Another sample of pseudo-science in pseudo-press.
Even the example given is enough to identify the "pseudo" part.
If someone approaches me asking for a cigarette, my logic would tell me to NOT give him a cigarette, so appealing to my logic would have the opposite effect. And I am sure I am not the only one that, when logicaly assesing this cigarette situation, would say that I SHOULD refuse.
See, your examples are just GREAT to prove MY point.
Let's take the first one: forcing password policy change through the system every x months. First, let us note that's a policy. Then, imagine the GM calls the guy in charge of the AD policy and says: "look, I'm sick of this shit, undo it now so I don't need to change it for 5 years." In the absence of an approved policy the IT guy MUST do it. Even with a policy, if he's weak or stupid, he will do it. So the lack of usable control is not with the user that would have to change it because the policy says so, but with the guy that is supposed to enforce it because it's a policy.
What you wanted to say is that the controls that rely on the machine (the so called automated controls) are BETTER, but please be aware that you ALWAYS, and i mean ALWAYS, have a PROCESS component and a PEOPLE component. If the process involving your technology is bad or the people operating your technology are stupid then your technology is USELESS. And is bound to fail.
Please, for the sake of your future in the area of IT Security, remember this: "People, Processes, Technology". Always together, always with the same weight when concerned about the usefulness of a certain security policy, measure or control.
I can take any of the other examples YOU GAVE and prove you're wrong, dead wrong, but I am confident that you got the point by now.
Again, sorry for my demeanor in the previous post and I really hope your pride will not blind you on this topic.
regards
you should worry about... the idea that implementing policies and procedures will somehow increase security
I bet many people think you're smart when you speak with so much conviction. And maybe you are, but not on this topic.
Always, and I mean ALWAYS, when dealing with security (and not only) you MUST consider all three factors: Technology, Processes and People.
And as you may note, technology is only 1/3 of the equation. EXACTLY 1/3. None of them is more important or least important, because leaving out any of the 3 you DO NOT have security.
Should you agree you were mistaken, I'd be happy to provide more info, with examples, if necessary.
(sorry for my tone, you upset me:)
Well, my recent experience with MMORPG is limited to Vendetta-Online, a space shooter which is different in so many ways from Eve that I managed to get back to it after a few years of pause.
Purpose of this comment is to also bring into play the idea of re-learning curve, which can often be a lot more steep or just almost plain flat when it comes to large changes in game-play.
In my case, with Vendetta, I must say I was initially blown away by the changes in the interface, but since I was familiar with the gameplay it tool very little time to be reintroduced in the game mechanics.
I also found that large improvements in the economy engine and the backstory related facts and events can be much more difficult to assimilate than the changes in game physics and player interaction. It's probably a logical sign of advancing in age, along with our tendency to take on simpler and simpler tasks even when it comes to games.
I will look forward (with fear, though) to the day when someone will launch a MMORPG with small bubbles that need to be arranged to form patterns on the screen. Multiplayer SNAKE is already here, how long until we will play a MMORPG version of Snake?
Remember nethack?
For those of you who don't know Vendetta, here are some pointers: - NSMMORPG where the NSM stands for "Not So Massive" - a really well-done modern remake of the ZX Spectrum Elite game. - allows guilds, teaming, missions, owning stuff - will feature soon: dynamic in-game economy, player-owned capital ships, stations - fight outcome is based on actual skills (and ship capabilities), not player advancement in the game, the advancement does however allow you to acquire better ships. Hope this will help those that have no idea what this game is about. I know I was looking for exactly this type of game when I discovered Vendetta, and although I don't play a lot, when I play it's Vendetta-Online.
And, to add weight to my argument, there is of course precedent. The same applied to the Americas centuries ago, and people fled there to escape the confines of an existing and largely static society.
Since it's a Firmware related attack let's not jump to PDOS yet, we can call it FDOS. EDOS is not viable anyway, it defaults to ElectronicDOS, a very generic term.
I would be more than happy to debate this with you and remaining on topic.
Unfortunately I have no clue what my post (and the original post as well for that matter) has to do with your post. But then again, if you are right I am the idiot!
Or?
I am beginning to ask myself: why are we always happy because of such news?
I mean yes, we are all little pirates at the bottom of our hearts and we all liked Robin Hood, but shouldn't we start thinking more responsible towards how technology advancement can occur?
---
yes, i am now waiting for the open-source (no patents) advocates to bring their artillery in, but common, do think about this.
This is easy to solve. Post 40-50 short messages every day and go to your "immediate supervisor" with a written memo each time you post a comm like "Are you sure?". After maximum 3-4 days they will issue a general clearance for you, and maybe even the rest of the "company". Or fire you for wasting time on the net. But then it's not firing AT you anyway, so it's not that dangerous. Or you can just post after working hours, every 10 minutes for the entire evening, and there's no retaliation possible for that act.
so now I can simply leave my computer unpatched and unsecure and wait until one of these magic "things" will take over and secure it.
And even if some dumb bots take over it first, one smart bot will take over eventually and not just secure it but maybe also clean up the previous dumb bots. maybe it will also install some antivirus solution and a firewall..
hmm, this post started as a joke, but now i realise i actually done that once.
Oh, but they didn't just ignored your report. I received a job offer from them right after that "incident". I guess it's me who owns you that "Thank you!" that you were looking for.
Of course, my ip probably looks like i am in Croatia right now, but don't let yourself fooled by such a small detail.
I went as far as 70 products and surprise: Mion Footwear is featured twice. Same picture, same description.
Should i get it that they payed twice? In this case should i trust any of the "objective" recommendations in the article?
it's amazing how noone is talking about NOT using VISTA. i mean i know i won't, and if that means give up gaming i might as well do it, i am too old for that crap anyway (of course that doesn't include vendetta-online, that i will always play, but that one works on linux, and apple too i think).
so, nerds arround the globe, why shouldn't we just give up the ideea of using vista altogether? oh, wait, i know, we all TALK about how evil MS is but we are actually not DOING anything about it.
talk is cheap, but for me vista is too expensive, and i am not talking about money here.
(and yes, i am posting from a win xp computer)/killall anger-feelings
So after reading the article, it looks like bungee jumping fans can now get the reversed sensation for a lot more time (10 minutes) and for a lot less price (yeah, right, undisclosed yet).
I also noticed the quoted article is not quite positive about this whole ideea, although as someone said "any publicity is good publicity".
I contacted the Blue Origin already, just in case, and i am opening an office for early registration for as little as 9.95 indian rupees, payable through GBuy only.
All your base... you know...
You MUST be joking or could it be that you were using a bazooka or those frikin guns from counterstrike.
Get serious man, i've only shot rabbits and even they are trashed only a few metters back. I don't even think a pigeon would fly as much as 30 feet away when shot (and they have wings too).
Slashdot Mirror
Electronic Makers' States Push Waste In Disposing of Role
Another sample of pseudo-science in pseudo-press. Even the example given is enough to identify the "pseudo" part. If someone approaches me asking for a cigarette, my logic would tell me to NOT give him a cigarette, so appealing to my logic would have the opposite effect. And I am sure I am not the only one that, when logicaly assesing this cigarette situation, would say that I SHOULD refuse.
See, your examples are just GREAT to prove MY point. Let's take the first one: forcing password policy change through the system every x months. First, let us note that's a policy. Then, imagine the GM calls the guy in charge of the AD policy and says: "look, I'm sick of this shit, undo it now so I don't need to change it for 5 years." In the absence of an approved policy the IT guy MUST do it. Even with a policy, if he's weak or stupid, he will do it. So the lack of usable control is not with the user that would have to change it because the policy says so, but with the guy that is supposed to enforce it because it's a policy. What you wanted to say is that the controls that rely on the machine (the so called automated controls) are BETTER, but please be aware that you ALWAYS, and i mean ALWAYS, have a PROCESS component and a PEOPLE component. If the process involving your technology is bad or the people operating your technology are stupid then your technology is USELESS. And is bound to fail. Please, for the sake of your future in the area of IT Security, remember this: "People, Processes, Technology". Always together, always with the same weight when concerned about the usefulness of a certain security policy, measure or control. I can take any of the other examples YOU GAVE and prove you're wrong, dead wrong, but I am confident that you got the point by now. Again, sorry for my demeanor in the previous post and I really hope your pride will not blind you on this topic. regards
you should worry about ... the idea that implementing policies and procedures will somehow increase security
I bet many people think you're smart when you speak with so much conviction. And maybe you are, but not on this topic. Always, and I mean ALWAYS, when dealing with security (and not only) you MUST consider all three factors: Technology, Processes and People. And as you may note, technology is only 1/3 of the equation. EXACTLY 1/3. None of them is more important or least important, because leaving out any of the 3 you DO NOT have security. Should you agree you were mistaken, I'd be happy to provide more info, with examples, if necessary. (sorry for my tone, you upset me :)
Well, my recent experience with MMORPG is limited to Vendetta-Online, a space shooter which is different in so many ways from Eve that I managed to get back to it after a few years of pause.
Purpose of this comment is to also bring into play the idea of re-learning curve, which can often be a lot more steep or just almost plain flat when it comes to large changes in game-play.
In my case, with Vendetta, I must say I was initially blown away by the changes in the interface, but since I was familiar with the gameplay it tool very little time to be reintroduced in the game mechanics.
I also found that large improvements in the economy engine and the backstory related facts and events can be much more difficult to assimilate than the changes in game physics and player interaction. It's probably a logical sign of advancing in age, along with our tendency to take on simpler and simpler tasks even when it comes to games.
I will look forward (with fear, though) to the day when someone will launch a MMORPG with small bubbles that need to be arranged to form patterns on the screen. Multiplayer SNAKE is already here, how long until we will play a MMORPG version of Snake?
Remember nethack?
For those of you who don't know Vendetta, here are some pointers:
- NSMMORPG where the NSM stands for "Not So Massive"
- a really well-done modern remake of the ZX Spectrum Elite game.
- allows guilds, teaming, missions, owning stuff
- will feature soon: dynamic in-game economy, player-owned capital ships, stations
- fight outcome is based on actual skills (and ship capabilities), not player advancement in the game, the advancement does however allow you to acquire better ships.
Hope this will help those that have no idea what this game is about. I know I was looking for exactly this type of game when I discovered Vendetta, and although I don't play a lot, when I play it's Vendetta-Online.
And, to add weight to my argument, there is of course precedent. The same applied to the Americas centuries ago, and people fled there to escape the confines of an existing and largely static society.
yeah, and look where that took them.
Since it's a Firmware related attack let's not jump to PDOS yet, we can call it FDOS.
EDOS is not viable anyway, it defaults to ElectronicDOS, a very generic term.
depreciation has not yet been invented in the US, right?
I think they just do it for the publicity.
I would be more than happy to debate this with you and remaining on topic. Unfortunately I have no clue what my post (and the original post as well for that matter) has to do with your post. But then again, if you are right I am the idiot! Or?
I am beginning to ask myself: why are we always happy because of such news? I mean yes, we are all little pirates at the bottom of our hearts and we all liked Robin Hood, but shouldn't we start thinking more responsible towards how technology advancement can occur? --- yes, i am now waiting for the open-source (no patents) advocates to bring their artillery in, but common, do think about this.
i would mod parent up if i could, if not for the bright idea at least for the humorous CCCP, which is how the USSR is spelled where it was born.
Find below the hotest iBAY products, featured today (April 1st, 2012):
- alive monster ants from the first landing on Faboulous, the first inhabitable planet discovered by the Zimbabwean space mission in Proxima Centauri
- HOT DVD(v3.14) with full backup of the Internet (bonus CD: Martian Linux version MCMMLXVII)
- last manufactured pack (2009) of Morlboro cigarettes.
iBayLogin to iBAY now for other HOT products.
So now there is a good chance i can go buy some adwords and advertise my website and then sue anyone who will access it... A good business model.
This is easy to solve.
Post 40-50 short messages every day and go to your "immediate supervisor" with a written memo each time you post a comm like "Are you sure?".
After maximum 3-4 days they will issue a general clearance for you, and maybe even the rest of the "company".
Or fire you for wasting time on the net. But then it's not firing AT you anyway, so it's not that dangerous. Or you can just post after working hours, every 10 minutes for the entire evening, and there's no retaliation possible for that act.
oh they would, they get hammered every day
so now I can simply leave my computer unpatched and unsecure and wait until one of these magic "things" will take over and secure it. And even if some dumb bots take over it first, one smart bot will take over eventually and not just secure it but maybe also clean up the previous dumb bots. maybe it will also install some antivirus solution and a firewall.. hmm, this post started as a joke, but now i realise i actually done that once.
Oh, but they didn't just ignored your report. I received a job offer from them right after that "incident". I guess it's me who owns you that "Thank you!" that you were looking for.
Of course, my ip probably looks like i am in Croatia right now, but don't let yourself fooled by such a small detail.
What if I am not a virgin anymore... can i still use this service?
I went as far as 70 products and surprise: Mion Footwear is featured twice. Same picture, same description. Should i get it that they payed twice? In this case should i trust any of the "objective" recommendations in the article?
it's amazing how noone is talking about NOT using VISTA. i mean i know i won't, and if that means give up gaming i might as well do it, i am too old for that crap anyway (of course that doesn't include vendetta-online, that i will always play, but that one works on linux, and apple too i think). so, nerds arround the globe, why shouldn't we just give up the ideea of using vista altogether? oh, wait, i know, we all TALK about how evil MS is but we are actually not DOING anything about it. talk is cheap, but for me vista is too expensive, and i am not talking about money here. (and yes, i am posting from a win xp computer) /killall anger-feelings
So after reading the article, it looks like bungee jumping fans can now get the reversed sensation for a lot more time (10 minutes) and for a lot less price (yeah, right, undisclosed yet). I also noticed the quoted article is not quite positive about this whole ideea, although as someone said "any publicity is good publicity". I contacted the Blue Origin already, just in case, and i am opening an office for early registration for as little as 9.95 indian rupees, payable through GBuy only. All your base... you know...
you are so right, but i cannot refrain from asking this: how secret can it actually be if it made it on slashdot?
You MUST be joking or could it be that you were using a bazooka or those frikin guns from counterstrike. Get serious man, i've only shot rabbits and even they are trashed only a few metters back. I don't even think a pigeon would fly as much as 30 feet away when shot (and they have wings too).