Great... Just what we need... Another virtual machine for hackers to attack...
Air gapped is good - very good. But not full proof.
Don't get cocky kid. In the RSA breach the hackers went after material used in SecurID (RSA's 2FA product). They're going after phones with the 2FA apps on them too.
Yeah 2FA is good security practice and its use will it make it significantly harder to breach a system using legitimate credentials, but the notion that it's full proof (or fool proof) is a myth.
It's better in that just because a component has a vuln doesn't mean that vuln is exploitable in all situations. Unfortunately, people are TERRIBLE at determining if a vulnerability is potentially exploitable or not.
It's worse in that the data in the NVD is often wrong and has lots of missing versions. For example, CVE-2013-5960 says "The
Sorry, but no, it's not that simple. Lots of vulnerabilities come into a project because of dependencies that are poorly managed. Project A depends upon project B which in turn depends upon project C and C has the vuln. All the unit testing of A in the world will not turn up that vuln. That requires system testing and that's a lot more involved.
Taxis become much more economical when you don't need a human to drive it any longer.
Imagine the social upheaval of all those now unemployed taxi drivers. And will people in the future understand Scorsese's film?
Losing it sucks. Not sure how to replace it.
After a five minute discussion the principal will be apologizing to the student and his family.
There is disagreement over that.
"The new deterrence research has been discussed favorably and uncritically by national news outlets and has been declared persuasive in leading academic journals and by prominent scholars and jurists. Legal academics, such as Professors Cass Sunstein and Adrian Vermeule, both of the University of Chicago, find the new deterrence evidence "powerful" and "impressive." They couple it with "many decades of reliable data about [capital punishment's] deterrent effects" as the "foundation" of their argument, which holds that since "capital punishment powerfully deters killings," there is a moral imperative to aggressively prosecute capital crimes. Prof. Becker concurs, finding the evidence "persuasive," while Judge Richard Posner brushes aside worries about the possible execution of the innocent as we ramp up executions to achieve even greater deterrent effects. Twice, authors of some of the articles have appeared before the U.S. Congress, stating the case for deterrence."
Because it's never been an issue before.
Great line from Sneakers!
"90 days is really long."
It's short when fixing vulns in an OS and delivering a real product.
90 days is not a lot of time.
"Google doesn't care about Microsoft's internal BS. Why should it?"
Because releasing that data two days before Microsoft releases a fix makes the world less secure, not more secure. The point of doing that security research is to make the world more secure, then Google does stupid shit and does the opposite.