"'There's probably no way you can completely protect your organization against the increasingly sophisticated attacks by foreign and domestic spies. That's especially true if the attacks are coming from foreign governments, "
?
what makes you think that the same action by your very own government is not an attack?
Recently a lot of IT managers of the UN system coming from the US exclusively install US-company based products which ( would ) give US based services a nice backdoor to their IT systems.
As many co-posters mentioned: it is the security alertness of staff which decides.
Best thing to do IMHO:
discuss security open in the company with all implications!
Take Open Source solution - or second best - a Proprietary one. PLUS think up of something unique additionally.
( For this the Open Source is better )
do you think the US is too stupid to place spyware/trojans into firmware?
why does it always have to be China?
buy a simple FPLA designer board for $200 and design for example an ethernet interface
then you add some SW routines you like.
If you are clever you put in code that loads other code out of the NIC's datastream when triggered by some code in the datastream!
-
voila you have a Trojan Boot Loader which acts as you customer paid sleeping spy - to be activated via serial number!
Slashdot Mirror
I want to participate from your score ;-)
Of course the US is not using their spying technology on its friends and allies! Never ever - or maybe just when its necessary?
to get the one or the other contract before the others do....
Look up whats in you router and switch firmware - maybe you too have a Trojan Boot Loader in it!
-
remember the Google incident? maybe you think it were two, but think of it as one thing:
Google-USA was intruded
claims said it was China government hackers.
Bruce Schneier said it was through the NSA backdoor of Google.
some time later China says Google needs to commit to its censor-program
Google says it want comply - and moves to Hongkong ( PDR China )
later they skip the re-routing to Hongkong
-
maybe one can interpret it like this:
China breaks into Google-US through the NSA backdoor.
it learns that Google-Beijing has also a backdoor for NSA
it does not like this
it tells Google: no way - either you close that hole or you are out!
Google needs to report to its masters at NSA: what can we do?
it tries to play a PR-campaign - and when things settle they comply - hoping to trick China again later
-
but now that you speak of it - I was always suspicious about Scott Adams
He must be on something - otherwise he couldn't know, what happens in our Agency!
If not - why not?
answers some of my previous questions.
What I am looking for is a multidimensional adressing - file or database system.
something like multiple B-tree's for the content with the possibility to add another B-tree index if required later.
Maybe the Google people have an answer?
it is D.
you are damned right!
thanks
-
I built in our Lab a 200 user multisegment LAN for $ 10.000, but for 600 nodes
as we have more computers than staff!
-
It was called Ethernet! -
Bob Metcalf - one of my heroes along with R.P. Stalman, R.Knuth, L. Thorvald and many many others including Richard P. Feynman.
For keeping Ethernet free I forgive you many design errors at 3COM ;-)
there are nuff small - and not so small people who would like to deliver those crooks!
keep the original media and doc ready
If you keep things at home which can be replaced, insure them.
keep valuable afap in a bank vault.
Keep a low profile and make your home ( and yourself ) lokk rather lowly.
burglars will investigate - most break-ins are actually targeted and not by chance!
And if you want to be bored and annoyed, install an alarm system which alerts you by SMS
then look up via the Internet you surveillance cam.
so this is the real reason for WLAN sniffing of Google!
They bill the companies - and if they do not part with their brass, sue.
http://www.bildkunst.de/
maybe there is a similar org where you live?
and maybe free as in reusable to improve it,
but not necessarily free as in beer!
?
what makes you think that the same action by your very own government is not an attack?
Recently a lot of IT managers of the UN system coming from the US exclusively install US-company based products which ( would ) give US based services a nice backdoor to their IT systems.
As many co-posters mentioned: it is the security alertness of staff which decides.
Best thing to do IMHO:
discuss security open in the company with all implications!
Take Open Source solution - or second best - a Proprietary one. PLUS think up of something unique additionally. ( For this the Open Source is better )
. selective denial of access will be a powerful instrument of influence:
"we know that you did this - if you do not want others to know, better do this!"
you beat me with this answer!
see http://www.worldmapper.org/display.php?selected=99
just CD or DVD ROM
why does it always have to be China?
buy a simple FPLA designer board for $200 and design for example an ethernet interface
then you add some SW routines you like. If you are clever you put in code that loads other code out of the NIC's datastream when triggered by some code in the datastream!
-
voila you have a Trojan Boot Loader which acts as you customer paid sleeping spy - to be activated via serial number!
- sweet slumber non-praranoids!
at least on the servers in China - if not also in HK
ask them what interesting problems they encountered,
ask them how they see the users point of view on their apps.
Quis custodiet ipsos custodes? - of course they will not assume that you steal when you rightfully load or transfer content.
-
and also invertebrae like insects, crayfish etc.. laid eggs long before