Basically someone took this idea, and imagined what it would be like if there were a 4th spatial dimension we were unaware of (physics has however shown us that there isn't one). If someone pushed a 4d Cube (or hypercube) through our 3d plane, what would we see? Nothing at first, then a cube show up, then it grows into its full size, then shrink back down, and disappear.
On the other hand if you do a full pen test and find no security holes or only a few minor ones then that's a decent indication that there are very few there at all.
It's very simple. You cannot prove a negative. Test as much as you want and if you find a hole, then there's a hole for sure. QED. If you don't find a hole, it doesn't prove that there aren't any. It only proves that, to the ability and diligence of that particular tester, there were no holes that he was capable of finding on that particular day. Maybe they checked the bottom of every keyboard for passwords, maybe they only checked a representative sample. Maybe the company doing the testing is owned by the CEO's brother in law who hasn't even heard of nmap. My point is that a negative means nothing and to read anything more into it is to invite a false sense of security and possible disaster for your company.
From Victorinox's Press Release:
Victorinox Secure - Swiss Army Knife featuring a removable USB flash drive with secure data encryption, fingerprint authentication and up to 32 GB storage. Product available in flight-friendly version.
Just remember to take it out of your pocket before getting back on that plane.
I'd be interested in one without the knife as something to play with, but I'm not sure I want to carry all the rest of it around with me (I'm not some knife freak, but I want a USB stick to be just a USB stick).
If it is anything like their presentation series, then
The usb stick is detachable from the knife portion, so flying is not a problem, and
They offer a version that does not include all of the knife "stuff"
No, this would be "figuratively on the front-lines". Being "litterally(sic) on the front-lines" requires actual lines of battle on a phisical(sic) battlefield. Would it really kill the editors to do even some minor editing?
Some days the irony fairy just gets carried away...
Any single juror can pronounce the defendant "not guilty," and it would have the force of law behind it. "snip" Any one juror answering "yes" to the second question would mean an acquittal.
Sorry, but no. In the US the decision of the jury must be unanimous. That decision can be for acquittal or for conviction, but those are the only definite conclusions. A jury that cannot reach a unanimous decision only results in a mistrial, not an acquittal. The prosecution is free to start over if they so desire.
When two police officers are giving contradictory orders, as in this case, and the result is a charge of "failure to comply," it's entrapment, pure and simple.
Entrapment has a very specific legal definition.
From lectlaw:
ENTRAPMENT
A person is 'entrapped' when he is induced or persuaded by law enforcement officers or their agents to commit a crime that he had no previous intent to commit; and the law as a matter of policy forbids conviction in such a case.
The basic problem is that the ACLU is applying rules and regulations regarding civil society to an area where an armed conflict is occuring. These are two entirely different things governed by two entirely different sets of laws, rules and regulations. If an individual dons the uniform of an enemy force and takes up arms then he is an enemy combatant and is a perfectly legitimate target according to the Laws of Armed Conflict regardless of his citizenship. He may be lawful combatant if the enemy force has willingly allowed him to join and they are commanding his actions, or he may be an unlawful combatant, but he is still a combatant.
Facts: 1. the school told students who did not pay the laptop fee to not remove the laptops from school 2. the kid's parents did not pay the fee 3. kide removed laptop 4. school staff randomly inventoried laptops 5. school staff discovered laptop missing 6. staff activated anti theft program.
Citation needed please. This is the first I have heard of items 2,4,5 and 6.
So why not approve it? I can think of two reasons:
1) Does things beyond the API or agreement allows, particularly with encryption.
2) Apple provides an anti-theft service, which this application would compete with.
But this isn't an application that was submitted to Apple and denied, so these don't apply either. Kaspersky never claimed that they ever wrote or submitted an application. All they have said is that Apple has not provided them with an SDK. Now this might be because
They want a custom SDK with special calls that do what they need, or
They are in a country that is not allowed to legally download the SDK.
We should take this revised approach in a number of areas, not just programming. We shouldn't be just grabbing bolts and nuts out of a bin. We should be hand machining each one that way you know they will work correctly and that they will go together. You can't trust that any old bolt you might buy will necessarily work. If this approach was good enough for the 19th century, it should be good enough for the 21st.
Businesses make such decisions every day -- car rental companies in Canada, for example,
often refuse to rent cars to anyone under age 25 -- so why is it different when PayPal does the same thing?
It would only be the same thing if the car company agreed to rent a car to you, took a week's worth of rental
from you in cash, then said that since you were under 25 they were prohibited by policy to rent the car to you.
Furthermore they would be holding your cash for six months while they investigated why you wanted to
rent a car in the first place. If they didn't find any evidence of "wrongdoing" then at that time they would
refund your money to you.
Especially common for software development libraries, you could pay one price for the binaries, or a higher price for both binaries and source, but it no case was it ever understood that the product was not proprietary.
But in this case, since the code and libraries are php, the "binaries" and the "source" are one and the same!
"You might ask why I didn't make a contract with this client in the first place. It's because I've found, over the years, that insisting on a contract before development starts will result either in a delayed start or even a project being shelved."
"This particular client needed a working application in three weeks and there was simply no time to mess around with legal niceties - I protected my company by insisting on a 50% upfront payment, and on installing the software on our own server. Since then we've implemented several upgrades, including adding a sophisticated PDF export function. "
In a rush to get the job, the author's company agreed to develop and deliver something to a client without a written contract defining who owns what in the end. Once the work was done, the question of ownership came up. IANAL but I would think that without a contract the law of the land would prevail. In the US the work would probably include the application and if that means the source code also, then so be it.
However, web applications by their very nature are far more complicated to nail down in contract form, and the pragmatic requirements of running a business sometimes mean we've gone without written contracts.
If the legal niceties of web applications are complicated when there is a written contract, why is this guy surprised when they are even more so without one?
Developing HTML websites is a standardised(sic) process and it's easy enough to find form contracts online to cover both development and hosting.
I would think that this is a key point. These are distinct agreements and should be covered by distinct contracts, implied or otherwise. Just because they are handled by the same company in this case doesn't (or shouldn't) tie them together. When the application is completed, the developer delivers it to the client and that part of the deal is done. To throw in a US related car analogy(YMMV), in the US Ford is not allowed to contractually obligate you to buy "Ford gasoline" only as a part of your purchase of the car.
I don't know about the corresponding laws in other countries, but if you work in the US, you are woefully misinformed.
Judging by the site (http://www.pcpro.co.uk) that this personal rant posing as journalism is posted to, I would have to guess that the author does not work in the US. Hopefully he also doesn't do contract work for companies in the US either.
Maybe Ticketmaster could use the same response that woot.com used recently. It seems that every know and then woot.com offers a "bag of crap" for sale. The shipment contains random stuff, but is almost always a good deal. So good, in fact, that a significant number of wooters have automated buying scripts that look for these deals. When one comes along, they sell out in seconds. One day not long ago, woot offered for sale a "bag of crap - calendar edition" or something similar. The scripts matched on the text and bought as quick as a flash. I don't know how many warehouses of desk calendars woot was able to get rid of, but it was spectacular.
Ticketmaster just needs to price all tickets at $10,000 each for the first 10 minutes. See how many of these tickets the automation buys.
Slashdot Mirror
Possible answers:
I'll second that. I've owned several Yaesu HTs and they have all performed very well for me.
See also Spaceland by Rudy Rucker.
It's very simple. You cannot prove a negative. Test as much as you want and if you find a hole, then there's a hole for sure. QED. If you don't find a hole, it doesn't prove that there aren't any. It only proves that, to the ability and diligence of that particular tester, there were no holes that he was capable of finding on that particular day. Maybe they checked the bottom of every keyboard for passwords, maybe they only checked a representative sample. Maybe the company doing the testing is owned by the CEO's brother in law who hasn't even heard of nmap. My point is that a negative means nothing and to read anything more into it is to invite a false sense of security and possible disaster for your company.
From Victorinox's Press Release:
Victorinox Secure - Swiss Army Knife featuring a removable USB flash drive with secure data encryption, fingerprint authentication and up to 32 GB storage. Product available in flight-friendly version.
If it is anything like their presentation series, then
Some days the irony fairy just gets carried away...
You would have thought the altitude difference would have been a dead giveaway. Either that or flight 235 needs to climb a bit.
This short story is one of my favorites and pretty much sums up how I think it will go:
Sentient Meat
Under no circumstances should you allow them to read you any poetry.
If they have a book entitled To Serve Man you might want to run also.
Would someone please translate this into English? Oh, and if this was the editor's attempt, I would hate to see the submission!
Sorry, but no. In the US the decision of the jury must be unanimous. That decision can be for acquittal or for conviction, but those are the only definite conclusions. A jury that cannot reach a unanimous decision only results in a mistrial, not an acquittal. The prosecution is free to start over if they so desire.
Entrapment has a very specific legal definition.
From lectlaw:
ENTRAPMENT
A person is 'entrapped' when he is induced or persuaded by law enforcement officers or their agents to commit a crime that he had no previous intent to commit; and the law as a matter of policy forbids conviction in such a case.
What's a CD? Some sort of offline backup of the originally seeded songs?
The basic problem is that the ACLU is applying rules and regulations regarding civil society to an area where an armed conflict is occuring. These are two entirely different things governed by two entirely different sets of laws, rules and regulations. If an individual dons the uniform of an enemy force and takes up arms then he is an enemy combatant and is a perfectly legitimate target according to the Laws of Armed Conflict regardless of his citizenship. He may be lawful combatant if the enemy force has willingly allowed him to join and they are commanding his actions, or he may be an unlawful combatant, but he is still a combatant.
Citation needed please. This is the first I have heard of items 2,4,5 and 6.
Reboot the machine. If the startup screen says Windows, just go ahead and assume it's infested.
But this isn't an application that was submitted to Apple and denied, so these don't apply either. Kaspersky never claimed that they ever wrote or submitted an application. All they have said is that Apple has not provided them with an SDK. Now this might be because
Looks like Metasploit has a payload module to go with this backdoor. Nifty!
We should take this revised approach in a number of areas, not just programming. We shouldn't be just grabbing bolts and nuts out of a bin. We should be hand machining each one that way you know they will work correctly and that they will go together. You can't trust that any old bolt you might buy will necessarily work. If this approach was good enough for the 19th century, it should be good enough for the 21st.
It would only be the same thing if the car company agreed to rent a car to you, took a week's worth of rental from you in cash, then said that since you were under 25 they were prohibited by policy to rent the car to you. Furthermore they would be holding your cash for six months while they investigated why you wanted to rent a car in the first place. If they didn't find any evidence of "wrongdoing" then at that time they would refund your money to you.
But in this case, since the code and libraries are php, the "binaries" and the "source" are one and the same!
In a rush to get the job, the author's company agreed to develop and deliver something to a client without a written contract defining who owns what in the end. Once the work was done, the question of ownership came up. IANAL but I would think that without a contract the law of the land would prevail. In the US the work would probably include the application and if that means the source code also, then so be it.
If the legal niceties of web applications are complicated when there is a written contract, why is this guy surprised when they are even more so without one?
I would think that this is a key point. These are distinct agreements and should be covered by distinct contracts, implied or otherwise. Just because they are handled by the same company in this case doesn't (or shouldn't) tie them together. When the application is completed, the developer delivers it to the client and that part of the deal is done. To throw in a US related car analogy(YMMV), in the US Ford is not allowed to contractually obligate you to buy "Ford gasoline" only as a part of your purchase of the car.
Judging by the site (http://www.pcpro.co.uk) that this personal rant posing as journalism is posted to, I would have to guess that the author does not work in the US. Hopefully he also doesn't do contract work for companies in the US either.
Actually if you look at security advisory number ....
Maybe Ticketmaster could use the same response that woot.com used recently. It seems that every know and then woot.com offers a "bag of crap" for sale. The shipment contains random stuff, but is almost always a good deal. So good, in fact, that a significant number of wooters have automated buying scripts that look for these deals. When one comes along, they sell out in seconds. One day not long ago, woot offered for sale a "bag of crap - calendar edition" or something similar. The scripts matched on the text and bought as quick as a flash. I don't know how many warehouses of desk calendars woot was able to get rid of, but it was spectacular.
Ticketmaster just needs to price all tickets at $10,000 each for the first 10 minutes. See how many of these tickets the automation buys.