Comment Re:Classic Spook Stuff... (Score 2) 132
You you realize that you forgot to fnord that and they can totally see what you wrote, right?
You you realize that you forgot to fnord that and they can totally see what you wrote, right?
The kind of environment where the attacker is a sysadmin with access to the box and the ability to do whatever they feel like with BIOS, including enabling USB boot.
The default security posture of most organizations these days is to assume that a trusted insider will exploit the system at some point. Therefore everyone is implementing damage mitigation techniques so that they can respond quickly and understand the scope of the inevitable breach when it does occur.
Everyone is watching everyone else. The security guys get access to the firewalls and the IDS, but cannot touch the servers. The server guys cannot touch the backups. The backup team cannot initiate a restore without two levels of change control approval. It is a serious PITA for everyone involved and a gross inefficiency.
The first time an auditor told me that they cannot trust me, my knee jerk reaction was to tell them to go fuck themselves. Eventually I realized that I am in a very risky position with access to a lot of sensitive information. The key is not that they do not trust me, it is that they CANNOT trust me. While I may be trustworthy, who is to say that someone else in my same position, with my same level of access, is also trustworthy? Just like I have to assume that any executable downloaded from the internet is potentially full of malicious code, the risk management folks have to assume that every sysadmin in the organization is potentially full of malicious intent.
This...
Last I heard, Verizon was scaling back / had stopped expanding their FiOS network. Is that still the case?
While this is great news for current FiOS subscribers, it means fuck all to the rest of us who do not, and likely will not ever have, FiOS.
I read the article and while one might question why data is being stored that is almost a decade old, the data itself is not that big of a deal. Basically the airlines store all the information about how he bought the ticket and what his preferences were (seat assignments, meal choices, etc.) The call center agents kept notes on why he called.
All of the information is benign. They kept his credit card information in plain text which is lame, but I have yet to see a story about a CBP breach that led to a bunch of fraud. It could happen, and they should probably encrypt the data in the future, but it is not a massive, conspiracy re-enforcing revelation.
The only disconcerting thing is the length of the data retention. Once it is obvious that the plane did not go down and nobody flying was involved in any subsequent terrorist activities, the data should be purged.
...hold on, and shut up.
I am tired of solving virtualization challenges and figuring out how manage petabytes of data. I'm going to take the next couple of years off and setup a consulting company installing WAPs in schools. That is obviously where the money is at....
When 9/11 was happening in real time, there were multiple news reports of TWO crash sites in Pennsylvania. There was the primary crash site, and then a secondary site a couple of miles away. At the secondary site, it was mentioned that the tail of the plane was found there.
After the first or second day of reporting, that story was squashed and never brought up again.
Yes, EMC.
Oddly enough, the correct answer was down modded to 0. Good to see that the NSA is actively working to keep the details of their operations in the dark.
For those of you who want to get in on the publicly sanitized version of the technology, have a look at..
Problem solved.
Next?
I missed that. Any references still around to it?
The 9/11 piece of info that sticks around in my mind is the "second crash site" in Pennsylvania. The site where the tail of the plane landed.
Step 1. Collect all audio
Step 2. Convert speech to text
Step 3. ???
Step 4. Profit
The IT guy and geek in me gets all excited thinking about all of the cool technology that they are leveraging.
The civil libertarian in me shudders knowing how easily they are able to contextualize and analyze the communications with the intent of subverting public discourse.
The cynical part of me is starting to believe that the average American really does not care because they are so conditioned that they have zero desire to enjoy any sort of true freedom. As long as they have access to shopping malls, housing and alcohol / caffeine / prescription drugs, they will be content.
Want to guess who their storage vendor is?
Hint... they are a three letter agen^H^H^H.. company.
If you want to progress in your IT career, you need to figure out how to automate basic system operations like maintenance and patching. Having to actually be awake at 2:00am to apply patches is rookie status. Sometimes it is unavoidable, but it should not be the default stance.
My environment is virtual, so our workflow is basically snapshot VM, patch, test. If the test fails, rollback the snapshot and try again (if time is available) or delay until later. If the test is successful, we hold onto the snapshot for three days just in case users find something that we missed. If everything is good after three days, we delete the snapshot.
We have a dev environment that mirrors production that we can use for patch testing, upgrade testing, etc. Due to testing, we rarely have problems with production changes. If we do, the junior guys escalate to someone who can sort it out. Our SLAs are defined to give us plenty of time to resolve issues that occur within the allocated window. (Typically ~4 hours)
In the grand scheme of things, my environment is pretty small. We have ~1500 VMs. We manage it with three people and a lot of automation.
..with TRACTOR beams!!
Wisdom right here.
You must realize that the computer has it in for you. The irrefutable proof of this is that the computer always does what you tell it to do.