So my email address is worth between $4 and $30. Excellent - I can afford to retire now.
If you know someone (hell, anyone) who pays this kinda ca$h, please let me know. With my own domain I can create email addresses indefintely, and at $30 each it's literally printing money.
Now, of course if the reality was that spammers pay a tiny fraction of a cent per address then it's less worth my while (but could still be worth knocking together a script for).
Which option strikes you as most likely? Yes, thought so.
In similar news, my password is worth money too? Really? My password is "chocolate" - that'll be another couple of $$ please (feel free to sell it on yourself, too).
Now, I'll just sit back and wait for all the SPAM^H^H^H^Hmoney to start rolling in. Hmmmm, I think I just burned out my irony circuits.
They might have given it a name but there was a great deal of free software around 10 years ago. My impression from those times (and it was only 10 years, we're not talking a lifetime here) is that the primary driver for free software was the internet - not a bunch of people at a conference, even if they call it a summit.
"Nerds" understand that twitter, constant IM'ing and such are appealing to control freaks and teenage girls who have to checkup on their boyfriends, constantly. Or want to talk on the phone non stop...
I have heard the opinion that people who dominate a conversation, or who find a silence unbearable are often quite insecure and nervous individuals. They mask this by always having to be in control of a conversation - and the way to do that is to always be the one who's talking. Now you can easily make the mistake of assuming someone who talks a lot is an extrovert: frequently you'd be wrong.
Likewise with twitter. Most of the tweets I have seen on the system are so utterly banal that it beggars belief that anyone would either take the time to send them, or even worse: take the time to read them. It seems to be the 2007/8 version of being incapable of shutting up. Fortunately in this case, all it takes is a click to rid yourself of these tiresome individuals.
Just because this guy invented (or part-invented) an encryption technique, he is not necessarily an expert in any other field - no matter how much of a celebtrity he may be.
While he may have "woken up" to the threat of nuclear weapons, and can use his established reputation to help reduce the threat they pose, he is certainly not an expert and his opinions (for that is all they are) carry no greater weight than yours or mine.
who's going to win the 'National today?
If it can't tell me that, then no matter how technical-sounding it's algorithm is, it's not a lot of use to me.
Let's start with the basic fallacy: Engineers' focus and attention to details, Yes, some engineers have these traits - along with book-keepers, microbiologists and archeologists just to name a few. Some people in any trade or profession can be described like this - there's nothing special about engineering.
Here's a good one: along with their perceived lack of social skills, Perceived, surely it's only actual traits that count, not one's that other people might think you have.
Most engineers I know, or have met (clue: lots) are pretty normal people. They fit into society, they don't complain. They're quite likely to be successful and have other (engineer) friends. An unkind person might even call them boring.
Personally I just can't see Dilbert with a bomb strapped under his shirt.
The Icelandic govt. has just increased their bank rate to 15% and the country is not doing too well. Nor is it's currency.
That's not the kind of situation that attracts new investment and this promotion (if that's what it is) doesn't look very promising.
When you're a small company it's easy to grow at 20% a year - all you need is one extra customer and you've hit your targets.
When you get to billion$$ comglomerate size, it's more difficult. Your shareholders still expect the same record of growth that they saw when the company was younger, smaller and more idealistic. They put pressure on the board for more growth, bigger yields, higher share prices, better dividends.
As a CEO, if you can't oblige the "money or nothing" shareholders, they'll just dump you and find someone else who can/will.
To keep your job, out go the high moral standards, say goodbye to the corporate ethics and adios to the founding principles - all of which are now merely expensive luxuries than your organisation can no longer afford, in it's quest for double-digit year-on-year growth.
If you, as CEO, don't realise that customer loyalty and fanboy-infatuation aren't things that can be traded, don't worry - someone else (why do we emply marketing consultants?) will whisper it in your ear. Up go the share prices again and your bonus is delivered by the very same guy who unburdens you from your soul.
While it's possible to make a million from hard work - without exploiting other poeple, it's not possible to make a billion the same way.
Sometimes the original emails from the attackers appear to contain press releases from other Tibet campaigners - but when they are opened they install a trojan,
OK, so don't open the emails. Really, does it need the FBI to tell you this?
Better, maybe use a platform that isn't susceptible to Word/OS viruses and trojans.
The other, from working in schools, comes from the Tesco Computers For Schools voucher scheme
The thing about this promotion is that giving away computers to schools is actually something Tesco could afford to do, for free, anytime they chose. The whole idea of making people collect worthles pieces of paper and go through the charade of giving them to schools who then redeem them is merely a marketing exercise to promote loyalty to the store and to make the donors feel good in themselves, it's certainly not a charitable activity.
Therefore I would say that they have the level of security exactly right. The product (here, the voucher not the computer) is worthless, so there's no merit in trying to protect it. I would expect that any effort Tesco's made to either trace back or validate the authenticity of a voucher would add considerably to the cost of the marketing programme and is therefore not worthwhile.
Securing things with value has some worth (provided the security costs are commensurate with the risks and value involved). Adding security just for the hell of it, or "because we can" is a pointless exercise that only adds to costs and overheads.
Yes, you're right in that example. However my experience (somewhat limited I admit) is that security professionals and others tend to make statements such as "X is a security risk", rather than saying "if you do X, Y will happen".
They seem to have learned the "weasel words": might, could, may, etc. and pepper their prognostications with them. As a consequence you can't nail them down to a definitive, quantifable, statement.
I'd like to ask the guy who wrote about being able to mail tubes of live ants (from the original article) exactly how many instances of this has occurred? While he is right that's it's possible, my point is that possible does not mean probable. Even if someone did send you a tube of ants, or ordered you a porta-potty: well, so what? It's not exactly life-threatening and would only take a phone call, or a quick FLUSH to resolve the problem - barely worth considering, much less writing about.
between being "security conscious" and being completely paranoid. When it boils down to it, there's risk involved in everything we do. Nothing is completely secure and there's always a chance that something will go wrong.
Sadly the world we live in today has massively overestimated the possiblity of problems and hugely inflates the effects they will have (in the tiny percent of occasions when they happen). I think this is a side-effect of improved communications: we all get to hear about the 1 in a million disaster stories, but never about all the other times, when everything goes right. This leads us to think that problems are more common than they actually are.
The great thing about being a security professional is that you can never be proved wrong. If you claim a security hole and it is never exploited, no-one will say you're wrong - just that it hasn't been exploited yet. If we beleived everything these guys say, no-one would ever do anything as we'd all be too scared. Personally I think we should avoid the obvious problems, get on with our lives and accept that on a few, very few, occasions we might have to spend a little time sorting out a problem.
The claim in the article is that since these people grew up with technology they have a better idea of how to make purchases.
So far as I am aware, none of these guys grew up in a datacentre, with terabytes of enterprise storage, robotic backups, commercial quality databases or corporate security policies. To try and scale up from having a Nintendo as a child, to being able to instantly grasp the complexities of a mulitnational network infrastructure is a bit of a leap.
If people think that because they have always had a PC or a Mac, that qualifies them to have an opinion on "IT" (whatever that is) then there are going to be some rather big surprises coming.
However that could explain a lot of the more egregious IT problems in industry and commerce.
if you have only ever programmed in a high-level language, you should really learn a low level one. This will give you an appreciation of what actually goes on inside a processor.
Even if you never use it commercially, the background it gives you in terms of hardware will improve your ability to write efficient code.
Personally, I think this should be the first language that future programmers (as opposed to CS graduates) should learn.
You're right - but I think it's a myth that nukes and their delivery systems can be set, waiting without maintenance for years until somone just presses the button. Maybe that's the real reason there aren't any space-based weapons.
In practice (I'm no expert, but this is the internet!) when you take the serviceability of weapons, missiles, communications, bunkers and all the other pieces into account, I'd be surprised if more that 1/4 of any major nuclear force could be launched on any particular day, unless there was a lot of build up time to get all the parts reassembled and tested. Just look at how long it takes to get a satellite launch vehicle or the scuttle ready to go.
That does lead to the rather worrying question of just how many nukes are in transit between their SILOs and the (re)manufacturing facilities on any given day.
Just to quantify the effect, the Sun E10000 Starfires we used a few years ago had ECC error counters built into the operating system. When I asked what they were for the salesman told me straight that they detected/corrected cosmic ray hits.
More for laughs than anything else, I started logging them and found that a server with 16GB got maybe one ot two hits per week. After that I started to take ECC seriously - for professional quality servers.
You probably don't need it for the domestic appliance quality stuff that people run at home - but for real work, get some decent kit
In the case where the cop asks for your name, knowing your name gives no power in itself - you might have given a false name. it's only when that information can be used that the power is given/lost. When the cop does the PNC lookup, that is when they get power. Likewise, if you ask the cop their name, you have no means to use that information and therefore no power.
Even if you could record the police (which in the UK, you can't) you still have to have a means to use that recording for it to have power. Unless there's a heinous action on it, the media won't be interested. You can put it on youtube - but really, who cares?
Oh, and while we're on the subject. Society != Government.
Society is me, my partner, the people in my road, the queue in Sainsbury's. Govenerment is a group of dehumanised institutions - the two cannot be compared
You say It took us an extremely long time to find someone with the necessary skill set.
Don't you really mean it took a long time to find someone..... who was willing to work for you?
Without wishing to start an argument, web developers aren't exactly the rarest species of techy. Unless you have something truly bizarre, a remote location, or are paying peanuts, it shouldn't need much more than a "webmaster wanted" ad. to have them queuing round the block.
Did you interview lots,, and not choose any - or was it simply that no-one wanted to take the job?
(silly thought - did you consider recruiting someone without the skills, then training them?)
you're strapped into a machine the size of a room - we're not talking about someone suppreptitiously pointing a camera-sized device at you and reading your thoughts. Yes. that'll be an interesting idea, if and when it becomes a practical proposition.
From the article Those technologies remain decades away, but researchers say it's not too soon to think about them, especially if research progresses at the pace set by this study.
Well, I beg to differ. By the time the "decades" have passed, we'll actually have some information to consider, not just a load of pie-in-the-sky whimsy from people who have no facts to base it on.
Let's worry about today's ethical issues and leave things like this for when they look like becoming a practical reality.
The Air Force and Army *DO* have email encryption. However, it is user selectable - i.e., when emailing anything it is up to the user to make the determination if the encryption is warranted, and then select the option.
encryption should never be an option. it should be mandatory - here's why.
When you have the option of only encrypting "important" messages (and this goes for email, radio broadcast, satellite, whatever) then you draw attention to the importance of a message's content by encrypting it. Military strategists will tell you this is a bad thing. You must send all messages with the same standard or security - that way the baddies have to expend a great deal of time and resources trying to decrypt everything, just to fine the one in 10,000 that is worth the effort.
Even if you think the baddies don't or can't decrypt the messages, if you only encrypt important ones, an onlooker can tell there's something going on by an increase in the number or length of encrypted messages. That in itself is valuable information. It's not unknown for broadcast (remember the "number stations") messages to be sent non-stop, with padding if there's no real content to send, just to cloak the real volumes
Just go with a non-american ISP/domain name reistrar. It's not as if the US rules the planet, there are plenty of ways to continue working without their say-so or approval.
Just move to a free locationa and continue with your legitimate business.
The first time you receive this email you might think a bit, but after that if you get it againa and again, I doubt you'd pay any attention. I dout this would have much effect after the first or second generations - no matter how much more threatening they made subsequent emails.
Slashdot Mirror
If you know someone (hell, anyone) who pays this kinda ca$h, please let me know. With my own domain I can create email addresses indefintely, and at $30 each it's literally printing money.
Now, of course if the reality was that spammers pay a tiny fraction of a cent per address then it's less worth my while (but could still be worth knocking together a script for).
Which option strikes you as most likely? Yes, thought so.
In similar news, my password is worth money too? Really? My password is "chocolate" - that'll be another couple of $$ please (feel free to sell it on yourself, too).
Now, I'll just sit back and wait for all the SPAM^H^H^H^Hmoney to start rolling in. Hmmmm, I think I just burned out my irony circuits.
They might have given it a name but there was a great deal of free software around 10 years ago. My impression from those times (and it was only 10 years, we're not talking a lifetime here) is that the primary driver for free software was the internet - not a bunch of people at a conference, even if they call it a summit.
I have heard the opinion that people who dominate a conversation, or who find a silence unbearable are often quite insecure and nervous individuals. They mask this by always having to be in control of a conversation - and the way to do that is to always be the one who's talking. Now you can easily make the mistake of assuming someone who talks a lot is an extrovert: frequently you'd be wrong.
Likewise with twitter. Most of the tweets I have seen on the system are so utterly banal that it beggars belief that anyone would either take the time to send them, or even worse: take the time to read them. It seems to be the 2007/8 version of being incapable of shutting up. Fortunately in this case, all it takes is a click to rid yourself of these tiresome individuals.
While he may have "woken up" to the threat of nuclear weapons, and can use his established reputation to help reduce the threat they pose, he is certainly not an expert and his opinions (for that is all they are) carry no greater weight than yours or mine.
Beware of celebreties with a cause.
who's going to win the 'National today? If it can't tell me that, then no matter how technical-sounding it's algorithm is, it's not a lot of use to me.
Engineers' focus and attention to details, Yes, some engineers have these traits - along with book-keepers, microbiologists and archeologists just to name a few. Some people in any trade or profession can be described like this - there's nothing special about engineering.
Here's a good one: along with their perceived lack of social skills,
Perceived, surely it's only actual traits that count, not one's that other people might think you have.
Most engineers I know, or have met (clue: lots) are pretty normal people. They fit into society, they don't complain. They're quite likely to be successful and have other (engineer) friends. An unkind person might even call them boring.
Personally I just can't see Dilbert with a bomb strapped under his shirt.
The Icelandic govt. has just increased their bank rate to 15% and the country is not doing too well. Nor is it's currency. That's not the kind of situation that attracts new investment and this promotion (if that's what it is) doesn't look very promising.
When you get to billion$$ comglomerate size, it's more difficult. Your shareholders still expect the same record of growth that they saw when the company was younger, smaller and more idealistic. They put pressure on the board for more growth, bigger yields, higher share prices, better dividends.
As a CEO, if you can't oblige the "money or nothing" shareholders, they'll just dump you and find someone else who can/will.
To keep your job, out go the high moral standards, say goodbye to the corporate ethics and adios to the founding principles - all of which are now merely expensive luxuries than your organisation can no longer afford, in it's quest for double-digit year-on-year growth.
If you, as CEO, don't realise that customer loyalty and fanboy-infatuation aren't things that can be traded, don't worry - someone else (why do we emply marketing consultants?) will whisper it in your ear. Up go the share prices again and your bonus is delivered by the very same guy who unburdens you from your soul.
While it's possible to make a million from hard work - without exploiting other poeple, it's not possible to make a billion the same way.
OK, so don't open the emails. Really, does it need the FBI to tell you this?
Better, maybe use a platform that isn't susceptible to Word/OS viruses and trojans.
Better yet, how about some anti-virus software?
Well, he'd loved this lot - skillful? no way. "Lucky?" definitely - though I doubt this is what he meant by luck
The thing about this promotion is that giving away computers to schools is actually something Tesco could afford to do, for free, anytime they chose. The whole idea of making people collect worthles pieces of paper and go through the charade of giving them to schools who then redeem them is merely a marketing exercise to promote loyalty to the store and to make the donors feel good in themselves, it's certainly not a charitable activity.
Therefore I would say that they have the level of security exactly right. The product (here, the voucher not the computer) is worthless, so there's no merit in trying to protect it. I would expect that any effort Tesco's made to either trace back or validate the authenticity of a voucher would add considerably to the cost of the marketing programme and is therefore not worthwhile.
Securing things with value has some worth (provided the security costs are commensurate with the risks and value involved). Adding security just for the hell of it, or "because we can" is a pointless exercise that only adds to costs and overheads.
They seem to have learned the "weasel words": might, could, may, etc. and pepper their prognostications with them. As a consequence you can't nail them down to a definitive, quantifable, statement.
I'd like to ask the guy who wrote about being able to mail tubes of live ants (from the original article) exactly how many instances of this has occurred? While he is right that's it's possible, my point is that possible does not mean probable. Even if someone did send you a tube of ants, or ordered you a porta-potty: well, so what? It's not exactly life-threatening and would only take a phone call, or a quick FLUSH to resolve the problem - barely worth considering, much less writing about.
Sadly the world we live in today has massively overestimated the possiblity of problems and hugely inflates the effects they will have (in the tiny percent of occasions when they happen). I think this is a side-effect of improved communications: we all get to hear about the 1 in a million disaster stories, but never about all the other times, when everything goes right. This leads us to think that problems are more common than they actually are.
The great thing about being a security professional is that you can never be proved wrong. If you claim a security hole and it is never exploited, no-one will say you're wrong - just that it hasn't been exploited yet. If we beleived everything these guys say, no-one would ever do anything as we'd all be too scared. Personally I think we should avoid the obvious problems, get on with our lives and accept that on a few, very few, occasions we might have to spend a little time sorting out a problem.
So far as I am aware, none of these guys grew up in a datacentre, with terabytes of enterprise storage, robotic backups, commercial quality databases or corporate security policies. To try and scale up from having a Nintendo as a child, to being able to instantly grasp the complexities of a mulitnational network infrastructure is a bit of a leap.
If people think that because they have always had a PC or a Mac, that qualifies them to have an opinion on "IT" (whatever that is) then there are going to be some rather big surprises coming.
However that could explain a lot of the more egregious IT problems in industry and commerce.
Knowing that would let us judge (by their own criterion) whether this paper is useful, or garbage.
But,just to be on the safe side I think I'll switch to whisky
"Some programmers write FORTRAN in any language"
Even if you never use it commercially, the background it gives you in terms of hardware will improve your ability to write efficient code.
Personally, I think this should be the first language that future programmers (as opposed to CS graduates) should learn.
In practice (I'm no expert, but this is the internet!) when you take the serviceability of weapons, missiles, communications, bunkers and all the other pieces into account, I'd be surprised if more that 1/4 of any major nuclear force could be launched on any particular day, unless there was a lot of build up time to get all the parts reassembled and tested. Just look at how long it takes to get a satellite launch vehicle or the scuttle ready to go.
That does lead to the rather worrying question of just how many nukes are in transit between their SILOs and the (re)manufacturing facilities on any given day.
More for laughs than anything else, I started logging them and found that a server with 16GB got maybe one ot two hits per week. After that I started to take ECC seriously - for professional quality servers.
You probably don't need it for the domestic appliance quality stuff that people run at home - but for real work, get some decent kit
In the case where the cop asks for your name, knowing your name gives no power in itself - you might have given a false name. it's only when that information can be used that the power is given/lost. When the cop does the PNC lookup, that is when they get power. Likewise, if you ask the cop their name, you have no means to use that information and therefore no power.
Even if you could record the police (which in the UK, you can't) you still have to have a means to use that recording for it to have power. Unless there's a heinous action on it, the media won't be interested. You can put it on youtube - but really, who cares?
Oh, and while we're on the subject. Society != Government.
Society is me, my partner, the people in my road, the queue in Sainsbury's. Govenerment is a group of dehumanised institutions - the two cannot be compared
Don't you really mean it took a long time to find someone ..... who was willing to work for you?
Without wishing to start an argument, web developers aren't exactly the rarest species of techy. Unless you have something truly bizarre, a remote location, or are paying peanuts, it shouldn't need much more than a "webmaster wanted" ad. to have them queuing round the block.
Did you interview lots,, and not choose any - or was it simply that no-one wanted to take the job?
(silly thought - did you consider recruiting someone without the skills, then training them?)
From the article Those technologies remain decades away, but researchers say it's not too soon to think about them, especially if research progresses at the pace set by this study.
Well, I beg to differ. By the time the "decades" have passed, we'll actually have some information to consider, not just a load of pie-in-the-sky whimsy from people who have no facts to base it on.
Let's worry about today's ethical issues and leave things like this for when they look like becoming a practical reality.
encryption should never be an option. it should be mandatory - here's why.
When you have the option of only encrypting "important" messages (and this goes for email, radio broadcast, satellite, whatever) then you draw attention to the importance of a message's content by encrypting it. Military strategists will tell you this is a bad thing. You must send all messages with the same standard or security - that way the baddies have to expend a great deal of time and resources trying to decrypt everything, just to fine the one in 10,000 that is worth the effort.
Even if you think the baddies don't or can't decrypt the messages, if you only encrypt important ones, an onlooker can tell there's something going on by an increase in the number or length of encrypted messages. That in itself is valuable information. It's not unknown for broadcast (remember the "number stations") messages to be sent non-stop, with padding if there's no real content to send, just to cloak the real volumes
Just go with a non-american ISP/domain name reistrar. It's not as if the US rules the planet, there are plenty of ways to continue working without their say-so or approval. Just move to a free locationa and continue with your legitimate business.
The first time you receive this email you might think a bit, but after that if you get it againa and again, I doubt you'd pay any attention. I dout this would have much effect after the first or second generations - no matter how much more threatening they made subsequent emails.