What type of video capture stuff are you talking about?
On Mon, Feb 11, 2013 at 5:07 PM, Addison Higham <[email protected]> wrote: > Not sure how interesting this woud be, but if anyone is interested in > linux server operations, I could put something together with other > co-workers from i.TV. > > We run close to 100 EC2 instances and can go over managing it.. We also do > some really cool stuff with video capture, that has some application > outside a data center. > > > > > > > On Mon, Feb 11, 2013 at 4:55 PM, Lloyd Brown <[email protected]> wrote: > >> As interesting and useful as that sounds, you will want to be very, very >> careful with something like this. >> >> Time for a war story. >> >> Several years ago, when I was an undergrad, I took a the IT program's >> Security class. At the direction of the professor, the TA set up an >> access point and faked "BYU Wireless Login" page (this was before we >> could whitelist device MACs with OIT). He ran this for a few minutes in >> the security lab, during our lab time, which was right before class. >> The teacher was out of town, so the TA was running things in class, and >> he started asking people in the class if their password was a certain >> number of characters long, and started with this letter, ended with that >> letter, etc. >> >> Since we had several full-time employees from OIT, and from other >> computer support organizations across campus, this made a number of >> people upset. >> >> In the end, it all worked out. The TA could demonstrate that he'd ONLY >> stored the first and last characters, and the total length of the >> passwords. The members of the class started being really careful about >> checking for the SSL certificate (which the TA didn't spoof). All in >> all, it was good lesson learned for everyone, but it made a good number >> of them freak out. And when people in a position to make policy >> decisions get upset like that, they're prone to overreaction. >> >> >> I'm not saying that it's a bad idea to do something like you're >> proposing. I think you could probably design the demonstration to avoid >> a lot of these problems, etc. Just be careful, make sure you document >> everything, get appropriate approvals, etc. >> >> >> >> >> >> Lloyd Brown >> Systems Administrator >> Fulton Supercomputing Lab >> Brigham Young University >> http://marylou.byu.edu >> >> On 02/11/2013 04:38 PM, Jacob Adams wrote: >> > Maybe someone could set up a password cracker in the Wilk and invite >> > people to come see how (in)secure their passwords are :) >> -------------------- >> BYU Unix Users Group >> http://uug.byu.edu/ >> >> The opinions expressed in this message are the responsibility of their >> author. They are not endorsed by BYU, the BYU CS Department or BYU-UUG. >> ___________________________________________________________________ >> List Info (unsubscribe here): >> http://uug.byu.edu/mailman/listinfo/uug-list >> > > > -------------------- > BYU Unix Users Group > http://uug.byu.edu/ > > The opinions expressed in this message are the responsibility of their > author. They are not endorsed by BYU, the BYU CS Department or BYU-UUG. > ___________________________________________________________________ > List Info (unsubscribe here): http://uug.byu.edu/mailman/listinfo/uug-list >
-------------------- BYU Unix Users Group http://uug.byu.edu/ The opinions expressed in this message are the responsibility of their author. They are not endorsed by BYU, the BYU CS Department or BYU-UUG. ___________________________________________________________________ List Info (unsubscribe here): http://uug.byu.edu/mailman/listinfo/uug-list
