Apple's offerings are NOT more expensive than comparably equipped, say, Dells. The issue is that they do not have a low end el cheapo to compete with Dell's $500 junk.
They do NOT sell OS X at a premium, they sell it at a very competitive price, compared to Windows. Get the story straight. But, no they will never dump the hardware side; that's their bread and butter.
Please post a link to where you can prove your statement about FDA.
I've worked here for over twenty years and haven't ever gained from anything like that. I'd really, really like to know - my bank account would be better for it, I'm sure!
Of course, if it involves owning stock or anything like that, I'd have to tell them about it - we have to declare ownership of such things annually. If it involves bribes, kickbacks, etc., I'm sure that the FBI would be interested, too.
Didn't you read the other day that Dr. Crawford, the last FDA Commissioner (that only served two months as a confirmed Commissioner) is being indicted for owning stock in two FDA regulated firms? And he was the Boss! So don't tell me that such things never get reported, investigated or litigated.
The entire FDA staff is just now undergoing our Annual Ethics training. It's required. It covers such things as what stocks you can and cannot own, things you can and cannot do after your employment is terminated, how and whether or not you are able to talk to regulated firms about future employment, etc.
Believe me, FDA is diligent about ethics, and regularly deals with employees that violate Ethics regulations and laws. People that actively are involved in such regulatory activities are prohibited from owning stock, talking about employment, taking gifts, meals, etc. from the companies that have business before the FDA.
Do you wonder why Dr. Crawford left the FDA after just two months of being confirmed by Congress? Perhaps this indictment is the answer. I don't know, nobody's talking about it. But it is a slander (or maybe in your case, libel, since it was written) against all FDA employees to allege that we get enriched by our regulatory activities.
After reading the article you linked to, I don't see where you get the idea that Jobs was somehow afraid of the battery powered scooter.
I saw a Jobs that was very critical of mostly the business plan, not so much the product, at least not until he got to the design. And design is something thet Steve knows something about.
In fact, he was right about one thing: the Segway was a bust with the public, but has proven popular with commercial, industrial and police organizations, something Steve suggested they try first.
Nice try, but your attempt to make Steve look bad was a bust, too.
Actually, you can add USB 2 if you have a tower Mac, I had to do that to my G4 Dp 2 GB MDD last year, so I could connect a new printer at higher speed. Yeah "currently make", but they don't care about the legacy Macs that a lot of us use!
Go look at those figures then, they still show a growth in revenue of over 100%. And even accounting for "accounting tricks" you still can't argue with over a thousand percent growth! My point is still good - Apple is NOT in decline no matter how you want to look at it.
I hate to break it to YOU, but Apple's computer products are NOT going downhill. Apple's computer sales have been steadily higher in sheer numbers, year over year, for the last four years, I think, running.
There is no doubt that the iPod is the higher profile product, but while that may eclipse the computer side for many, it doesn't mean the computer sales are tanking. Quite the contrary, Apple's share of the portable market is up to almost 12%, and the last market share figures show their share has increased. It may not be what it was ten years ago, but the markets and the products sold therein, are totally different animals now, and just cannot be compared directly anymore.
And, by the way, in 2001, Apple lost $25M, as of 2005, their net income was $1.335 Billion. In 2004, the net income was $276 million. That's a bit over a 7% increase in revenue, isn't it?
They did, but kept the Firewire. Firewire is essential if you want to connect a video camera to your Mac to download the home movie you just made, so Apple isn't going to dump it for a while - not until something better comes along.
USB uses an error correcting protocol, and Firewire doesn't - firewire guarantees a steady transfer rate; USB, because of the error correction, does not. Thus, Firewire, or IEEE-1394, as it is otherwise known, is better for video transfer.
Plus, Firewire is standard output on all home video cameras.
The betting issue was a result of Federal criminal charges being filed in Federal court.
This issue is not a criminal case, it is a civil tort case, meaning that no arrest warrant is possible, because no law was broken. The worst that Spamhaus has to face would be an order to seize US assets of Spamhaus to satisfy a judgement.
No, it won't cost $300 per TV to stream movies to your TV. That's only if you want the convenient controls the iTV (or whatever they'll call it) will give you. You can connect most Macs to your TV now, you just have to control the playback from the Mac, not a nice remote from your couch.
Of course, that connection is easy only if you have a notebook - desktops are not always within easy cabling distance of the TV. I know that, but you made a blanket statement that isn't necessarily slways true...
The disk issue will always be with us, but, frankly, as this business model develops, and the set top boxes mature, too, it will be less and less of a problem.
As the bandwidth to the typical home widens, the quality the ITS (and other online stores) will be able to provide will increase, and this business model will mature rapidly. I think physical disks will slowly fade in use over time. Especially if manufacturers develop small portable players like the iPod that can take that content outside the home and away from your home theater to allow you to share content under controlled conditions.
Even now, occasionally albums on the ITS will have pdf formatted files with additional content such as artwork, artist interviews, and even interactive quicktime based content that rivals what you can get with a special edition Cd in a B&M store. It is downloaded at the same time as the CD. So the 'extra' content CAN be provided, if the artist/studio wants to do so.
Ok, explain to me why he'd need a BACKUP of the disk - he's got the laptop, he's got the disk - the back up does what for him?
"Well, thats how encrypted data should look like. But the machine will need to be able to read it, and for that it needs some software."
Yeah, that would be something called Pointsec. Give it the right password, get in. Works real well. Forces a reboot after every third wrong password.
Just what other software would you use to do your little attack that can duplicate a 512 bit key?...From a password you don't know? Do you know how many iterations you would have to go after to force an 8 character password using three character types? (lower case, upper case, numbers with an unknown combination of the three types in the password) I haven't done the math myself, but I've seen it. The number's big enough to need scientific notation to express. Good luck and I hope you have a good pension plan.
Oh, and we also have a lot of people that use 16 character passwords, we do allow them that long.
Yeah, you can attack the encryption directly at the bit level, but why? You'd need a real cray computer to do that, and against 512 bit encryption, probably about 50,000 years. Agin, I hope you have a good pension plan.
Some very smart people spent a fair bit of time thinking about just the very things you are when they wrote this stuff. I'm sure, like anything else in the security world, this can be cracked, given enough time and money.
But it'll take a lot of time, and money. For the people that would want the stuff we have, and are likely to have on a laptop, (which is not much, since everything is saved at the network level) then good luck to them in getting it for anything like a cheap enough price to make it worth their while.
Then perhaps you should be looking for a job in the security field, I'm sure they'd fall all over themselves offering someone as smart as you plenty of money. Better yet, offer yourself to those wanting to crack this stuff if you're that smart - I'm sure they'd be glad to throw money at you...
In the meantime, show me another organization similar to mine in size and technology level that's using something better and spending the same amount of money.
I didn't say our security was perfect or uncrackable. I did say that I think we're doing as well as anybody can expect for the money we have to work with....And that's better than most.
The key is, of course, part of the software that encrypts the hard drive, and yes, is based upon the password. Our agency forces the use of long passwords, from 8 - 16 characters, mandating the use of capital letters, lower case letters, and numbers.
Yes, the user has to type the PW, after all, if it's stored, then it's accessable, isn't it?
Of course the security depends on the PW - it always does, unless one is using biometrics, and that has its own problems.
I've seen some of the mathematical probablitites characterizing just how much brute force it would require to force an 8 character password using the three different character types we force, and since our app forces a reboot after three incorrect tries, no-one is going to force a password. They'd have to guess, and spend a lot of time waiting for reboots while they're at it. I hope they're patient.
The storage location, being in the usrs' heads, is only accessible if they have access to the user.
There are several apps on the market that companies use for this purpose, the one we use is Pointsec. It encrypts the entire HD, unless you have the password, even a separate boot disk cannot even recognize the HD as being a bootable disk; it looks like an unformatted drive.
This program is only meant to protect the data on the HD from theft; the HD can be reformatted and reloaded, but the data on it can only be extracted and read if you possess the password, or have a same numbered version of the encryption program on another mnachine you can attach the HD to AND know one of our admin passwords, which we restrict to a very few top IT people. None of the desktop admins know them, we use a challenge-response system to give desktop admins temporary passwords to administer the laptops.
As I said, the key is, like all such keys, generated by the software based upon something provided by the user, in this case a password. Without that password, you cannot gain access, but this system, like all such systems, depends upon the users to use good passwords. We do what we can to force good password generation, but there only so much any system can do.
That's true, but people at our level don't have anything to do with either the coersion or the allocation of that money, now do we? I won't feel bad about that, after all, at least some of that money was mine! You ARE aware that Federal employees pay income taxes, too?
Does YOUR employer take money from your paycheck and then pay you with the resulting funds? Mine does!
Sorry, didn't relate the work 'trojan" with what is usually described with the (also) Greek name-derived word "herculean", which, I think is more often used to mean a large, difficult task. Usually the trojan war is refered to in modern literature as being related to the deceptive manner of the Greek entry into Troy, as in "Beware of Greeks bearing gifts".
I'd never heard of the poem, I'll look it up and read it, if that was just a snippit.
I can see you don't know much about your own government, if you are American.
What part of "large" and "diverse" don't you understand? The US Government is comprised of a number of cabinet level Departments, each of which is separately managed and funded. That means nobody is managing more than you said. Some Departments even are sub-divided, such as the DOD, making it even less centrally managed. Don't put words in my mouth.
What I said wasn't a complaint, it was a statement of fact. It meant that the task isn't the same as managing your granny's PC, so you can't compare the two. It wasn't about "me", either.
So the management environment in the Federal Government is going to be mixed. Some are better managed than others, obviously, judging by the results we see.
The issues you relate in your second paragraph are true, and common to any large organization. So read the news, and realize that these problems are comon to all sectors of the economy. This article just focused on the Feds, but since we use the same technology as the rest of the world, we will face the same issues.
The US government is a large, diverse entity with over a million people working for it in places all over the world. It takes a lot of money to make it work, and as with any government, that money has to be coerced out of the population by law; You don't pay for services, mostly, as you would from, say, your local air conditioning service company.
In a lot of ways, I agree that many of the people, especially in Congress, fit your characterization, as do a few government managers. But by and large, most do not.
Sure, there are managers that don't always focus on the right ways to do things, often becasue they're looking in the wrong direction at the wrong time. But under the current fiscal constraints the government is working under, almost all agancies are working under very tight monetary conditions. It isn't easy for many agancies to just do their core mission, much less things Congress considers fripperies.
As always, it isn't easy to get the management to understand what we in IT need in order to do the job that they ask of us. They are not, after all, technically oriented. We, on the other hand, are technically oriented, but not always able to properly communicate to them in language they understand just what we need. So the wheel turns, and things some time go to shit.
But guess what? Things do that in private corporations, too! Or don't you read the news?
if you want to gripe, gripe about managers everywhere, not just in government.
If you'd read my posts, you would see that in my agency, the management is actually paying some attention to us, with good, predictable results.
Uh, what do you exactly mean by "trojan"? Our department isn't disguising itself as something it isn't, like a trojan is usually defined. We are integral to the FDA being able to do its job without outside interferance with IT operations.
I work for the FDA - the Food and Drug Administration, and we are part of the HHS.
If you work for anybody but yourself, you are spending someone else's money, so what? I like that, too, especially when they have more than I do (which isn't hard...).
Cute little poem, but what relavance has it to my post?
If you work for the Feds you know how the different Departments have differing tasks, goals and operational environments. I'm sure that your employees wouldn't like their SSAN's and other personal information open for all the world to see!
"No generalization is worth a damn, including this one." - Oliver Wendell Holmes.
Neither is yours.
I work for a Federal agency (see my post below) and we have a large number of skilled IT workers (some as contractors, some as Feds) that diligently keep our network up, running, as as safe as several million dollars a year can manage.
For your (and the parent poster's) information, it is not as easy to manage millions of computers spread over the entire globe and keep them as safe as your granny's PC. If you think it is, then you need to find another profession.
Every Department is separately managed and funded. They all have different tasks, goals and operational requirements. Funding is and has been for years, getting slimmer and harder to come by. Virtually every government agency is underfunded just for core operations, never mind little things like computer operations.
If you think this is easy, then try working with us for a while; you'll not be so glib in just a month.
If an Agency is willing to spend the money, time and energy to put in place the protections that the typical Government information system deserves, this wouldn't be a problem.
My agency uses a multi layered defense to protect us against these issues. There are network level protections, PC level protections and desk-side support level protections. We also regularly send out warnings about current threats as well as require personnel to undergo annual IT security awareness training.
Individual PCs that are found to be broadcasting unknown signals to unknown or unverifiable outside destinations are removed from the network and reimaged immediately.
If, from a complaint to the help line, we find that a PC is infected with spyware, we don't even try to remove it; it is immediately reimaged.
We have instituted a locked down desktop policy; users are NOT allowed admin access except through application to a special committee for good business cases, based upon the use of special software that requires such access to run. We bend over backwards to alter those situations to avoid that access whenever possible.
Laptops are imaged using an image that is encrypted using a good encryption program that encrypts the entire hard drive using a 512 bit key, and NO laptops are allowed to be bought without going through our recieving process where that image is installed.
We have spent millions of dollars of your tax money in the last five years bringing this system online, but now that we have, we believe that we have as safe a system that we can get without just unplugging it or spending twice as much.
We don't have classified material, but we do have information that is confidential by law and must be protected from public release. (proprietary information belonging to firms we regulate.) This limits the measures we need to use, since classified material requires a completely different level of protection.
If the VA had used a system like ours, they would never have been embarrassed by the recent theft. The theft may still have occurred, but the information would never have been at risk.
It is not a perfect system, and it takes constant dilligence to maintain and periodically upgrade, but I think we do a pretty good job.
Ok, when I stopped laughing, I looked and found a site that I ran into over a year ago, debunking, scientifically, the conspiracy theory that a missle and not an aircraft hit the Pentagon.
Through publically available information, diagrams, photos of debris, etc., this myth is pretty thoroughly debunked.
Think about it, an aircraft is just a big missle with wings. (and NO warhead) The wings are not as structurally rigid as the body, and will shear off the body at the slightest collision with any outside object. What makes you think the wings would have made big gaping holes in a reinforced concrete structure? The hole is around 16 x 20 ft. just a bit bigger than the body of the aircraft, and slices shrough the Pentagon into some of the inner rings, just as you would expect. There is no huge crater of interior damage that one would expect if a missle with an explosive warhead had struck instead. Plus, the shock wave from the explosive warhead would have created waves of damage far from the point of explosion, something else that didn't happen.
Plus there are too many witnesses to the incoming aircraft to dismiss.
Ah, but are you talking privacy or protection from unreasonable search and seizure?
In the first case, you are right, it is generally thought that privacy as a right is an inferred right, although there is a school of thought that the same right to that protection against search and seizure also includes a more explicit privacy protection. IANAL, tho.
But in the latter case, the constitution explicitly protects us against unreasonable search and seizure, although there is a lot of case law about just what constitutes unreasonable.
I didn't say I agreed with it, I noted that that is apparently how the system works. I do agree that police, gov't employees, politicians, etc., should be held to a higher standard. Note that I am a federal employee and still say that.
I didn't say that the system is perfect, or even works, but sooner or later, people that break the rules egregiously DO get their comeuppance. Police DO have issues with resources, and even halfway honest police managers will get down and discipline cops that constantly waste theirs. I don't care if you don't agree, but however unevenly this may be followed across the country, most police departments will eventually discipline these kinds of offenders, at least the worst ones....and I didn't say they deserved a free ride, I said that there should be some consideration by society of the fact that they (cops) are always putting their lives on the line. But, yes, when they cross that line beyond where we give them that break, hit them with a heavy brick to get their attention. In fact, that was the point of MY rant, that when the police break the rules, the one very heavy penalty they pay is that all that hard work they did to build that case goes down the toilet, as it should!
If they have a warrant, then by definition, it is a legal search, and thus, not what I was talking about.
Police will only actually break a door in if there is a situation where they know there is danger to life and limb in say, a hostage situation, or there is no landlord with a key and they require admittance to a property. They usually will, within the limits of not compromising the search (alerting the suspect) try to obtain admission without breakage, but you are right, if they need admission, and there's no one present, and no way to get a key, they will break the door.
But that's not what I was talking about. The parent was ranting about evidence obviously linking someone to a crime being tossed out of court if obtained illegally, and I was answering that rant with a little common sense. Privacy is NOT a dim legal technicality. It is what keeps the police from breaking down your door at midnite and hauling you away without warrant, and without accountability.
With a warrant, there is an outside person, not linked to the police bureacracy, that knows you have been searched or arrested. That warrant gives them the authority to do what they have requested. It also limits them to what the warrant gives them the authority to do. They cannot just haul away anything they wish, and they must provide a receipt for anything they remove. In other words, they are accountable to a court, and that court can force them to remedy an error, either through return of property, or monetary compensation. It also gives basis for a writ of habeus corpus, where the police are forced to bring you before a court after arrest to give evidence you were properly arrested and have a basis for keeping you there.
In other words, there is accountability, which is something that the British Army had little of during the colonial period, which is why those rights were included in the Bill of Rights. During this period, people could, and did, disappear. Troops could search your property for "evidence" you were rebellious, and if the officer in charge found something he really wanted, he could take it as evidence, and you could disappear. Largely, if you were a nobody, that action stuck, and you were out of luck.
With these rights enshrined in the Bill of Rights, and the police accountable to a court, we are much better protected.
I do not mean to imply that abuses do not happen. They do, but at least the victims often have some recourse.
If you have any doubts as to the value of these rights, please ask anybody that has lived in various South American countries at a number of unsettled times in the past, where people routinely disappeared and never came home. I think the Washington Post had a recent article about the Guatemalan experience, it was horrific, what was done.
If you think the US Government is bad now in its fight with Terrorism, read that article; we've got nothing to complain about by comparison.
Slashdot Mirror
I take exception to your statement about cost.
Apple's offerings are NOT more expensive than comparably equipped, say, Dells. The issue is that they do not have a low end el cheapo to compete with Dell's $500 junk.
They do NOT sell OS X at a premium, they sell it at a very competitive price, compared to Windows. Get the story straight. But, no they will never dump the hardware side; that's their bread and butter.
Please post a link to where you can prove your statement about FDA.
I've worked here for over twenty years and haven't ever gained from anything like that. I'd really, really like to know - my bank account would be better for it, I'm sure!
Of course, if it involves owning stock or anything like that, I'd have to tell them about it - we have to declare ownership of such things annually. If it involves bribes, kickbacks, etc., I'm sure that the FBI would be interested, too.
Didn't you read the other day that Dr. Crawford, the last FDA Commissioner (that only served two months as a confirmed Commissioner) is being indicted for owning stock in two FDA regulated firms? And he was the Boss! So don't tell me that such things never get reported, investigated or litigated.
The entire FDA staff is just now undergoing our Annual Ethics training. It's required. It covers such things as what stocks you can and cannot own, things you can and cannot do after your employment is terminated, how and whether or not you are able to talk to regulated firms about future employment, etc.
Believe me, FDA is diligent about ethics, and regularly deals with employees that violate Ethics regulations and laws. People that actively are involved in such regulatory activities are prohibited from owning stock, talking about employment, taking gifts, meals, etc. from the companies that have business before the FDA.
Do you wonder why Dr. Crawford left the FDA after just two months of being confirmed by Congress? Perhaps this indictment is the answer. I don't know, nobody's talking about it. But it is a slander (or maybe in your case, libel, since it was written) against all FDA employees to allege that we get enriched by our regulatory activities.
Show me some proof or shut up.
Scoff if you wish, but I'd bet that the Segway folks'd just love to have the iPod's popularity!
And you'll notice that not a single iPod is made of translucent blue (or any other color) plastic!
Whether YOU like it or not, obviously, a lot of other folks do. Get over it.
After reading the article you linked to, I don't see where you get the idea that Jobs was somehow afraid of the battery powered scooter.
I saw a Jobs that was very critical of mostly the business plan, not so much the product, at least not until he got to the design. And design is something thet Steve knows something about.
In fact, he was right about one thing: the Segway was a bust with the public, but has proven popular with commercial, industrial and police organizations, something Steve suggested they try first.
Nice try, but your attempt to make Steve look bad was a bust, too.
Actually, you can add USB 2 if you have a tower Mac, I had to do that to my G4 Dp 2 GB MDD last year, so I could connect a new printer at higher speed. Yeah "currently make", but they don't care about the legacy Macs that a lot of us use!
Go look at those figures then, they still show a growth in revenue of over 100%. And even accounting for "accounting tricks" you still can't argue with over a thousand percent growth! My point is still good - Apple is NOT in decline no matter how you want to look at it.
I hate to break it to YOU, but Apple's computer products are NOT going downhill. Apple's computer sales have been steadily higher in sheer numbers, year over year, for the last four years, I think, running.
/ 107357/reports/AAPL_5yr_FinHist_FY05.pdf for that financial information. It's their five year historical data.
There is no doubt that the iPod is the higher profile product, but while that may eclipse the computer side for many, it doesn't mean the computer sales are tanking. Quite the contrary, Apple's share of the portable market is up to almost 12%, and the last market share figures show their share has increased. It may not be what it was ten years ago, but the markets and the products sold therein, are totally different animals now, and just cannot be compared directly anymore.
And, by the way, in 2001, Apple lost $25M, as of 2005, their net income was $1.335 Billion. In 2004, the net income was $276 million. That's a bit over a 7% increase in revenue, isn't it?
Go to: http://media.corporate-ir.net/media_files/irol/10
They did, but kept the Firewire. Firewire is essential if you want to connect a video camera to your Mac to download the home movie you just made, so Apple isn't going to dump it for a while - not until something better comes along.
USB uses an error correcting protocol, and Firewire doesn't - firewire guarantees a steady transfer rate; USB, because of the error correction, does not. Thus, Firewire, or IEEE-1394, as it is otherwise known, is better for video transfer.
Plus, Firewire is standard output on all home video cameras.
The betting issue was a result of Federal criminal charges being filed in Federal court.
This issue is not a criminal case, it is a civil tort case, meaning that no arrest warrant is possible, because no law was broken. The worst that Spamhaus has to face would be an order to seize US assets of Spamhaus to satisfy a judgement.
No, it won't cost $300 per TV to stream movies to your TV. That's only if you want the convenient controls the iTV (or whatever they'll call it) will give you. You can connect most Macs to your TV now, you just have to control the playback from the Mac, not a nice remote from your couch.
Of course, that connection is easy only if you have a notebook - desktops are not always within easy cabling distance of the TV. I know that, but you made a blanket statement that isn't necessarily slways true...
The disk issue will always be with us, but, frankly, as this business model develops, and the set top boxes mature, too, it will be less and less of a problem.
As the bandwidth to the typical home widens, the quality the ITS (and other online stores) will be able to provide will increase, and this business model will mature rapidly. I think physical disks will slowly fade in use over time. Especially if manufacturers develop small portable players like the iPod that can take that content outside the home and away from your home theater to allow you to share content under controlled conditions.
Even now, occasionally albums on the ITS will have pdf formatted files with additional content such as artwork, artist interviews, and even interactive quicktime based content that rivals what you can get with a special edition Cd in a B&M store. It is downloaded at the same time as the CD. So the 'extra' content CAN be provided, if the artist/studio wants to do so.
Ok, explain to me why he'd need a BACKUP of the disk - he's got the laptop, he's got the disk - the back up does what for him?
...From a password you don't know? Do you know how many iterations you would have to go after to force an 8 character password using three character types? (lower case, upper case, numbers with an unknown combination of the three types in the password) I haven't done the math myself, but I've seen it. The number's big enough to need scientific notation to express. Good luck and I hope you have a good pension plan.
...And that's better than most.
"Well, thats how encrypted data should look like. But the machine will need to be able to read it, and for that it needs some software."
Yeah, that would be something called Pointsec. Give it the right password, get in. Works real well. Forces a reboot after every third wrong password.
Just what other software would you use to do your little attack that can duplicate a 512 bit key?
Oh, and we also have a lot of people that use 16 character passwords, we do allow them that long.
Yeah, you can attack the encryption directly at the bit level, but why? You'd need a real cray computer to do that, and against 512 bit encryption, probably about 50,000 years. Agin, I hope you have a good pension plan.
Some very smart people spent a fair bit of time thinking about just the very things you are when they wrote this stuff. I'm sure, like anything else in the security world, this can be cracked, given enough time and money.
But it'll take a lot of time, and money. For the people that would want the stuff we have, and are likely to have on a laptop, (which is not much, since everything is saved at the network level) then good luck to them in getting it for anything like a cheap enough price to make it worth their while.
Then perhaps you should be looking for a job in the security field, I'm sure they'd fall all over themselves offering someone as smart as you plenty of money. Better yet, offer yourself to those wanting to crack this stuff if you're that smart - I'm sure they'd be glad to throw money at you...
In the meantime, show me another organization similar to mine in size and technology level that's using something better and spending the same amount of money.
I didn't say our security was perfect or uncrackable. I did say that I think we're doing as well as anybody can expect for the money we have to work with.
..sorry, I meant "word" trojan...
fat fingers...bad eyes didn't see the error until after I hit submit.
The key is, of course, part of the software that encrypts the hard drive, and yes, is based upon the password. Our agency forces the use of long passwords, from 8 - 16 characters, mandating the use of capital letters, lower case letters, and numbers.
Yes, the user has to type the PW, after all, if it's stored, then it's accessable, isn't it?
Of course the security depends on the PW - it always does, unless one is using biometrics, and that has its own problems.
I've seen some of the mathematical probablitites characterizing just how much brute force it would require to force an 8 character password using the three different character types we force, and since our app forces a reboot after three incorrect tries, no-one is going to force a password. They'd have to guess, and spend a lot of time waiting for reboots while they're at it. I hope they're patient.
The storage location, being in the usrs' heads, is only accessible if they have access to the user.
There are several apps on the market that companies use for this purpose, the one we use is Pointsec. It encrypts the entire HD, unless you have the password, even a separate boot disk cannot even recognize the HD as being a bootable disk; it looks like an unformatted drive.
This program is only meant to protect the data on the HD from theft; the HD can be reformatted and reloaded, but the data on it can only be extracted and read if you possess the password, or have a same numbered version of the encryption program on another mnachine you can attach the HD to AND know one of our admin passwords, which we restrict to a very few top IT people. None of the desktop admins know them, we use a challenge-response system to give desktop admins temporary passwords to administer the laptops.
As I said, the key is, like all such keys, generated by the software based upon something provided by the user, in this case a password. Without that password, you cannot gain access, but this system, like all such systems, depends upon the users to use good passwords. We do what we can to force good password generation, but there only so much any system can do.
That's true, but people at our level don't have anything to do with either the coersion or the allocation of that money, now do we? I won't feel bad about that, after all, at least some of that money was mine! You ARE aware that Federal employees pay income taxes, too?
Does YOUR employer take money from your paycheck and then pay you with the resulting funds? Mine does!
Sorry, didn't relate the work 'trojan" with what is usually described with the (also) Greek name-derived word "herculean", which, I think is more often used to mean a large, difficult task. Usually the trojan war is refered to in modern literature as being related to the deceptive manner of the Greek entry into Troy, as in "Beware of Greeks bearing gifts".
I'd never heard of the poem, I'll look it up and read it, if that was just a snippit.
I can see you don't know much about your own government, if you are American.
What part of "large" and "diverse" don't you understand? The US Government is comprised of a number of cabinet level Departments, each of which is separately managed and funded. That means nobody is managing more than you said. Some Departments even are sub-divided, such as the DOD, making it even less centrally managed. Don't put words in my mouth.
What I said wasn't a complaint, it was a statement of fact. It meant that the task isn't the same as managing your granny's PC, so you can't compare the two. It wasn't about "me", either.
So the management environment in the Federal Government is going to be mixed. Some are better managed than others, obviously, judging by the results we see.
The issues you relate in your second paragraph are true, and common to any large organization. So read the news, and realize that these problems are comon to all sectors of the economy. This article just focused on the Feds, but since we use the same technology as the rest of the world, we will face the same issues.
I think you need a reality check.
The US government is a large, diverse entity with over a million people working for it in places all over the world. It takes a lot of money to make it work, and as with any government, that money has to be coerced out of the population by law; You don't pay for services, mostly, as you would from, say, your local air conditioning service company.
In a lot of ways, I agree that many of the people, especially in Congress, fit your characterization, as do a few government managers. But by and large, most do not.
Sure, there are managers that don't always focus on the right ways to do things, often becasue they're looking in the wrong direction at the wrong time. But under the current fiscal constraints the government is working under, almost all agancies are working under very tight monetary conditions. It isn't easy for many agancies to just do their core mission, much less things Congress considers fripperies.
As always, it isn't easy to get the management to understand what we in IT need in order to do the job that they ask of us. They are not, after all, technically oriented. We, on the other hand, are technically oriented, but not always able to properly communicate to them in language they understand just what we need. So the wheel turns, and things some time go to shit.
But guess what? Things do that in private corporations, too! Or don't you read the news?
if you want to gripe, gripe about managers everywhere, not just in government.
If you'd read my posts, you would see that in my agency, the management is actually paying some attention to us, with good, predictable results.
Uh, what do you exactly mean by "trojan"? Our department isn't disguising itself as something it isn't, like a trojan is usually defined. We are integral to the FDA being able to do its job without outside interferance with IT operations.
I work for the FDA - the Food and Drug Administration, and we are part of the HHS.
If you work for anybody but yourself, you are spending someone else's money, so what? I like that, too, especially when they have more than I do (which isn't hard...).
Cute little poem, but what relavance has it to my post?
If you work for the Feds you know how the different Departments have differing tasks, goals and operational environments. I'm sure that your employees wouldn't like their SSAN's and other personal information open for all the world to see!
"No generalization is worth a damn, including this one." - Oliver Wendell Holmes.
Neither is yours.
I work for a Federal agency (see my post below) and we have a large number of skilled IT workers (some as contractors, some as Feds) that diligently keep our network up, running, as as safe as several million dollars a year can manage.
For your (and the parent poster's) information, it is not as easy to manage millions of computers spread over the entire globe and keep them as safe as your granny's PC. If you think it is, then you need to find another profession.
Every Department is separately managed and funded. They all have different tasks, goals and operational requirements. Funding is and has been for years, getting slimmer and harder to come by. Virtually every government agency is underfunded just for core operations, never mind little things like computer operations.
If you think this is easy, then try working with us for a while; you'll not be so glib in just a month.
If an Agency is willing to spend the money, time and energy to put in place the protections that the typical Government information system deserves, this wouldn't be a problem.
My agency uses a multi layered defense to protect us against these issues. There are network level protections, PC level protections and desk-side support level protections. We also regularly send out warnings about current threats as well as require personnel to undergo annual IT security awareness training.
Individual PCs that are found to be broadcasting unknown signals to unknown or unverifiable outside destinations are removed from the network and reimaged immediately.
If, from a complaint to the help line, we find that a PC is infected with spyware, we don't even try to remove it; it is immediately reimaged.
We have instituted a locked down desktop policy; users are NOT allowed admin access except through application to a special committee for good business cases, based upon the use of special software that requires such access to run. We bend over backwards to alter those situations to avoid that access whenever possible.
Laptops are imaged using an image that is encrypted using a good encryption program that encrypts the entire hard drive using a 512 bit key, and NO laptops are allowed to be bought without going through our recieving process where that image is installed.
We have spent millions of dollars of your tax money in the last five years bringing this system online, but now that we have, we believe that we have as safe a system that we can get without just unplugging it or spending twice as much.
We don't have classified material, but we do have information that is confidential by law and must be protected from public release. (proprietary information belonging to firms we regulate.) This limits the measures we need to use, since classified material requires a completely different level of protection.
If the VA had used a system like ours, they would never have been embarrassed by the recent theft. The theft may still have occurred, but the information would never have been at risk.
It is not a perfect system, and it takes constant dilligence to maintain and periodically upgrade, but I think we do a pretty good job.
Ok, when I stopped laughing, I looked and found a site that I ran into over a year ago, debunking, scientifically, the conspiracy theory that a missle and not an aircraft hit the Pentagon.
7 57_plane_evidence.html
Here is the link:
http://www.abovetopsecret.com/pages/911_pentagon_
Through publically available information, diagrams, photos of debris, etc., this myth is pretty thoroughly debunked.
Think about it, an aircraft is just a big missle with wings. (and NO warhead) The wings are not as structurally rigid as the body, and will shear off the body at the slightest collision with any outside object. What makes you think the wings would have made big gaping holes in a reinforced concrete structure? The hole is around 16 x 20 ft. just a bit bigger than the body of the aircraft, and slices shrough the Pentagon into some of the inner rings, just as you would expect. There is no huge crater of interior damage that one would expect if a missle with an explosive warhead had struck instead. Plus, the shock wave from the explosive warhead would have created waves of damage far from the point of explosion, something else that didn't happen.
Plus there are too many witnesses to the incoming aircraft to dismiss.
Ah, but are you talking privacy or protection from unreasonable search and seizure?
In the first case, you are right, it is generally thought that privacy as a right is an inferred right, although there is a school of thought that the same right to that protection against search and seizure also includes a more explicit privacy protection. IANAL, tho.
But in the latter case, the constitution explicitly protects us against unreasonable search and seizure, although there is a lot of case law about just what constitutes unreasonable.
I didn't say I agreed with it, I noted that that is apparently how the system works. I do agree that police, gov't employees, politicians, etc., should be held to a higher standard. Note that I am a federal employee and still say that.
...and I didn't say they deserved a free ride, I said that there should be some consideration by society of the fact that they (cops) are always putting their lives on the line. But, yes, when they cross that line beyond where we give them that break, hit them with a heavy brick to get their attention. In fact, that was the point of MY rant, that when the police break the rules, the one very heavy penalty they pay is that all that hard work they did to build that case goes down the toilet, as it should!
I didn't say that the system is perfect, or even works, but sooner or later, people that break the rules egregiously DO get their comeuppance. Police DO have issues with resources, and even halfway honest police managers will get down and discipline cops that constantly waste theirs. I don't care if you don't agree, but however unevenly this may be followed across the country, most police departments will eventually discipline these kinds of offenders, at least the worst ones.
If they have a warrant, then by definition, it is a legal search, and thus, not what I was talking about.
Police will only actually break a door in if there is a situation where they know there is danger to life and limb in say, a hostage situation, or there is no landlord with a key and they require admittance to a property. They usually will, within the limits of not compromising the search (alerting the suspect) try to obtain admission without breakage, but you are right, if they need admission, and there's no one present, and no way to get a key, they will break the door.
But that's not what I was talking about. The parent was ranting about evidence obviously linking someone to a crime being tossed out of court if obtained illegally, and I was answering that rant with a little common sense. Privacy is NOT a dim legal technicality. It is what keeps the police from breaking down your door at midnite and hauling you away without warrant, and without accountability.
With a warrant, there is an outside person, not linked to the police bureacracy, that knows you have been searched or arrested. That warrant gives them the authority to do what they have requested. It also limits them to what the warrant gives them the authority to do. They cannot just haul away anything they wish, and they must provide a receipt for anything they remove. In other words, they are accountable to a court, and that court can force them to remedy an error, either through return of property, or monetary compensation. It also gives basis for a writ of habeus corpus, where the police are forced to bring you before a court after arrest to give evidence you were properly arrested and have a basis for keeping you there.
In other words, there is accountability, which is something that the British Army had little of during the colonial period, which is why those rights were included in the Bill of Rights. During this period, people could, and did, disappear. Troops could search your property for "evidence" you were rebellious, and if the officer in charge found something he really wanted, he could take it as evidence, and you could disappear. Largely, if you were a nobody, that action stuck, and you were out of luck.
With these rights enshrined in the Bill of Rights, and the police accountable to a court, we are much better protected.
I do not mean to imply that abuses do not happen. They do, but at least the victims often have some recourse.
If you have any doubts as to the value of these rights, please ask anybody that has lived in various South American countries at a number of unsettled times in the past, where people routinely disappeared and never came home. I think the Washington Post had a recent article about the Guatemalan experience, it was horrific, what was done.
If you think the US Government is bad now in its fight with Terrorism, read that article; we've got nothing to complain about by comparison.