"Obviously if Microsoft offered more than the black-market prices, everyone would just sell their exploits to them."
Yes, however from a business orientated viewpoint this portrays the company having its balls in the hands of 'outsiders'. As a smart 'enterprisingly minded' human being would you buy software from a company which you plan to deploy on thousands of machines, if you knew that some of the security testing and possible patch submissions on it may have been handled by x-cons/hackers/crackers/stfu/criminals/etc.
I am not saying it would be substandard, but I think that a lot of people would feel something intuitively wrong with that. In a lot of ways it's like saying you got a friends friend who is a robber to test out your alarm for you.
However, at the same time, as pointed out
"The people they would be paying money to are not criminals or bad people, they're legitimate researchers who just can't afford to do work for Microsoft for free when they could be doing something else for money."
Yes, there is a lot of legitimate security researchers out there, but let's say the CashPerExploit deal was introduced. Do you not think there would be an adequate amount of better trained 'nefariously minded' exploit finders?
One bad apple fucks up the box. If companies got the impression that there is a possibility their software supplier uses such people, I think their confidence in the company would loosen.
But having said that, once it becomes a business enough people might get 'trained up' quickly.
I work for a company who uses a variety of Microsoft Technologies deployed over quite a few machines. Not hundreds, or thousands, just a tad higher!
You'd be surprised at how relaxed they are about security, but me, I am generally just paranoid anyway. This is the first experience I have had in an 'enterprise environment', but all of the above is just me suspecting that other companies have a different corporate strategy to their security.
I must say, for how successful they are, they really do believe in solely using M$ products, and products developed by companies who have good relations with M$.
I don't know, maybe it's like being with a gang of people. You're either on the FSF's land or somewhere in Redmond. A sense of security fostered by a recorded long term relationship of software development companies. Maybe it's less about the company, and more about consistency derived from their strong relationship. Patches each month, deployment Friday, etc... A big corporate bureaucratic machine survives on things like this, a bit like the x86 idea, make it simple, and make it fast/reliable.
Hah, I'm laughing too....
"Deco, ya stallin' it up to mouseys gaff? We'll get mad ourra'vih!"
I am not an expert on such matters, but would a faraday cage prove useful?
http://en.wikipedia.org/wiki/Faraday_cage
"To a large degree, Faraday cages also shield the interior from external electromagnetic radiation if the conductor is thick enough and any holes are significantly smaller than the radiation's wavelength. This application of Faraday cages is explained under electromagnetic shielding."
It may be less about taking the taking of fingerprints, but more about seeing if the prospective employee is willing to be subjected to such screening.
An employee who is concerned about their rights and what's acceptable for a job interview are less likely to be malleable and "adaptable" to fit the evolving needs of the job.
I disagree.
A large part of my time is dedicated to personal projects. I won't lie that I'm a jack of all trades and master of none, well possibly one:p. Most of these interests span from WSN research as far as music.
I find that the content on wikipedia is readable, and overall a great resource.
However, when I began using wikipedia initially, the volume of data presented with a hgih level of detail on some topics was quite intimidating.
But over the course of time, this became palatable.
What do people want wikipedia to be?
Can new functionality be added in to accommodate all audiences?
Would you like to see search results like this?
"All about the human brain (500 words)"
I do have quite a lot of e-books which I would constantly use for reference when coding... but to be honest, if I was to read a book I just prefare to have it in it's physical form.
Why?
1. So that I can write little small notes to jog my memory for when I need it
2. Well, I just feel more comfortable reading from a book (explanation?, god only knows)
I also do the computers for 2 local schools(4-12 also) and considered the switch to a linux based distro.
The main problem I found was I had trouble getting some of the childrens software to run properly with wine... some of it did work though (to some degree).
The day may come where you sit down of a Satuday afternoon, turn on the television only to see in bold writing:
ROBOT WARS:
The Linux based killing machine "Torvaldarus" vs the unpredictable Windows based "Gatesarus", to the death.
Slashdot Mirror
"Obviously if Microsoft offered more than the black-market prices, everyone would just sell their exploits to them."
Yes, however from a business orientated viewpoint this portrays the company having its balls in the hands of 'outsiders'. As a smart 'enterprisingly minded' human being would you buy software from a company which you plan to deploy on thousands of machines, if you knew that some of the security testing and possible patch submissions on it may have been handled by x-cons/hackers/crackers/stfu/criminals/etc.
I am not saying it would be substandard, but I think that a lot of people would feel something intuitively wrong with that. In a lot of ways it's like saying you got a friends friend who is a robber to test out your alarm for you.
However, at the same time, as pointed out "The people they would be paying money to are not criminals or bad people, they're legitimate researchers who just can't afford to do work for Microsoft for free when they could be doing something else for money."
Yes, there is a lot of legitimate security researchers out there, but let's say the CashPerExploit deal was introduced. Do you not think there would be an adequate amount of better trained 'nefariously minded' exploit finders? One bad apple fucks up the box. If companies got the impression that there is a possibility their software supplier uses such people, I think their confidence in the company would loosen.
But having said that, once it becomes a business enough people might get 'trained up' quickly.
I work for a company who uses a variety of Microsoft Technologies deployed over quite a few machines. Not hundreds, or thousands, just a tad higher! You'd be surprised at how relaxed they are about security, but me, I am generally just paranoid anyway. This is the first experience I have had in an 'enterprise environment', but all of the above is just me suspecting that other companies have a different corporate strategy to their security. I must say, for how successful they are, they really do believe in solely using M$ products, and products developed by companies who have good relations with M$.
I don't know, maybe it's like being with a gang of people. You're either on the FSF's land or somewhere in Redmond. A sense of security fostered by a recorded long term relationship of software development companies. Maybe it's less about the company, and more about consistency derived from their strong relationship. Patches each month, deployment Friday, etc... A big corporate bureaucratic machine survives on things like this, a bit like the x86 idea, make it simple, and make it fast/reliable. Hah, I'm laughing too....
"Deco, ya stallin' it up to mouseys gaff? We'll get mad ourra'vih!"
True story
I am not an expert on such matters, but would a faraday cage prove useful? http://en.wikipedia.org/wiki/Faraday_cage "To a large degree, Faraday cages also shield the interior from external electromagnetic radiation if the conductor is thick enough and any holes are significantly smaller than the radiation's wavelength. This application of Faraday cages is explained under electromagnetic shielding."
It may be less about taking the taking of fingerprints, but more about seeing if the prospective employee is willing to be subjected to such screening. An employee who is concerned about their rights and what's acceptable for a job interview are less likely to be malleable and "adaptable" to fit the evolving needs of the job.
I disagree. A large part of my time is dedicated to personal projects. I won't lie that I'm a jack of all trades and master of none, well possibly one :p. Most of these interests span from WSN research as far as music.
I find that the content on wikipedia is readable, and overall a great resource.
However, when I began using wikipedia initially, the volume of data presented with a hgih level of detail on some topics was quite intimidating.
But over the course of time, this became palatable.
What do people want wikipedia to be?
Can new functionality be added in to accommodate all audiences?
Would you like to see search results like this?
"All about the human brain (500 words)"
Google? They seem nice.
I do have quite a lot of e-books which I would constantly use for reference when coding... but to be honest, if I was to read a book I just prefare to have it in it's physical form. Why? 1. So that I can write little small notes to jog my memory for when I need it 2. Well, I just feel more comfortable reading from a book (explanation?, god only knows)
I also do the computers for 2 local schools(4-12 also) and considered the switch to a linux based distro.
The main problem I found was I had trouble getting some of the childrens software to run properly with wine... some of it did work though (to some degree).
"look mammy, I got a new floppy sword", and bam, her head in on the ground!
The day may come where you sit down of a Satuday afternoon, turn on the television only to see in bold writing: ROBOT WARS: The Linux based killing machine "Torvaldarus" vs the unpredictable Windows based "Gatesarus", to the death.
Be afraid, there is a killer penguin looking for you. Be very afraid.
They are watching us. Be afraid. Be very afraid.