workstations should have a desktop firewall mostly to monitor outbound connections. (good for keeping apps from phoneing home etc).
most nasty inbound traffic should be blocked at the router but it's nice to be able to block an extra port or random IP when needed on a per machine level.

For servers where you are expecting random incoming traffic it's better to block all unwanted inbound traffic before it ever gets the sever (ACLs work fine here). You don't need to worry about outbound traffic as much, as long as you are doing reasonable things like blocking outbound port 25 for your web server, port 80 for your mail server etc.

While I'm sure some of the new functionality will be exploited, I expect most of the abuse will be from folks who want to push ads and track users.

Anytime someone registers something like www.paypal-loginweb.com it should be setting off red flags everywhere.
I'm not saying these domains should be shutdown automatically or anything, but they should be flagged for review every few weeks and it might not be a bad idea to ask a few questions either.

The fact is that many registrars have worked so hard to lower costs that they cut out the basic checks that would have caught these kinds of domains.

Sure it would never stop someone from setting up a phishing site with a domain like skljhf3lihgfsklh2jnf.com but that domain sure would make it easier for people to detect something wasn't quite right.

In many cases lazy irresponsible registrars are making things too easy for criminals.

http://www.itworld.com/print/119860

Can articles please link to these by default already?

Word of mouth sunk the movie first.

Reviews of the movie were good. http://www.rottentomatoes.com/m/hurt_locker/
I'm guessing that maybe many others (like myself) were well past starting to get sick of war in general and the war in iraq in particular. There has been a huge number of war movies set in the middle east over the last several years and maybe people who still bothered to go to a theater wanted something a little different.

Hey! That's the same number of ISPs I get to choose from in the US!
Individuals in the US may not have much for options either but I do feel a little better that our gov has to work a little harder to spy on our net traffic than they do in China where it's all centralized for them in one of two places.

Not at all, only that you aren't likely to find something that will give you output exactly like what you'd want to present it to a non-tech (in some cases very non-tech) crowd. Benchmarking software is pretty much all designed for techs, as techs are the only ones who generally want to know a machines benchmarks.

The results you'll get from benchmarking software will give way more detail than "C level execs" are going to want to look at and will present it in ways that will be hard for them to grasp.

A presenter (tech translator) who gets the results that he/she understands best and then combines/reformats that info more or less by hand into something to show to the suits will have the best chance of getting the point across clearly and quickly.

My point was just that when you're shopping around for and trying out benchmarking software for this purpose, don't spend time worrying about if the app gives you pretty graphs for anyone else. Get whatever works best for you and be ready to spend a few minutes creating something pretty from that data on your own.

I'd have to agree - don't bother looking for something with nice charts - most charts won't matter much to non-techs anyway. Just take the results from the best tools for the job and use those numbers to create charts, graphs, etc that will work best for your audience.
 

After he was arrested and placed in custody is when he stated that he would only give the password to the mayor, not becuase it was a rule or directive but becuase Mayor Newsom was "the only person he felt he could trust".

I haven't followed this case very closely so forgive me if this has been answered elsewhere, but do you know why the mayor didn't just take the password from this guy and then hand it over to the new admins? It doesn't seem like too big a hassle for Mayor Newsom if 20 minutes on the phone would have actually helped the city avoid significant costs and problems.

Mr. Childs could then say any problems with the network from that point on were the mayor's fault for handing over the passwords to those less competent and that would have been the end of it. No huge court case needed.

Soon (now?) they can generate captions of everything heard (or sung) in a video immediately after upload and match the captions against lyrics and transcriptions of copyrighted works or even just search them for specific keywords. Then they can flag those videos as possible copyright violations or even prevent them from being displayed until after being reviewed by someone.

I'm not saying captioning isn't a good idea, only that it can be used for more than just assisting the hard of hearing.

I normally I'd love this sort of thing. I pour over logs in my spare time - for kicks even, but this video just bored me. For nearly half the video this thing never goes beyond "look! people in different countries are active at different times!".

Even the few things that almost start to seem interesting leave you unable to gain any insight because there is just no information. There isn't any useful data to work with.

What this fails to provide us with is what kind of traffic this was in the first place. Any reasonably large site is going to get hit with all kinds of background noise, and so the fact that they found themselves with large amounts of "traffic" from 'nearly every country' doesn't surprise me.

This seems to be nothing more than an example of a very dull and uninformative way to display a large collection something very very common.

Sadly, microsoft doesn't seem to have anything you can do to fix this.
http://www.microsoft.com/technet/security/advisory/979352.mspx
It's seems all they advise will only reduce your odds of getting hit (by helping protect against the methods they've seen used to exploit it) and reducing the damage done after IE runs the malicious code on your system.

What they should be suggesting is that people not use IE on the internet (if possible) until this is fixed.

'0 day' exploits are everywhere. What matters to me is that once discovered they are quickly patched or at the very least, a work around that actually prevents exploitation is provided.

I'd be interested to know more about the social engineering aspect of this attack. Was this more of the usual attempts (something that really should have been caught by anyone who knows better than to open random attachments and click links from strangers) or was there something much more involved that allowed the attackers to gain sufficient trust that any one of us would have likely fallen for this. Did the attackers spend months building a strong level of trust with the people at these companies or did someone click an on E-card?

The last time I looked into thunderbird 3 all the mail was no going to be stored in an mbox format and wouldn't be stored in anything close to plain text. That's a deal breaker for me. I love the ability to grep a folder or even the entire inbox. The search in thunderbird has always been lacking but no matter how much the search is improved in thunderbird 3 it can't be good enough to replace the speed and power of what can be done on the command line.

If that's still the case and I had to switch to anything I'd go back to using to fetchmail

"we'd be using our 1200bps modems connecting to the local BBS and swapping email over fido."

exactly what I did in the old days. As long as computers are around, people will find a way to connect them and connect themselves to each other using them. I suspect that while dial up might not be answer people run to these days I could see people setting up wireless networks within their own neighborhoods, and extending them into WANs that cover a good part of their city.

"I don't think they will cut off customers. It would be a huge support hassle for them. We lost connection the other day and they sent out a tech guy the next day. That can't be cheap considering they are all contractors." They shut them down already. This is just a way to cut costs by automating the notification process and giving infected customers a chance to clean up the problems themselves before they spew enough spam that a disconnection is needed. I certainly hope that they disconnect customers who neglect these notices and allow their computers to continue being used for spamming, phishing, etc. until they've re-secured their systems. I've seen ISPs doing this sort of thing via walled gardens with a lot of success, and I hope it catches on.