Comment: The ghost did it. (Score 1) 84
>> why he thinks the fire was set
"Because I killed someone and their ghost is mad." I kid, I kid...
|
|
>> why he thinks the fire was set
"Because I killed someone and their ghost is mad." I kid, I kid...
>> neat card in a stack
So...one card at a time, with a primarily forward/back interface...like PowerPoint?
>> On a large monitor, the grid spans three cards wide; on a smaller one, just two.
Oh no - didn't we just get Microsoft to retreat from THAT metaphor?
Obligatory Al Gore "Lock Box" Reference:
http://www.youtube.com/watch?v=F9pqmW-D14I&t=1m39s
>> A number of modules, namely, accessible, browser and security, frequently appear among the most complex modules. Further investigation may be helpful in identifying why that is the case.
Does this guy know what Firefox is?
>> "network environment here isn't friendly"
#1: If you're Google, you should be able to afford your own reliable connection to the Internet, or even to home base, by your keynoter. Especially if you're going to pimp your marketing on SlashDot. Even if it means bribing the union folks at Moscone to let you do it your way.
#2: You think the network environment is ideal out near all those "other 4.5 billion"?
>> could help safety officials to decide where to restrict public access at volcanoes such as Italy's Stromboli, where dozens of tourists arrive every night to watch spectacular fire fountain displays
Let's not go there, please. If we lose a couple of dozen tourists, that's an acceptable risk. Hell, there's many things all of us do (skydive, kayak, rock-climb, drive on interstates, eat cheeseburgers, visit hospitals) that expose us to risk...but without those risky experiences, life wouldn't be nearly as much fun.
"Nanny-staters, git off muh lawn!"
>> whether QuickOffice can topple Microsoft Office
Isn't the real battle Google Docs vs. Microsoft Office?
Did the PR flack check who reads SlashDot before they posted something about "red shirts?" I'll bet we have more people who care about the Bajorans than the Trojans here...
>> As well as providing the equipment necessary to fire missiles, defense contractors also want to offer customers the ability to defend against them.
Naturally. How else would you extract top dollar from both sides?
>> Clearly the "fake cred" would never be a flag in the users table (or even in the same database/system). For example, it could be a process that scans your logfiles and alerts based on username.
That's my point. If you're already doing this, you don't need to inject fake credentials into your databases to detect unusually accurate snooping.
>> username/password combinations don't have to be the same
If you've implemented SSO on even groups of systems, they will be the same.
>> can be trapped higher up the chain in the code that processes authentication requests so that they can't actually be used to gain access to systems
To do that, you need to set a "fake" flag on the credentials, and bad guys can use that to filter out the fake creds from the store.
>> these act to dissuade attackers in the same way as "sting operations" act to dissuade Johns and car thieves
In other words...they mostly don't? As I said earlier, if your attacker will be trying multiple valid sets of credentials, you can detect them without needing this extra complexity. A smart attacker would also snoop your activity logs before using any stolen credentials to avoid locked or dormant accounts, and to see if he/she can figure out which accounts are automated, maintenance, or otherwise frequently used enough to be of interest. Even with that low level of recon would avoid the control you seek to introduce.
When you "seed your authentication databases with fake passwords", you've really just added a bunch of accounts with the same username/password across multiple systems. A smarter (less invasive) approach might be to compare actual hack attempts against existing or recent lists of known usernames; if they're close, that's a tip-off that someone knows more about your authentication store than he or she should.
a) Someone tries to use it as a meth lab. Shut down.
b) Tenant in building complains. Shut down.
c) Reporter finds that a convicted violent felon is doing something there everyday. Shut down.
I'm very happy that they have $6K, but that probably won't even carry the annual liability insurance for a "public" biology lab.
>> Isn't there some utility that could be added to all systems and unify password management?
I can tell you've never worked in IT by the fact you asked that question.
>> Diagrams that should be spread over five or six pages are crammed onto one
And you still figured out what to do? Sounds like he knows what he's going then.
I feel like I'm in a Toilet Bowl with a thumbtack in my forehead!!