A big company I worked at years ago, there was an employee sleeping with a under executive and basically got away with murder all the time, and this was against policy, and yet nobody ever did anything. This company is almost bankrupt today, I wonder why...

@scottalanmiller said:

As Americans, the costs of certification tests are quite low. We don't really think of it as an onerous cost. But to much of the world, any cert test represents a significant investment, especially to people just entering the field. In the US we are used to "grab any cert you can pass", which mostly makes sense. Skip a few nights out, have a few fewer drinks and you've paid for an exam. Doesn't work that way for a lot of people, it's a major investment and picking the wrong cert could be a devastating loss of income.

Ok, fair enough.

LOL, GeekSquad just figured out what malware is.

There is auto-login, but that is probably a step farther than you want to go.

http://www.dedoimedo.com/computers/ubuntu-mint-autologin.html

@scottalanmiller I got an itch to disassemble it, I gotta see it! It's tearing me apart!

@scottalanmiller said:

What issue did you have with XP? I've never heard of an issue with the XP firewall.

The only issues I ever recall hearing about where that some where unhappy that XP didn't block outbound by default. And even today it's easy to setup. But then again I don't want normal users to do that to themselves anyhow.

@JaredBusch said:

I prefer a 12 month or non-expiring password but at least 16 characters long. Complexity can go fly a kite. Those only cause users to write things down.

Finally! For a long time I thought I was the only person who enforced this policy. Even as a part of GPO on our domains I set it as minimum of 12 (due to the entropy at the time), but basically turned down the complexity. Even some of the more non-technical users have extremely complex passwords now that they don't need to write down, because I encourage four random words with maybe a number or two between them.

And hey, if you wanna get inventive with the spelling, go ahead, if it's easier for you to remember, helps against broad dictionary attack as well. More experienced people will try cracking passwords with multiple words and even numbers, especially these days, but obviously even some crap like (3fOe38!45b is not only easy to crack, but also hard to remember, and I'm still baffled as to why this is encouraged. I'm sure you're aware of this, but I'm just saying it for people who may not realise that complex to remember does not mean complex to guess.

@scottalanmiller Social engineering is a great way to get what you want. Buffer overflows, unescaped SQL queries can be patched, people wanting to be "helpful" is an aspect of our culture and I imagine only by hiring the most irritating, least helpful people on the planet can you begin to really secure yourself against your own employees.

@Reid-Cooper said:

If you do not want your VMware host to reach the Internet or any other subnet, you could also not give it a default gateway thus blocking it from communicating over any router automatically.

It's the computer I didn't want to reach the internet. However, I wanted the VMware to be alble to. I've, since then, achieved that mission.

If this is the font patch, there's been reports of it breaking systems.

WTF, they use 443 but do not encrypt. lazy pricks.

That is really nice that so many companies stepped in so quickly to remedy the situation. Kudos to them.

Lol, pwnt

@Reid-Cooper wonderful

This comes after the government site healthcare.gov has been caught sending private information to advertisers via headers.

http://abcnews.go.com/Technology/wireStory/privacy-concerns-governments-health-care-website-28340119

It's always best practice to disable root login over SSH, especially from the Internet; use su or sudo for root access. Another good practice is to disable password-based authentication; only use keys with a passphrase. The setup you're doing here is useful for allowing scripted/automated connections between machines (e.g. for backups, scheduled tasks, etc) but they should be accounts with limited access, not root. You should be creating layers that make it difficult for someone to gain access to your systems; root keys with no passphrase means you're solely relying on that one strong password (which is one keylogger away from being defeated.)

@Carnival-Boy said:

@scottalanmiller said:

The license restrictions, though, for content are by location of the viewer, not the nationality of the viewer.

And that's what's got to change. Ultimately, geographical restrictions are not compatible with the modern world and we need a new model.

That is completely true. They are draconian and senseless and that is why many people accept them as a tacit approval of piracy by the studios.

@Dashrender said:

@thanksaj said:

@Dashrender said:

I haven't tried letting all of that stuff connect on my Android device.

Does it allow the use of your real phone number, not a google voice number?

You can text from your phone with your real number via Hangouts but not from your PC. When you SMS from your PC with Hangouts, it always uses Google Voice. Your phone just uses the last number that sent a text to the number your text as the source. You can switch back and forth and Hangouts aggregates it all into one thread in Hangouts. It's nice.

The other side could be confused though if they don't have your google voice number in your contact, or worse, it can't aggregate sources.

Hangouts goes by contacts, so if you have someone who had 17 cellphone numbers and you had them all saved in your phone under one contact, all texts would be aggregated into one conversation. But yes, if someone doesn't have an SMS client that aggregates, it will make your texts via Google Voice and texts via your cell number as separate threads.