I've been using pfSense for the last 3 years or so and really love it. pfSense just by itself isn't the best solution for Wi-Fi, but combined with APs or routers in bridged mode loaded with Tomato, DD-WRT, OpenWRT, etc, you can do a lot with it. Include managed switches with VLAN support, multiple NICs and you can nearly run an entire infrastructure off of it.

The captive portal has been improved since 2.0 and received a lot more features with the recent 2.1 release. There is also support for plugins that greatly expand the capabilities of your pfSense box.

...oh, you mean like the Nexus 4?
...or like the Droid Razr/Maxx?
...or the HTC One X+?

I can replace the battery on my iPhone 4 with fewer removed screws. Your argument is invalid.

Have a friend with a 4s and iOS 6.0.x that has some kind of background process keeping the phone from going into standby. The standby and usage timers are the same and the phone only gets about 8 hours of use.

I'm wondering if some misbehaving apps or mail/sync configurations are keeping the phone awake. Something in the iOS 6.1 update could be causing a similar problem for some of those who update.

Both my iPhone 4 and wife's 4s seem to be relatively normal since the 6.1 update.

Trolling much?

http://www.phonesreview.co.uk/2012/12/17/galaxy-s3-jelly-bean-problems-since-verizon-update/

Why not install pfSense on an old PC (Pentium 4-class is more than enough) with a couple of NICs and the FreeRADIUS 2 module? Put the APs in bridged mode and set up 802.1x authentication.

If you didn't want to use self-signed certs and a private CA, your only cost would be for certificate purchases/renewals. The cost is negligible if you count your staff IT hours as costing you nothing.

On a system that you do not wish to format, you can use TDSSKiller from Kaspersky Labs to remove the MBR hook and the data in the TDL4 partition (if the system still boots). Kaspersky Rescue Disc or Windows Defender Offline are pretty good at detection from bootable media on a system that does not boot.

From there, you can use pretty any Linux Live CD loaded with GParted to re-merge the TDL4 partition with the partition next to it. TDL4 typically carves out space for a partition containing its own custom encrypted file system and loader files between 1MB and 8MB in size. Just be careful that the partition is a TDL4 partition you're removing and not a diagnostic or EFI partition from your manufacturer.

I'm still finding systems with infected MBRs and hidden partitions loaded with TDSS.tdl4. How old is this rootkit now?

I think these AV companies need to figure out how to properly clean/repair a system that has already been compromised before trying to play the cat and mouse game with the malware developers. I find AV software far more useful if a late detection can be removed/repaired rather than have it sit on my system for years undetected.

Just for good measure, I also threw in a CD that has a bunch of MP3s and MP4 video on it burned as a data disc. Mounted on the desktop...no iTunes, no prompt. Mounted just like any other data disc with data on it.

...uh. Not sure if sarcasm...

iTunes 11.0.1 on my iMac has "Hide iTunes" and "Hide Others" just like every other version of iTunes I've ever installed.

- Menu Bar
-- iTunes
--- Hide iTunes

I insert an audio CD or video DVD and I'm asked what I want to do with this disc...just like every other version of Mac OS X since who knows when. Have you looked at your settings here?

- System Preferences
-- CDs & DVDs
--- When you insert a music CD:
--- When you insert a video DVD:

Actually, iTunes on Mac OS X runs a hell of a lot better than it does on Windows. Kinda like how poorly Microsoft Office runs on the Mac compared to on Windows.

No ZeroAccess?! I guess it could be argued that portions of ZeroAccess are/were designed with the BlackHole dev kit, but it blows my mind that something as sophisticated, stealth and widespread as ZeroAccess isn't on the list. The method of infection, its resilience/resistance to removal and use of the compromised workstation are pretty unique.

I'm pretty sure that a large chunk of the malware on this list did not have file infecting variants or true "viruses".

Adobe Reader and Flash were previously the largest attack vectors...Java is by far #1 and has been for the last few years. Since Sun/Oracle states "Java Runs on 3 Billion Devices" and that a large chunk of those devices will never or rarely see a patch, it has been a HUGE painted target lately.

I have yet to see a DSL provider that does not state in very small print that the connection is "burst" or "variable" or "up to".

...a poorly written Microsoft product leaves a vulnerability open for exploitation, yet it is Microsoft who provides an internal assessment and statement that Macs are "not safe from malware".

I'm on an IT committee at my church as well. We've set up an old Dell Dimension 2400 with pfSense 2.0. 3 NICs (1 on-board, 2 PCI) and set up two VLANs, one VLAN being their office LAN and the other being a Captive Portal enabled VLAN with three WRT54G WAPs loaded with Tomato.

Firewall rules were created in pfSense to prevent wireless users from accessing the office LAN and wireless segregation was enabled on the access points to prevent chatter between wireless clients (prevents infected clients from attacking potentially vulnerable clients on the same network).

pfSense has a voucher system that allows you to create several rolls of time-based vouchers. You can either give the teachers a roll of active vouchers that are only good for a certain length of time, (say, the length of the Sunday school class) or you can set pfSense scheduling to restrict all access to the Captive Portal off-hours.

You can also add MAC address exceptions to the Captive Portal instead, (not really completely secure, but keeps your average users out) limit the number of associated users and bandwidth per associated client to prevent one user from monopolizing the entire connection.

Marathon could also be played over dial-up networking or the Internet with a utility called NetLink. NetLink allowed two devices to create an AppleTalk connection between two users over dial-up. Most of the time, it was abysmally slow and caused games to go out-of-sync, but in cases where users had a good modem (14.4/28.8) on both ends, it worked pretty well.