Comment Re:Why is it always developers? (Score 3, Insightful) 89
The world hates putting up with buggy code.
The world hates putting up with buggy code.
Trust but verify.
Have no fear.
Now THIS is the level of paranoia that I like to see.
You you realize that you forgot to fnord that and they can totally see what you wrote, right?
The kind of environment where the attacker is a sysadmin with access to the box and the ability to do whatever they feel like with BIOS, including enabling USB boot.
The default security posture of most organizations these days is to assume that a trusted insider will exploit the system at some point. Therefore everyone is implementing damage mitigation techniques so that they can respond quickly and understand the scope of the inevitable breach when it does occur.
Everyone is watching everyone else. The security guys get access to the firewalls and the IDS, but cannot touch the servers. The server guys cannot touch the backups. The backup team cannot initiate a restore without two levels of change control approval. It is a serious PITA for everyone involved and a gross inefficiency.
The first time an auditor told me that they cannot trust me, my knee jerk reaction was to tell them to go fuck themselves. Eventually I realized that I am in a very risky position with access to a lot of sensitive information. The key is not that they do not trust me, it is that they CANNOT trust me. While I may be trustworthy, who is to say that someone else in my same position, with my same level of access, is also trustworthy? Just like I have to assume that any executable downloaded from the internet is potentially full of malicious code, the risk management folks have to assume that every sysadmin in the organization is potentially full of malicious intent.
This...
Last I heard, Verizon was scaling back / had stopped expanding their FiOS network. Is that still the case?
While this is great news for current FiOS subscribers, it means fuck all to the rest of us who do not, and likely will not ever have, FiOS.
I read the article and while one might question why data is being stored that is almost a decade old, the data itself is not that big of a deal. Basically the airlines store all the information about how he bought the ticket and what his preferences were (seat assignments, meal choices, etc.) The call center agents kept notes on why he called.
All of the information is benign. They kept his credit card information in plain text which is lame, but I have yet to see a story about a CBP breach that led to a bunch of fraud. It could happen, and they should probably encrypt the data in the future, but it is not a massive, conspiracy re-enforcing revelation.
The only disconcerting thing is the length of the data retention. Once it is obvious that the plane did not go down and nobody flying was involved in any subsequent terrorist activities, the data should be purged.
...hold on, and shut up.
I am tired of solving virtualization challenges and figuring out how manage petabytes of data. I'm going to take the next couple of years off and setup a consulting company installing WAPs in schools. That is obviously where the money is at....
When 9/11 was happening in real time, there were multiple news reports of TWO crash sites in Pennsylvania. There was the primary crash site, and then a secondary site a couple of miles away. At the secondary site, it was mentioned that the tail of the plane was found there.
After the first or second day of reporting, that story was squashed and never brought up again.
Yes, EMC.
Oddly enough, the correct answer was down modded to 0. Good to see that the NSA is actively working to keep the details of their operations in the dark.
For those of you who want to get in on the publicly sanitized version of the technology, have a look at..
Problem solved.
Next?
I missed that. Any references still around to it?
The 9/11 piece of info that sticks around in my mind is the "second crash site" in Pennsylvania. The site where the tail of the plane landed.
Step 1. Collect all audio
Step 2. Convert speech to text
Step 3. ???
Step 4. Profit
The IT guy and geek in me gets all excited thinking about all of the cool technology that they are leveraging.
The civil libertarian in me shudders knowing how easily they are able to contextualize and analyze the communications with the intent of subverting public discourse.
The cynical part of me is starting to believe that the average American really does not care because they are so conditioned that they have zero desire to enjoy any sort of true freedom. As long as they have access to shopping malls, housing and alcohol / caffeine / prescription drugs, they will be content.
He who has but four and spends five has no need for a wallet.