Close....the right to privacy has been read by the courts to be *implied* by the Fourth Amendment, but you'll not find it in the text:
The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.
So I can just make up rights, and unless they're explicitly denied in the Constitution, they exist? Do I have a right to a 10-hour workweek? After all, it's not explicitly denied in the Constitution.....
Bull.
You have a limited set of rights under the Constitution. Privacy is not one of them. Privacy has been read as an *implied* right by the search and siezure clause, but that has only been created by precedent in the courts.
you want to upgrade that video card but now you have several hours job...
That also brings computers closer to being an "appliance" with no user-serviceable parts inside, though....which, for some manufacturers is a plus. Just saying "don't touch that" has clearly had no effect on the various geeks of the world. Saying, instead, "Hot oil inside...don't open or you'll be burned" will deter a much larger number of geeks. Not all (there's always one), but still...
Yeah, but there's a difference between a necessary evil, and intentionally courting evil. Some of the OSS project names are clearly people trying to be cute. For example, "bacula" (" It comes by night and sucks the vital essence from your computers."), which is a backup util; or rancid (the "Really Awesome New Cisco confIg Differ"), a router/switch config backup system.
Don't get me wrong, I like and use both of those programs, but their names alone require a very...patient manager to approve them.
Our experiences driving hybrids are quite different, then.
I'm in a (mostly) flat, suburban area. The engine on my Prius stays off for 10-20 minutes at a time when I'm in stop & go traffic. During this entire time, the heat reclaimation system would be nothing more than dead weight (which is one of the factors that the Prius is trying to minimize). In fact, for almost all of my weekend driving (short hops), the system would be dead weight, as the engine wouldn't get hot enough to get the heat reclaimation system anywhere near efficient operating temperatures.
Given my neighborhood and driving habits, I suspect a heat reclaimation system would actually reduce my efficiency, as I'd be dragging around a lot of extra weight that wouldn't contribute much to the end result.
Re:Could be combined with conventional hybrid...
on
Steam Hybrid Car from BMW
·
· Score: 2, Interesting
Actually, I think this would make a poor combination with a hybrid. The whole point of the hybrid design is that it turns off the gasoline engine periodically, when it's not needed. This makes its heat generation inconsistent at best, which would mean the heat reclaimation system would only be in use part of the time, making it far less useful than in a system where the engine is always on.
Re:Jeff Moss, the old owner of BlackHat Briefings
on
CMP Acquires Black Hat
·
· Score: 2, Informative
Attendees at BlackHat Briefings used to receive free attendance at Defcon
They still do.
at defcon you could easily tell who the kiddies where and who were the professionals
That's not changed, though which ones were speaking is an open question. I remember quite clearly a talk from a few years ago where the speaker was attempting (and failing) to give a talk on Active Directory security...while drunk...at 9am.
Well...sorta. You do have to have something on your end keeping the fibre lit. Most telcos these days aren't giving you fibre directly to the computer...they give you copper ethernet to the computer and have the fibre lit by a splitter for the ethernet and phone stream. One problem: that device needs power. The telco will install an UPS for their device, which will last a few hours (6-8 is the range I've seen quoted). If your power outage goes beyond that (or the UPS doesn't work right), your phone and 'net connection are gone.
How do you tell a sequential scan is occurring? Do you now have to have a stateful IDS running in every edge switch? At line rate? For several Gigabit a second? No way.
I'm not concerned with the core, but the edge. This isn't a layer 3 problem...it's layer 2. When a switch (I only mention routers becuase the two tasks are being combined quite often) arps for a host, it reserves RAM for the arp entry ahead of time, to store the result. Until it gets the result, the arp entry is considered "incomplete." But, that incomplete entry is still taking up RAM.
This was one of the big problems with the Slammer worm...the routers may survive the traffic, but the sheer number of incomplete arp entries trashed the edge switches.
You know, every time I hear that argument, I want to ask this: yeah, but can your switch/router store that many incomplete arp entries for all the hosts that got scanned but aren't there? I suspect the first time someone really does a big sequential scan of IPv6 space (non-firewalled, like customer DSL or Cable space), you'll see some very unhappy network engineers trying to figure out why their big 6500's are running out of RAM.
Cisco doing heap checking is a mark of a reasonable system doing checks on itself. Why is this bad? They almost never use the stack, so they check the memory they are using a lot. It doesn't run often (Lynn found it running about once every 30 seconds or so), and it's a good thing to do. Why complain?
As for reloading firmware, I don't think you understand Cisco stuff. There is a mini-firmware burned into ROM on all the Routers & Switches...it's called ROMMON mode on the ones that immediately come to mind. If your device firmware is totally thrashed (by a worm, by some damn fool tftp'ing up an image for the wrong router type, etc) you'd just use ROMMON mode to re-load a good image. Now, the real problem is that a worm could trash your flash storage.
In that case, unless you've got one of the expensive boxes with removable flash cards, you've now got a very expensive paperweight.
Is it not just as possible that Microsoft, in dumbing down Windows for the novice user and obscuring What Really Happens(TM), has been a disservice to their customers?
No. Computers should not be as difficult to use as they are (and yes, they are difficult to use...we're accustomed to it, but they are). The fact that users are getting lost means that they are still too hard to use.
Look, computers are all about automation: I shouldn't have to tweak video settings for hours to get a given game to work...I shouldn't have to manually patch a kernel to enable a certain video driver...these tasks (which we're all doing all the damn time) should be automated. That's what computers are good at...why are we doing this nonsense by hand?
Huge amounts of the things that we do by hand on the command line are automatable...Knoppix is a great example of this: When it first came out, people were really impressed with how well it did hardware auto-detection and configuration...that detection and configuration was just the result of some (clever) scripting. That kind of auto-conf should be the standard, not the exception.
In short (yeah, yeah, I get to the short part *after* the long rant), the computer is a tool...I should be spending my time using it as a tool, not tweaking the tool.
If they don't mention the ownership ties between them, then/. gets accused of conflicts of interest in posting OSTG stories. It's effectively a financial disclosure statement: Yes, we might have a conflict of interest here...take this with your own-sized grain of salt.
I think they've got that tied into a Microsoft story-generating bot...seriously, we've had at least one MS story per day for the past few weeks.
Note to editors: stop. Please. I don't care about every little step MS takes. There have been a few interesting stories, but most of the recent MS stories have been pointless junk. I'd remove the MS category, but there are occasionally useful stories in there...I just wish most of it weren't flamebait.
If standard-compliant documents become a requirement for large purchases, it doesn't matter if the company wants to play nice or not...the only question is: do they want the sale? Customers can force the companies to play nice by making standards-compliant document formats a requirement.
This, of course, assumes that the client machines are checking the certificate revocation list URL, or that the certs even *have* CRLs listed in the cert.
Actually, I've found that asking basic questions like that, even of the very skilled, can be very telling.
If a network guy (or, in my case, network security guy) can't tell me the difference between TCP and UDP, this will be a very short interview. (Yes, I have had people fail that question.)
People lie on resumes, and really "obvious" questions are a good first-level filter for the liers.
Slashdot Mirror
Gay
Lesbian
Bisexual
Transgender
I love that phrase: knockout mouse. Makes me think of some Bugs Bunny-style mouse wearing a tight sweater & lipstick.
So I can just make up rights, and unless they're explicitly denied in the Constitution, they exist? Do I have a right to a 10-hour workweek? After all, it's not explicitly denied in the Constitution.....
Bull.
You have a limited set of rights under the Constitution. Privacy is not one of them. Privacy has been read as an *implied* right by the search and siezure clause, but that has only been created by precedent in the courts.
You have no constitutional right to privacy.
Nonsense. Show me the section of the Constitution that explicitly guarantees a right to privacy.
That also brings computers closer to being an "appliance" with no user-serviceable parts inside, though....which, for some manufacturers is a plus. Just saying "don't touch that" has clearly had no effect on the various geeks of the world. Saying, instead, "Hot oil inside...don't open or you'll be burned" will deter a much larger number of geeks. Not all (there's always one), but still...
I'm sorry, you'll have to turn in your geek card now.
Yeah, but there's a difference between a necessary evil, and intentionally courting evil. Some of the OSS project names are clearly people trying to be cute. For example, "bacula" (" It comes by night and sucks the vital essence from your computers."), which is a backup util; or rancid (the "Really Awesome New Cisco confIg Differ"), a router/switch config backup system.
Don't get me wrong, I like and use both of those programs, but their names alone require a very...patient manager to approve them.
Our experiences driving hybrids are quite different, then.
I'm in a (mostly) flat, suburban area. The engine on my Prius stays off for 10-20 minutes at a time when I'm in stop & go traffic. During this entire time, the heat reclaimation system would be nothing more than dead weight (which is one of the factors that the Prius is trying to minimize). In fact, for almost all of my weekend driving (short hops), the system would be dead weight, as the engine wouldn't get hot enough to get the heat reclaimation system anywhere near efficient operating temperatures.
Given my neighborhood and driving habits, I suspect a heat reclaimation system would actually reduce my efficiency, as I'd be dragging around a lot of extra weight that wouldn't contribute much to the end result.
Actually, I think this would make a poor combination with a hybrid. The whole point of the hybrid design is that it turns off the gasoline engine periodically, when it's not needed. This makes its heat generation inconsistent at best, which would mean the heat reclaimation system would only be in use part of the time, making it far less useful than in a system where the engine is always on.
They still do.
at defcon you could easily tell who the kiddies where and who were the professionals
That's not changed, though which ones were speaking is an open question. I remember quite clearly a talk from a few years ago where the speaker was attempting (and failing) to give a talk on Active Directory security...while drunk...at 9am.
Well...sorta. You do have to have something on your end keeping the fibre lit. Most telcos these days aren't giving you fibre directly to the computer...they give you copper ethernet to the computer and have the fibre lit by a splitter for the ethernet and phone stream. One problem: that device needs power. The telco will install an UPS for their device, which will last a few hours (6-8 is the range I've seen quoted). If your power outage goes beyond that (or the UPS doesn't work right), your phone and 'net connection are gone.
How do you tell a sequential scan is occurring? Do you now have to have a stateful IDS running in every edge switch? At line rate? For several Gigabit a second? No way.
I'm not concerned with the core, but the edge. This isn't a layer 3 problem...it's layer 2. When a switch (I only mention routers becuase the two tasks are being combined quite often) arps for a host, it reserves RAM for the arp entry ahead of time, to store the result. Until it gets the result, the arp entry is considered "incomplete." But, that incomplete entry is still taking up RAM.
This was one of the big problems with the Slammer worm...the routers may survive the traffic, but the sheer number of incomplete arp entries trashed the edge switches.
You know, every time I hear that argument, I want to ask this: yeah, but can your switch/router store that many incomplete arp entries for all the hosts that got scanned but aren't there? I suspect the first time someone really does a big sequential scan of IPv6 space (non-firewalled, like customer DSL or Cable space), you'll see some very unhappy network engineers trying to figure out why their big 6500's are running out of RAM.
Cisco doing heap checking is a mark of a reasonable system doing checks on itself. Why is this bad? They almost never use the stack, so they check the memory they are using a lot. It doesn't run often (Lynn found it running about once every 30 seconds or so), and it's a good thing to do. Why complain?
As for reloading firmware, I don't think you understand Cisco stuff. There is a mini-firmware burned into ROM on all the Routers & Switches...it's called ROMMON mode on the ones that immediately come to mind. If your device firmware is totally thrashed (by a worm, by some damn fool tftp'ing up an image for the wrong router type, etc) you'd just use ROMMON mode to re-load a good image. Now, the real problem is that a worm could trash your flash storage.
In that case, unless you've got one of the expensive boxes with removable flash cards, you've now got a very expensive paperweight.
Deported? More like extradited. There's a difference.
No. Computers should not be as difficult to use as they are (and yes, they are difficult to use...we're accustomed to it, but they are). The fact that users are getting lost means that they are still too hard to use.
Look, computers are all about automation: I shouldn't have to tweak video settings for hours to get a given game to work...I shouldn't have to manually patch a kernel to enable a certain video driver...these tasks (which we're all doing all the damn time) should be automated. That's what computers are good at...why are we doing this nonsense by hand?
Huge amounts of the things that we do by hand on the command line are automatable...Knoppix is a great example of this: When it first came out, people were really impressed with how well it did hardware auto-detection and configuration...that detection and configuration was just the result of some (clever) scripting. That kind of auto-conf should be the standard, not the exception.
In short (yeah, yeah, I get to the short part *after* the long rant), the computer is a tool...I should be spending my time using it as a tool, not tweaking the tool.
I'll take the side bet: you'll both be dead before either one happens.
If they don't mention the ownership ties between them, then /. gets accused of conflicts of interest in posting OSTG stories. It's effectively a financial disclosure statement: Yes, we might have a conflict of interest here...take this with your own-sized grain of salt.
I think they've got that tied into a Microsoft story-generating bot...seriously, we've had at least one MS story per day for the past few weeks.
Note to editors: stop. Please. I don't care about every little step MS takes. There have been a few interesting stories, but most of the recent MS stories have been pointless junk. I'd remove the MS category, but there are occasionally useful stories in there...I just wish most of it weren't flamebait.
Vista will be out next year. Vista has never been delayed. I mean, we had earlier conceptualizations, but the thing that is Vista is on its track.
Indeed. There are no tanks in Baghdad.
If standard-compliant documents become a requirement for large purchases, it doesn't matter if the company wants to play nice or not...the only question is: do they want the sale? Customers can force the companies to play nice by making standards-compliant document formats a requirement.
This, of course, assumes that the client machines are checking the certificate revocation list URL, or that the certs even *have* CRLs listed in the cert.
Neither of those is a safe assumption.
Actually, I've found that asking basic questions like that, even of the very skilled, can be very telling.
If a network guy (or, in my case, network security guy) can't tell me the difference between TCP and UDP, this will be a very short interview. (Yes, I have had people fail that question.)
People lie on resumes, and really "obvious" questions are a good first-level filter for the liers.