Posts by Neil Graham
Last ←Newer Page 1 2 3 4 5 Older→ First
-
How much of the police response is cultural and how much is due to training? I can see a police officer having good intentions when advising a teenage girl(or indeed anyone) to not press the issue. What are the police advised and/or trained to do in this situation? Is it up to the discretion of the individual receiving the complaint?
It strikes me, the best way to serve a complainant would be to provide support where support can be reliably given. Recording the complaint must be taken seriously. Do police even consider acknowledgement of crime as in their sphere? It seems that they don't want it on their books unless it will be a path towards a conviction.
Even if a complainant has little chance of a prosecution, Some steps could be very beneficial to the complainant.
Listening to them, telling them that, yes, what happened did actually happen, it was a crime, and it wasn't their fault.
If the complainant wishes there to be a record, record the event, Inform them that the record will provide relevant information to further complaints.
Allow for anonymous recording of complaints that, while not, usable for prosecutions, enable a view of the problem at a national level and can be used for informing future policy*.*I can already envision this policy printed on a patronising 60x150mm piece of cardboard, handed to complainants after their report [sigh]. I mean actually use the information, not just record and forget,
-
Is there a scientific basis for the various physical requirements or is it just the idea that you have to be as strong as a real man do to a real man's job?
-
Hard News: Everybody's Machiavelli, in reply to
Ahhh, have you paid your subs?
Oh jolly well done. Clapclapclapclapclap.
-
In Canada – Canada! – the age of consent is orifice-dependent.
That's just asking for theme cakes.
-
OnPoint: MSD's Leaky Servers, in reply to
Classic. So the protocol wasn't "someone opened the envelope to see if it contains money"?
I think the problem was what happened after that. The condition where someone says a Jaffa packet is a million dollars was sufficiently wtf that the next step was unclear. My guess is several people were told about it and they all figured someone else was dealing with it.
-
OnPoint: MSD's Leaky Servers, in reply to
Which is why I call bullshit on your mate's story.
The thing that gives it some credibility for me is the fact It was reported on the news when it happened, with interviews and all the silly staged shots that Keith is being subjected to now.
If I remember correctly the appropriate protocol had not been triggered when the machine was cleared but the bank said they were confident that they would have noticed it soon. The money had cleared and could be withdrawn.
-
OnPoint: MSD's Leaky Servers, in reply to
If you'd started with an OSI Layer Number it could have saved a lot of typing :)
Maybe that's a Programmer / SysAdmin perspective.
Like "how many syllables in coax?"
-
OnPoint: MSD's Leaky Servers, in reply to
Actually, no, it's about the hardest when done properly. If it was as easy as you believe, installations dealing in national security wouldn't be required to physically segment networks based on the classification of information stored and retrieved.
I can see how that would be the case where physical access security was extremely tight, but I can't imagine many instances where what would apply. It would very much be an environment were you were aware of security at every moment. I wouldn't expect many businesses to do that for the bulk of their day-to-day staff.
As an aside.
I remember reading a piece a while back on how to install an exploit on the inside of a computer system. The easiest way was to put your software on a thumb-drive and drop it on the ground outside the front door. Wait and let human nature take it's course. -
OnPoint: MSD's Leaky Servers, in reply to
If there's a physical separation of networks the utter compromise of one side does not equate to utter compromise of the other side.
I don't see how that can possibly be an issue. Presuming a connection between the two. Either the compromised side is trusted or it isn't. If the compromised side is untrusted, no amount of activity on it should be a problem (short of DOSing). Yes, being connected to a trusted site that is compromised means that you are screwed, but there is no way around that, you grant that trust very sparingly.
Using wifi to bridge the gap? If someone has access to connect to wifi on the other side then the gap is irrelevant because they're already inside.
I think this might show we are talking about different things when we mean physical network. I was assuming a physically attached network was a network that was physically attached (even if the physics involved are a wifi signal). Two machines with ad-hoc paired USB wifi connections are physically connected. Indeed any two machines that can reach Google are on the same physical network.
So by physical network, I'm guessing you mean logical network? In which case, nevermind. Forget I said anything :-).
-
OnPoint: MSD's Leaky Servers, in reply to
Well of course things are going to have bugs and malware etc, that's why people report and fix exploits. You take precautions and action when necessary. You may and should have privilege checks at multiple levels, admin on a wifi router shouldn't get you admin on the database, that's all in the realms of so bloody obvious that I didn't feel the need to mention. None of that has bearing on physical connectivity. Ultimately all of the privilege restrictions need to be explicit and in software (or firmware in the case of some dedicated boxes).
This notion that the Kiosks shouldn't have been connected to the same network is what strikes me as odd. The property of connection should grant absolutely no advantage. It would be one of the easiest aspect to bypass.