Welcome, Guest. Please
Login
or
Register
The Geek Crew
›
General Category
›
The Mother Board
› Interesting News Article Thread
(Moderators: b0b, MediaMaster)
‹
Previous Topic
|
Next Topic
›
Pages:
1
...
83
84
85
86
87
...
90
Interesting News Article Thread (Read 738649 times)
b0b
GeekCrew Administrator
FTP Server
Offline
The revolution will not
be televised.
Posts: 7464
Battle Creek, Michigan
Gender:
Re: Interesting News Article Thread
Reply #1260 - Apr 13
th
, 2010 at 8:17pm
That almost seems like it should be on the front page of the Onion.
-b0b
(...the truth is weirder than fiction.)
Back to top
IP Logged
spanky
Post Whore
FTP Server
Offline
Posts: 1540
Detroit-ish
Gender:
Re: Interesting News Article Thread
Reply #1261 - Apr 14
th
, 2010 at 11:14am
Yeah, this time I searched around and made sure it was true. (Dang you Pat!)
The cop in the suit was not charged with jay walking...
Back to top
IP Logged
X
Post Whore
FTP Server
Offline
Truth Is Treason, In The
Empire Of Lies
Posts: 3903
Gender:
Re: Interesting News Article Thread
Reply #1262 - May 7
th
, 2010 at 2:42pm
Ha ha this was a hilarious article check it out!
http://www.fourhourworkweek.com/blog/2010/05/01/credit-card-concierge/
X
Back to top
In the land of the blind, the one eyed man is king. - Max Payne
IP Logged
b0b
GeekCrew Administrator
FTP Server
Offline
The revolution will not
be televised.
Posts: 7464
Battle Creek, Michigan
Gender:
Re: Interesting News Article Thread
Reply #1263 - May 7
th
, 2010 at 6:40pm
Wow...
I'm not a fan of credit cards, but that's almost too tempting!
-b0b
(...cackles maniacally.)
Back to top
IP Logged
X
Post Whore
FTP Server
Offline
Truth Is Treason, In The
Empire Of Lies
Posts: 3903
Gender:
Re: Interesting News Article Thread
Reply #1264 - Jun 5
th
, 2010 at 11:15am
Check out this pretty interesting video about a new reporter who got a guided "tour" around North Korea...very interesting!
http://news.bbc.co.uk/2/hi/programmes/newsnight/8701959.stm?ref=d
(There is a second part to it after the first video ends)
X
Back to top
In the land of the blind, the one eyed man is king. - Max Payne
IP Logged
X
Post Whore
FTP Server
Offline
Truth Is Treason, In The
Empire Of Lies
Posts: 3903
Gender:
Re: Interesting News Article Thread
Reply #1265 - Jul 26
th
, 2010 at 2:16am
http://www.grocerycouponguide.com/articles/eating-well-on-1-a-day/
This was a very interesting article about a guy buying/eating food on $1 a day. If you have the time, read it, and has some entertaining moments (like buying tampons and panty liners to get peanutbutter).
X
Back to top
In the land of the blind, the one eyed man is king. - Max Payne
IP Logged
X
Post Whore
FTP Server
Offline
Truth Is Treason, In The
Empire Of Lies
Posts: 3903
Gender:
Re: Interesting News Article Thread
Reply #1266 - Aug 22
nd
, 2010 at 9:54pm
EVERYONE!!!
GO SEE Scott Pilgrim vs. The World
RIGHT NOW!
It made my top 10...maybe top 5 all time movies!
X
Back to top
In the land of the blind, the one eyed man is king. - Max Payne
IP Logged
b0b
GeekCrew Administrator
FTP Server
Offline
The revolution will not
be televised.
Posts: 7464
Battle Creek, Michigan
Gender:
Re: Interesting News Article Thread
Reply #1267 - Aug 23
rd
, 2010 at 8:18am
Well, since you put it that way...
-b0b
(...meh.)
Back to top
IP Logged
The_Fat_Man
Wootzor von Leetenhaxor
FTP Server
Offline
Grand High Overlard
Posts: 910
Colorado Springs, Colorado
Gender:
Re: Interesting News Article Thread
Reply #1268 - Aug 23
rd
, 2010 at 11:27pm
I agree Pat, it was really really good. I was pleasently suprised by this because I had kind of dismissed the movie as stupid. Only went to see it because it was a group thing.
Definately one of the best movies of the year.
Back to top
IP Logged
X
Post Whore
FTP Server
Offline
Truth Is Treason, In The
Empire Of Lies
Posts: 3903
Gender:
Re: Interesting News Article Thread
Reply #1269 - Oct 5
th
, 2010 at 2:15pm
Quote:
Hacker infiltration ends D.C. online voting trial
Last week, the D.C. Board of Elections and Ethics opened a new Internet-based voting system for a weeklong test period, inviting computer experts from all corners to prod its vulnerabilities in the spirit of "give it your best shot." Well, the hackers gave it their best shot -- and midday Friday, the trial period was suspended, with the board citing "usability issues brought to our attention."
Here's one of those issues: After casting a vote, according to test observers, the Web site played "Hail to the Victors" -- the University of Michigan fight song.
"The integrity of the system had been violated," said Paul Stenbjorn, the board's chief technology officer.
Stenbjorn said a Michigan professor whom the board has been working with on the project had "unleashed his students" during the test period, and one succeeded in infiltrating the system.
The fight song is a symptom of deeper vulnerabilities, says Jeremy Epstein, a computer scientist working with the Common Cause good-government nonprofit on online voting issues. "In order to do that, they had to be able to change anything they wanted on the Web site," Epstein said.
Because of the hack, Stenbjorn said Monday, a portion of the Internet voting pilot -- which was expected to be rolled out this month -- is being temporarily scrapped.
The program, called "digital vote by mail," is intended to allow military or overseas voters to cast secure absentee ballots without having to worry whether the mail would get them back to elections officials before final counting. Those voters, about 900 of them, still will be able to receive blank ballots via the Internet for the Nov. 2 general election, but they will not be allowed to submit their completed ballots via the DVM system, Stenbjorn says. Instead, they'll have to put them in the mail or send them unsecured via e-mail or fax.
The security hole that allowed the playing of the fight song has been identified, Stenbjorn said, but it raised deeper concerns about the system's vulnerabilities. "We've closed the hole they opened, but we want to put it though more robust testing," he said. "I don't want there to be any doubt. ... This is an abundance-of-caution sort of thing."
Last week, Common Cause and a group of computer scientists and election-law experts warned city officials that the Internet voting trial posed an unacceptable security risk that "imperils the overall accuracy of every election on the ballot." But board officials said the system provides security and privacy upgrades over a method of Internet voting that's already legal: filling out a paper ballot, then scanning it and attaching it to an e-mail.
Stenbjorn says he hopes that the Web-voting system's security vulnerabilities will be addressed in time for a D.C. Council special election expected next spring. The board has spent about $300,000 in federal grant money on the project.
A D.C. Council hearing on elections issues, which will include the Internet voting test, is set for Friday.
This is probably the smartest thing the city of D.C. has even done. This is the reason why software/hardware/electronic companies who don't believe in open source believe they have to resort to legislation and legal action. The federal government as well. Yes, it should be illegal for a reason (I'm not saying I agree with a federal law, but I see where they come from). But instead of the 20 years in federal max. (which is ridiculous), make a deal that if they work on improving the system or whatever, they work off their sentence. America could be one of the best places to tap "hackers" in the world. We have the institutions and dare I say, the human spirit of curiosity based on our way of life to beat whatever Korean, Chinese, or whatever attacks on our mainframe. The military/govt. need to seek humility to ask for help. Until then, we are at the mercy of foreign attacks and malicious criminals.
X
Back to top
In the land of the blind, the one eyed man is king. - Max Payne
IP Logged
b0b
GeekCrew Administrator
FTP Server
Offline
The revolution will not
be televised.
Posts: 7464
Battle Creek, Michigan
Gender:
Re: Interesting News Article Thread
Reply #1270 - Oct 6
th
, 2010 at 3:05pm
I agree completely. The problem, however, is that decisions regarding electronic voting are being made by people with absolutely no IT background. The closed source vendors tell them, "Hey, if you go open source, someone could find a vulnerability in that source code years down the rode and sell it to the highest bidder."
Of course, they don't mention that you're at their mercy to find and correct vulnerabilities in their closed source software!
-b0b
(...shrugs.)
Back to top
IP Logged
X
Post Whore
FTP Server
Offline
Truth Is Treason, In The
Empire Of Lies
Posts: 3903
Gender:
Re: Interesting News Article Thread
Reply #1271 - Oct 6
th
, 2010 at 4:11pm
I don't understand how people who don't use or like computers then think, "Oh, going to a digital format for voting or online voting is a good thing"? It's like a series of tubes, and the more you push through it like dump trucks it's going to get stuck...so e-voting would be bad...right?
X
Back to top
In the land of the blind, the one eyed man is king. - Max Payne
IP Logged
X
Post Whore
FTP Server
Offline
Truth Is Treason, In The
Empire Of Lies
Posts: 3903
Gender:
Re: Interesting News Article Thread
Reply #1272 - Oct 12
th
, 2010 at 4:37pm
A very interesting follow up to the last story...very interesting....
Quote:
Iranian, Chinese Computers Also Discovered to Have Been Hacking D.C. Internet Voting System
Startling testimony offered by the U. of Michigan computer science professor whose team penetrated D.C.'s 'pilot program' server for what was to have been a live election beginning in just days...
A University of Michigan computer scientist and his team were not the only ones attempting to hack the Internet Vote scheme that Washington D.C. had planned to roll out for actual use with military and overseas voters in this November's mid-term election.
According to testimony given to a D.C. City Council committee last Friday by J. Alex Halderman, asst. professor of electrical engineering and computer science at University of Michigan, hackers from Iran and China were also attempting to access the very same network infrastructure, even as his own team of students had successfully done so, taking over the entirety of the Internet Voting system which had been opened for a first-of-its-kind live test.
[See our report last week on details of what had already been disclosed about Halderman's startling hack prior to last Friday's hearing.]
"While we were in control of these systems we observed other attack attempts originating from computers in Iran and China," Halderman testified. "These attackers were attempting to guess the same master password that we did. And since it was only four letters long, they would likely have soon succeeded."
In his stunning public testimony --- before a single member of the D.C. Board of Ethics and Elections (BoEE), and a nearly empty chamber --- Halderman explained how the team had, by the time they discovered their fellow intruders, already gained complete control of the system, it's encryption key and its passwords. The system was developed as part of an Internet Voting pilot program with the Open Source Digital Voting Foundation.
As The BRAD BLOG reported last week, Halderman's team was able to take over the system within 36 hours after it had gone live for testing. After having "found and exploited a vulnerability that gave [them] almost total control of the server software," his team was able to steal the encryption key needed to decode "secret" ballots; overwrite every single ballot cast on the test system; change the votes on those ballots to write-in candidates; discover who had already been voted for and the identities of the voters; install a script that would automatically change all votes cast in the future on the same system; install a backdoor to allow them to come back later; and then leave a "calling card" --- the University of Michigan fight song --- which was programmed to play in the voter's browser 15 seconds after each Internet ballot had been cast.
But the new disclosures offered before the committee on Friday, including the hack attempts by computers in China and Iran, may have been as explosive, if not more so, than the previous revelations. They certainly illustrate and underscore a grave national security threat present in electronic voting systems such as the one D.C. had planned to use, as Lawrence Livermore National Laboratories computer scientist and cyber-security expert Dr. David Jefferson told me during an interview last Friday night on the nationally syndicated Mike Malloy Show which I was guest hosting last week.
The hack of the system forced the D.C. election administrators to shut down their plans for the pilot program which was to have gone live in days, as encouraged and partially funded by the federal Military and Overseas Voter Empowerment (MOVE) Act, which allocated millions of dollars for such Internet Voting pilot programs.
The revelations of the intrusion attempts from China and Iran, however, would not be the only new, previously unreported bombshells Halderman offered during his Friday testimony...
Defending the network...
"We gained access to this equipment because the network administrators who set it up left a default master password unchanged," Halderman explained to Councilwoman Mary Cheh. "This password we were able to look up in the owner's manual for the piece of equipment. And once we did, we found it was only a four-letter password."
The University of Michigan team made short order of hacking that simple password, aided in no small part by the team having also taken over the security camera apparatus inside the election board's actual data center where the servers were located.
"Once we gained control of this equipment, we could watch in real time on my desktop in Michigan as the network operators configured and tested the equipment," he told the committee. "We could also watch them on camera because we found a pair of security cameras in the data center were on the same network as the pilot system and were publicly accessible with no password at all."
When they'd discovered the foreign intrusions from Iran and China, the "white hat" hackers from the U.S. actually took measure to protect the D.C. system.
"We decided to defend the network by blocking them out, by adding rules to the firewall, and by changing the password to a more secure one," he explained during his testimony to a stunned Cheh.
"You changed the password of the BoEE system?" she interrupted him to ask.
"Of the pilot system, yes," Halderman responded.
"You changed it?!" Cheh asked incredulously.
"We did, yeah, to something so that the Chinese and Iranian attackers wouldn't get it," he said.
As if that's not all bad enough...
Halderman also made another dramatic disclosure during his testimony. As his team was looking through the BoEE Internet Voting server, they made another alarming discovery which he revealed rather dramatically by pulling out some 937 pages printed out from a file the team had found and downloaded from the system.
The team had discovered that the local election administrators appeared to have conducted their own tests at some point by sending files to the system that were either longer or shorter than the PDF-formatted ballots that the system would have been expecting, in order to see if those incorrect files were properly rejected in the event that a voter had sent the wrong file instead of their ballot.
Those rejected test files remained on the server, however, where the Michigan team of "hackers" were able to rifle through them.
"Some of the files were just a page with one sentence, 'This is a blank ballot.' Others were much bigger. ... But one of the files, which I have here," Halderman explained as he pulled out hundreds of pages to place on the table, "one of the files was a 937-page PDF document."
"It appears to be the 937 invitation letters that BoEE sent to registered voters. Each page contains the name and voter ID number of a real voter along with the 16-character PIN that is the only password a voter needs in order to use the system in the real election."
"We found the document on the test bed server, a system that BoEE invited the world to break into, and that we showed could be broken into very easily," he continued. "We have no way of knowing who else has access to this. The PINs in this document are the most critical secret to protecting the whole voting system."
Livermore Labs' Jefferson, who has advised the last five CA Secretaries of State on voting system security and represents VerifiedVoting.org as one of their Internet Voting experts, explained the importance of this revelation during my interview with him on Friday night.
"This was stunning," he told me. "This file is, in a sense, the holy grail of voter security in the general election if this system were to be used in the general election. Of course, it's now not going to be. But had an adversary had a copy of that file, they would have been able to cast votes for the legitimate voters, and if they'd cast them ahead [of the actual voters], their votes would be accepted as legitimate and the actual legitimate voters, when they tried to vote, would be denied because of course you can't vote twice."
Halderman believes the use of that particular file as part of the BoEE's testing procedures suggests that the administrators of the system are not up to the task of securing such an important system. That same concern has been expressed by critics of e-voting for years, given that local elections supervisors, many of them with no computer science or security experience at all, are often enabled with the task of keeping complicated, sensitive, easily manipulated computer systems secure from both outsider and insider attacks.
"I'm just deeply concerned that BoEE does not take security seriously and that it fails to appreciate the security challenges that are faced by any Internet voting system," Halderman said at the conclusion of his prepared testimony.
'All the votes had disappeared...'
Jefferson found yet another very serious flaw in the D.C. Internet Voting system on his own --- one that had not yet been publicly reported until my live interview with him on the Malloy Show Friday night.
He participated in the same open test the week before last, by casting his own vote using D.C.'s test-bed system and closely following the instructions he was given. After viewing and filling in the PDF version of the ballot he was offered during the voting process, he saved the file to his system, and sent it back in to the election server --- cast his "vote" over the Internet --- as directed by the system.
Later, however, he made a startling discovery:
"After submitting the vote back, the ballot was still on my desktop as a file so I opened it. And I discovered that all the votes had disappeared. I had a blank ballot. Which means that I had sent a blank ballot back to the District of Columbia, not the choices that I had made."
"I investigated further and discovered that anyone who used certain combinations of browsers and what we call PDF plug-ins would have the same problem," he told me on air. "In fact, unless you used a [stand-alone] Adobe Reader --- which many people are familiar with and many people use, but many don't --- unless you used that [versus the web browser's internal PDF plug-in], you were pretty much guaranteed that your votes would be erased the moment you saved them and you would be disenfranchised."
"It was a very serious problem because I actually did follow directions. I did not do anything wrong, and many voters would have had this same problem," Jefferson explained. "a large proportion of them would have cast, unknowingly cast, blank ballots. And once you do that there's no recovery because you can't vote twice and the election officials are not supposed to be able to find your ballot and fix it."
Had the system actually gone live, under the circumstances, hundreds of ballots (the pilot program was to be done with the participation of some 900 overseas and military voters from D.C.) would likely have been returned over the Internet completely blank to the BoEE for this November's mid-term election.
That is, of course, presuming the Iranians, Chinese, or anybody else who might have had an interest in the election, not changed all of the ballots to anything they wanted, or kept all of the voters from being able to cast their ballots at all by using the PIN numbers the BoEE had left on the server.
A matter of U.S. National Security...
"Many of us have been arguing that election security is a matter of U.S. national security," Jefferson, who has worked for more than a decade on this issue, told me. He has done so as an adviser to both Republican and Democratic Secretaries of State in California, testified to countless official bodies about his concerns, and most recently worked on CA Sec. of State Debra Bowen's landmark, 2007 "Top-to-Bottom Review" of all of the state's electronic voting systems (all of which were found to have been easily penetrated and quickly manipulated during the first-of-its-kind public hack testing by an official state commission).
"Oftentimes the difference between one or another candidate for United States Senator, say, you know, is only a few hundred votes. So it's really important that it not be possible for foreign governments or crazy self-aggrandizing hackers in other countries --- or in our own --- to be able to modify votes and get away with it."
"But usually this warning that I have given many times, that this is a national security issue, goes, well, people are somewhat skeptical about it. It goes under-appreciated," Jefferson explained diplomatically during our conversation.
"So here we have a case where not even a real election, just a test election, but announced as open to all comers to try to hack, Alex Halderman finds that not one but two teams from national rivals of the United States, Iran and China, are already trying to probe around inside it," he warned.
During his testimony, Halderman explained that he didn't "believe" the Iranian and Chinese "attackers were specifically targeting the D.C. voting system," but, he added, "this is a large part of why Internet voting is so dangerous. The servers are going to face attacks from powerful adversaries anywhere in the world."
A number of election and computer experts had warned the D.C. BoEE against going live with their Internet Voting scheme in the days just prior to the hack. The open tests proceeded nonetheless until administrators finally discovered the University of Michigan fight song was playing on web browsers after ballots had been cast.
Even though the system had been violated almost as soon as it had gone up, "the attack was not detected by the officials for several days, despite the fact that they were looking for such attacks (having invited all comers to try) and despite the fact that the attackers left a 'signature' by playing the Michigan Fight song after every vote was cast!" wrote Jefferson in a blog item at Verified Voting last week, just after Halderman publicly revealed in his own blog item that he and his team had been the "culprits."
"Let there be no mistake about it," Jefferson wrote, "this is a major achievement, and supports in every detail the warnings that the security community have been giving about Internet voting for over a decade now."
"After this there can be no doubt that the burden of proof in the argument over the security of Internet voting systems has definitely shifted to those who claim that the systems can be made secure. ... This successful demonstration of the danger of Internet voting is the real deal," he said.
'This isn't a solvable problem'...
During his testimony last Friday, Halderman, and the others who testified with him, made the same point as Jefferson, very clearly arguing that existing computer technology and security safeguards simply do not allow Internet Voting to be carried out securely at this time. They testified that it could possibly revisited in the future, but not for a decade's time.
Unlike banking on the Internet or via ATM, they explained, a process which is open to oversight before, during, and after by all involved parties, the secret ballot system used in U.S. elections --- where it's impossible to verify the accuracy of the "transaction" after it's been made and the identity of the voter must be kept forever a secret --- cannot be done safely at this time on the Internet.
"The scientific consensus is that Internet Voting is just too dangerous today based on the limits of today's security technology," Halderman testified. "Indeed, it will probably be decades, if ever, before the technology is at a level where we can perform voting safely, purely over the Internet."
Jeremy Epstein, a computer security and voting systems expert working with Verified Voting who also testified on the same panel with Halderman, said the history of computer security illustrates the problem faced in devising a system that is secure enough for the task of Internet Voting. He testified that he hopes the BoEE takes the right lesson from what happened during this landmark event.
"What we found in forty years of experience is you can penetrate and patch, and then you penetrate again and you patch again, and you penetrate again and you patch again and you penetrate again and you patch again and it never ends. If it ended, Microsoft would have succeeded. We wouldn't all be having to reboot our computer and install patches once a month for the past ten years. This is not something that we can just say 'Please, BoEE, fix the problems and then we can do it.' This isn't a solvable problem that way."
Indeed, even local, precinct-based computerized voting and vote counting offers a storied history of disasters and meltdowns (scores of them documented in thousands of pages over the years here at The BRAD BLOG), including a number of infamous hacks of both paper-based and touch-screen e-voting systems, some of which were bullet-pointed in our initial article on the D.C. Internet Vote hack, in which we had speculated Halderman was likely behind it. Just weeks earlier, in late August of this year, Halderman succeeded in implanting Pac-Man onto a touch-screen voting system made by Sequoia without disturbing the machines "tamper-evident" seals. And even D.C. elections have had their own share of precinct-based e-voting disasters, such as their 2008 primary election when thousands of "phantom votes" for write-in candidates were produced on their paper-based optical-scan voting systems made by Sequoia Voting Systems.
Epstein lauded the D.C. BoEE for allowing this extraordinary test to happen. An open invitation of this type, inviting hackers to try and access an electronic voting system in the U.S., has never been done before. He "saluted" the Council on their "experiment."
"For the first time, what computer scientists have been warning could happen in an election, we know that, in fact, it really could happen. It isn't just a theoretical problem. It's a practical problem. So nobody has ever assessed an Internet Voting election before this one. So that's why it's wonderful what you did. And now we've learned it. So let's move on and come back in ten years."
"Let me ask you this, from a legislative perspective," Cheh asked of each of the panelists as the hearing was winding down, "should the Council, by legislation, just shut this down?"
The answer from each one of those testifying was an unambiguous "Yes."
Back to top
In the land of the blind, the one eyed man is king. - Max Payne
IP Logged
b0b
GeekCrew Administrator
FTP Server
Offline
The revolution will not
be televised.
Posts: 7464
Battle Creek, Michigan
Gender:
Re: Interesting News Article Thread
Reply #1273 - Oct 13
th
, 2010 at 2:33pm
There are some serious network/application security issues that have been highlighted in this implementation. I'm not saying Internet-based voting is a good idea at all, but the issues brought up by the U of M team constitute violations of basic IT common sense. I am absolutely convinced that I could correct every single issue mentioned in the article in about eight hours with a budget of approximately $5,000. Here are the bigger problems I saw...
Leaving a default password on the voting system. The system shouldn't even allow this. Come on, guys, this is child's play.
Using simple passwords. For a system with this level of criticality and visibility, a minimum of ten characters and four character types (caps, lower case, numbers, special characters) should be enforced. Moreover, three-factor authentication (user name, password, and smart card or biometric identifier) should be required. Better yet, authentication over the network should be prevented altogether. Local, physical access only!
No network intrusion detection/prevention. The BoEE should have known what was happening on their network at all times. It's very telling they didn't know they were compromised (multiple times, at that) until they heard the U of M fight song.
No host intrusion detection/prevention. The voting device should be locked down tighter than a drum. Absolutely no network traffic should be able to reach the device that isn't explicitly associated with voting. This alone would have prevented virtually every exploit accomplished by the U of M team.
No IP range exclusions. Sure, it's easy to spoof an IP, but it's one more thing the Iranians/Chinese/universities would have had to work around.
Placing a publicly accessible server on a VLAN with management devices (cameras). This is network security 101, guys. Any servers accessible from the Internet must be placed in a demilitarized zone that excludes them from any non-public servers. That way, if a machine gets compromised, it can't be used to reach the rest of the network.
Not securing management devices (e.g. cameras) properly. In addition to being placed on a segregated VLAN, these devices need strong user name and password identification at a minimum. If possible, these devices need to tie into a central authentication system (RADIUS, Active Directory, etc.) to ensure users are uniquely identified and access is monitored/logged.
Placing a sensitive document on a publicly-accessible system without justification, especially when that system is used for testing and the owners have invited hackers to break into it. Once again, this is common frickin' sense. Beyond using a smattering of brain matter, the organization should be employing change management tools to ensure the file system remains unaltered once the system is placed into production.
Poor developmental design, crappy quality assurance and little or no compatibility testing. Why the heck would this system require a user to generate a PDF (or any file for that matter) and upload it to the system? Why can't the user just enter their choices directly into an application GUI or web interface? PDF is probably the worst possible choice for this kind of application due to the wide variety of PDF viewers, wide variety of installed versions (people still use Acrobat 5 for crying out loud), wide variety of installed patches (almost as bad as Java), and wide variety of plug-ins. Who had the bright idea to use PDF in the first place?
-b0b
(...is disgusted.)
Back to top
IP Logged
X
Post Whore
FTP Server
Offline
Truth Is Treason, In The
Empire Of Lies
Posts: 3903
Gender:
Re: Interesting News Article Thread
Reply #1274 - Oct 13
th
, 2010 at 2:51pm
You make some excellent points/suggestions, thank you! It further goes to my statement that you shouldn't have non-tech professional people (and outside of the ones who built the system) to come in at the very least and check it over.
I would also add, the default password should not contain any words in English or in any other language but have to be, like you said, at the very least, 10 characters of random letters and numbers and characters. Or how about, you can use proper words if your password is your favorite movie quote?
I'd say the Independence Day speech could definitely qualify as some PGP!
X
Back to top
In the land of the blind, the one eyed man is king. - Max Payne
IP Logged
Pages:
1
...
83
84
85
86
87
...
90
The Geek Crew
›
General Category
›
The Mother Board
› Interesting News Article Thread
‹
Previous Topic
|
Next Topic
›
« Home
‹ Board
Top of this page
Forum Jump »
Home
» 10 most recent Posts
» 10 most recent Topics
General Category
- The Mother Board ««
- D&D Campaign