Comment What are they going to do? (Score 4, Interesting) 230
They're computer crackers. What are they going to do? Why all the fear?
They're computer crackers. What are they going to do? Why all the fear?
Not really, just keep a low profile long enough to make it to Mexico.u.
Yup, and they survived so they said "plausible" but if you read the after notes they both firmly believe they absolutely survived.
It's not as expensive to spend the money to properly maintain your security than it is to have it massively breached and all your data stolen.
Not as expensive if you only count money.
But in my experience, the problem is the upper executives and their insistence on special exceptions for them and their people who are doing work that is just so important that they cannot be burdened with following the security that applies to non-important people.
And I hope Sony, and all other Big Companies (tm), learn a lesson.
I think that this reinforces the wrong lesson. Everything is okay as long as you can find someone else to blame. Whether it's an employee or a hacker group or a country. The focus will be more on THEM rather than Sony executives who broke security so that they could feel more important than the nerds in IT.
The one thing that it doesn't provide is a comment system, but I'd be quite happy for that to be provided by a separate package if I need one. In particular, it means that even if the comment system is hacked, it won't have access to the source for the site so it's easy to restore.
The 'brought to you by' box on that site lists Mozilla, Akamai, Cisco, EFF, and IdenTrust. I don't see Google pushing it. They're not listed as a sponsor.
That said, it is pushing Certificate Transparency, which is something that is largely led by Ben Laurie at Google and is a very good idea (it aims to use a distributed Merkel Tree to let you track what certificates other people are seeing for a site and what certs are offered for a site, so that servers can tell if someone is issuing bad certs and clients can see if they're the only one getting a different cert).
It depends on your adversary model. Encryption without authentication is good protection against passive adversaries, no protection against active adversaries. If someone can get traffic logs, or sits on the same network as you and gets your packets broadcast, then encryption protects you. If they're in control of one of your routers and are willing to modify traffic, then it doesn't.
The thing that's changed recently is that the global passive adversary has been shown to really exist. Various intelligence agencies really are scooping up all traffic and scanning it. Even a self-signed cert makes this hard, because the overhead of sitting in the middle of every SSL negotiation and doing a separate negotiation with the client and server is huge, especially as you can't tell which clients are using certificate pinning and so will spot it.
Yep. And even more so.
If you live in the USofA then you have a larger chance of being killed by your spouse / boyfriend / girlfriend / YOUR OWN CHILDREN than by a terrorist.
Just by waking up alive you have alread beaten the "terrorist" odds today.
And in this specific case, what are the "terrorists" going to do? Steal your credit card number? Pay cash instead.
If we look at jet aircraft, wear depends on the airframe and the engines, and the airframe seems to be the number of pressurize/depressurize cycles as well as the running hours. Engines get swapped out routinely but when the airframe has enough stress it's time to retire the aircraft lest it suffer catastrophic failure. Rockets are different in scale (much greater stresses) but we can expect the failure points due to age to be those two, with the addition of one main rocket-specific failure point: cryogenic tanks.
How long each will be reliable can be established using ground-based environmental testing. Nobody has the numbers for Falcon 9R yet.
Weight vs. reusable life will become a design decision in rocket design.
Hadoop is good at generally running massive queries of tons of data in a relatively efficient amount of time. I say efficient and not fast, becuase the requests can vary from well structured for grid data sets to massive bloated ugly queries that would be massive bloated and ugly in any DBMS environment. If you want to talk about regulation, etc.. I think you're batrking up the wrong tree with Hadoop. If you're concerned with regulation, seed the DB with unique though meaningless data when importing and avoid all of those problems.
Say "twenty-three-skiddoo" to logout.