This isn't intended to be just another Live CD. The disks or thumb drives are corporate specific, and are setup to boot and provide a secure VPN into the company. Not for general use. In fact they are usually setup so they can only reach out to the company or agency's VPN server. This is a far more secure solution that letting users install VPN software on their personal computers, and a lot cheaper than buying them govt owned computers that they might try to connect to the general internet.
The article gives zero useful information and a link where you can buy the actual study. What was the pricing used for the comparison of $1 dram versus $1 nand? Surely this is OS dependent as well.
If I were to engineer a package system, all files within a package (program) would be checksummed, and the list of checksummed would be PKI-signed in order to prevent the malware from hiding its misdeeds by altering the checksums. Of course, this has been done several times in Linux-land. Microsoft has Windows 8 coming up. Let's hope they finally fix their design.
You still need to verify file permissions in particular setuid, something Linux package managers don't do.
We frequently encounter computers that are kitted up with boot and rootkits, TDL-4 included. Kaspersky's TDSS killer does a pretty good job of removing this stuff, and it's pretty easy to tell if the MBR as been modified. Just fire up a copy of GMER and you'll be able to tell pretty quickly. I see a lot of people posting stuff about having to wipe drives and start over from scratch. That is simply not necessary. The only reason TDL-4 is such a pain in the ass is because it is decentralized, only communicates with a handful of its infected counterparts at a time and modifies the MBR. Even then, it's not impossible to detect or even remove. Just gotta use the right tools...
Sure you got rid of the TDL-4, but what about all the other crap it downloaded? Seriously, if the computer got owned, you can't trust it anymore. You'd never be able to find all the little things like permissions changes and registry tweaks even if you got rid of the trojan's executables. Copy your data files off, scan them really well before introducing them elsewhere, and then reformat the disk. Nuking it from orbit is the only way to be sure.
Yes I have and still do work for Fortune 500 companies. As for testing software you have to be kidding, unless said company has access to the source and can control roll-outs which most can't, all the company can do is advise it's desktop staff not to upgrade for a few weeks. With regard to servers the IT department does have some control and possibly do some testing but in the majority of cases upgrades whether you are running Linux, MS Windows or Unix you still have to put some trust in the vendor since an upgrade may not be that simple to do.
Try someplace like NMCI where users don't have admin rights, all software is pushed, and problem machines simply get re-imaged. Now imagine they have lots of corporate web apps. Claiming that your browser is just an app that can be deleted doesn't work. It's a critical piece of software and you have to test it. Failing to test it and verify it works correctly can cost lots of money in terms of down time.
I'm still skeptical that you've worked in a big company that controls their desktop environment tightly. It sounds like you work in a fairly loose environment with a lot of flexibility. A loose environment is necessary in many cases like R&D. Such looseness is an added cost and security risk when the only thing the users really need is a standardize desktop, for example a bank. In that environment, the self important geek who insists on running a Linux laptop or using the latest Firefox instead of the standard IE is wasting labor playing with the computer instead of simply using it to get the job dowe. I assume you charge the company for that 1.5 hrs every 6 months so you can upgrade Fedora?. Even worse, the geek wannabe who knows just enough to be dangerous is a huge security risk. The same argument applies for locking down desktops so the secretaries don't spend all day playing with wallpapers they found on some website and such.
You call it need for stability. I call it - we are just covering our asses because we can't say developers stick to standards and our leadership stay out of development (because constantly moving development target equals to hacks and hacks equals to need for "stable" (read as: constant version which doesn't change)) version.
I know, I know....corps have money and influence and it is stupid for open source software not to follow rules. I know. But it still doesn't make go away what I said.
You have a point about standards programming being part of the problem. Fact still remains that upgrading the browser can break things, particularly for plugins or sites that may not be compatible (for what ever reason). Corporates don't want to invest time/money requalifying software that worked just fine and dandy before the vendor prematurely EOL'd it.
It's only a number and an IT'er worth his salt should be able to confirm that much.
Yes they can. The problem is that they aren't the ones that make the decision. Large corporations usually have stifling configuration management and strict rules about testing. It's usually non-technical managers that see the new version number as a major upgrade and insist on retesting before they risk rolling it and potentially breaking large number of computers. Yuo should be happy that you're ignorant of this fact.
About Fedora's 6 months release cycle, maybe you missed Fedora is the cutting-edge development version of and for Red Hat?
Wow, you were so close to getting my point. Maybe I needed to continue the train of thought just a tad more? Fedora is unsuitable for the corporate desktop for the exact same reason Firefox is. It's not version stable and changes to rapidly. Both products are targeted and marketed to the hobbyist, or environments where a near constantly changing platform isn't an issue.
It really makes me wonder whether these large companies have an IT department.
Surely they can replace FF4.0 by FF5.0 without exposing their net to Chinese hackers.
Apparently you've never worked in big IT, where software must be thoroughly tested before being rolled out. Image you're the guy that convinced your company to roll out FF as a replacement for IE and them that it was fully compatible with all their corporate websites. Before you've even fully tested and started deploying it, Mozilla EOLs that version number. Kinda sets you back to square one and you look stupid for having suggested it in the first place.
Mozilla screwed themselves on this. FF5 is hardly different than FF4, yet yhey bumped the major rev number trying to convince people they are innovating and ended pissed off the corporate customers who want stability. Fedora still hasn't learned this lesson with their 6 month cycle and a hearty fuck you if you don't keep up because you can only safely upgrade from 1-2 versions behind. The corporate world wants stability and good manageability damn it. They don't want a constantly moving target with questionable long term support.
They don't need to keep the whole rack powered, just the one machine they are interested in, they could power down the rest of the rack and a off the shelf UPS could run it for plenty of enough time to get it to a truck with a inverter on it.
As for the "magic splicing" it is not hard to do, anyone with a basic understanding of electric circuits can splice two live cables together.
There is a product called HotPlug that is meant for seizing assets without powering them down. It works pretty slick. Basically, you plug it into the same power strip, flip the switch and unplug the powerstrip from the wall. You can also splice into the cord or outlet if needed. http://www.wiebetech.com/products/HotPlug.php
Given who's running the government, I'm pretty sure it's about getting people who send movies and music to other people. I'm also pretty sure if somebody really tries to use the Internet to take down America, the government will miss that because it doesn't involve an mp3 file.
I'm reasonably certain that the Department of Defense don't give a hoot about mp3 files, unless they are a clever exploit to take control of a machine for remote exploitation. They do care about critical infrastructure being crippled. I'd don't think mp3s are involved in critical infrastructure, although they seem to play an important role in lurid fantasies.
DoD is getting much better at protecting themselves but our Govt is recognizing that the vast majority of private computers and networks are inadequately defended or monitored. You can't simply watch the overseas internet connections when a large percentage of attacks against DoD systems originate within our borders. Helping or even simply paying the ISPs to monitor and block attacks is a good idea on paper. This is also about gathering intel and capturing the traffic to and from the attacking computer since it's most likely being remote controlled from elsewhere (typically China).
My local computer parts warehouse allows you to order from web kiosks in-house, and pay with PayPal.
You have to trust that they aren't capturing yuor keystrokes and stealing your account logon. Really no different than trusting the vendor isn't cloning your credit card. Of course PayPal has a horrible reputation for handling disputes as compared to Credit Cards where consumers have laws to shield them.
Yes but that is after a $85 discount. The normal list price is $499. A quick look at it seem to be similar to the $499 iPad 2 in terms of specs. I suspect that it didn't sell well so it had to be discounted.
I suspect you're reading too much into retail versus actual price. If you look, that's their every day normal pricing. Much like the advertised retail price on cars and what they normally sell them at. You can google and find a number of other China based dealers selling this for even lower. http://www.aliexpress.com/wholesale?SearchText=Venus+Pad+Honeycomb+&catId=0 gets vendors selling at $375.
If anything this proves my point, which is that other manufacturers are capable of making a profit selling comparable hardware for $100 cheaper. Apple would have to be doing something very wrong to not be making $50-100 profit on the iPod2 hardware, considering they have the benefit of larger sales and better buying power..
I think B&N as the underdog has purposely left the reader fairly open.
I honestly don't think it was intentionally left open for the purposes of rooting/repurposing. I think they kept the reference board design which normally will boot from the SD card, perhaps thinking this would help avoid bricked units down the road and better support firmware updates. That the Android community has embraced the hardware has only helped their sales and popularity. Certainly, some of those units are getting used as generic tablets and they're not buying B&N ebooks, but I don't think that's actually hurting their profits.
. A Nook Color with custom firmware is only slightly below a Galaxy Tab wifi version with respect to hardware for about $100-$150 less.
Uh, except for that one minor thing... a 7" multi-touch screen. I'd say between that and the other hardware difference, you've found the $100 difference.
I was referring to the 7" Galaxy Tab wifi only which retails for $349, compared to the Nook Color which can be had refurbed from Overstock for $199 right now. Same processor just clocked a little slower, and both are multitouch capacitive 1024x600 screens. http://www.tigerdirect.com/applications/searchtools/item-details.asp?EdpNo=61241
While some here on/. will refuse to admit, it actually is costly to make a tablet and get a decent margin on them. Most here would like a tablet to cost $150 and be able to run Crysis II while mixing 5.1 audio at the same time; there are limits to what tablets can do for a price. Some components like 10" screens are not plentiful as they have not been mass produced by many suppliers and are still limited to a few companies.
So how long before Barnes and Noble or Amazon flip their wig and start filing lawsuits and or releasing patches to fix such a thing. I give it about a week tops.
So far they haven't complained about the Nook Color being rooted and used as an Android Tablet. A few of the engineers in fact are quite supportive of it. A Nook Color with custom firmware is only slightly below a Galaxy Tab wifi version with respect to hardware for about $100-$150 less. I suspect B&N isn't making much profit on the readers, and probably not losing much revenue from a small percentage of their sales to users who intend to root them and never actually use them as an e-reader. In the grand scheme, I they'd spend more money trying to DRM and hardware lock things, then just taking the high road and ignoring the issue.
As most folks here have pointed out already, you are in over your head. First, you need to understand that the strength of the hash used to setup an SSL session isn't necessarily an indicator of the strength of the SSL session encryption. Your concern about server power isn't warranted as the strength of the cert used to start up the SSL session is negligible. My advice is to stick to standard methods and don't try to get inventive. You have much bigger things to worry about that the strength of your SSL cert. Like making sure everything else is secure and that you're not subject to things like SQL injection or stolen cookies that result from shoddy programming.
so I created a certificate using OpenSSL for SHA-512 encryption
Great, so now your clients have no real way of verifying the authenticity of your web site. If you intend to deal with the public, get a certificate from a reputable provider that typical browsers already trust. Self-signing is a sure sign of an amateur and usually people don't trust a website when the browser keeps nagging them that the certificate is not trusted.
"Can I trust that my SSL provider hasn't been hacked (or at least snooped)?"
Another clue that you need help. There is no such thing as an SSL provider. There are providers that sign certificates intended for specific (or general) purposes. What you do with them is your problem.
How do I know some disgruntled IT admin hasn't sold the private key of his company's root CA to the same organization that developed the conficker virus?
You don't. But keep in mind the risk of a compromised certificate is primarily the threat of someone else pretending to be you, such as a fake site or a man in the middle attack. If you're issuing certs to clients for authentication, the risk is that a compromised cert means someone else can pretend to be your client.
They did that in a trainer with instructors at the helm. The computer relinquished command (ie the auto pilot kicks off and the auto correction kicks off) and the pilot must fly by himself. It was noted that the instructors had zero problem with this scenario and did NOT do something stupid like immediately fly the plane into a stall.
That's what I don't get about this behavior of the computer. The response of the human pilots in the simulator to the loss of air speed indication was to put the plane into a specific throttle and control setting that is known to produce a safe air speed. So when the computer loses air speed indication why doesn't it just do that?
Well it does, sort of. It leaves the throttle and control planes at the last known settings which presumably were safe before the speed sensors quit working. I think that's a better alternative to making an unexpected change to throttle or control planes that might induce a problem.
I got the feeling this was more along the lines of not talking about ship movements and stuff... The summary is a little extreme.
Exactly. The Military is having a HUGE problem with people who can't keep their mouth shut and like to use social media. Too many Army, Navy, and Airforce guys are posting pictures and causal info on twitter and facebook. It's stupid stuff like pictures of where they are and comments that they're shipping out tomorrow to go raid some depot in some town to the north. The enemy no longer has to infiltrate and spy - they just have to subscribe to some idiots twitter feed or friend them on facebook to get troop movements and battle plans.
>One thing I'm surprised hasn't been done yet is to simulate a frozen pitot tube. Fly a simulator in the same simulated conditions and make the pitot tube reading go bad. What do the computers do with that bad input?
They did that in a trainer with instructors at the helm. The computer relinquished command (ie the auto pilot kicks off and the auto correction kicks off) and the pilot must fly by himself. It was noted that the instructors had zero problem with this scenario and did NOT do something stupid like immediately fly the plane into a stall.
The answer is pretty much in the report. The co-pilot put full thottle on and kept pulling up, probably not understanding that that they were losing altitude because they were in a stall situation.
It's not expensive and if you get worth out of the investment it's a good thing all the way around.
Spoken like someone who hasn't looked at DDR1 RAM prices lately.
They might be expensive new, but you can pickup a pair of 512 or a single 1024 stick of DDR for $10-$20. Rambus is even more ridiculous new, but there are still a bunch of eBay buy-it-now auctions for 1-gig RDRAM for $18 with free shipping.
It's not expensive and if you get worth out of the investment it's a good thing all the way around.
Those machine specs are decent for a general office computer running Office 2003. If you want more bang out of it, hit eBay and double the ram for pretty cheap. XP really improves with 1-gig of ram. Of course Firefox still being a memory hog is still a separate issue.
Don't own a Harley. Just hate crotch rockets, and I brush up on comments after weekends. Besides, obnoxiously loud bikes are better - cars are more likely to know you're there if your pipes are loud. Less chance of death is good.
Except that statistically, loud pipes don't save lives. Probably not a direct cause, but some studies show bikes with loud pipes are more likely to be involved in an accident (probably speaks to inexperience more than anything). They aren't even loud unless you're behind them, which means you're just pissing off the people behind you and giving yourself a false sense of safety. Besides if the guys with loud pipes were really doing it to be safer, they should probably start by wearing a helmet - something which clearly does prevent brain damage.
Slashdot Mirror
When you start using units like 'megawatts per hour' to describe energy, nothing else you say engineering related has any credibility.
Huh? When you're talking about electricity *storage* you have to say how long a device can supply the stated power for.
Methinks YOU'RE the one who just dashed your credibility on the rocks of /.
Try megawatt x hours, not megawatts/hour. Using the wrong units hinders your credibility.
This isn't intended to be just another Live CD. The disks or thumb drives are corporate specific, and are setup to boot and provide a secure VPN into the company. Not for general use. In fact they are usually setup so they can only reach out to the company or agency's VPN server. This is a far more secure solution that letting users install VPN software on their personal computers, and a lot cheaper than buying them govt owned computers that they might try to connect to the general internet.
The article gives zero useful information and a link where you can buy the actual study. What was the pricing used for the comparison of $1 dram versus $1 nand? Surely this is OS dependent as well.
If I were to engineer a package system, all files within a package (program) would be checksummed, and the list of checksummed would be PKI-signed in order to prevent the malware from hiding its misdeeds by altering the checksums. Of course, this has been done several times in Linux-land. Microsoft has Windows 8 coming up. Let's hope they finally fix their design.
You still need to verify file permissions in particular setuid, something Linux package managers don't do.
I work at a computer repair shop.
We frequently encounter computers that are kitted up with boot and rootkits, TDL-4 included. Kaspersky's TDSS killer does a pretty good job of removing this stuff, and it's pretty easy to tell if the MBR as been modified. Just fire up a copy of GMER and you'll be able to tell pretty quickly. I see a lot of people posting stuff about having to wipe drives and start over from scratch. That is simply not necessary. The only reason TDL-4 is such a pain in the ass is because it is decentralized, only communicates with a handful of its infected counterparts at a time and modifies the MBR. Even then, it's not impossible to detect or even remove. Just gotta use the right tools...
Sure you got rid of the TDL-4, but what about all the other crap it downloaded? Seriously, if the computer got owned, you can't trust it anymore. You'd never be able to find all the little things like permissions changes and registry tweaks even if you got rid of the trojan's executables. Copy your data files off, scan them really well before introducing them elsewhere, and then reformat the disk. Nuking it from orbit is the only way to be sure.
Yes I have and still do work for Fortune 500 companies. As for testing software you have to be kidding, unless said company has access to the source and can control roll-outs which most can't, all the company can do is advise it's desktop staff not to upgrade for a few weeks. With regard to servers the IT department does have some control and possibly do some testing but in the majority of cases upgrades whether you are running Linux, MS Windows or Unix you still have to put some trust in the vendor since an upgrade may not be that simple to do.
Try someplace like NMCI where users don't have admin rights, all software is pushed, and problem machines simply get re-imaged. Now imagine they have lots of corporate web apps. Claiming that your browser is just an app that can be deleted doesn't work. It's a critical piece of software and you have to test it. Failing to test it and verify it works correctly can cost lots of money in terms of down time.
I'm still skeptical that you've worked in a big company that controls their desktop environment tightly. It sounds like you work in a fairly loose environment with a lot of flexibility. A loose environment is necessary in many cases like R&D. Such looseness is an added cost and security risk when the only thing the users really need is a standardize desktop, for example a bank. In that environment, the self important geek who insists on running a Linux laptop or using the latest Firefox instead of the standard IE is wasting labor playing with the computer instead of simply using it to get the job dowe. I assume you charge the company for that 1.5 hrs every 6 months so you can upgrade Fedora?. Even worse, the geek wannabe who knows just enough to be dangerous is a huge security risk. The same argument applies for locking down desktops so the secretaries don't spend all day playing with wallpapers they found on some website and such.
You call it need for stability. I call it - we are just covering our asses because we can't say developers stick to standards and our leadership stay out of development (because constantly moving development target equals to hacks and hacks equals to need for "stable" (read as: constant version which doesn't change)) version.
I know, I know....corps have money and influence and it is stupid for open source software not to follow rules. I know. But it still doesn't make go away what I said.
You have a point about standards programming being part of the problem. Fact still remains that upgrading the browser can break things, particularly for plugins or sites that may not be compatible (for what ever reason). Corporates don't want to invest time/money requalifying software that worked just fine and dandy before the vendor prematurely EOL'd it.
It's only a number and an IT'er worth his salt should be able to confirm that much.
Yes they can. The problem is that they aren't the ones that make the decision. Large corporations usually have stifling configuration management and strict rules about testing. It's usually non-technical managers that see the new version number as a major upgrade and insist on retesting before they risk rolling it and potentially breaking large number of computers. Yuo should be happy that you're ignorant of this fact.
About Fedora's 6 months release cycle, maybe you missed Fedora is the cutting-edge development version of and for Red Hat?
Wow, you were so close to getting my point. Maybe I needed to continue the train of thought just a tad more? Fedora is unsuitable for the corporate desktop for the exact same reason Firefox is. It's not version stable and changes to rapidly. Both products are targeted and marketed to the hobbyist, or environments where a near constantly changing platform isn't an issue.
It really makes me wonder whether these large companies have an IT department.
Surely they can replace FF4.0 by FF5.0 without exposing their net to Chinese hackers.
Apparently you've never worked in big IT, where software must be thoroughly tested before being rolled out. Image you're the guy that convinced your company to roll out FF as a replacement for IE and them that it was fully compatible with all their corporate websites. Before you've even fully tested and started deploying it, Mozilla EOLs that version number. Kinda sets you back to square one and you look stupid for having suggested it in the first place.
Mozilla screwed themselves on this. FF5 is hardly different than FF4, yet yhey bumped the major rev number trying to convince people they are innovating and ended pissed off the corporate customers who want stability. Fedora still hasn't learned this lesson with their 6 month cycle and a hearty fuck you if you don't keep up because you can only safely upgrade from 1-2 versions behind. The corporate world wants stability and good manageability damn it. They don't want a constantly moving target with questionable long term support.
They don't need to keep the whole rack powered, just the one machine they are interested in, they could power down the rest of the rack and a off the shelf UPS could run it for plenty of enough time to get it to a truck with a inverter on it.
As for the "magic splicing" it is not hard to do, anyone with a basic understanding of electric circuits can splice two live cables together.
There is a product called HotPlug that is meant for seizing assets without powering them down. It works pretty slick. Basically, you plug it into the same power strip, flip the switch and unplug the powerstrip from the wall. You can also splice into the cord or outlet if needed.
http://www.wiebetech.com/products/HotPlug.php
Given who's running the government, I'm pretty sure it's about getting people who send movies and music to other people. I'm also pretty sure if somebody really tries to use the Internet to take down America, the government will miss that because it doesn't involve an mp3 file.
I'm reasonably certain that the Department of Defense don't give a hoot about mp3 files, unless they are a clever exploit to take control of a machine for remote exploitation. They do care about critical infrastructure being crippled. I'd don't think mp3s are involved in critical infrastructure, although they seem to play an important role in lurid fantasies.
DoD is getting much better at protecting themselves but our Govt is recognizing that the vast majority of private computers and networks are inadequately defended or monitored. You can't simply watch the overseas internet connections when a large percentage of attacks against DoD systems originate within our borders. Helping or even simply paying the ISPs to monitor and block attacks is a good idea on paper. This is also about gathering intel and capturing the traffic to and from the attacking computer since it's most likely being remote controlled from elsewhere (typically China).
My local computer parts warehouse allows you to order from web kiosks in-house, and pay with PayPal.
You have to trust that they aren't capturing yuor keystrokes and stealing your account logon. Really no different than trusting the vendor isn't cloning your credit card. Of course PayPal has a horrible reputation for handling disputes as compared to Credit Cards where consumers have laws to shield them.
Yes but that is after a $85 discount. The normal list price is $499. A quick look at it seem to be similar to the $499 iPad 2 in terms of specs. I suspect that it didn't sell well so it had to be discounted.
I suspect you're reading too much into retail versus actual price. If you look, that's their every day normal pricing. Much like the advertised retail price on cars and what they normally sell them at. You can google and find a number of other China based dealers selling this for even lower. http://www.aliexpress.com/wholesale?SearchText=Venus+Pad+Honeycomb+&catId=0 gets vendors selling at $375.
If anything this proves my point, which is that other manufacturers are capable of making a profit selling comparable hardware for $100 cheaper. Apple would have to be doing something very wrong to not be making $50-100 profit on the iPod2 hardware, considering they have the benefit of larger sales and better buying power..
I think B&N as the underdog has purposely left the reader fairly open.
I honestly don't think it was intentionally left open for the purposes of rooting/repurposing. I think they kept the reference board design which normally will boot from the SD card, perhaps thinking this would help avoid bricked units down the road and better support firmware updates. That the Android community has embraced the hardware has only helped their sales and popularity. Certainly, some of those units are getting used as generic tablets and they're not buying B&N ebooks, but I don't think that's actually hurting their profits.
. A Nook Color with custom firmware is only slightly below a Galaxy Tab wifi version with respect to hardware for about $100-$150 less.
Uh, except for that one minor thing... a 7" multi-touch screen. I'd say between that and the other hardware difference, you've found the $100 difference.
I was referring to the 7" Galaxy Tab wifi only which retails for $349, compared to the Nook Color which can be had refurbed from Overstock for $199 right now. Same processor just clocked a little slower, and both are multitouch capacitive 1024x600 screens. http://www.tigerdirect.com/applications/searchtools/item-details.asp?EdpNo=61241
Why can't they be much cheaper?
While some here on /. will refuse to admit, it actually is costly to make a tablet and get a decent margin on them. Most here would like a tablet to cost $150 and be able to run Crysis II while mixing 5.1 audio at the same time; there are limits to what tablets can do for a price. Some components like 10" screens are not plentiful as they have not been mass produced by many suppliers and are still limited to a few companies.
If you look at the Shangzai market, you can find tablets with similar hardware specs being sold for at least $100 less. It's somewhat safe to assume that there is at least $100 profit on the hardware. For example $414 gets you this http://www.merimobiles.com/Venus_Pad_Honeycomb_android_3_0_Dual_Core_Tegra2_p/meri0641.htm.
So how long before Barnes and Noble or Amazon flip their wig and start filing lawsuits and or releasing patches to fix such a thing. I give it about a week tops.
So far they haven't complained about the Nook Color being rooted and used as an Android Tablet. A few of the engineers in fact are quite supportive of it. A Nook Color with custom firmware is only slightly below a Galaxy Tab wifi version with respect to hardware for about $100-$150 less. I suspect B&N isn't making much profit on the readers, and probably not losing much revenue from a small percentage of their sales to users who intend to root them and never actually use them as an e-reader. In the grand scheme, I they'd spend more money trying to DRM and hardware lock things, then just taking the high road and ignoring the issue.
As most folks here have pointed out already, you are in over your head. First, you need to understand that the strength of the hash used to setup an SSL session isn't necessarily an indicator of the strength of the SSL session encryption. Your concern about server power isn't warranted as the strength of the cert used to start up the SSL session is negligible. My advice is to stick to standard methods and don't try to get inventive. You have much bigger things to worry about that the strength of your SSL cert. Like making sure everything else is secure and that you're not subject to things like SQL injection or stolen cookies that result from shoddy programming.
so I created a certificate using OpenSSL for SHA-512 encryption
Great, so now your clients have no real way of verifying the authenticity of your web site. If you intend to deal with the public, get a certificate from a reputable provider that typical browsers already trust. Self-signing is a sure sign of an amateur and usually people don't trust a website when the browser keeps nagging them that the certificate is not trusted.
"Can I trust that my SSL provider hasn't been hacked (or at least snooped)?"
Another clue that you need help. There is no such thing as an SSL provider. There are providers that sign certificates intended for specific (or general) purposes. What you do with them is your problem.
How do I know some disgruntled IT admin hasn't sold the private key of his company's root CA to the same organization that developed the conficker virus?
You don't. But keep in mind the risk of a compromised certificate is primarily the threat of someone else pretending to be you, such as a fake site or a man in the middle attack. If you're issuing certs to clients for authentication, the risk is that a compromised cert means someone else can pretend to be your client.
They did that in a trainer with instructors at the helm. The computer relinquished command (ie the auto pilot kicks off and the auto correction kicks off) and the pilot must fly by himself. It was noted that the instructors had zero problem with this scenario and did NOT do something stupid like immediately fly the plane into a stall.
That's what I don't get about this behavior of the computer. The response of the human pilots in the simulator to the loss of air speed indication was to put the plane into a specific throttle and control setting that is known to produce a safe air speed. So when the computer loses air speed indication why doesn't it just do that?
Well it does, sort of. It leaves the throttle and control planes at the last known settings which presumably were safe before the speed sensors quit working. I think that's a better alternative to making an unexpected change to throttle or control planes that might induce a problem.
I got the feeling this was more along the lines of not talking about ship movements and stuff... The summary is a little extreme.
Exactly. The Military is having a HUGE problem with people who can't keep their mouth shut and like to use social media. Too many Army, Navy, and Airforce guys are posting pictures and causal info on twitter and facebook. It's stupid stuff like pictures of where they are and comments that they're shipping out tomorrow to go raid some depot in some town to the north. The enemy no longer has to infiltrate and spy - they just have to subscribe to some idiots twitter feed or friend them on facebook to get troop movements and battle plans.
>One thing I'm surprised hasn't been done yet is to simulate a frozen pitot tube. Fly a simulator in the same simulated conditions and make the pitot tube reading go bad. What do the computers do with that bad input?
They did that in a trainer with instructors at the helm. The computer relinquished command (ie the auto pilot kicks off and the auto correction kicks off) and the pilot must fly by himself. It was noted that the instructors had zero problem with this scenario and did NOT do something stupid like immediately fly the plane into a stall.
The answer is pretty much in the report. The co-pilot put full thottle on and kept pulling up, probably not understanding that that they were losing altitude because they were in a stall situation.
It's not expensive and if you get worth out of the investment it's a good thing all the way around.
Spoken like someone who hasn't looked at DDR1 RAM prices lately.
They might be expensive new, but you can pickup a pair of 512 or a single 1024 stick of DDR for $10-$20. Rambus is even more ridiculous new, but there are still a bunch of eBay buy-it-now auctions for 1-gig RDRAM for $18 with free shipping.
It's not expensive and if you get worth out of the investment it's a good thing all the way around.
Those machine specs are decent for a general office computer running Office 2003. If you want more bang out of it, hit eBay and double the ram for pretty cheap. XP really improves with 1-gig of ram. Of course Firefox still being a memory hog is still a separate issue.
Don't own a Harley. Just hate crotch rockets, and I brush up on comments after weekends. Besides, obnoxiously loud bikes are better - cars are more likely to know you're there if your pipes are loud. Less chance of death is good.
Except that statistically, loud pipes don't save lives. Probably not a direct cause, but some studies show bikes with loud pipes are more likely to be involved in an accident (probably speaks to inexperience more than anything). They aren't even loud unless you're behind them, which means you're just pissing off the people behind you and giving yourself a false sense of safety. Besides if the guys with loud pipes were really doing it to be safer, they should probably start by wearing a helmet - something which clearly does prevent brain damage.