This is why we upgrade encryption standards. Banks used to use DES which was superseded ages ago and was generally done so before the near real time DES cracker came along. Most of the UK/US banks now use at least triple DES, some still use 2DES. This is mainly used for stuff that is realtime sensitive only and it doesn't really matter if it gets forced in six months or six years.
AS you say though this could hang around and be a big deal a long time from now. I'd probably be happy with AES 256 protecting it, maybe AES 192. 20 years time I wouldn't lay odds on someone being able to brute force a 128 bit key though - yes it seems impossible now but....
Of course someone could find out how to factor numbers efficinetly and then all bets are really off. If the Govt really wanted to make things right they would at least re-issue NI numbers on demand to all those requesting them, or since that's likley to be most people just re-issue the lot.
Child benefit is given to *everyone* - my sister in law takes home £40k and still gets it.
http://www.hmrc.gov.uk/childbenefit/index.htm
so some peoples accounts will be ripe for plucking if there is enough data.
15,000 records for the pension provider and now somewhat like a third of all peopl in the UK sent on what appears to be unencrypted discs.
When I queried this with Standard Life they said that they had no choice but to accept the data like that and that the Govt refused to encrypt it. This being the same Govt that wants to hold all of our medical records in one national database, along with all of the ID card details.
For the US peope reading, the National Insurance number is synonmous with your SSN, although not of quite as much use for fraud. It's still not something that you want to allow out into the wild.
You don't need it to own a computer, nor a telephone. The legislation states that you need it if you have equipment that is installed for the purpose of receiving broadcast media. I have a TV - I have no licence for it and need none becuase it is not tuned in nor connected to an aerial. It's used for watching DVD's, doing video editing work. No licence either is needed for the PC's as they are not connected to any brodcast media.
It's up to you to prove that you don't have the keys. Reversal of the burden of proof. I'd send some encrypted data to a politican and say that this is (insert something nasty) and then invite them to *prove* they don't have the key. They may eventually get the message but I wouldn't bank on it.
Oh and if you get slapped with a gagging order - you are not allowed to discuss that. Not even with a solictor/lawyer.
For what it's worth though you don't have to provide all your keys, you have to decrpyt the data of interest, that's all. There is no requirement for keys to be handed over.
Actually in the UK robbery can be without violence - it's the implied threat of, or actual violence that turns theft into robbery.
It's perfectly possible in the UK to walk into a bank, pretend that the distended shape of a banana in your pocket is a handgun and rob the bank - that's armed robbery and you get life for it.
Regardless of semantics, the intent of the crime is what should determine the sentencing more than the actual result - I don't want to see violent crimes lessened simple because it ended up with less monies stolen than a large electronic heist where no-one even felt threatened and there was no possibility of some being injured as a direct result.
It's not a six year warranty. The limtation for bringing a claim is six years (three years for personal injury) from the date of the contract, so you cannot enforce anything beyond that.
If something is expected to be durable then you could argue that it should last for as long as six years although expect an adjustment for betterment as well. Also look at the item - a cheapo bargain basement PC screen will not be expected to last for six years. A graphics artist spec colour matched screen with a four figure price tag possibly will be.
Also while it's not legal to insist on a receipt (you cannot actually legally demand a receipt unless you are VAT registered) you do have to prove you bought it from the shop in question.
When the corporate apologists manage to show that that is a situation that is dangerous then I'll take note. Until then I'll only listen to corporate apologists that live in a glass house and write all of the financial transactions on the walls with their credit card numbers and PIN's too.
Isotropy just means the same in all directions. If they do point the same way, it's still isotropic. Now if some region had them aligned and other regions didn't then that would be more of a problem I feel.
It's easy - most of the cameras have a default control page. You just Google for that keyword and it' will often return lots of hits of cameras with webservers that are exposed to the internet- say that $CAMERAMAKER has a default webpage of http://camerasite/view?control=mode-on
Just google for the keyword control=mode-on and you will get tons of hits for that camera from all over the page.
That's a month between failures though - an array only takes a few hours to build onto a disk evena large one. Yes they will fail in clusters, but they are very unlikley to fail so close that you cannot rebuild onto the hot spare in time, even in larger arrays
True but I'd still personally rather backup to a chunky tape and take that to stick in the safe at work instead of mucking about with drives like that. I just think that the reasoning that the drives are very likley to fail within a couple of days is erroneous, not that there is not very good reasoning to back stuff up. FWIW I run raid1 on my boxes at home, but I take a tape into wokr every week instead.
That's why we have a hot standby datacentre with real time replication to it. Shame that one of our contractors reversed over the gas main and we evacuated leaving all the access cards to the hot standby in the evacuated building.....
Hehehe....
If you've stooped to correcting grammar and spelling then you've clearly lost whatever argument you thought you may have had. Buck your game up, mediocrity is a vice of the doomed.
It works for me - we have at least a thousand disks in our datacentre in raid5 arrays with 10+ disks per array - all the same make, model and build date and haven't yet had any fail so close that we couldn't leisurely swap the duff one out and rebuild onto the replacement. Quite why people suddenly think that drives are going to fail catastrophically at the same time like this is beyond me when the real world experience says it just isn't so.
No. I'm asking a perfectly reasonable question and being slammed by someone for no good reason. I have no idea if it affects it or no and so am asking the question. I have read that the DRM requirements in Vista are such that the system checks itself to make sure nothing is being tampered with. I have read that glitches or interruptions in playback can cause problems for ensureing the protection is not being subverted. I would like to know if the issue occurs soley on DRM on across all content. It's reasonable to ask.
Now if you had responded with your last sentence that would be fine and I would have thanked you for it and the question answered. Instead you respond with a wholly unprovoked and mendacious attack to apply your spin to the situation. Uncalled for and inappropriate.
Er because unexpected things happen? Like you know, fires and stuff like that. Or do you feel that you don't need insurance because you can always blame someone and sue them instead? Insurance is to cover against the financial loss of the unexpected - if you couldn't prove where you bought this laptop from or say you got it from a yard sale then you would be SOL without insurance cover.
I'm not so sure. I can stream files with a 1GB card and play MP3 and DVD off the local disk with XP and not experience any issues, and transfer data at full rate under XP. I've not tried Vista but it seems that this must be a problem that they have managed to introduce in the new codebase - could the DRM servicing overheads have anything to do with it? Are these files causing the issues DRM protected etc?
You miss the point. You turn this case over to your insurers and they then recoup the losses from Dell/battery maker/etc.
You don't lose out, your insurers don't lose out, and they pay. Since the insurers have no loss then your excess and rates don't go up. Least that's how it works in the UK, I suppose the US may have a very different model.
This is what insurance is for though - the unexpected. Surely general household cover would be sufficient?
As a matter of interest is it common to bill the houseowner for the fire departments response?
With regard to your impassioned and erudite diatribe above it's clear that your version of forensics, not in the computer related mien admittedly has me wanting spit chips.
For your information, I am well aware of the meaning of the word forensics. I am also well aware that English is a contexually sensitive language and that the vast majority of the speakers appreciate this and do not require the context to be explained to them. You may or may not appreciate this, I really don't care. You have proven yourself capable, without justification or reason of ad homeniem attacks (that's Latin, by the way) on others, for the simple justification of inflating what appears to be a small ego. Please have the courtesy as such not to cross my path again, for I fear I find you most distasteful and boorish.
From the article. "....most notably the web-server apache refused to start...."
OK so it probably did other things besides serve web pages, but as a web server it's as dead as a dodo since the logfiles were hosed.
No but postmortem is better - it's clearly not being dissected by scalpels. Just that computer forensics is a strict discipline that has a chain of custody and doesn't tamper evidence, and this would give the misleading impression that the actions carried out are OK.
As a learning step by step article for finding out what happened and doing a post-mortem, then I think it is actually a pretty darn good article and one that I'll be saving to show to people who want to learn. Just not one that you would be able to use in criminal court.
Slashdot Mirror
This is why we upgrade encryption standards. Banks used to use DES which was superseded ages ago and was generally done so before the near real time DES cracker came along. Most of the UK/US banks now use at least triple DES, some still use 2DES. This is mainly used for stuff that is realtime sensitive only and it doesn't really matter if it gets forced in six months or six years.
AS you say though this could hang around and be a big deal a long time from now. I'd probably be happy with AES 256 protecting it, maybe AES 192. 20 years time I wouldn't lay odds on someone being able to brute force a 128 bit key though - yes it seems impossible now but....
Of course someone could find out how to factor numbers efficinetly and then all bets are really off. If the Govt really wanted to make things right they would at least re-issue NI numbers on demand to all those requesting them, or since that's likley to be most people just re-issue the lot.
Child benefit is given to *everyone* - my sister in law takes home £40k and still gets it. http://www.hmrc.gov.uk/childbenefit/index.htm so some peoples accounts will be ripe for plucking if there is enough data.
15,000 records for the pension provider and now somewhat like a third of all peopl in the UK sent on what appears to be unencrypted discs. When I queried this with Standard Life they said that they had no choice but to accept the data like that and that the Govt refused to encrypt it. This being the same Govt that wants to hold all of our medical records in one national database, along with all of the ID card details. For the US peope reading, the National Insurance number is synonmous with your SSN, although not of quite as much use for fraud. It's still not something that you want to allow out into the wild.
You don't need it to own a computer, nor a telephone. The legislation states that you need it if you have equipment that is installed for the purpose of receiving broadcast media. I have a TV - I have no licence for it and need none becuase it is not tuned in nor connected to an aerial. It's used for watching DVD's, doing video editing work. No licence either is needed for the PC's as they are not connected to any brodcast media.
It's up to you to prove that you don't have the keys. Reversal of the burden of proof. I'd send some encrypted data to a politican and say that this is (insert something nasty) and then invite them to *prove* they don't have the key. They may eventually get the message but I wouldn't bank on it.
Oh and if you get slapped with a gagging order - you are not allowed to discuss that. Not even with a solictor/lawyer.
For what it's worth though you don't have to provide all your keys, you have to decrpyt the data of interest, that's all. There is no requirement for keys to be handed over.
Actually in the UK robbery can be without violence - it's the implied threat of, or actual violence that turns theft into robbery.
It's perfectly possible in the UK to walk into a bank, pretend that the distended shape of a banana in your pocket is a handgun and rob the bank - that's armed robbery and you get life for it.
Regardless of semantics, the intent of the crime is what should determine the sentencing more than the actual result - I don't want to see violent crimes lessened simple because it ended up with less monies stolen than a large electronic heist where no-one even felt threatened and there was no possibility of some being injured as a direct result.
It's not a six year warranty. The limtation for bringing a claim is six years (three years for personal injury) from the date of the contract, so you cannot enforce anything beyond that.
If something is expected to be durable then you could argue that it should last for as long as six years although expect an adjustment for betterment as well. Also look at the item - a cheapo bargain basement PC screen will not be expected to last for six years. A graphics artist spec colour matched screen with a four figure price tag possibly will be.
Also while it's not legal to insist on a receipt (you cannot actually legally demand a receipt unless you are VAT registered) you do have to prove you bought it from the shop in question.
I have plenty to hide and not afraid to admit it.
When the corporate apologists manage to show that that is a situation that is dangerous then I'll take note. Until then I'll only listen to corporate apologists that live in a glass house and write all of the financial transactions on the walls with their credit card numbers and PIN's too.
Yes, from the point of sense of direction it's looking decidedly non isotropic... maybe Michealson and Morely were right and the aether lives....:-)
Isotropy just means the same in all directions. If they do point the same way, it's still isotropic. Now if some region had them aligned and other regions didn't then that would be more of a problem I feel.
It's easy - most of the cameras have a default control page. You just Google for that keyword and it' will often return lots of hits of cameras with webservers that are exposed to the internet- say that $CAMERAMAKER has a default webpage of http://camerasite/view?control=mode-on
Just google for the keyword control=mode-on and you will get tons of hits for that camera from all over the page.
That's a month between failures though - an array only takes a few hours to build onto a disk evena large one. Yes they will fail in clusters, but they are very unlikley to fail so close that you cannot rebuild onto the hot spare in time, even in larger arrays
You have two ears and one mouth. Listen more than you talk.
True but I'd still personally rather backup to a chunky tape and take that to stick in the safe at work instead of mucking about with drives like that. I just think that the reasoning that the drives are very likley to fail within a couple of days is erroneous, not that there is not very good reasoning to back stuff up. FWIW I run raid1 on my boxes at home, but I take a tape into wokr every week instead.
That's why we have a hot standby datacentre with real time replication to it. Shame that one of our contractors reversed over the gas main and we evacuated leaving all the access cards to the hot standby in the evacuated building.....
Hehehe.... If you've stooped to correcting grammar and spelling then you've clearly lost whatever argument you thought you may have had. Buck your game up, mediocrity is a vice of the doomed.
It works for me - we have at least a thousand disks in our datacentre in raid5 arrays with 10+ disks per array - all the same make, model and build date and haven't yet had any fail so close that we couldn't leisurely swap the duff one out and rebuild onto the replacement. Quite why people suddenly think that drives are going to fail catastrophically at the same time like this is beyond me when the real world experience says it just isn't so.
No. I'm asking a perfectly reasonable question and being slammed by someone for no good reason. I have no idea if it affects it or no and so am asking the question. I have read that the DRM requirements in Vista are such that the system checks itself to make sure nothing is being tampered with. I have read that glitches or interruptions in playback can cause problems for ensureing the protection is not being subverted. I would like to know if the issue occurs soley on DRM on across all content. It's reasonable to ask. Now if you had responded with your last sentence that would be fine and I would have thanked you for it and the question answered. Instead you respond with a wholly unprovoked and mendacious attack to apply your spin to the situation. Uncalled for and inappropriate.
Er because unexpected things happen? Like you know, fires and stuff like that. Or do you feel that you don't need insurance because you can always blame someone and sue them instead? Insurance is to cover against the financial loss of the unexpected - if you couldn't prove where you bought this laptop from or say you got it from a yard sale then you would be SOL without insurance cover.
I'm not so sure. I can stream files with a 1GB card and play MP3 and DVD off the local disk with XP and not experience any issues, and transfer data at full rate under XP. I've not tried Vista but it seems that this must be a problem that they have managed to introduce in the new codebase - could the DRM servicing overheads have anything to do with it? Are these files causing the issues DRM protected etc?
You miss the point. You turn this case over to your insurers and they then recoup the losses from Dell/battery maker/etc. You don't lose out, your insurers don't lose out, and they pay. Since the insurers have no loss then your excess and rates don't go up. Least that's how it works in the UK, I suppose the US may have a very different model.
This is what insurance is for though - the unexpected. Surely general household cover would be sufficient? As a matter of interest is it common to bill the houseowner for the fire departments response?
With regard to your impassioned and erudite diatribe above it's clear that your version of forensics, not in the computer related mien admittedly has me wanting spit chips. For your information, I am well aware of the meaning of the word forensics. I am also well aware that English is a contexually sensitive language and that the vast majority of the speakers appreciate this and do not require the context to be explained to them. You may or may not appreciate this, I really don't care. You have proven yourself capable, without justification or reason of ad homeniem attacks (that's Latin, by the way) on others, for the simple justification of inflating what appears to be a small ego. Please have the courtesy as such not to cross my path again, for I fear I find you most distasteful and boorish.
From the article. "....most notably the web-server apache refused to start...." OK so it probably did other things besides serve web pages, but as a web server it's as dead as a dodo since the logfiles were hosed.
No but postmortem is better - it's clearly not being dissected by scalpels. Just that computer forensics is a strict discipline that has a chain of custody and doesn't tamper evidence, and this would give the misleading impression that the actions carried out are OK. As a learning step by step article for finding out what happened and doing a post-mortem, then I think it is actually a pretty darn good article and one that I'll be saving to show to people who want to learn. Just not one that you would be able to use in criminal court.