Actually, they're only disabling "write" capability on the thumb drives, so they'll still be able to get viruses from reading them. Didn't they learn anything from Buckshot Yankee? How about no flash drives or portable media? How about not bypassing controls? Although I do feel bad for the Pentagon. They've created a "secure" network with 3 million users. It takes just one schmuck to make it insecure.

The guy in the story is taking advantage of the fact that the authorities (who we're paying for via tax dollars) will do absolutely nothing for months and months until more and more complaints pile up. Most police reports are now online so that crime victims don't waste officers' time reporting crimes. The victim in the story reported the crime to numerous authorities, who responded by doing nothing for a long time. Likewise, the bank did nothing. It would be cool if Google did something about it, but it's not their problem. Our tax dollars pay the salaries of those who are supposed to protect us. It's a fairly simple case of fraud, harassment, and threat of violence. If you ever thought the your bank would protect you in case of fraud or identity theft, they won't. The only thing the banks protect is their own money. Maybe you've noticed the news about mortgage fraud? Not many convictions there, either. On the upside, though, they did manage to catch Bernie Madoff eventually....

Asterisk 1.8 has support for Google's unique protocol for voice. The result: Free calls anywhere in the US from any device or other PBX you've connected to your Asterisk box. All you need is to have compiled jabber and gtalk into your Asterisk build. Free calls in and out. FreeSwitch also supports Google Voice trunks. Google Voice is still having issues now and then, though, so it's not yet ready for prime time. I suspect that's why they're not rolling it out faster. You can connect any SIP or IAX client, wireless or not, to your Asterisk/FreeSwitch box.

Actually, no, you can't depend on fingerprints for identification in many crime cases. Anyone who's read Ross Anderson's Security Engineering book is familiar with a number of cases in which police said fingerprints are a match when they are not. When police say fingerprints match, it's often only a four or five-point match, which really isn't a match at all. Other departments require an eight-point match or greater. What's a "match" in one jurisdiction isn't even close in another. No one's ever proven that two people don't have the same fingerprints, either. Likewise, investigators also say the MD5 hash of a file is its "fingerprint" without ever informing jury of how many collisions there are with MD5 or the algorithm's obsolescence.

I replaced my home landline with an Asterisk box running on a Supermicro Atom D510 mboard, specifically PBX in a flash, which is the Cliffs' notes version of FreePBX. FreePBX is based on Asterisk, but provides a spiffy web interface for configuration that's more advanced and free-er than the others. That said, you'll still need to be comfortable at the command line on Linux and a text editor such as vi.

With Asterisk, you can do voicemail, have your voicemail emailed to you, have multiple boxes, pay $1.50 per month for a phone number plus $.01/minute for calls with a SIP provider such as Vitelity. You can have conference calls (you'll need to pay $10/channel for g729 if you want to scale at all on home bandwidth, though.)
You can have ring groups, different extensions, etc. I have one for emergency late-night network issues, which only those with the secret extension can access to wake me up.

There's an unlimited number of stupid tricks you can do, but you'll need to learn the difference between trunks, routes, and dial plans. That said, it's pretty cool. But then you'll want to buy Aastra SIP phones, which come with open-source phone applications, so it will cost you more. If you want to light up your in-house phone lines, it's $200 for an FXS card. If you want to use an existing landline as a trunk, it's $200 for an FXO card. (Double check which is which before you buy because I can never remember which is which.)

The best part about running your own PBX is that (1) you can send telemarketers to voicemail hell and (2) it's trivial to fake callerID, which helps with (1).

10. Place it on your ex-girlfriend's car.
9. Place it on a train.
8. Place it on a freighter carrying electronics to be recycled in China.
7 Place it in your carry-on luggage and watch the fun at airport security.
6. Dial 911 and tell them you've found a bomb on your car. Invite TV news crews to come watch the fun.
5. Give it to your local ACLU and tell them to make the FBI prove it's theirs before handing it back.
4. Pretend you don't know it's there, and drive to as many Tea Party events as possible.
3. Build an autonomous flying drone capable of carrying it and program it to fly around in circles all day.
2. Hack its logic to input arbitrary coordinates and make virtual visits to places you've always wanted to see.
1. Pretend it's not there and go on a tour of the most patriotic American landmarks to demonstrate your loyalty to the United States.

Thisis another yellowcake tale -- ginned up to scare Congress into giving DoD the Internet "kill switch" in case of "national emergency" -- like Wikileaks. Most of this is in response to the less-than-credible story in Foreign Affairs: http://www.foreignaffairs.com/articles/66552/william-j-lynn-iii/defending-a-new-domain. Now our own government wishes they could do what China and Iran can -- shut down the Internet at will when there's something on there that they don't like. Does the military even read the Constitution they swear to uphold?

pfSense is great, but it does not scale to the level of Cisco Security Manager, which is enterprise ($$$) software to manage all the devices you already bought ($$$) from Cisco and paid more to support ($$$). CSM tracks changes and does workflow, too. I use both pfSense and Cisco almost every day. While CSM saves a lot of time, knowing how to configure which policies to share and how to share them is still complex and requires some thought. Cisco has a checkbox that will either limit all your user VPN tunnels to 256 kbps (e.g.) total or 256 kbps per tunnel. The wording isn't clear and I can never remember which one it is. If your users start complaining that VPN is really slow, it's probably the wrong setting.

Basic firewalling is not complex. Defense-in-depth and creating compartmentalized networks for each layer in each application in your worldwide network gets complex no matter what tools you use. The trouble with unified threat management is that no single vendor is going to catch everything.

The single most effective thing you can do to secure your networks is to start by denying all ports inbound AND outbound. Then open up only those ports required for your business. Use an authenticated proxy for client web traffic, and your users don't have to connect the Internet directly any more.

Ridiculous amount of safeguards? While permissive action links (requiring codes for launch) were created and deployed at the urging of Defense Secretary McNamara after the Cuban Missile Crisis, the Air Force kept the codes set to all zeros until President Carter found out about it. That was over ten years later. The Air Force kept the codes at all zeros so they could launch without presidential authority. Source: http://www.cdi.org/blair/permissive-action-links.cfm. To quote, "And so the “secret unlock code” during the height of the nuclear crises of the Cold War remained constant at OOOOOOOO." So, when you say ridiculous amount of safeguards, I'm not buying it without verification.

Clearly, it's not safe for pregnant women. It's not even ethical to test on pregnant women, so they'll never be safe for pregnant women. And there are studies that indicate they're not safe. To quote from the UK's Topix: "...according to a US study from Los Alamos National Laboratory, THz waves create resonant effects that may interfere with DNA replication. A 2008 study from Israel came to similar conclusions. In the journal Radiation Research, the researchers note that low power density of THz radiation prompts instability in DNA. They write: "These findings, if verified, may suggest that such exposure may result in an increased risk of cancer." So once again, a new technology is being embraced without adequate safety testing. Does the full-body scan harm children? Is it safe for pregnant women? What about frequent flyers? What about cancer patients?

Anon is correct. CallerID between telco does not support name. All you enter on your side is the number. The telco charges for the number-to-name entry, so if the name is incorrect, it's incorrect in the telco's database. Also, every time you see an 800 number in caller ID entry, it's false. You can't dial out on 800 lines. Whoever it is calling with 800 on their caller ID is actually calling from some other circuit.

Now when you update politicians' Wikipedia entries, you can link to the speech where they say one thing and then link to the speech where they say the opposite. You'll also be able to link to the FEC data that shows the corporations spending money to change the position. It's definitely a step forward.

Why, yes, there have been studies on chips and cancers. You can read about it in mainstream media like, oh, the Washington Post -- "There's no way in the world, having read this information, that I would have one of those chips implanted in my skin, or in one of my family members," said Dr. Robert Benezra, head of the Cancer Biology Genetics Program at the Memorial Sloan-Kettering Cancer Center in New York." But hey, that's just some wacky oncologist talk.