Sounds like you could benefit from running GNU Screen on a server somewhere (assuming all those sessions are SSH or other cli friendly interfaces to the various places you do stuff).
Multiplexing is a great way to keep those sessions open and allow you the same access from other nodes pn the network. Besides, desktops really benefit from regular reboots - helps clear out the memory leaks and all.
I guess it's a matter of perspective...
Insomnia Sec's SyScan presentation on defeating DEP [PPT warning]
Google cache HTML-ified alternative to the PPT
It may well be that DEP's useful days are numbered. It's likely just a matter of time before these techniques are better researched, more widely understood and commonplace.
As always, the best defense is in depth, responsible disclosure, and patching, patching, patching.
This is interesting, considering the ad-hoc testing I did recently. I'm a Comcast customer in northern De, and DSL reports' speed test consistently gives me about 8Mbps down bs 1-2Mbps up.
My parents, I. Southeast PA, have FIOS. For giggles, I did the same DSL reports test, and got about the same results.
Do any other slashdotters have similar experiences?
Not so... back in the day, such a slashdotting was quite regular. Surely you remember that
Yeah, I might, if my memory weren't failing with age.
After just 15 minutes of the story being posted?
Wow, that's gotta be a personal best for
Here's the Google cache in the meanwhile: http://webcache.googleusercontent.com/search?q=cache:http://www.kalzumeus.com/2010/06/17/falsehoods-programmers-believe-about-names/
Very valid points, and I agree with you completely.
As a matter of fact, I follow the same practices myself, including the rewards program...all those credit card purchases add up quickly!
And yes, as you said - always, ALWAYS, ALWAYS pay off your credit card completely every month!
Those interest rates will quickly eat you alive and put a person in dept for years .
So...it's more efficient for the central transaction processor (bank) to try and verify the legitimacy of transactions, rather than each individual? Let's break that down.
Let's just take an imaginary small consumer bank, with 10,000 customers in a local community. If we assume that, on average, their customers all have debit cards and use them to the tune of 20 times a week, that brings us right away to 200,000 transactions that the bank has to review and analyze per week. In the course of a month, it's 6,000,000.
So, how can the bank determine fraudulent transactions? Well, they can try and baseline everyone's average buying habits (stores, categories of purchasing), but that could cause false positives as people very often do unusual things. They can try and flag transactions based upon the use of the card in unusual places, but with so much interstate and even international commerce thanks to the Internet, that's not such a sure sign either, now.
Let's not forget that with a small bank, they don't have big and fancy computers with trained analysts to throw at the problem. I would think such small institutions have a staff on the order of a couple of hundred people, at best?
Of course, the big banks certainly have the money to throw at the problem to buy proper computers, software, and hire enough analysts, but the complexity is now far, far worse, as they service millions of customers all over the country (and possibly/probably international). Now we're talking probably in excess of billions of transactions for the same time period, and I think it's safe to say the complexity rockets up at an exponential rate, as you're now dealing with the rich, the poor, and everyone in between, all with their own buying patterns, habits, life changes, etc.
So, it's easier for the banks to be responsible for analyzing EVERYBODY'S transactions, which are complete black boxes to them?
Or, is it easier for us to log into our online account once or twice a week, scan our virtual checkbooks of 20(ish) transactions and say, "Yup, I remember buying all that stuff"...?
Whatever happened to taking a little personal responsibility?
For my part, I've been using Quicken for almost 5 years now to track every single account I have in my name, from mortgage to checking to retirement funds and all the rest. I'd venture to say nothing happens in my accounts without me noticing it in a few days. (It's a nice feeling to have such total understanding of your complete financial situation at any given moment.
About that comment you linked? Interesting, and he makes a good point about identity theft - but that's not what we're talking about here.
The case of the original poster was simple theft. Yes, the debit card number was lost, but it wasn't his SSN or some other critical piece of Personally Identifiable Information that allowed the thief to then take out a loan in the guy's name and walk off with the money, never to be heard from again and ruining that victim's credit rating in the process while leaving him personally liable for a debt he probably could never cover.
I'm not sure I see what liability for identity theft has to do with the efficiencies of who should be ultimately responsible for monitoring an individual's banking transactions for fraud.
In this day and age, with online banking so prevalent, checking your account every few days is only prudent. It's not unreasonable for the consumer to have some burden of identifying the loss, since each of us are the best and most efficient judge as to whether or not the transactions on our accounts are in fact ones we performed. Millions of dollars in software development and analyst training have been spent on helping banks to detect fraud, but those systems aren't fail proof.
In the end, there's no substitute for each of us keeping an eye on our own accounts' transactions.
If we don't take responsibility for our own financial affairs, should we really expect the banks to carry the whole burden on our behalf? No matter how good it is, any security measure can (and likely will, sooner or later) be defeated. (and let's not forget good old fashioned social engineering...)
In the end, the best protection against a breach is constant vigilance. (Or, said another way, prevention only goes so far, detection is still requried
Credit cards are limited by U.S. law to a maximum of $50 liability to the cardholder. Debit cards losses are usually covered by the bank, but they are under no legal obligation to do so.
(Emphasis mine).
Actually, I don't think the part about the lack of debit card consumer protections is factually accurate. Here's the blurb from The FTC's Facts for Consumers:
ATM or Debit Card Loss or Fraudulent Transfers (EFTA). Your liability under federal law for unauthorized use of your ATM or debit card depends on how quickly you report the loss. If you report an ATM or debit card missing before it's used without your permission, the EFTA says the card issuer cannot hold you responsible for any unauthorized transfers. If unauthorized use occurs before you report it, your liability under federal law depends on how quickly you report the loss.
For example, if you report the loss within two business days after you realize your card is missing, you will not be responsible for more than $50 for unauthorized use. However, if you don't report the loss within two business days after you discover the loss, you could lose up to $500 because of an unauthorized transfer. You also risk unlimited loss if you fail to report an unauthorized transfer within 60 days after your bank statement containing unauthorized use is mailed to you. That means you could lose all the money in your bank account and the unused portion of your line of credit established for overdrafts. However, for unauthorized transfers involving only your debit card number (not the loss of the card), you are liable only for transfers that occur after 60 days following the mailing of your bank statement containing the unauthorized use and before you report the loss.
If unauthorized transfers show up on your bank statement, report them to the card issuer as quickly as possible. Once you've reported the loss of your ATM or debit card, you cannot be held liable for additional unauthorized transfers that occur after that time.
Chief Executive Eric Schmidt told a group of editors Sunday that he is confident that newspapers will find new ways to make money online by harnessing the vast reach of the Internet. Media executives have accused Google of draining readers and advertising from newspapers' Web sites. But in a speech to open the annual conference of the American Society of News Editors, Schmidt said Google recognizes that newspapers are vital to democracy and provide a critical source of online content. "We have a business model problem. We don't have a news problem," Schmidt said. He added: "We're all in this together." Reaction to Schmidt's speech was mixed.
Yeah, I just can't count the number of times I was too stressed out to do math...
"If you want to know what happens to you when you die, go look at some dead stuff." -- Dave Enyeart
