"it is not customary to study multiple faults"
Are you seriously telling me they never planned for outages to the wind turbine system caused by extreme storms?
637 posts • joined 16 Jan 2016
Are you seriously telling me they never planned for outages to the wind turbine system caused by extreme storms?
"From which palaver you will have deduced I didn't like it."
It's obvious why you didn't like it, you're a girly. This review reminds me of another review of 'Ex Machina' by MaryAnn Johanson ref. She didn't get it either. For instance she has this to say: "Nathan has obviously perfected artificial humanish skin, so why isn’t Ava entirely covered with it, instead of merely her face and hands?". Well, as any male SF reading techie would know .. so we could see her parts, silly ...
Never read anything by Douglas Coupland. If this is what Coupland took away from his time at Microsoft then it questions the accuracy of the rest of his works.
"It's never been, 'We're doing this for the good of society.' It's always been us taking an intellectual pride in putting out a good product - and making money. If putting a computer on every desktop and in every home didn't make money, we wouldn't do it.", microserfs by Douglas Coupland
"More technical details on the GiftGhostBot cybercrime tool can be found in a blog post by Distil Networks here". ®
I don't see any such technical details. Is GiftGhostBot running on hijacked desktops and if so how did it get there?
"We are working to change the license for OpenSSL .. to the widely-accepted and common Apache License (version 2)."
"We wrote some tools to look through every version of our files, and our scripts found your email address. You can see what we found:"
"If we do not hear from you, we will assume that you have no objection."
"You can also post to the public mailing list, firstname.lastname@example.org; details about that list can be found at this site:"
So, if I correctly follow your thinking, the attempt by the OpenSSL project to contact contributors is evidence of the OpenSSL project alienating the community. Is this place turning into the Breitbart of the technology press.
"What's likely happening here is that Microsoft is being super lazy and checking the user-agent string to see which version of its code it should serve to the browser"
No, really (sarcasm), the only lazyness is in using the agent string to detect the browser and so make running any otrher browser a jolting experience.
“We will bind the shell to Explorer, so that running any other browser is a jolting experience.”, Ben Slivka
“In one piece of mail people were suggesting that Office had to work equally well with all browsers and that we shouldn’t force Office users to use our browser. This Is wrong and I wanted to correct this.”, billg
active infection, crimeware, cyber-nasty, detonating internally, hackers burrowing, infected software, infected USB sticks., malicious software, malware, radiating out, ransomware, software, unauthorized remote access ®
How many different euphemisms can you think up for malware infecting operating system :)
What isn't mentioned is the desktop operating system required in order for this malware to sucessfully execute.
"We have already developed the first version of the Windows 10 government secure system. It has been tested by three large enterprise customers"
We've taken out all the NSA bugware, it has become acedemic seeing as they now control the root CAs ..
Also, the backdoor we gave the Chinese has a backdoor into the backdoor that gives the NSA access to the Chinese 'secure' Windows 10 :)
"there’s an opportunity to reduce the cost of the function by leveraging offshore capability"
Translated into Engspeak, India telephone tech support are cheaper than the UK equivalent. "The lucky ones .. will earn as much as 20,000 rupees per month — around $2 per hour", that's GB£1.60 in 2011 ..
"Why .. are there so many machines still open to compromise?"
According to some security professionals, it isn't possible to have both security and productivity at the same time.
So, it's a spambot run on compromised Windows desktops. I thought such large scale spamming was eliminated or very much reduced what with most open email relays being disabled and the use of Sender ID and SPF. Indeed an Internet visionary once claimed that spam would be eradicated by year 2006
"The fix is simple: turn your modem on and off again to get a new IP address. Or ask your ISP to assign them more often"
How do you defeat against your own ISP recording your browsing history.
'List of authorities allowed to access Internet connection records without a warrant'
No they're not, the vulnerabilities are caused by the design decision of using a radio link that can be so easily jammed. Why weren't these vulnerabilities picked up at the security review - they did actually conduct a security review on the security product?
"at altitude, there's less air to insulate a PSU which heightens the risk of arcing inside a PSU."
Illogical captain, less air would lead to less arching. Perhaps the lack of air prevents heat being removed through convection currents.
nuff said !
Security needs to be baked into the OS not added on as an after thought. Ideally an OS that cannot be compromised by clicking on a URL or opening an email attachment.
"It doesn't launch until March 2. When it actually arrives, we'll write about it."
Too late Microsoft has already disabled Windows on AMD Ryzen processors: "When you try to scan or download updates through Windows Update, you receive the following error message: Unsupported Hardware" link
'“PetrWrap”, uses the PsExec tool to install ransomware on any endpoint it can access.' .. as long as it's a version of Microsoft Windows.
Created with Microsoft® Word 2016: On opening, this document attempts to connect to a number of URLs, a bit of a security risk.
"The personal information of thousands of medical staff in Wales, UK, were stolen after an IT contractor's server was hacked."
Do you mean the servers were hacked and the records were illegally copied by some unknown entity to an unknown location. What exactly was the nature of the breech and what steps did Landauer take to secure its servers?
What's the difference between a BEC and a phishing attempt. It's just I've never heard the term before.
When are Americans going to wake up and realize that all this surveillance and paramilitarism isn't to protect them from terrorism but, in the event the voters try and eject the neocons, to implement full marshal law on the continental United States of America.
Do you want to see my ID?
No need, sir.
But I could be anybody.
No you couldn't sir. This is Information Retrieval.
$ssh -X user@remotehost
"some folks are speculating that the source of the leak could be the Russians, and its true purpose is to derail the CIA for political gain."
"Journalists covering #Vault7: consider this could be as much about Russia as CIA or WikiLeaks, a continuation of teardown of US government"
No, it's yet more evidence it's the CIA that's a threat to US democracy. Notice I said 'US democracy' as the US government supposedly works for the people. and the CIA supposedly works for the US government instead of being part of a shadow government. If the US government is going to collapse it won't be anything the Russians do. It'll be mostly self inflicted. Like those people in the security services who concocted the Trump golden shower dossier.
How does the StoneDrill malware get into the victim's browser in the first place?
ianal: Unless Columbia specifically revoked his access to their system, Leeper could still claim he had authorized access excuse.
"Top dog creating an account the day before he left?", chivo243
"What about user account policies? AD auditing? etc etc", adam payne
'AD auditing' .. haaaa .. 'Top dog' should have installed a rootkit into the BIOS using the Intel Management Engine (ME). Rendering it invisible to all known malware detection techniques. These come as binary blobs that execute before the main processor kicks-in, at a higher privilege than the kernel and cannot be disabled. They even run when powered down and still plugged in.
"Columbia has implemented numerous safeguards to ensure the integrity and security of its IT systems. It uses similar safeguards to protect its confidential business information from unauthorized disclosure or use. In each instance, Columbia has no choice but to trust the IT staff that implements those safeguards to maintain and abide by them."
What's needed is a fully audited irreconcilable second system to monitor the main one that is inaccessible to the first system. And give people a hardware dongle containing the only copy of their own keys, that must be plugged in to login/access their own records.
"It has recently come to my attention that many in the free software movement are unaware of a relatively new development on x86 platforms that permanently removes the ability to use these platforms without also continually executing signed, proprietary code at the highest possible privilege level."
"All post-2013 (AMD) and virtually all post-2009 (Intel) systems contain this mandatory technology, and therefore, by design, can never be converted to run using pure FOSS. Prior to these changes projects such as coreboot could be used to replace the boot firmware with a FOSS alternative." ref
@Jack of Shadows: "Yep. As soon as I saw "Do a minimal CentOS 7 install, disable SELinux, and follow the basic steps outlined here", I was saving the page and bookmarking the page. I can already see my future doing the arcane here, and arcane it is."
Yea, what we need is more articles about DevOps and Continuous Deployment :)
"I'm not a fan of outsourcing IT.. But it sounds as if the IT department there is pretty huge, it's possible that it's simply grown too big over the years as projects were added"
The Uni isn't downsizing, they're firing seventy eight techies and outsourcing their jobs to cheap labour in India. And as you say, it's a false economy as it leads to a lower quality service. They could fire seventy eight admin staff and nobody would notice.
"On their last day of work, pink-slipped employees will protest the University of California, San Francisco's decision to replace them with lower-paid workers from India"
"It is the first time a public university has ever offshored American information technology jobs, undermining its own mission to prepare students for high-tech careers."
'We are quickly moving into an era where the industry has begun moving towards a more orchestrated ecosystem of ‘things’ – devices, machines, sensors, vehicles, wearables, etc .. At Canonical, we call it “Software-defined Everything”.'
If HALO is a cloud-based service and monitors a RING deployment in the 'cloud', what happens when the cloud service falls over?
Who was it that tested this enterprise grade device for such flaws using the various diagnostic tools available to the current security researcher, and then passed it off as fit for purpose. Tell me they did perform a security audit on the device before releasing to market?
"Microsoft Dynamics 365 is the next generation of intelligent business applications in the cloud. Dynamics 365 unifies CRM and ERP capabilities by delivering new purpose-built applications to help manage specific business functions, including Dynamics 365 for Sales, Dynamics 365 for Customer Service, Dynamics 365 for Field Service, Dynamics 365 for Project Service Automation and Dynamics 365 for Operations." ref
Reading this, I feel like I'm being sucked into some kind of cult, such as Scientology. It's called 'loaded language', the endless repetition of invented terminology and made up words.
"Does that enable you to access fully the capabilities resident in the private sector?"
Snort (◔_◔) ..
"Part of that is, no doubt, down to increased levels of security vetting involved. After all, they don't want another Snowden in the ranks."
Surely a demonstration of the perils of outsourcing to the private sector :)
" the better solution is to follow an age-old piece of advice that company bosses never seem to grasp: don't treat your employees like shit"
As far as most business type bosses are concerned their IT staff come somewhere between the janitor and the sanitation people.
"The bug was found with syzkaller" a Linux syscall fuzzer
'2017-02-15: Bug reported to security () kernel org
2017-02-16: Patch submitted to netdev
2017-02-17: Patch committed to mainline kernel
2017-02-18: Notification sent to linux-distros
2017-02-22: Public announcement'
"for all the attention paid to attacks like Stuxnet, there's a dearth of work looking at what's going on at the control logic level."
How can I infect a PLC by emailing someone a malicious attachment or Weblink?
"Cybercrime group RTM is deploying complex malware based in the Delphi programming language"
There, I've fixed the title for you and not once managed to mention Microsoft Windows.
"Berg .. helped formulate the company's strategy for dealing with open-source software and for ensuring compliance with open-source licensing requirements – a significant legal risk when deep-pocketed Amazon makes an acquisition."
Aw come on, could you please enumerate any companies currently being sued for using 'open-source' software. Apart from Microsoft extorting android licenses out of hardware makers.
"The manager of the project, Berg said, really wanted to release MOOSE as open source, but didn't know how to do so"
It took them18 months to publish their own code under the LGPL?
"Iran is one of the countries prohibited to receive goods under US export regulation"
Apart from Boeing selling 80 aircraft to Iran, which require software.
Biting the hand that feeds IT © 1998–2017