Posts by Robert Helpmann?? 2583 publicly visible posts • joined 31 May 2011
Nobody really understands what's going on with the Van Allen belts.
Yes and no. Looking into this a bit more, I found a statement that they "have a remarkable agreement between ... model and observations," they "have uncovered the tip of the iceberg," An interesting metaphor, to be sure, but really not offering much insight to the lay person. I am thus left unenlightened; it seems that the folks conducting the study can explain somewhat what is going on, just not to the public.
KVM is just a simple USB interface, they aren't intelligent, so blocking the most basic ones would be tantamount to blocking all keyboards and mice.
To the machine being controlled, this is true. However, it has to be controlled from somewhere. Blocking traffic from and (more importantly) to devices from outside the network to an unauthorized device on the network would seem to be a job fit for a firewall or VPN admin. Heck, knowing what is on your network is important because of scams of this nature (IDS/IPS anyone?). Server rooms are meant to be locked. So are server cabinets for critical systems. As noted elsewhere, we can always count on the human element to fail. Reducing that and other risks requires layers of security where it counts and especially in cases involving other people's money.
I know that it is terribly annoying to have to listen to people on the phone while in public, but we have perforce become accustomed to it. However, I am pretty sure that I can talk much faster than I can input text on a phone or tablet. Setting up better editing methods and using talk-to-text has some potential, I would think. I will have to give at least the voice input a go... putting my er... words... where my mouth is.
Because punishing people for a crime committed _against_ them is the most logical way to deal with this.
Let me preface this by mentioning that I am an American. Something like this came up in another forum, but isn't it the case that "In the UK, possession of child porn is a strict liability offence, so it doesn't matter if the host is genuinely unaware, they're still guilty." I would think that fits the punishing the victim model pretty well.
To play the devil's advocate a bit, while licensing seems a bit extreme, we do have laws concerning computer usage. In fact, some aspects of computer usage, equipment, and software are military considerations. It would seem to make sense to at least invest in public education a bit more than I have seen in the US. Public service announcements anyone?
The real number here is -8% revenues.
I think the bit where Narayen mentioned that they were actually moving faster in migration than they anticipated is telling. They knew they were going to lose people on this, but figured that they would come out better long term. I know that "the public" has a short memory and Adobe is probably planning on picking up the stragglers over time, but given how unpopular this billing model is I would suspect the best that they are going to be able to claim is that they won every battle and still lost the war.
@Tempest8008: "If Microsoft chooses not to be open about this new security method then they are basically depending on Security through Obscurity."
Um, they are being entirely open about it. How it's actually stored within Windows is irrelevant, by the time someone is in a position to read that data, they're already the other side of the airtight hatchway...
Not so fast! being on a machine or network does not give you automatic rights to all other users' passwords, which is basically what is being implied by this. Sure, this is for touch devices, but with the whole BYOD craze going on, it is conceivable that a person other than the owner might have access to the file system. Add to that the possibility of a malicious app that can access the file system and I would say that where and how this password information is stored becomes very important. Is it stored differently than if a PIN is used? People re-use those, just like they do passwords, so that information might turn out to be valuable.
Security should not be monolithic. It should be layered, creating compartments for different parts of the system. Airtight hatchway, indeed!
How do you make a mistake and pack a grenade for a flight...?
The make-a-mistake part was in quotes, which should give you a hint. There are rooms set aside in most major airports in the US for military personnel on travel. All that I have been in have amnesty boxes where such things can be gotten rid of, no questions asked. Keep in mind that many soldiers are quite young and apt to do foolish things when left to their own devices. They are sent to areas where activities such buying an AK-47 at an open air market are commonplace. They end up with trophies because they are cool. The mistake this soldier made was in not taking advantage of the amnesty box (and in getting caught as a follow-on). I am not going to comment on why that might have happened...
I've been in and out of a cloud or two, but never met a flying iceberg!
And I hope you do not! To paraphrase Pratchett, you have to be careful when flying through clouds as they might have rocks* in them.
* Rocks of this nature are more typically referred to as "mountains."
"I would love to see commercial passenger travel using these, but alas, it will probably be an expensive boutique operation. Translation: I won't be able to afford it."
I suspect so. And I'd guess that the main cost problem will be the low productivity of the asset, caused by its slow speed.
Hmm.. How about turning this into an asset? Perhaps setting up one of these creatures in the same fashion as a cruise ship would work. On the plus side, ports of call could be inland. On the minus: "Man overboard!" would be a bit more serious.
"I know, lets include a new feature in the next version that automatically and silently opens their machine up for remote connections..."
If you can't be a good example, then you'll just have to serve as a horrible warning. It's as if the people putting together spec on the project slept that class on what never to do.
@skelband: Although a lot of our evolutionary pressures have vanished by shaping our environment to suit our current evolutionary preferences, we do have other artificial pressures.
Precisely! Evolutionary pressures still exist. While we have more and more influence on our environment over time, every species influences its environment and is in turn influenced by the changes it introduces. The difference in our current situation and that of the past is a matter of degree, not kind. I would argue that while the effects are dramatic, only when we directly and consciously manipulate genetic makeup do we circumvent evolutionary pressures (and perhaps not even then).
Following this argument further, we have a relatively short history of genetically engineered organisms. In as much as we do not release these organisms into the wild, we might argue that their evolution is at an end.
...and the omission of necessary ones...
Skipping over the irony of a rant on grammar that misses the benefits of the same, I would like someone - anyone - to take the blame for the word "ones" as used here. I do not know who first decided to use "ones" to mean something other than "low denomination bills you leave as a tip," but it strikes me in much the same way as do "very unique" and "completely similar."
Nobody is under any obligation to use Google as their search engine
Course they do unless they want to use something that sucks (see icon!).
I have tried - really I have - other search providers, but Google really has this nailed. I do not, however, use their other products unless they are good. Simply placing them at the top of a list does not stop me from going through the list for alternatives, though it may skew the odds.
It has also proven rather more secure than its rivals, welcome news for all netizens.
Lost me with this one. It can be installed under a non-admin account on Windows and does not follow the same standards for file locations, et cetera. Because of this, it is a pain for system admins. It is growing like a weed for market share while acting like one on local systems. I dread how this implementation of applications will act on an enterprise network.
Just how long has Microsoft been patching its code now?
Pretty much from the beginning. Sometimes to break other companies' stuff, sometimes to fix their own. At least now it is more the latter which should be commended. These fixes are not for open source code, but they are being open about what they are doing and why - again, better than in years past. As mentioned by others, they have had to patch less than other software houses. Both in comparison to past behavior and to other OS and software creators, they are doing well.
This is actual cyber-terrorism, is it not?
Yes, it is pure, naked aggression.
The two researchers...have put together a model for a spam filter that uses ideas from "repetitive game theory" ...
The reference to "repetitive game theory" was cribbed from other reports, even if put in quotes. Nowhere in the original reference is this phrase used. It is "game theory." Games may be repeated as part of the analysis, but it is still just "game theory." There was good reporting elsewhere in the article, though.
... what he did, or the fact I had the thought to do the same as soon as I read where the safe room was. I wouldn't have cut the comms, though, as it would have been been even sweeter to have the big-wigs call to have their bunker busted once they realized their just how deep it was going to get.
Microsoft's new touchy Windows 8 operating system is so vulnerable to prying hackers...
There are few who understand the word "hacker" to mean "the programmers writing the software being hacked." The issue here is not that there is a suspected problem with the OS not working as advertised, it is with the design itself (and so is not a hack). It seems that it all comes down to trust which seems to be in short supply these days.
Do you seriously think this would have happened if Manning had come before a jury of real people?
Given that the jury he would go before would be composed of military personnel, I believe he most likely would have been found guilty on all counts and would have gotten a much harsher sentence. One analysis I heard was that his lawyer chose to forgo trial by jury in favor of going before a judge alone because he had a much better chance of having his arguments taken into account. Also, he pleaded guilty to multiple counts, so it mostly became a question of sentencing for those. So yes, I think that once it arrived at trial, this or a more severe outcome was going to be (irrespective of your opinion of the "realness" of the people involved).
And yet in order for attackers to be deterred, they would probably have to be aware why their attack would not work, allowing them to come up with a workaround. Perhaps they might start a reflection attack and then move on to a DDoS once the switch had been made to TCP., or run both simultaneously.
This is a country 6 time zones (IIRC) wide.
A few more than that, actually. There are 4 for the continental US (Eastern, Central, Mountain and Pacific Standard Time). There is also a separate zone for Arizona (which I hate dealing with, but have to). There are 2 for Alaska and Hawaii. You may also throw in Atlantic Standard Time for Puerto Rico and the U.S. Virgin Islands, Samoa Standard Time for American Samoa, and Chamorro Standard Time for Guam and the Northern Mariana Islands. So there are 7 to 10, depending on how you slice it.
As to the point concerning world view and more generally culture, the US is big enough that there is no one culture or, arguably, even a dominant culture, much less a monolithic way of viewing the world.
English already has words for changes between the most common states of matter:
Solid to liquid - melting
Liquid to solid - freezing
Liquid to gas - evaporation or boiling
Gas to liquid - condensing
Sold to gas - sublimation
Gas to solid - deposition
Gas to plasma - ionization
Plasma to gas - deionization
What I do not know is what changes (e.g. Bose–Einstein condensate) to and from other states are called.
...the aim is to embed sensors in infrastructure around the city to collect data and allow officials to more intelligently manage things like traffic flow and chlorine levels.
... and people. Yes, this has the potential to allow Vietnam to leap ahead of already developed places that have infrastructure in place that would have to be replaced in much the same way that countries that went straight to cell phone usage leapfrogged those with existing copper networks. The potential for abuse is built in, though, for the government as well as for those individuals who cause chaos and confusion by attacking their infrastructure help the government by testing their network security.
Nobody tested the Titanic's claims though. The first test did not go well.
The second test went a bit better, with less loss of life.
We asked a Foxtons representative whether the company hashed or salted stored passwords, a basic security practice. The rep declined to comment on any aspects of the incident beyond saying that it may decide to issue a statement at some point.
So basically they got it wrong to begin with and continue on in the same vein.
...the 5 per cent where human error played a role...
If one of my former employers had been among those sampled, this number would have been inverted. I kept track as part of an internal security audit: almost 100% of local outages were caused by my boss or the home office (in that order). Neither party would admit they had done anything wrong, ever, even when confronted with clear documented proof. I suspect that this category of data is greatly under-reported in the study. It seems likely to me that there are plenty of other organizations out there with the sort of corporate environment that discourages reporting of mistakes and failures, especially to outside entities.
I'm having to rethink my patch strategy, and will probably postpone patches even longer.
You have that right: always, always test in a dedicated environment before making changes to production! While this particular instance (and many others) can be laid at Microsoft's doorstep, they are not unique in this failing.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
