be a way for her to pass on her knowledge and life experience in a timely manner to them, and be able to still participate in a bit of their raising long after she's gone.
I'll also weigh in on a comment above. Do document, don't over-document. Unless you're going to be editing the footage down to some reasonable quantity, it'll mostly be for naught. Remember, every minute recorded takes a minute to watch. If you have two hundred hours of footage, most aren't going to want to sit through it unless looking for something. Diaries, journals, are excellent in this regard. They can be read much faster than written, can be picked up and put down for most with little need to go back and re-read the last half an hours worth to get back in your mind where you were. That, and if she's going through treatments during these final days, her personal image is going to start to degrade. It's going to be hard to watch it personally, but do you want your children to watch the entire thing? Probably not. Books let you maintain your own image of her, even when she looks her worst. Of course you will want key things recorded and that's OK, but most want to be remembered at or near their best, not arguably their worst.
Damn, you beat me to it. When I watched that episode, I was thinking that somehow the consoles changed shape (such as micro-bladders beneath the surface to give a 'raised' surface) but this definitely makes a lot more sense. Yet again, Star Trek is leading the way in predicting things.
Now all they have to do is get the touch screen to interpret the difference between 'feeling' the screen to locate the button, and the intent to press the touchscreen button. And get it to do it well, and consistently. (Yes, I know most touch pads have this feature to prevent 'palming' them, but how reliable would they be in this scenario?
In addition, the TrueCrypt user community lately is getting the shaft from the "TrueCrypt Foundation".
Case in point, if you visit their forums, starting about 6 months ago, around the time of release of v6, the forum administrators now delete anything "critical" of TrueCrypt. Basically, your only allowed to discuss the positives of the software, or problems with the intended operation of it. Any "bugs" or "weaknesses" mentioned result in having the thread either locked, more than likely deleted, and if you push an issue, open a second thread on a 'deleted thread' your likely to have your account locked.
5.1a was the last version released before this new policy of "only positives". Not to mention that the forums are already so heavily locked down (No public email addresses to register accounts, no private messages on the board, no threads that are not 'on topic'). Some of us tried (semi-successfully) to have frequent contributors meet over on Wilder's Security forums. (http://www.wilderssecurity.com/) Difficult though since they started deleting our postings since they weren't on topic, and private messages are impossible.
Sadly, as a result of this, I used to heavily endorse TrueCrypt, but I can no longer stand behind them until they let the community get re-involved, for the good and the bad.
I just canceled my account, after individually deleting each section, and replacing undeletable information with 'garbage' data.
One thing I did notice, I recently changed my password (On 17JAN09) and was not prompted to change my password upon login. It makes me wonder when this breach happened, and if anyone will be prompted to change their passwords, or if I had already changed my password after the breach, but prior to the official notification.
Darnit.. My bad.
I don't know how I got to that article then since I'm usually a bit better screening my news... *Thwaps head.
Ah. Now I know. Bad title + link from an article from today (was about Win 7).... There should be rules against putting 'Breaking' in a title that is static and doesn't disappear after time.
Time to go crawl back in my hole.
Three of four sub-cables connecting Asia-North America have been cut.
This is getting a little crazy, and pardon the tinfoil hat that I'm wearing, how many 'undamaged' cables does this leave?
I think this is really starting to become hard to blame on 'coincidence.'
http://blogs.zdnet.com/gadgetreviews/?p=669
New tag system apparently. Mouse over the various tags and you'll see there are three tag types--Top, System, and Type. I'm presuming that since there are more stories submitted than anything, the Story tag will be on almost every entry.
Wow.
I guess now the *AA can now start telling us what hardware we're allowed to play movies/music on, and simply loading it into RAM on a non-approved device constitutes copyright infringement, as a copy is being made in a way not granted under the license.
Lets here it for vinyl. Nothing is ever removed, just vibrations sent down the needle to the speaker. (Talking about the old phonographs.)
...I may just have to make it my civic duty to ensure that the news gets spread around a bit.
Actually, only every transaction within them states.
If you live in Denver and a Distro Center is in Colorado, you pay sales tax. If you live in Michigan, and there is no distro center, then you don't pay sales tax.
So residents of those 8 states would pay sales tax on purchases from Amazon, but the remaining 42 would not.
The argument goes, Prior to passing customs you are not inside the US, and as such the constitution does not apply. Your effectively in "International Waters" until Customs allows you in, and as such they can do anything they want.
I think VALVe is on the right track here. They already have good story lines (Half-Life Series), and now with the acquisition of the studio developing "Left 4 Dead", they are going to have an effective "AI" for controlling the gameplay elements. (Look for information on the "Game Director." The Game Director AI is going to handle all the placement and spawning of the enemies in the game, based on the current situation. Once you have an AI that can effectively do this, you can start adapt the software to create a Story Director and when you combine the two, you have the next generation of game.
I noticed this. XP Home is not what the power users are going to use because of missing features. So this isn't as good of news as everyone thinks it is.
... with all these hearings and whatnot, not because we feel we have to, but because you can't do anything to us even if we're wrong.
What a totally screwed up system we have now, if this is all true. (No, I've not RTFA.)
I still think that its outrageous that someone can patent a persons genetic code. Since when is DNA sequences NOT "Prior Art." Your parents designed you so shouldn't they hold the patent?
Hopefully this would fall under that. I might argue that if you could create a specific genetic sequence in the lab of a unique nature it might be worth considering, but anything that happens in nature defiantly should be off limits.
Imagine if someone patented the genetic code of the oak tree, then demanded to charge a royalty on every sale of an oak tree. Its.. a nightmare. Good Luck to ending these patents.
The interesting thing is this would definitely cover drugs though. What would all the drug companies do once they can no longer monopolize and extort US Citizens for every dime they can, from those in the most need.
My Mistake, it wasn't Colbert, it was on A Daily Show, and here's the segment. http://www.thedailyshow.com/video/index.jhtml?videoId=148056&title=wait-and-switch
For those who aren't aware, its common practice for Lobbyists to pay professional "line waiters" in Washington D.C.
Since lines form hours ahead of time for meetings and other public discussions, its a waste of time to force the lobbyist themselves to be waiting in line for 2-3 hours, so they pay someone to hold a place. I believe it was the Colbert Report that actually did a piece on this within the last couple of months. I think there was possibly some legislation being floated that would make some judgments on this practice.
The only thing I can say, is I've started some major "learning" about encryption and various other personal privacy applications.
.Net libraries and are required. This version is ALPHA quality and does not yet meet the current functionality of the 1.x branch. This was started due to the fact of people requesting features that would require significant rewrites to implement. Also FOSS. Available for Windows 98/98SE/ME/NT/2K/XP/2K3/Vista 32 and 64 bit. Third party ports also available for PocketPC, Linux, MacOSX, J2ME, Blackberry, PalmOS.
So far, what I've found and like are:
TrueCrypt - "On-The-Fly" Disk/Storage Encryption. Actually, I've been using this for 24 hours and love it. I've also seen great reviews of this, and some of its very interesting features, such as plausible deniability. Oh, and its Free Open Source Software. Available for Windows 2K/2K3/XP/Vista, Linux, and soon MacOS (v5.0, due in Jan 08)
KeePass - Encrypted Password Storage Database. I've been using this for years, and love it. Also good reviews. If you wish to try it, there are two versions, v1.x and v2.x. v1.x (1.10 being current) is the original independent version. Can be run standalone, no system requirements (.Net or the like). Can be run from a USB Key. v2.x (2.04 being current) is a total rewrite of the application based on the
Gnu Privacy Guard - An open source PGP implementation. I use a port of this, GPG for Windows. It seems a bit clunky, and am actively looking for something to replace it so suggest away if you do know something better. I will say though that it does work as advertised, and its FOSS. GPG is distributed mainly as source code I believe, where as G4W is as binaries.
People have looked at some of us who use PGP/GPG, and other encryption/digital signatures for a few years with the look of "why do I need that, I have nothing to hide." I keep waiting for people to finally wake up and realize that the concept of "inherent privacy" (meaning anything not actively publicly published is not publicly known) is gone. We have entered the age of "explicit privacy." If you want something to be private, you must make explicitly so, especially on your computer, with these recent news articles of laptops being fair searching territories at Customs, or the reports that the NSA has feeds from AT&Ts offices to intercept everything.
I read somewhere, possibly on /. that W3C had just released its first working draft for HTML5. How about have a tag in HTML5 that signifies the page as HTML5 (Which I'm sure it will) and then /all/ browsers are supposed to handle it as written. No "strict" or "loose" rendering. No quirks. Just all pages written in HTML5 (or revised up to the new standard) are required to be written correctly, and rendered "strictly.". This will give Microsoft a way out of the hole they've made, while saving some face. Leave the quirky rendering engine in place for all HTML4/Earlier pages out on the net. In a few years, drop the other renderers from the software (say around IE11) and the rest and then it will be a much nicer playground for everyone. Kind of like the Vista idea of stop being backward compatible (plan for it) so we can clean out all the trash.
In 5 years, when the old engines are removed leaving just the one way to render a page, ancient stuff written to specification will still work, the only thing is pages that are effectively "broken" will need to be fixed in 5-10 years... if there are any still around.