Why doesn't Google turn off HTTP?
err, maybe because they would need twice as much CPU power to support their users, who pay (approximately) nothing for this service? If you want secure email, don't use 'free' mail providers - simple, as.
3550 publicly visible posts • joined 6 Apr 2007
If the number is accurate, it sounds surprisingly (and creditably) low to me.
It would be interesting to know how many laptops are in the hands of gov departments (and their contractors) - I'm sure it must be thousands. Anyone who is responsible for more than a hundred laptops knows that 'shrinkage' is inevitable - whether though stupidity, negligence or targeted theft. If you need to use portable devices, occasional losses are the cost of doing business, you can (and should) minimise the risk, but you can't eliminate it completely.
The best solution is to ensure that no data is held locally (<cough>Citrix</cough>) or, failing that, strong encryption (preferably not involving a password stuck underneath the device). The 'unloseable' portable device has never existed and will never exist.
If it's really taking 15 minutes to start Vista (and not just some lawyer's mad overestimate), my money would be on the use of roaming profiles being loaded from a central server over a low-speed WAN link. Nothing to do with Vista, which should add no more than a few seconds to a boot sequence compared with XP (based on sensibly-configured. identical hardware).
As usual, just clueless BOFHs blaming the OS - either install a local domain controller or get a modern WAN link.
As pointed out above, hibernation would reduce start up time to a few seconds, but (guessing again) I expect the PCs in question are shared between multiple users (hence roaming profiles).
90% (99% ?) of corporate travellers (a not insignificant segment of the laptop marketplace) need: Office*, a web browser and 1 or 2 key applications (Siebel/SAP/take your pick). The obvious way to provide this is via a Citrix* client running on a thin laptop. No setup, no local storage, so when (NB not if) it is left on a train, nothing is lost except the cost of a replacement.
This is not a solution for developers or graphics designers, but it will work for the vast majority of businesses. It won't play GTA or movies on a trans-atlantic flight, so you can either work or get some shuteye!
* Other products are available, but (in the real world) no-one uses them.
(Or, at least, your money.) This is purely about revenue-raising.
If we were really serious about reducing congestion, we'd be investing in better public transport (more tramways like Manchester's might be a good place to start). There's no point (except to raise money - see above) in charging people for car journeys when there's no realistic alternative. When I'm stuck in a jam on the motorway, it isn't because I want to be there, it's because I've considered the use of public transport and decided that the car is the least worst option.
Synergy (noun - from the Greek syn-ergo, συνεργός, 'working together') the working together of two things to produce an effect greater than the sum of their individual effects.
How can sacking employees be said to be 'synergy-related', unless the ones that are gone are somehow going to continue working for nothing? What's wrong with an honest approach of: "Sorry, but times are tough, and some of you are going to have to leave or the business will not survive"?
NASA's calculator is only accurate for objects falling vertically, so if you lifted a Prius up to (say) 100,000 feet in a balloon and then dropped it, it would indeed reach a terminal velocity (the speed at which air resistance balances weight) of 1,300mph. But our pong-bomb will reach the upper atmosphere with an (almost) horizontal component of orbital speed - say 17,500mph.
My powers are too weak to calculate whether air resistance will have time (free fall to earth in a vacuum from 100,000 feet is about 80 seconds - reentry times are typically around a couple of minutes) to scrub off all this horizontal speed, but I observe that meteors (which admittedly reach the atmosphere with 2-3x greater speed) don't land vertically.
"It's the idiots that actually buy from these scammers that are largely to blame."
Indeed. The trouble is that it only takes a response rate of 0.01% or so to make the spam (highly) profitable. If you know of a human society where the moron rate is << 0.01% (or < 1% for that matter), I'd love to relocate there.
No, Boris, noise pollution is NOT pollution just like any other. Noise pollution is purely local, whereas CO2 emission affects the entire planet (if you believe in that sort of thing). Let me put this as simply as I can: if you find aircraft noise disturbing, DON'T BUY A HOUSE NEAR AN AIRPORT. Especially don't buy a house near an airport and then campaign to have the airport closed. And don't tell me that the number of flights has increased since the 80s - true, but the noise emitted by aircraft has reduced.
Lewis, please keep up the good fight, though you'll never convince those that do not want to listen (or to understand).
First, WEP vs WPA - this may well be because there are more 'older' systems in London than in Paris. While it's true that WEP is broken, from a personal point of view, why would anyone (who simply wants free Internet access) bother with cracking WEP, when there's almost certainly a completely unprotected network 200m down the road?
The corporate networks have no excuse. I've been involved in providing advice to a city-based outfit whose US head office wanted to set up open WiFi network 9with an air gap to the corporate network and its own ADSL). The argument was that visitors from the States could logon to the head office network using a secure VPN. They were already doing this at head office, with no problems.
I pointed out that their head office was on a 30-acre campus in wooded New England with very little in the way of passing traffic - the new network was in the heart of the City. It only needs one bad guy (or an aggrieved ex-employee) to download some paedo material or send an email to OBL and they would have the cops breaking down their door demanding to see their logs - and unlikely to be very picky when it came to distinguishing between the 'separate' open WiFi network.
One final thought - maybe these unprotected networks are coming from unauthorised WAPs (or even misconfigured laptops). That's still no excuse - the internal security bods should be conducting regular scans to find any such holes.
Let's pretend they could get this to work with a false positive rate of only 1% (pure science fiction, even assuming someone has a recent high quality snap of O-bin-L). Then Heathrow, with 68 million passengers a year, will result in 2,000 innocent folk being pulled over for intimate body cavity investigation/redeployment to Gitmo every DAY.
Brilliant! Where do they get these security clowns from?
... the economic downturn (mustn't use the r-word) and huge increases in energy prices (even if they've dropped back down a bit in recent weeks) will combine to reduce our CO2 emissions without any need for government junkets to Singapore/Kyoto/Bali? Or is it perhaps the case that the proposed cuts in UK emissions are roughly equivalent to China delaying the opening of their next coal-fired power station by a couple of months??
I only ask because I want to know ...
Surface temperatures vary between 90-700 K - hot enough to melt some soft metals, but nowhere near enough to melt rock. Mercury was thought to be tidally locked to the Sun (as the moon is to the Earth), but we now know that it is actually in a ratio of 3:2, so a solar day on Mercury lasts for two local years (2 x 88 days).
http://en.wikipedia.org/wiki/Mercury_(planet)
It's actually quite easy to block ALL encrypted traffic, it's just a question of how much this may reduce your revenue (I'm assuming this is a chargeable service, except maybe in premium class seats). Put simply, it's their network, so their rules apply. If you don't like the rules, go fly with someone else!
Porn sites are frequently contaminated with malware - the thought of some bad stuff getting loose on an airliner is rather worrying. I hope that there's a big fat air gap between the IFE and flight control systems, but my experience doesn't fill me with confidence.
A few years back, I was called out to a data centre in the former-DDR. Servers were tripping out 'over temperature', but the air-con seemed to be working perfectly. On arrival I found all the windows open to the chilly outside air - unsurprisingly the thermostats were inhibiting the air-con.
I asked one of the local operators, who was seated beneath a large 'Nicht Rauchen' sign, why the windows were open. "So that when we smoke, it doesn't set the fire alarms off", he replied.
Rule of thumb - no IT project should ever cost more than 7 figures or take longer than 18 months, otherwise it'll never happen (or, even worse, will be obsolete by the time it's implemented). If you're faced with a larger project, break it up into smaller ones to meet the above criteria.
If you insist on a multi-billion pound project and you advertise for outsourcers capable of taking it on, don't be surprised if you end up with the usual suspects.
Microsoft are, by any measure, one of the largest software development operations in the world. Their development effort, for its size, produces significantly fewer new vulnerabilities than most of their competitors (whether open or closed source).
If all developers could achieve the level of secure development currently demonstrated by Microsoft, we'd have a lot fewer web sites with gaping XSS and SQL injection vulnerabilities. It's not as though sanitization of input strings is a particularly new or difficult technique, but it's obvious that it's still not widely practised.
Secure development is not that difficult:
IF you write all your own code yourself;
AND you know what you're doing;
AND you have access to some fairly sophisticated testing tools;
AND you know how to use them.
But once you're looking at a team of 100 developers, the security of the systems produced is likely to be only as strong as that of the weakest (from a security standpoint) member of your team. Production of secure code is only possible with a strong, secure development process and very good QA. If Microsoft can assist in making this combination more common, good for them.
You may be confusing the (US) Herald-Tribune cartoon with the (UK) Beano version. Astonishingly, both started independently within 3 days of each other in 1951, and both have given rise to TV spin-offs.
I've never found the H-T version very funny, but I attributed this to my lack of a US sense of 'humor' - for all I know it has them rolling in the aisles in Peoria ...
I demand equal rights for Pastafarianism! Should we be teaching Scientology or Jedi* studies in RE? If we mention the history of the moon landings, must we also say that of course there are a large number of web sites that claim they were all faked?
* As reported in the last census, there are more folks claiming followers of The Force than Creationists in the UK.
I got one of these this morning (swiftly deleted). I wondered why Canada would be contaminated by an exploding 'UK' power plant outside London (leaving aside the obvious fact that any such explosion would be making rather large headlines).
My guess is that the original spam referred to London, Ontario - although AFAIK the nearest nuke plant (Pickering) is about 80 miles from there.
Don't the spam-merchants do any research?
I can buy liability insurance against making fraudulent financial transactions? So, if I put in my tax return that I earned only £1,000 last year and the authorities find out, the fine will be paid by the insurer?? What if I get caught holding up a bank, will they send someone else to do the time for me???
Where do I sign????
If you read the title of the report - it's not so clear from the Reg article :( - the investigation was into *internal* (intranet) web servers, they're not connected to the Internet. This includes many desktops with port 80 active in error. So, weak security (lack of configuration control) - certainly; bad practice (policies and procedures not being followed) - definitely; open season for hackers - err, probably not.
Move along folks, nothing to see here ..
"Following the accident, 66 fuel samples were taken from the aircraft and the engines. A number of these samples were tested and critical properties such as the freezing point, density, flash point, viscosity, contamination, fuel additives and presence of water were tested against DEF STAN 91‑91 and ASTM D1655 requirements. The fuel samples complied fully with the fuel specifications for Jet A‑1. Additional tests were carried out to detect any unusual components that would not normally be found in aviation turbine fuels. No evidence of contamination was found."
If you choose to ignore all the evidence and persist in concocting implausible conspiracies, surely there are some wiki pages you could be editing?