I saw this a year or two back listening to a podcast by the author of Wikinomics:Here Comes Everybody, he kept talking about how people used communications networks increasingly to organize.
It became clear the next rotation of social networking would be self-organizing.
It would allow your local PTA/HOA to do their monthly business without leaving your home, same goes for administering Boy/Girl scouts, charities, volunteer programs, political campaigns, fan-clubs, etc.
When the group decided anarchy wasn't enough, they could vote on Parlimentary, Meritocracy, Democracy (representative or non), Moderated Forum, or other styles of governance. Follwing that decision you elect officers and work under that system until someone calls a vote for new officers, or new governance style.
I thought it would be important that like Web or Email or Google Wave the system be decentralized and standards based, include APIs for incorporating: encryption, file sharing, collaboration, chat, voice, simple passwords to multifactor authentication, digital signatures/certificates, payment processing/escrow, and a process for adopting new standards/technologies as they arise.
Imagine this system exists, there is an earthquake somewhere, a local group of vetted individuals tries to setup a relief effort with volunteer labor, but cannot afford the equipment they need. People catalyzed by the event want to donate money but are wary of being scammed. The vetting, payment processing and escrow system would reduce that risk a lot.
Same goes for issue based independent political candidates, they work up their volunteers and donations on the same system.
Privacy settings are only a problem based on the policies of your local provider, there is no one centralized Facebook, but smaller connected Google/Yahoo/Comcastbooks and you move your profile between them like a cell phone number because the Digigtal Certificates, Digital signatures, Encryption keys, and all the other pieces are owned by you.
See if you'd have gone with the burning pyre either on the water or a Viking Stoneboat you'd beat this Johnny come lately to the punch you'd have reduced your body to ashes before it had the chance...
Take THAT 50 meter asteroid with a tiny chance of hitting the earth in 2098!
No big sims are multi-agency and have casts of thousands, even single agency drills can be enourmous and complicated. Just getting through the phone tree for a single angency is more complicated than running a "I call Iron Mountain to locate my backups" test or restoring the last good backup for real on one of the test boxes.
But for the submitter who fails to see the value of a dynamic exercise, should I talk to him about planning a mini-D-Day invasion of Normandy? Because as you put it a lot of us probably haven't had to do that.
No, you talk to a level everyone understands, like Kennedy said.
And yeah, maybe you could have said Planning your vacation is to planning the Normandy Invasion, yes?
"This goes a bit beyond a paper narrative, including fake log data, drives that may contain fake malware, and fake event history, and is dynamic, meaning that it can change dependent on the actions the players take." which makes me wonder how effective this test would actually be."
Why shouldn't the test adapt to moves the player's make, do you think a hacker is going to keep running off the same script when he knows he's been noticed?
Some of the worst botnets move their Command and controls nodes around and the people behind them release new code to adapt to what security researchers are doing to stop them. Including DoSing the researchers.
What idiot thinks we can fight a changing landscape of threats with a static defense?
No Really I can't tell from the context if that's Taco or the submitter, but paper narrative tests that the author mentions basically are just there to make sure you know your job or have memorized your DR plan, but they don't make you think.
I'd be more worried if all facets of the scenario didn't get played out because nobody said "I image the hard drive" and so they skip that part of the test. In that case it would be up to the folks running the exercise to move the scenario along by saying someone at another agency imaged the drive, here is a copy, maybe you should look at it.
It's a lot like preparing for a D&D game and having the players ignore half the story/encounters you wrote up.
In the real world there is a helpdesk code for 'only an exercise' that was created years ago.
The only thing more dangerous about an exercise is distribution of security resources themselves, and it would be the same on exercise day as training day as Security Conference(Black Hat DC, FOSE) as $NationalHoliday.
I mean seriously maybe they'll launch it from the US during the airwar and it'll finally get to the combat theater by time we've achieved air superiority.
I'd probably designed like a glider and to loiter for a long time by definition, would it just be easier to tow this thing like a glider to the theater of operations?
I really like the concept and all the Weather satellite type work, and cellular nodes or broadband that could use this kind of platform. Unlike the Solar powered plane that flew recently this thing will actually have a payload and energy budget that includes the cameras and comms gear.
More like buying your robot army, friggin trustfund Evil Overlords.
Where are the two and three digit IDs saying back in their day they had to walk 5 miles in the snow uphill both ways to build a robot army/death ray/doomsday device.
I have a Droid, I have had it since last November.
I was very afraid that it would be stuck with 2.0 that it came with, though even at the time folks were promising that it would get the 2.1 upgrade.
Since then I have received the 2.1 and 2.2 upgrades and the Droid continues to be one of verizon's best selling phones.
However Droid X and 2 are everything the Droid is and more with or without the Keyboard. So I don't know how much longer it will continue to be one of Verizon's hotter selling phones and at which point Motorola will stop providing new updates for it.
As for fragmaentation it matters.
I have an old email in my inbox that cannot be read or deleted (Issue 1507). I along with hundreds of other folks reported this issue, the Android folks at Google decided it was not a problem since it doesn't happen with the stock email client, only Motorola's and HTCs phones use modified email clients. So we aren't told to report it to Motorola, our report a problem isn't keyed to report to Motorola instead of Google, we're kind of screwed.
Yes I could write to Motorola and try to report the issue there, but if Motorola changes the code they should change where the report a problem goes for that application so we get right to them in the first place, and not ignored at the general inbox.
Unless I missed something, 600 MPH in 2 miles is just a hair over 1G, perhaps there is some dual use planned for the research. If you can get the Mach 10 part out of the Scramjet consistently and keep the Gs low, it wouldn't make a terrible Singapore, Australia, New Zealand shuttle.
Perhaps it only needs to get up to 600 MPH before the Scramjet takes over.
If you read any of the articles on their scramjet tests, they need supersonic airflow to create the pressure inside the engine. Once ignited, Mach 10 wouldn't be outrageous for a Scramjet.
Unfortunately escape velocity isn't Mach 10, but for early test platforms, we already have the tech necessary to do what's in the proposal, and what we might learn from repeated launches and fine tuning the scramjet, seems promising.
Right, so should we be saying that google and its ilk give us the ability to repurpose our memory for caching specific information while working on specific projects, instead of the attempts at long term memorization we practice in school, when even then, there was a wink/nod acknowledgement that anything trully important you'd have available in a book nearby.
The ability to think innovatively just becomes more important in theory as the speed of innovation increases.
I work in IT Security, there are a number of security principles you learn, and some of us have technical backgrounds.
I have highly technical folks that use specialized tools and their brains to audit systems. Some of those folks are specialists in Web Servers, OS, and Databases. However even if you think you know a lot about the tech you work with they don't have to know every hole in Apache, IIS, Websphere, etc if they know how to use a tool with plugins written by dozens or hundreds of folks.
There is just too much to know everything about a few things, much less everything about every product someone might have in their environment.
Once you are diagnosed with vulnerability X, the security and Operations folks need to be able to quickly get up to speed on the issue, understand it and how to remediate it before some bad guy owns your equipment.
The ability to Grok things before they kill (adversely affect) you will continue to be as useful to us with our Google, spell checkers and calculators as it was to cavemen.
How is it they are becoming stupider, and not just regressing to the mean?
A person still navigates around his or her neighborhood, around his house, they still do things without the GPS, probably as many as a normal non-cab driver, just not as many tasks as they prevously did in their specialized vocation.
Also it's worth noting that at the beginning of the 19th century a skilled weaver commanded a certain average income, the loom technicians that replaced them initially made substantially less, but at the end of the 19th century the technician that could run the looms at high speeds and produce a high volume of woven fabric earned as much as the artisan, while producing more goods.
There is a dip when new technology replaces the training labor that came before it, this just frees us up to do more of a different type of labor.
Also with the GPS there is less thought that the cabbie is driving you the long way to your destination to overcharge you. Something that required extensive charts in the Victorian era.
The crux of the shirt problem, and what put Phil Zimmerman afoul of the US goverment so many times is a useable crypto implementation. Which is why you couldn't get Browsers with 128 bit crypto for so long.
Basically they don't want the bad guys to be able to hide their secrets. What affect this had on online banking in allied countries I have no idea.
The Blu-ray disc is encrypted, the blu-ray player can decrypt it, but neither one can encrypt original data.
Unless it makes it on CNN or FOX, I say you're wrong, Football season just started.
As another poster quoted the administration, ITAR treats the M1A1 Abrams tank brake pads as controlled exports even though they are the same brake pads used in firetrucks. Clearly the process needs going over, lots of things that were grandfathered in need to be scrubbed, and common sense applied to what is a weapon and what isn't.
Security theater doesn't make us safer, but a strong economy and industrial base does.
Looks like they make their money from Magazine subscriptions and memberships.
From their website, they are a subsidiary of a registered charity.
IET Services Limited is registered in England Registered Office Savoy Place, London, WC2R 0BL Registration Number 909719 IET Services Limited is trading as a subsidiary of the Institution of Engineering and Technology, which is registered as a Charity in England & Wales (no 211014) and Scotland (no SC038698)
Well if you'd read the article, it's from the Institute of Engineering Technology (what Aerospace company is that?) and the article is about electronics components, computer chips made mostly by US based manufacturers.
Now foreign governments are backing competing companies outside the US to source the same type of components in what is a growing market. The first papagraph talks about how many more sats will be launched in the next decade over the previous one.
Since most of the folks mentioned are launching outside the US anyway, no US aerospace company is losing a dime.
In the article they also say the US based components are better, so we have a market that's growing, where US based companies have the best product and people are going somewhere else because of this regulation.
If I owned a big chip company I'd move my HQ outside the US immediately if staying meant I missed out on 10 years of growth.
Do you read the headlines, do you know what growth for businesses in the US is projected to be for the next 10 years, it's not 50% more like sat launches and their electronics components are.
The problem here is I may not like the defendant, I might not want to be friends with him or her, I may feel that come the Zombie-Apocalypse they'd be unworthy of my trust and wouldn't let them in my shelter/getaway-vehicle.
However courts of law aren't about you, your friends, or your personal tastes.
The law is about a rational hearing of the facts in evidence and deciding whether the prosecution can make its case. Not liking someone isn't enough reason to put them in jail.
To put it another way, we like Yoda, we like Ben Kenobi, but Darth Vader is the only Jedi that never lied to Luke.
Slashdot Mirror
I saw this a year or two back listening to a podcast by the author of Wikinomics:Here Comes Everybody, he kept talking about how people used communications networks increasingly to organize.
It became clear the next rotation of social networking would be self-organizing.
It would allow your local PTA/HOA to do their monthly business without leaving your home, same goes for administering Boy/Girl scouts, charities, volunteer programs, political campaigns, fan-clubs, etc.
When the group decided anarchy wasn't enough, they could vote on Parlimentary, Meritocracy, Democracy (representative or non), Moderated Forum, or other styles of governance. Follwing that decision you elect officers and work under that system until someone calls a vote for new officers, or new governance style.
I thought it would be important that like Web or Email or Google Wave the system be decentralized and standards based, include APIs for incorporating: encryption, file sharing, collaboration, chat, voice, simple passwords to multifactor authentication, digital signatures/certificates, payment processing/escrow, and a process for adopting new standards/technologies as they arise.
Imagine this system exists, there is an earthquake somewhere, a local group of vetted individuals tries to setup a relief effort with volunteer labor, but cannot afford the equipment they need. People catalyzed by the event want to donate money but are wary of being scammed. The vetting, payment processing and escrow system would reduce that risk a lot.
Same goes for issue based independent political candidates, they work up their volunteers and donations on the same system.
Privacy settings are only a problem based on the policies of your local provider, there is no one centralized Facebook, but smaller connected Google/Yahoo/Comcastbooks and you move your profile between them like a cell phone number because the Digigtal Certificates, Digital signatures, Encryption keys, and all the other pieces are owned by you.
See if you'd have gone with the burning pyre either on the water or a Viking Stoneboat you'd beat this Johnny come lately to the punch you'd have reduced your body to ashes before it had the chance...
Take THAT 50 meter asteroid with a tiny chance of hitting the earth in 2098!
Of Man's reach exceeding his grasp...
No big sims are multi-agency and have casts of thousands, even single agency drills can be enourmous and complicated. Just getting through the phone tree for a single angency is more complicated than running a "I call Iron Mountain to locate my backups" test or restoring the last good backup for real on one of the test boxes.
But for the submitter who fails to see the value of a dynamic exercise, should I talk to him about planning a mini-D-Day invasion of Normandy? Because as you put it a lot of us probably haven't had to do that.
No, you talk to a level everyone understands, like Kennedy said.
And yeah, maybe you could have said Planning your vacation is to planning the Normandy Invasion, yes?
"This goes a bit beyond a paper narrative, including fake log data, drives that may contain fake malware, and fake event history, and is dynamic, meaning that it can change dependent on the actions the players take." which makes me wonder how effective this test would actually be."
Why shouldn't the test adapt to moves the player's make, do you think a hacker is going to keep running off the same script when he knows he's been noticed?
Some of the worst botnets move their Command and controls nodes around and the people behind them release new code to adapt to what security researchers are doing to stop them. Including DoSing the researchers.
What idiot thinks we can fight a changing landscape of threats with a static defense?
No Really I can't tell from the context if that's Taco or the submitter, but paper narrative tests that the author mentions basically are just there to make sure you know your job or have memorized your DR plan, but they don't make you think.
I'd be more worried if all facets of the scenario didn't get played out because nobody said "I image the hard drive" and so they skip that part of the test. In that case it would be up to the folks running the exercise to move the scenario along by saying someone at another agency imaged the drive, here is a copy, maybe you should look at it.
It's a lot like preparing for a D&D game and having the players ignore half the story/encounters you wrote up.
Um, shouldn't.
In the real world there is a helpdesk code for 'only an exercise' that was created years ago.
The only thing more dangerous about an exercise is distribution of security resources themselves, and it would be the same on exercise day as training day as Security Conference(Black Hat DC, FOSE) as $NationalHoliday.
Americans can be knighted, Ronald Reagan was knighted.
Besides RMS might not want one after Bill Gates got his
http://www.theregister.co.uk/2004/01/29/uk_knighthoods_for_foreigners_what/
Though it was in recognition of Gates charity work, not computers.
Where the hell are you going to launch it from?
I mean seriously maybe they'll launch it from the US during the airwar and it'll finally get to the combat theater by time we've achieved air superiority.
I'd probably designed like a glider and to loiter for a long time by definition, would it just be easier to tow this thing like a glider to the theater of operations?
I really like the concept and all the Weather satellite type work, and cellular nodes or broadband that could use this kind of platform. Unlike the Solar powered plane that flew recently this thing will actually have a payload and energy budget that includes the cameras and comms gear.
More like buying your robot army, friggin trustfund Evil Overlords.
Where are the two and three digit IDs saying back in their day they had to walk 5 miles in the snow uphill both ways to build a robot army/death ray/doomsday device.
Great we finally have robot soldiers ready to export and the strongest Yen to Dollar exchange rate in 15 years...
Just 2 years ago you'd have had nearly 50% more buying power.
I have a Droid, I have had it since last November.
I was very afraid that it would be stuck with 2.0 that it came with, though even at the time folks were promising that it would get the 2.1 upgrade.
Since then I have received the 2.1 and 2.2 upgrades and the Droid continues to be one of verizon's best selling phones.
However Droid X and 2 are everything the Droid is and more with or without the Keyboard. So I don't know how much longer it will continue to be one of Verizon's hotter selling phones and at which point Motorola will stop providing new updates for it.
As for fragmaentation it matters.
I have an old email in my inbox that cannot be read or deleted (Issue 1507). I along with hundreds of other folks reported this issue, the Android folks at Google decided it was not a problem since it doesn't happen with the stock email client, only Motorola's and HTCs phones use modified email clients. So we aren't told to report it to Motorola, our report a problem isn't keyed to report to Motorola instead of Google, we're kind of screwed.
Yes I could write to Motorola and try to report the issue there, but if Motorola changes the code they should change where the report a problem goes for that application so we get right to them in the first place, and not ignored at the general inbox.
Unless I missed something, 600 MPH in 2 miles is just a hair over 1G, perhaps there is some dual use planned for the research. If you can get the Mach 10 part out of the Scramjet consistently and keep the Gs low, it wouldn't make a terrible Singapore, Australia, New Zealand shuttle.
Perhaps it only needs to get up to 600 MPH before the Scramjet takes over.
If you read any of the articles on their scramjet tests, they need supersonic airflow to create the pressure inside the engine. Once ignited, Mach 10 wouldn't be outrageous for a Scramjet.
http://www.shortnews.com/start.cfm?id=63070
Unfortunately escape velocity isn't Mach 10, but for early test platforms, we already have the tech necessary to do what's in the proposal, and what we might learn from repeated launches and fine tuning the scramjet, seems promising.
Right, so should we be saying that google and its ilk give us the ability to repurpose our memory for caching specific information while working on specific projects, instead of the attempts at long term memorization we practice in school, when even then, there was a wink/nod acknowledgement that anything trully important you'd have available in a book nearby.
The ability to think innovatively just becomes more important in theory as the speed of innovation increases.
I work in IT Security, there are a number of security principles you learn, and some of us have technical backgrounds.
I have highly technical folks that use specialized tools and their brains to audit systems. Some of those folks are specialists in Web Servers, OS, and Databases. However even if you think you know a lot about the tech you work with they don't have to know every hole in Apache, IIS, Websphere, etc if they know how to use a tool with plugins written by dozens or hundreds of folks.
There is just too much to know everything about a few things, much less everything about every product someone might have in their environment.
Once you are diagnosed with vulnerability X, the security and Operations folks need to be able to quickly get up to speed on the issue, understand it and how to remediate it before some bad guy owns your equipment.
The ability to Grok things before they kill (adversely affect) you will continue to be as useful to us with our Google, spell checkers and calculators as it was to cavemen.
How is it they are becoming stupider, and not just regressing to the mean?
A person still navigates around his or her neighborhood, around his house, they still do things without the GPS, probably as many as a normal non-cab driver, just not as many tasks as they prevously did in their specialized vocation.
Also it's worth noting that at the beginning of the 19th century a skilled weaver commanded a certain average income, the loom technicians that replaced them initially made substantially less, but at the end of the 19th century the technician that could run the looms at high speeds and produce a high volume of woven fabric earned as much as the artisan, while producing more goods.
There is a dip when new technology replaces the training labor that came before it, this just frees us up to do more of a different type of labor.
Also with the GPS there is less thought that the cabbie is driving you the long way to your destination to overcharge you. Something that required extensive charts in the Victorian era.
I'm not entirely certain it does.
The crux of the shirt problem, and what put Phil Zimmerman afoul of the US goverment so many times is a useable crypto implementation. Which is why you couldn't get Browsers with 128 bit crypto for so long.
Basically they don't want the bad guys to be able to hide their secrets. What affect this had on online banking in allied countries I have no idea.
The Blu-ray disc is encrypted, the blu-ray player can decrypt it, but neither one can encrypt original data.
Only as noted, the fire truck brake pads aren't ITAR controlled.
This article has talks a little bit more about ITAR reform.
http://www.bnet.com/blog/technology-business/technology-export-controls-set-to-loosen-8212-the-question-is-when/5237
Unless it makes it on CNN or FOX, I say you're wrong, Football season just started.
As another poster quoted the administration, ITAR treats the M1A1 Abrams tank brake pads as controlled exports even though they are the same brake pads used in firetrucks. Clearly the process needs going over, lots of things that were grandfathered in need to be scrubbed, and common sense applied to what is a weapon and what isn't.
Security theater doesn't make us safer, but a strong economy and industrial base does.
Because clearly people at the administration and State department read UK Engineering magazines.
Looks like they make their money from Magazine subscriptions and memberships.
From their website, they are a subsidiary of a registered charity.
IET Services Limited is registered in England Registered Office Savoy Place, London, WC2R 0BL Registration Number 909719
IET Services Limited is trading as a subsidiary of the Institution of Engineering and Technology, which is registered as a Charity in England & Wales (no 211014) and Scotland (no SC038698)
Well if you'd read the article, it's from the Institute of Engineering Technology (what Aerospace company is that?) and the article is about electronics components, computer chips made mostly by US based manufacturers.
Now foreign governments are backing competing companies outside the US to source the same type of components in what is a growing market. The first papagraph talks about how many more sats will be launched in the next decade over the previous one.
Since most of the folks mentioned are launching outside the US anyway, no US aerospace company is losing a dime.
In the article they also say the US based components are better, so we have a market that's growing, where US based companies have the best product and people are going somewhere else because of this regulation.
If I owned a big chip company I'd move my HQ outside the US immediately if staying meant I missed out on 10 years of growth.
Do you read the headlines, do you know what growth for businesses in the US is projected to be for the next 10 years, it's not 50% more like sat launches and their electronics components are.
Reminds me how the Arms Controls stifled innovation and adoption in the Crypto field back in the 1990s.
I was remembering that too.
If they missed it, then how come its #34 on the list?
The problem here is I may not like the defendant, I might not want to be friends with him or her, I may feel that come the Zombie-Apocalypse they'd be unworthy of my trust and wouldn't let them in my shelter/getaway-vehicle.
However courts of law aren't about you, your friends, or your personal tastes.
The law is about a rational hearing of the facts in evidence and deciding whether the prosecution can make its case. Not liking someone isn't enough reason to put them in jail.
To put it another way, we like Yoda, we like Ben Kenobi, but Darth Vader is the only Jedi that never lied to Luke.