I hope you are trolling me as you just effectively claimed that there is no political corruption in any democracy anywhere. Corruption happens everywhere and is directly proportional to what politicians think they can get away with. People will universally, always look for more control. This is why government tends to get bigger not smaller and this is why if someone gets away with a little, they will continue to try to push further.
I had a source that indicated they were at 14 billion last year, recently hit 16 billion and hit 15 billion 5 and a half months ago. That makes 2 billion in a year, so that basis was solid according to apple statements, at least as reported by a reputable news source. I didn't fact check further than that.
Oh, true, that makes my math off a little as well, but yours is still off. You are including my credit card processing fee which was 4 cents of the total 5 cents. That still drops your estimated cost of operation substantially and really an average app should be more like half a cent or less to deliver. A terabyte of bandwidth is like a few dollars, if that.
Sorry, you are correct on this one. It is not far fewer deaths when taken per gun user vs per driver. I read the wrong statistic as I was reading back over the previous posts quickly. It isn't really way higher (1 to 2.5ish if I'm not mistaken) and still a small percentage. I think the numbers probably switch back if you take out suicides and those who shouldn't either be legally driving or legally armed. (Which is what is really the only portion relevant to a discussion on gun control, since those who want to kill themselves will find a way, guns are simply expedient. Similarly, those who have guns illegally will get them anyway unless you limit guns to unconstitutional levels.)
One other last thought, I don't know why you keep insisting that guns don't mean that a government should be deposed simply because you don't agree with their actions. I'm saying a government must be able to be deposed when they stop listening to the vote so that they hopefully never get to that point.
And I'll repeat myself one more time because you don't seem to understand why a democracy works. A vote does not magically make those in power give it up. Sure it would be illegal, but if the government is corrupt, who stops them. A vote doesn't do shit if it can simply be ignored. You simply say the election was one thing when it was something else or make it so only the candidates with sufficient funding can be remotely viable and ensure that the populous is kept split on other issues as you slowly deteriorate their control to the point a small group can do whatever they want. Votes mean nothing without an ultimate means to enforce them.
You are beyond naive and I am not going to bother trying to further explain it to you as you appear to be truly clueless as to how the world works.
Yeah, I guess I was just saying all the same things can be done with the DB server and signed certs and encrypted DBs directly. You can make it so that it counts only wrong attempts and resets at the end of the day. You could even set a duration to lock it out for. You're still at a lower point in the stack since the web server is still having to call out to the DB server. Effectively, from a security stand point, if you were to put the schema on a different DB server, it would be doing the exact same thing as the hardened box. You could effectively just wire the hardened box web services directly up to the queries and have no other code.
No, it is O(1) because if you run it twice, it multiplies an O(x) process by O(1) leaving you still with an O(x) process. You were close to correct, but forgot that your brute force started as O(x) so their is no order of computational difficulty gained.
I already admitted that my initial calculations were off somewhat due to the revenue being pre-cost rather than assessed as a fee, if not in the above post then in another one in this thread. That said, I stand by my 8 to 10% number. Enough that it is still a major motivational factor when weighted against the iPad/iPhone/iPod portion of their market. That probably accounts for about 19 billion of the annual profit in 2011. In 2011 according to one of my links, they sold 2 billion songs rather than your more spread out estimate as the sales have been going up considerably each year. That makes it more like $350 million from music.
Your math on apps is wrong. If they paid out 2.5 billion, that means that their cut over three years was around 1 billion. At 5 cents per total dollar, that is still 823 million in net profits. Then assuming a similar rate of growth to what has been seen in music, you are talking atleast 300 million in profit from apps in 2011.
We'll go with your 30 million estimate on movies and books, though I imagine that is low as the cost per item is higher and thus the costs associated lower, but it's a smaller portion I would guess.
That makes almost 700 million out of 18 billion profit related to iPod/iPhone/iPad. That's still 5% of total profit and hardly something to give up unless you have to.
I will add two things to that. The system needs to limit unauthorized attempts before locking out, such that it is immune to brute force and the data needs to be internally isolated such that it can only be accessed internally (if absolutely necessary) by two or more individuals both mutually authorizing the access. Take your root of trust, make it as simple as possible, defend it as much as possible and build everything off of that root of trust in as simple and straight forward of a way as humanly possible to prevent exploitable gaps from being introduced.
Ok, well I can see you clearly are not a security professional (or not a good one) as your risk assessment doesn't even make sense. I shall respond to each point directly.
1) I did not say anything that would indicate that I do not believe internal threats exist. They account for something like 80% of breaches. For passwords, changing them every six months doesn't help against internal attacks unless the person has left the company and the company failed to notice or notify about the breach. As for my suggested system, it wouldn't just be hardened against external threats, but internal as well.
2) I referred to the password for accessing a game account as low priority. If they are able to compromise the DB itself, my password no good protecting my information and if they are able to break my password and access my account, the most they can do is get information available in public records or buy me more game time. Thus it is a low priority password as a compromise of that password does not cause any direct loss of control of non-public information or any financial loss.
3) Yes, you always assume a system can be compromised, but unless you detect and fix a compromise, there is nothing preventing it from being continually compromised, therefore changing passwords routinely does nothing to counter this. The only exception to this would be if you were to accidentally fix a vulnerability without realizing it or if a company found a vulnerability and fixed it without realizing it had been exploited. In either case, I have no way of determining when/if that occurs and do not feel like the small risk for lower priority passwords justifies the need to write them down and store them externally with a single point of failure.
4) Yes, I do not design my security for low and medium risk sites to withstand a targeted attack. If someone really wants to target me though, there are far more direct ways to go about it. Security is about making it harder to get you than the next guy. A criminal doing a large scale hack isn't going to spend time trying to break my system when they can get tens of thousands of other credentials through automated means. If I had reason to believe it would be worth while to directly target me, I would alter the practice. Also, I consider more than one breach on a password system to invalidate that password system for medium or higher security passwords. That is a big part of the reason for my frustration.
5) Your fifth point is valid, but again, not in the context of an individual user. If someone broke in to 5 systems, without being detected, to try and go after my information, they are pretty damn determined to go after me and the situation is pretty unlikely to occur. (As you were quick to point out, the majority of breaches are internal.) Even if the DBs were simply sold and compiled by another third party, again, a simple, non-trivial system for generating passwords is sufficient to defeat automated tools that would try to find links between the DBs and thus protects against all but determined, targeted attacks.
Please try to think through your arguments and analysis more clearly before you try to lampoon someone's understanding of a topic.
That could be true, but if so, then Apple is incompetent and their hardware and marketing would seem to indicate that they are anything but incompetent. I'm not the only one that theorizes this either. Doing some more research I came up with http://bits.blogs.nytimes.com/2008/08/11/steve-jobs-tries-to-downplay-the-itunes-stores-profit/ which seems to support some of my assumptions. It should be noted that one of the objections to that article is also wrong as it is possible, even in small quantities to get transaction fees that are purely percentage driven if your average cost is below $2.50. All in all, on every $1 app or song purchased Apple makes around 20 to 30 cents income of which probably around 3 to 5 cents is credit card processing and if they are very incompetent, 1 cent would be server and bandwidth costs to make the system run. That leaves somewhere between 27 and 15 cents of profit. That is a lot of money to have vanish in other costs when you are talking about several billion app, movie, music and book purchases per year.
That's a fair point that the current enforcement is ineffective. If no good way can be found to make the enforcement effective, then I would yield it as not really being of benefit since it is unenforceable, though I would first want to investigate if there were ways to make it enforceable.
Honestly, if someone wants to be able to protect themselves from their former associates and can show sufficient evidence that they are reformed, I don't see why a judge shouldn't be able to authorize them to have a gun. I can agree with that too.
Oh and as for the percentages, yes I realize that only one in 4 actually own guns, but some people own more than one car as well. Now granted, the average isn't four, but the argument can be made that per gun is equivalent to per car. Even if you want to do per gun owner to per car owner, it is still substantially fewer deaths.
If you want to narrow the guns discussion to just a select few conditions that are extremely irresponsible, then I have much fewer objections (and perhaps none at all).
I could be wrong, but I do not believe the Greeks have been a truly functional democracy the entire time. British democracy only applied to land owners for a long period of time and was only really made viable to replace the king because the lords that were in favor of it had the military power to ignore his objections. In the case of America trying to get its freedom to representation, it required guns and a war.
I agree that you don't have the right to go against the majority just because you have guns, but what you don't seem to get is the fact that the same is true for government. If the government has no threat from the people, it has no reason to listen to them. The argument isn't that hard to understand and is really pretty obvious. If we could shrink the US military substantially, then there would be less need for an armed populace perhaps. Ultimately, history shows that in EVERY case, those who can control will control. The only way to ensure democracy continues to represent the people is to have representing the people be the only way to control the people. If the government is able to maintain control without representing the people, then it has no need to represent the people.
As for your last comment about why not outlaw some more, what exactly would you propose that isn't an outright ban on all guns? I'm not opposed to some controls so long as the population remains armed in general and the restrictions show a positive social benefit.
That's understandable, but then question them on the hypocrisy, don't try to trap them in to saying what you want them to day because it would be sensational and make them look bad. Ask them how they feel it is different from that situation. Ask them why their view seems to be different. Give them a chance to explain themselves and ask questions if things don't add up. That is the point of the press. Not to try and get someone to trip up so that you can make a big headline and make someone look bad. When you start doing that, you change over from a neutral press that tries to inform to a political organization that is trying to make the news rather than report it.
Yeah, I guess I shouldn't say that it won't do anything to run multiple hashes, but you are only increasing your brute force time by the same factor as you are increasing your individual run time. That isn't a very effective security mechanism since you are only lengthening the process by O(1). It would prevent the use of rainbow tables that had been run for a single pass, but again, a good salt would do the same. The core issue is that brute forcing a hash is simply run hash on A, does result match? If yes, use A, if not, increment A and try again. Store your result and move on. If you have a large DB, you use the table for each record. Give each password it's own salt, and you now have to individually crack every single password hash by itself. It renders the attack pretty difficult.
The separate platform for isolation would be nice and certainly adds a little security (and is actually likely the way I would do it if I was designing the system), I was just trying to highlight how simple it would be to increase the security to prevent this kind of thing even without such a device. You could also have an internal counter per day in the sproc that would prevent it from running more than a given number of times for a given record as well. It is a very solid addition to my proposed scheme. In general, your DB server should provide a pretty good level of hardening though as you could encrypt the data in the given schema with a symmetric key that only the signed sproc has access to. Thus, there would be no way for an external attacker to compromise it without altering the query. You are effectivly hardening the input to that schema of the DB to only be possible through the hardened interface of the signed stored proc. The main thing the hardened physical box would give you is the inability to get an encrypted data dump that would contain the information where they could try to brute force the symmetric encryption, though I wouldn't be too worried about that happening either.
I would add chemical sniffer to that list. It's another fairly cheap, non-invasive test that detects most of what a metal detector wouldn't. Actually between the two, the chemical sniffer is probably more valuable than the metal detector since metal detectors primarily detect things you could use to take over a plane (as you pointed out, there is a fat chance in hell that will ever happen again), where as the sniffer will detect things that could destroy a plane.
I actually saw something like this being used the last time I flew out of a fairly small regional airport. I was actually quite pleased and quite impressed and don't even think the majority of people even realized they were being screened. The guy was in TSA uniform but was just acting like he was social and on break and just making conversation with each person as they went by. The only thing that really gave it away was the amount of effort he would put in to getting a response from someone who hesitated to answer simply because they weren't very social.
Why exactly should I be changing my password every six months? Does it somehow magically become a pumpkin or mysteriously leak itself? I use a series of several different systems to generate passwords (with different security levels for each system of use) that would not be easily guessed unless you knew the underlying system. This both ensures that passwords are not shared and that it is not easy to compromise other passwords if one is compromised. The main reasons for changing a password every six months are either a) the assumption that it may have been compromised and therefore should be changed, but yet somehow the issue wouldn't still be present allowing the new password to ALSO be compromised or b) the much more justifiable reason, that someone's carelessness (for example writing the password down) may have resulted in an individual password being compromised without a systematic breach.
As I am very careful with my passwords and do not write them down, b is not so much an issue for me, particularly for low security stuff like a video game. Using an app to store a bunch of passwords is both a single point of failure as well as a major headache to actually use for every low priority site that you use. Having a systematic approach to determining unique passwords is far more effective and easy to use. What you are suggesting is that I should compromise my own security by writing down passwords instead of using a system that doesn't permit systematic breakage of my passwords while allowing them to remain in my head.
I am a software developer and a security professional. I take security very seriously when necessary and have a great deal of training on it. While this breach isn't as bad as Sony's it still is a situation that should not occur for a production system. There is no reason why the data should be accessible outside the computer hosting it to anything other than web services (or some similarly secure mechanism) querying in to it via hardened calls that only allow verification of identity and do not allow the information out. It is not hard to implement and I have personally written several systems that do just that. Simply put, the data that was taken should never, under any circumstances be available to a system that connects directly or indirectly to the internet other than through a locked down, single purpose interface. If they were doing this and someone managed to actually exploit that interface or if it was a work of internal abuse, then I'd be willing to cut them a little more slack as those attacks would be harder to protect against.
Yes, if only because they have written their authentication system as part of a much larger system to be shared with both a) a store and b) multiple development shops. The amount of effort that in theory should have gone in to their authentication system is much higher, so I would hope it is more securely held as a result.
That is now the fifth time I've had someone manage to fubar and let a DB with my information get out there in the last 6 months or so. I'm literally running out of ways to manipulate my passwords to maintain a unique and secure, but rememberable password. If you just lost my previous password, do you really think I want to have to invalidate the entire approach to passwords I was using and then use one of my more secure techniques with your system (thanks to the even more absurd password requirements) and risk it getting compromised too. Thanks a lot assholes. Glad SWTOR is out now so I can cancel my Rift subscription.
I have to call bull shit on this. I've worked on a number of corporate networks and can safely say that trying to integrate some of the system's I've seen up to PCI compliance would be virtually impossible without simply using an external service to track the information and then write some other interface to relay the necessary authorizations to the rest of the system, which in many cases runs in to performance issues and/or won't work smoothly (or at all) with existing systems. Perhaps many companies can do it easily, but for many it is a very difficult and expensive process necessarily due to how their systems operate.
That said, I see it as less of an excuse for a software developer as they can write their own systems.
You don't seem to understand what you are talking about here. Extra passes of hashing wouldn't do anything that a good salt wouldn't. Running multiple encryptions to slow brute forcing is an idea where one side is not known and so having more than one pass prevents a single decode attempt from resulting in a recognizable plain text. The convention is to do it three times so that you can't simply look for a meet in the middle of a bunch of passwords encrypted once and a bunch of encrypted passwords decrypted once.
With hashing however, it is one way, the brute force attack is simply to run the hashing algorithm for a bunch of inputs until you get one that matches the output. Running multiple such hashes does very little as it adds as much time to an individual processing as it does to a crack attempt. Using a sufficiently complex salt would accomplish the same thing.
As for using a hardware key control, they are designed to hold master keys, not to hold hundreds of thousands or millions of user's records. You could use it to store the encryption key to decode encrypted data in your DB, but if someone gets in to your DB itself, the system will happily decode it for the attacker and there isn't much you can do about it. They are more designed to stop someone from walking off with the data files or extracting the key, but if they compromise access to the data via a legit means, you are up a creek.
You might be able to try and adapt a hardened physical box to do simple validation checks with it separately hardened to not allow the hashes to ever get out (ie, pass just the hash to the box and look for verification back that it is valid for a user) but you are going to end up hitting that box pretty hard for something like an MMO. You might gain a little, but I'm not sure you would gain much over simply putting it in a separate DB schema with a signed sproc to do the verification as a simple match of hashes. Something along the lines of a securePassHash schema with a cert signed sproc CheckUserHash(userID,hashVal) that returns true or false and another SetUserHash(userID, hashVal).
Yeah, as much as I hate how biased Fox news is, CNN surprised me with something I happened to catch when I was in the grocery store and happened to see it on. They were talking to one of the Republican presidential hopefuls about what his view on the whole thing was and he was answering quite well I thought (in terms of explaining his view) that he didn't want to gut the money from elsewhere and that he thought that there needed to be some way to fund the tax cut and was being pretty clear that while he didn't like the idea of allowing it to expire he wasn't seeing an alternative that he thought would work, but the anchor would not let go of trying to ask him if he was in favor of raising taxes even though he was already being pretty direct at stating his view. The CNN anchor was clearly trying to corner him in to having to say something unpopular as opposed to having a dialog and talking about the issues it would cause. It was politics not news and appeared very clearly biased to me.
Slashdot Mirror
I hope you are trolling me as you just effectively claimed that there is no political corruption in any democracy anywhere. Corruption happens everywhere and is directly proportional to what politicians think they can get away with. People will universally, always look for more control. This is why government tends to get bigger not smaller and this is why if someone gets away with a little, they will continue to try to push further.
I had a source that indicated they were at 14 billion last year, recently hit 16 billion and hit 15 billion 5 and a half months ago. That makes 2 billion in a year, so that basis was solid according to apple statements, at least as reported by a reputable news source. I didn't fact check further than that.
Oh, true, that makes my math off a little as well, but yours is still off. You are including my credit card processing fee which was 4 cents of the total 5 cents. That still drops your estimated cost of operation substantially and really an average app should be more like half a cent or less to deliver. A terabyte of bandwidth is like a few dollars, if that.
Sorry, you are correct on this one. It is not far fewer deaths when taken per gun user vs per driver. I read the wrong statistic as I was reading back over the previous posts quickly. It isn't really way higher (1 to 2.5ish if I'm not mistaken) and still a small percentage. I think the numbers probably switch back if you take out suicides and those who shouldn't either be legally driving or legally armed. (Which is what is really the only portion relevant to a discussion on gun control, since those who want to kill themselves will find a way, guns are simply expedient. Similarly, those who have guns illegally will get them anyway unless you limit guns to unconstitutional levels.)
One other last thought, I don't know why you keep insisting that guns don't mean that a government should be deposed simply because you don't agree with their actions. I'm saying a government must be able to be deposed when they stop listening to the vote so that they hopefully never get to that point.
And I'll repeat myself one more time because you don't seem to understand why a democracy works. A vote does not magically make those in power give it up. Sure it would be illegal, but if the government is corrupt, who stops them. A vote doesn't do shit if it can simply be ignored. You simply say the election was one thing when it was something else or make it so only the candidates with sufficient funding can be remotely viable and ensure that the populous is kept split on other issues as you slowly deteriorate their control to the point a small group can do whatever they want. Votes mean nothing without an ultimate means to enforce them.
You are beyond naive and I am not going to bother trying to further explain it to you as you appear to be truly clueless as to how the world works.
Yeah, I guess I was just saying all the same things can be done with the DB server and signed certs and encrypted DBs directly. You can make it so that it counts only wrong attempts and resets at the end of the day. You could even set a duration to lock it out for. You're still at a lower point in the stack since the web server is still having to call out to the DB server. Effectively, from a security stand point, if you were to put the schema on a different DB server, it would be doing the exact same thing as the hardened box. You could effectively just wire the hardened box web services directly up to the queries and have no other code.
No, it is O(1) because if you run it twice, it multiplies an O(x) process by O(1) leaving you still with an O(x) process. You were close to correct, but forgot that your brute force started as O(x) so their is no order of computational difficulty gained.
I already admitted that my initial calculations were off somewhat due to the revenue being pre-cost rather than assessed as a fee, if not in the above post then in another one in this thread. That said, I stand by my 8 to 10% number. Enough that it is still a major motivational factor when weighted against the iPad/iPhone/iPod portion of their market. That probably accounts for about 19 billion of the annual profit in 2011. In 2011 according to one of my links, they sold 2 billion songs rather than your more spread out estimate as the sales have been going up considerably each year. That makes it more like $350 million from music.
Your math on apps is wrong. If they paid out 2.5 billion, that means that their cut over three years was around 1 billion. At 5 cents per total dollar, that is still 823 million in net profits. Then assuming a similar rate of growth to what has been seen in music, you are talking atleast 300 million in profit from apps in 2011.
We'll go with your 30 million estimate on movies and books, though I imagine that is low as the cost per item is higher and thus the costs associated lower, but it's a smaller portion I would guess.
That makes almost 700 million out of 18 billion profit related to iPod/iPhone/iPad. That's still 5% of total profit and hardly something to give up unless you have to.
I will add two things to that. The system needs to limit unauthorized attempts before locking out, such that it is immune to brute force and the data needs to be internally isolated such that it can only be accessed internally (if absolutely necessary) by two or more individuals both mutually authorizing the access. Take your root of trust, make it as simple as possible, defend it as much as possible and build everything off of that root of trust in as simple and straight forward of a way as humanly possible to prevent exploitable gaps from being introduced.
Ok, well I can see you clearly are not a security professional (or not a good one) as your risk assessment doesn't even make sense. I shall respond to each point directly.
1) I did not say anything that would indicate that I do not believe internal threats exist. They account for something like 80% of breaches. For passwords, changing them every six months doesn't help against internal attacks unless the person has left the company and the company failed to notice or notify about the breach. As for my suggested system, it wouldn't just be hardened against external threats, but internal as well.
2) I referred to the password for accessing a game account as low priority. If they are able to compromise the DB itself, my password no good protecting my information and if they are able to break my password and access my account, the most they can do is get information available in public records or buy me more game time. Thus it is a low priority password as a compromise of that password does not cause any direct loss of control of non-public information or any financial loss.
3) Yes, you always assume a system can be compromised, but unless you detect and fix a compromise, there is nothing preventing it from being continually compromised, therefore changing passwords routinely does nothing to counter this. The only exception to this would be if you were to accidentally fix a vulnerability without realizing it or if a company found a vulnerability and fixed it without realizing it had been exploited. In either case, I have no way of determining when/if that occurs and do not feel like the small risk for lower priority passwords justifies the need to write them down and store them externally with a single point of failure.
4) Yes, I do not design my security for low and medium risk sites to withstand a targeted attack. If someone really wants to target me though, there are far more direct ways to go about it. Security is about making it harder to get you than the next guy. A criminal doing a large scale hack isn't going to spend time trying to break my system when they can get tens of thousands of other credentials through automated means. If I had reason to believe it would be worth while to directly target me, I would alter the practice. Also, I consider more than one breach on a password system to invalidate that password system for medium or higher security passwords. That is a big part of the reason for my frustration.
5) Your fifth point is valid, but again, not in the context of an individual user. If someone broke in to 5 systems, without being detected, to try and go after my information, they are pretty damn determined to go after me and the situation is pretty unlikely to occur. (As you were quick to point out, the majority of breaches are internal.) Even if the DBs were simply sold and compiled by another third party, again, a simple, non-trivial system for generating passwords is sufficient to defeat automated tools that would try to find links between the DBs and thus protects against all but determined, targeted attacks.
Please try to think through your arguments and analysis more clearly before you try to lampoon someone's understanding of a topic.
That could be true, but if so, then Apple is incompetent and their hardware and marketing would seem to indicate that they are anything but incompetent. I'm not the only one that theorizes this either. Doing some more research I came up with http://bits.blogs.nytimes.com/2008/08/11/steve-jobs-tries-to-downplay-the-itunes-stores-profit/ which seems to support some of my assumptions. It should be noted that one of the objections to that article is also wrong as it is possible, even in small quantities to get transaction fees that are purely percentage driven if your average cost is below $2.50. All in all, on every $1 app or song purchased Apple makes around 20 to 30 cents income of which probably around 3 to 5 cents is credit card processing and if they are very incompetent, 1 cent would be server and bandwidth costs to make the system run. That leaves somewhere between 27 and 15 cents of profit. That is a lot of money to have vanish in other costs when you are talking about several billion app, movie, music and book purchases per year.
That's a fair point that the current enforcement is ineffective. If no good way can be found to make the enforcement effective, then I would yield it as not really being of benefit since it is unenforceable, though I would first want to investigate if there were ways to make it enforceable.
Honestly, if someone wants to be able to protect themselves from their former associates and can show sufficient evidence that they are reformed, I don't see why a judge shouldn't be able to authorize them to have a gun. I can agree with that too.
Oh and as for the percentages, yes I realize that only one in 4 actually own guns, but some people own more than one car as well. Now granted, the average isn't four, but the argument can be made that per gun is equivalent to per car. Even if you want to do per gun owner to per car owner, it is still substantially fewer deaths.
If you want to narrow the guns discussion to just a select few conditions that are extremely irresponsible, then I have much fewer objections (and perhaps none at all).
I could be wrong, but I do not believe the Greeks have been a truly functional democracy the entire time. British democracy only applied to land owners for a long period of time and was only really made viable to replace the king because the lords that were in favor of it had the military power to ignore his objections. In the case of America trying to get its freedom to representation, it required guns and a war.
I agree that you don't have the right to go against the majority just because you have guns, but what you don't seem to get is the fact that the same is true for government. If the government has no threat from the people, it has no reason to listen to them. The argument isn't that hard to understand and is really pretty obvious. If we could shrink the US military substantially, then there would be less need for an armed populace perhaps. Ultimately, history shows that in EVERY case, those who can control will control. The only way to ensure democracy continues to represent the people is to have representing the people be the only way to control the people. If the government is able to maintain control without representing the people, then it has no need to represent the people.
As for your last comment about why not outlaw some more, what exactly would you propose that isn't an outright ban on all guns? I'm not opposed to some controls so long as the population remains armed in general and the restrictions show a positive social benefit.
That's understandable, but then question them on the hypocrisy, don't try to trap them in to saying what you want them to day because it would be sensational and make them look bad. Ask them how they feel it is different from that situation. Ask them why their view seems to be different. Give them a chance to explain themselves and ask questions if things don't add up. That is the point of the press. Not to try and get someone to trip up so that you can make a big headline and make someone look bad. When you start doing that, you change over from a neutral press that tries to inform to a political organization that is trying to make the news rather than report it.
Yeah, I guess I shouldn't say that it won't do anything to run multiple hashes, but you are only increasing your brute force time by the same factor as you are increasing your individual run time. That isn't a very effective security mechanism since you are only lengthening the process by O(1). It would prevent the use of rainbow tables that had been run for a single pass, but again, a good salt would do the same. The core issue is that brute forcing a hash is simply run hash on A, does result match? If yes, use A, if not, increment A and try again. Store your result and move on. If you have a large DB, you use the table for each record. Give each password it's own salt, and you now have to individually crack every single password hash by itself. It renders the attack pretty difficult.
The separate platform for isolation would be nice and certainly adds a little security (and is actually likely the way I would do it if I was designing the system), I was just trying to highlight how simple it would be to increase the security to prevent this kind of thing even without such a device. You could also have an internal counter per day in the sproc that would prevent it from running more than a given number of times for a given record as well. It is a very solid addition to my proposed scheme. In general, your DB server should provide a pretty good level of hardening though as you could encrypt the data in the given schema with a symmetric key that only the signed sproc has access to. Thus, there would be no way for an external attacker to compromise it without altering the query. You are effectivly hardening the input to that schema of the DB to only be possible through the hardened interface of the signed stored proc. The main thing the hardened physical box would give you is the inability to get an encrypted data dump that would contain the information where they could try to brute force the symmetric encryption, though I wouldn't be too worried about that happening either.
I would add chemical sniffer to that list. It's another fairly cheap, non-invasive test that detects most of what a metal detector wouldn't. Actually between the two, the chemical sniffer is probably more valuable than the metal detector since metal detectors primarily detect things you could use to take over a plane (as you pointed out, there is a fat chance in hell that will ever happen again), where as the sniffer will detect things that could destroy a plane.
I actually saw something like this being used the last time I flew out of a fairly small regional airport. I was actually quite pleased and quite impressed and don't even think the majority of people even realized they were being screened. The guy was in TSA uniform but was just acting like he was social and on break and just making conversation with each person as they went by. The only thing that really gave it away was the amount of effort he would put in to getting a response from someone who hesitated to answer simply because they weren't very social.
Why exactly should I be changing my password every six months? Does it somehow magically become a pumpkin or mysteriously leak itself? I use a series of several different systems to generate passwords (with different security levels for each system of use) that would not be easily guessed unless you knew the underlying system. This both ensures that passwords are not shared and that it is not easy to compromise other passwords if one is compromised. The main reasons for changing a password every six months are either a) the assumption that it may have been compromised and therefore should be changed, but yet somehow the issue wouldn't still be present allowing the new password to ALSO be compromised or b) the much more justifiable reason, that someone's carelessness (for example writing the password down) may have resulted in an individual password being compromised without a systematic breach.
As I am very careful with my passwords and do not write them down, b is not so much an issue for me, particularly for low security stuff like a video game. Using an app to store a bunch of passwords is both a single point of failure as well as a major headache to actually use for every low priority site that you use. Having a systematic approach to determining unique passwords is far more effective and easy to use. What you are suggesting is that I should compromise my own security by writing down passwords instead of using a system that doesn't permit systematic breakage of my passwords while allowing them to remain in my head.
I am a software developer and a security professional. I take security very seriously when necessary and have a great deal of training on it. While this breach isn't as bad as Sony's it still is a situation that should not occur for a production system. There is no reason why the data should be accessible outside the computer hosting it to anything other than web services (or some similarly secure mechanism) querying in to it via hardened calls that only allow verification of identity and do not allow the information out. It is not hard to implement and I have personally written several systems that do just that. Simply put, the data that was taken should never, under any circumstances be available to a system that connects directly or indirectly to the internet other than through a locked down, single purpose interface. If they were doing this and someone managed to actually exploit that interface or if it was a work of internal abuse, then I'd be willing to cut them a little more slack as those attacks would be harder to protect against.
Yes, if only because they have written their authentication system as part of a much larger system to be shared with both a) a store and b) multiple development shops. The amount of effort that in theory should have gone in to their authentication system is much higher, so I would hope it is more securely held as a result.
That is now the fifth time I've had someone manage to fubar and let a DB with my information get out there in the last 6 months or so. I'm literally running out of ways to manipulate my passwords to maintain a unique and secure, but rememberable password. If you just lost my previous password, do you really think I want to have to invalidate the entire approach to passwords I was using and then use one of my more secure techniques with your system (thanks to the even more absurd password requirements) and risk it getting compromised too. Thanks a lot assholes. Glad SWTOR is out now so I can cancel my Rift subscription.
I have to call bull shit on this. I've worked on a number of corporate networks and can safely say that trying to integrate some of the system's I've seen up to PCI compliance would be virtually impossible without simply using an external service to track the information and then write some other interface to relay the necessary authorizations to the rest of the system, which in many cases runs in to performance issues and/or won't work smoothly (or at all) with existing systems. Perhaps many companies can do it easily, but for many it is a very difficult and expensive process necessarily due to how their systems operate.
That said, I see it as less of an excuse for a software developer as they can write their own systems.
You don't seem to understand what you are talking about here. Extra passes of hashing wouldn't do anything that a good salt wouldn't. Running multiple encryptions to slow brute forcing is an idea where one side is not known and so having more than one pass prevents a single decode attempt from resulting in a recognizable plain text. The convention is to do it three times so that you can't simply look for a meet in the middle of a bunch of passwords encrypted once and a bunch of encrypted passwords decrypted once.
With hashing however, it is one way, the brute force attack is simply to run the hashing algorithm for a bunch of inputs until you get one that matches the output. Running multiple such hashes does very little as it adds as much time to an individual processing as it does to a crack attempt. Using a sufficiently complex salt would accomplish the same thing.
As for using a hardware key control, they are designed to hold master keys, not to hold hundreds of thousands or millions of user's records. You could use it to store the encryption key to decode encrypted data in your DB, but if someone gets in to your DB itself, the system will happily decode it for the attacker and there isn't much you can do about it. They are more designed to stop someone from walking off with the data files or extracting the key, but if they compromise access to the data via a legit means, you are up a creek.
You might be able to try and adapt a hardened physical box to do simple validation checks with it separately hardened to not allow the hashes to ever get out (ie, pass just the hash to the box and look for verification back that it is valid for a user) but you are going to end up hitting that box pretty hard for something like an MMO. You might gain a little, but I'm not sure you would gain much over simply putting it in a separate DB schema with a signed sproc to do the verification as a simple match of hashes. Something along the lines of a securePassHash schema with a cert signed sproc CheckUserHash(userID,hashVal) that returns true or false and another SetUserHash(userID, hashVal).
Yeah, as much as I hate how biased Fox news is, CNN surprised me with something I happened to catch when I was in the grocery store and happened to see it on. They were talking to one of the Republican presidential hopefuls about what his view on the whole thing was and he was answering quite well I thought (in terms of explaining his view) that he didn't want to gut the money from elsewhere and that he thought that there needed to be some way to fund the tax cut and was being pretty clear that while he didn't like the idea of allowing it to expire he wasn't seeing an alternative that he thought would work, but the anchor would not let go of trying to ask him if he was in favor of raising taxes even though he was already being pretty direct at stating his view. The CNN anchor was clearly trying to corner him in to having to say something unpopular as opposed to having a dialog and talking about the issues it would cause. It was politics not news and appeared very clearly biased to me.