Schneier on Security

Really cool. But make it 1000, 100 covers less than two days!

My approach on my own blog is to put the comments in the RSS feed. It's easy to do in Blosxom, and I'm sure it's easy in other blog packages. I need to tweak the way the comments go in, but I'd like to see more blogs doing it my way (if I may be presumptuous for a moment).

And with Opera 8's support for user JavaScript, I can edit the HTML so that more than 2 of those last 100 comment posts are those of Israel!

Threading would be better (I know, I know, wait for six apart to finish assimilating livejournal....)

--> Steve
Wordpress does this by default. It has an RSS feed for blog entries and another one for comments. You can also get the RSS feed for comments on a specific blog entry. I like these features alot.

re the RFID passport, I've just read the March 05 us_electronic_p.html and April 05 rfid_passport_s.html. I don't see an even simpler issue: a plain thief with enough of a scanner to see you've got a passport hidden somewhere on you, not like the lie you're trying to tell him that it's in the safe back at the hotel. Or thieves getting enough signal from passersby to know who to target.

I bet people will start commenting just to have their name appear in the 100 recent comments.

Hi mom!

-- Arik

"Really cool. But make it 1000, 100 covers less than two days!"

Good point.

"I bet people will start commenting just to have their name appear in the 100 recent comments."

It doesn't take all kinds. We just have all kinds.

Worked 14 years for a university. During an administration change, just within minutes after I had resigned my position, the IT representative was told to see me and retrieve all my computer related work. The rub was that I was on a stand alone system, held the license to all my software all those years, did not back up to their network, owned the cables and print drivers to all the large format devices and did not turn over my graphic work before walkout out the door. They never did catch on. I waited more than a year.

what is devnull on about?

I think devnull is referring to the handling of ex- and soon-to-be ex-employees' access/data.

I, too, worked at a university. I enjoyed it a great deal. We had a collegial atmosphere, and allowed former admins to keep their access as a courtesy. I insisted that the root passwords be changed when I left as manager of the facility because it was the right thing to do, but because we treated people respectfully (or maybe because we were lucky), we never had any issues. I like to think we were able to sustain a culture of professionalism and respect, and when you do that, people don't feel a need to retaliate.
That's probably a quaint way of looking at things, alas.

Comments to stories are now appearing in the "last 100" blog rather than the one the story was about.

Anyone trying to keep up with the comments on a story now has 2 places to check.

"Comments to stories are now appearing in the last 100 blog rather than the one the story was about. Anyone trying to keep up with the comments on a story now has 2 places to check."

No. We've increased the options, not the workload.

You can still check for comments in the specific stories, just as you always could. But in addition, if you want, you can look at a single page which collects the last 100 comments. The same comments are in both places.

Reading the previous two comments is quite confusing in the last 100 comments reverse chronological order mode...

Bruce: "You can still check for comments in the specific stories ..."

I think Thomas is referring to the DevNull/Anonymous/Chris Walsh exchange. It appears that Devnull was reading the latest comments stream and added an entry relating to insider threat, which was itself commented on. That strand only appears in 100 latest, not in insider threat. If other people do the same, there will be topic offshoots which only appear in the 100 latest conversation.

Perhaps it's time to stop postings to what should be an automated collection.

Me: "I think Thomas..."

OK, recind that. I had thought there was a comment point on the single page, but there isn't, so I can't see how any thread would jump as I suggested.

DevNull's comment immediately preceeding mine on this blog was in response to the insider story. It did not appear on the insider story blog.

In order to keep up with all the comments on the inisders story I now have to check 2 blogs, or I have to read the last-100 page and wade through all posts about other stories.

Once this blog is locked the problem will go away.

I wouldn't want to close comments on this thread, since we're getting useful feedback on blog features. I've changed the subject of this entry, though -- I think the root of the problem is people mixing up the 100 last posts thread with this thread because the headlines are so similar. Please move any discussion of the "Insider Threats" entry back to that entry's thread.

i just had a thought:
microsoft has a internet gaming system set up called xbox live. some games have content that you can buy off the service and for that reasone microsoft takes a copy of your credit card # when you start an acount. if i log on with a xbox i can go look at my info and see the credit card info. my question is: how secure is this? how do they (microsoft) know its my xbox and not someone elses?

I was looking for this RSS/RDF and did not find it. Would be great to add it in the HTML header if the rss is available.