McCoy accidentally injects himself with an overdose of cordrazine , a drug which makes him exhibit signs of paranoia and madness, while treating an ailing Sulu on the Bridge. Delirious, he beams down to a nearby planet's surface, with Kirk and a landing party on his heels. They are too late to stop the doctor from leaping through a living time machine called &quot;The Guardian of Forever.&quot; At that moment, the U.S.S. Enterprise ceases to exist and the landing party is stranded. The Guardian explains that McCoy went back into Earth 's history and changed it, thereby altering the future. Kirk and Spock go through the Guardian, to Depression-era America, a few days before McCoy is to arrive and change history. They encounter a social worker, Edith Keeler , who helps them find work to pay for the equipment Spock requires to build a tricorder . Unknown to Kirk and Spock, Edith has taken in the recently-arrived and ill McCoy. Kirk promptly falls in love with Edith and is devastated when Spock completes his tricorder and discovers that in order to repair history, they must let Edith Keeler be killed in an auto accident. If they allow McCoy to save her — as he did before — she will start an effective pacifist movement that will delay the United States' entrance into World War II, thus allowing Hitler's Germany to develop the atomic bomb first and conquer the planet. When the moment comes, a heartbroken Kirk stops McCoy from saving Edith, and the three officers journey back through the Guardian, where they find things as they should be again. Cast: William Shatner as James T. Kirk Leonard Nimoy as Spock DeForest Kelley as Leonard H. McCoy James Doohan as Montgomery Scott Nichelle Nichols as Uhura George Takei as Hikaru Sulu Guest Cast: Joan Collins as Edith Keeler John Harmon as Rodent Hal Baylor as Policeman David L. Ross as Lt. Galloway John Winston as Transporter Chief Bart La Rue as Guardian of Forever Voice Creative Staff: Director: Joseph Pevney Written By: Harlan Ellison
This was Carpenter's first feature length film as a director. It was originally made as a short while a postgraduate at college. He later expanded it into feature length with his friend and co-writer Dan O'Bannon. Dan was also the writer of Alien and Return Of The Living Dead, an excellent Night Of The Living Dead spoof. Dark Star is an inspired black comedy. Four astronauts travel around the universe indentifying and destroying unstable planets that might turn into black holes. The ship is called Dark Star, hence the films title. Technology rules the crews lives to such an extent that they are left with little to do in the monotonous stretches of space. This leads to apathy and constant bickering amongst the crew. Captain Powell (Joe saunders) has died in a gruesome accident involving an automatic seat belt he is being kept in deep freeze. He is still 'conscious' and helps the crew out as a sort of counsillor and advisor. The nervous and nerdy Pinback (O'Bannon) bears the brunt of the crews boredom and frustration. He is forced to look after an alien he has rescued, the first encounter with 'intelligent' life. This alien bears a strong resemblance to a beach ball. At one point the alien escapes from its pen and Pinback is forced to track it down. leading to some of the funniest scenes in the film. This alien beach ball has been pointed to as the source of O'Bannons script for Alien, where a rough crew (again, another Alien simliarity) are preyed upon by a killing machine that hunts them around the ship. Another and more obvious reference is the name of the ships computer in Dark Star, it is called Mother, the same name given to the computer in Alien. During a meteor storm one of the intelligent bombs arms itself and attempts to carry out its primary goal in life i.e. to explode. The crew try to reason with the bomb using philosophical arguments to convince it not to explode. This is a hilarious scene (yes, there are loads in this film) that has rightly made the film famous. Perhaps the only sane character in Dark Star is Talby, the spaced out hippy who just spends his time looking at the stars. The other characters are alwasy squabbling while Talby just relaxes. Dark Star is a very funny film, it depicts an all too plausible future where technology has robbed man of any meaningful control over his life. It offers a witty and bleak alternative to the scientific Utopia of 2001 and the excitement of Blade Runner. Alternate Versions - A Special Edition has been released in the USA but is no longer freely available. This has been re-edited to remove all the stuff that was added to turn the film from a college project to a feature film. The extra stuff is at the end. The format is widescreen. The re-release of Dark Star in the UK has led to some magazines re-reviewing it : New Musical Express, August 1997, Andrew Sumner : John Carpenter's ultra-low budget student debut Dark Star, co-written by the director with future Alien screenwriter Dan O'Bannon, was a warped slap in the face to the kind of self-important sci-fi crypticism ushered in by Stanley Kubrick's ponderous, wildy overated 2001: A Space Odyssey two years before. Starring O'Bannon himself as ultra-neurotic spaceman Pinback, plus a cast of hirsute unknowns, the movies covers the last days in the life of four deep-space stoner garbage men trapped in a rusting starship and lumbered with a brain-numbingly tedious 20 year bombing mission. Highlights include Pinback's running battle with an alien space hopper, wobbly conversations with the ship's deep-frozen captain and a lengthy philosophical debate with a sentient, megalomaniacal bomb which has become convinced it is God. A subversive college-boy masterpiece which remains eminently watchable nearly 30 years later, Dark Star foreshadowed the pure cinematic brilliance of Assault On Precint 13 and serves as a sobering testament to Carpenter's pre-schlockmesiter brilliance.
25th Anniversary of TRON 07/09/2007 9:20 by Todd &quot; TheReelTodd &quot; Washburn It was on July 9, 1982 that the ground breaking film TRON was released upon movie audiences. The world got its first glimpse in to a little something called cyberspace long before the term cyberspace even existed. The digital world of TRON offered new and amazing 3D computer animation, the likes of which had never before been seen by movie audiences. The visual effects were incredible and had many of us dropping our jaws in awe of its amazing look and style. The concept of taking a living, breathing human and digitizing him in to the world within the computer's active memory was equally as impressive as the stunning visuals. In 1982, most kids were hooked on the relatively new form of entertainment known as video games - playing in the arcades and also at home on the classic consoles of the day. Home computers were just starting to catch on. Watching the character of Kevin Flynn being forced to play video games, from within the computer itself, was something that every video game enthusiast longed for... or at least many of us did. TRON unfortunately didn't do well at the box office. It wasn't exactly promoted very well. I clearly remember seeing TV commercials for the film and wondering to myself, ''What? With all the cool stuff in the film, they're showing that?'' Many of us first learned of TRON in a TV special called ''Computers Are People Too''. The story they did on TRON in that TV special was far better than any advertising I saw just before it came out. Poor promotion, perhaps along with an audience that didn't quite grasp the concept of a digital world lead to TRON not doing well at the box office. My first thoughts after seeing TRON (once I was able to come off the high of seeing it compose myself) was that it would no doubt be as big as Star Wars had a few years before. I didn't understand how it just faded away so quickly without the huge frenzy that Star Wars generated, but that is how it went 25 years ago. Over the years, TRON has remained a favorite to many of us who were fortunate enough to have caught it in the theater in 1982. It has also picked up many new fans in the time since - many of which were not even alive when TRON first hit the theaters. TRON has, in fact, had more staying power and created more new fans over the years than almost any other film from 25 years ago. Today, on this 25th anniversary, we are looking back on this amazing blend of energy, light, art, science, and storytelling. TRON is 25 and still glowing strong! The celebration doesn't stop here. Our friend and resident pixel pusher Sketch has some cool TRON desktop wallpapers that are available for download. Special thanks to Sketch for taking the time to make these awesome wallpapers, based on the 25th Anniversary poster graphic he designed for this story!
Clarke privately circulated in 1945 May a proposal titled The Space-Station: Its Radio Applications in six typed manuscripts. The top copy of that is now in the National Air and Space Museum, Smithsonian Institution, Washington D.C. It was reprinted in Spaceflight , Vol 10. no 3, March 1968 pp 85-86 and in Ascent to Orbit pp 57-58. In Ascent to Orbit Clarke says the paper with original title The Future of World Communications was written in late June and submitted to the RAF censor on July 7th. It was sent to Wireless World on August 13th and accepted on September 1st. The editor had changed title to Extra-Terrestrial Relays and published it in the 1945 October issue of Wireless World (pages 305-308). The 150 dpi scanned images of pages 305-308 of an original 1945 Wireless World magazine is linked below. Note that the last two pages reprinted in Ascent to Orbit have been reformatted omiting an illustration on page 307 which had no Figure number. See also the copy edited OCR text in HTML.
Navigation: Make this their agenda – get their buy in Confirm time make it look like you are rushed by them and use it as an excuse to ask the tough questions
Customization of off-the-shelf software is the weakest link in application security. This is particularly true for widely used enterprise products such as SAP AG and Oracle Corp” Gartner, 09/2005
Main point of the slide: In addition to securely extending your enterprise, you need to comply with new corporate governance requirements (e.g. internal controls referenced in Sarbanes-Oxley) and government regulations (e.g. data privacy referenced in HIPAA, CA 1386, GLBA, etc.). A new industry framework called Information Security Governance is the means to achieve both objectives. The new reality is that businesses are in a constant balancing act, trying to meet the demands of stakeholders by extending them deeper access to information assets while also protecting that information from attack/theft AND complying with multiple government regulations around information privacy and corporate governance. , established in December 2003, has been challenged to create a new framework called Information Security Governance (ISG). The ISG framework will help enterprises assess and remediate information security issues, comply with various privacy regulations, and ultimately result in improved national cybersecurity.
Ask about patch management How do you deal with it Who do you use Ask questions without making it a survey See if they are a security pragmatist / prudent Ask about partner requirements Shield without patch – find out about how many applications and legacy systems
Sample Script: Unlike Application Proxy or System Execution Control approaches that mitigate once the attack has penetrated into user-mode or in the case of System Execution Control when the application is attempting to execute the malicious attack - A Deep HIP approach blocks at the network layer, before it has had a chance to penetrate the system. Additionally, by being implemented in kernel mode as a driver, our agent is more secure and less prone to attacks itself.
Sample Script: Accuracy is important consideration of any security control and usually measured based on ability to prevent false negatives and false positives. False negatives are instances where malicious system execution or data is not prevented by the control and are allowed to occur. False positives on the other hand, are instances where the control prevents appropriate system execution or data traffic. The two curves are related by sensitivity, as security sensitivity is increased to lower false negatives, the incidence of false positives increases and vice versa when sensitivity is relaxed to reduce false positives. By providing a layered model, our approach allows organizations to tune the system for optimum accuracy and lowest false negatives. Our data correction capabilities allow a reduction in both false negatives and false positives by neutralizing suspect traffic without dropping the transaction – additionally, smart filters reduces dependency on signature based approaches which are prone to false positives.
SELF-DEFENDING HOSTS: LESSONS FROM STAR TREK Brian O’Higgins CTO, Third Brigade
“… because as we know , there are known knowns ; there are things we know we know . We also know there are known unknowns ; that is to say we know there are some things we do not know . But there are also unknown unknowns -- the ones we don't know we don't know .”
Malware “Firsts” ‘ Big’ attacks were common a few years ago Malware is becoming more stealthy now Elk Cloner Apple II 1981 1980 1990 2000 2007 Len Eidelman Coins ‘virus’ 1983 1 st PC boot Sector virus ‘ Brain’ 1986 1 st worm Morris Worm 1988 1 st poly-morphic virus 1990 1 st mass-hysteria Michangelo 1992 1 st macro virus ‘ concept’ 1995 CIH virus first version appears 1998 Melissa, Targets word and outlook 1999 ‘ I love you” Virus. Most costly. 2001 Code Red, Nimda 2001 SQL Slammer, Blaster 2003 Witty, Sasser 2003 Santy, 1 st web worm 2004 1 st MySpace worm 2006 WMF 1 st zero day 2005
Security Market Hamster Wheel Exploits occur Temporary Balance Bad guys innovate Consolidation Point Solutions
Vulnerability Cycle Discovery Crude Tools Users exploit Crude tools Automated scanning tools Widespread use Time Intruders move to New exploits www.cert.org 2005: average 6 days from discovery to exploit, average 54 days for a patch ( Symantec Internet Security Threat Report, 2005 ) Security holes don’t die, the half-life is 19 days after a patch is issued for critical vulnerabilities (48 days for internal systems) * Qualys Jan 2006 Hacking festival kicks off
“ 4,375 vulnerabilities in the first 9 months of 2006. Web flaws are the 3 most common.” Mitre Corp, 09/2006
“ Customization of off-the-shelf software is
the weakest link in application security”.
“ By 2009, 80% of enterprises will fall victim to an application attack”.
Vulnerabilities Many ways to exploit a vulnerability with targeted attacks Web Server Microsoft, Apache, Netscape… Database Oracle, Microsoft, Sybase, IBM… Firewall Firewall Firewall App Server BEA, IBM, Oracle, Sun… Insider Authenticated Pre-authenticated OS Windows, Linux, Solaris OS OS
Cross Site Scripting (cross site request forgeries), bypass network defenses “Sleeping Giant” vulnerability Web Server Corporate Network Boundary Firewall + Network Intrusion Prevention
User browses (rules allow this)
Minimizing Risk Threat * Vulnerability Countermeasures Risk = * Value Don’t look at threat vs countermeasures. Consider vulnerability vs countermeasures. Maximize this Minimize this People or thing
Security in Balance Security $ low high high Cost of breaches Cost of security Total Cost Optimal Expenditure
New threats increase risk source: Bob Blakely, Burton Group (Re)Normalized Residual Risk 1 0 (Threat, Vulnerability) Product 1 Product 1 Risk Tax before new threat Product 1 Risk Tax after new threat
Compliance Balancing Act is Hard Suppliers Employees, Branch Offices Customers Streamlined Business Processes Access to Services & Information Extended Enterprise Information Security Governance Governance & Regulation HIPAA GLBA PCI Sarbanes-Oxley EU Data Protection Act FISMA Policies, Procedures, Operations MITS CA SB1386 PIPEDA SEC Regs NERC Others… Web
HIPS: Network-based vs. Behavior-based Approach Applications & Services TCP/IP Network Approach Kernel-mode User-mode System Execution Control Hardware 2 1 Host Computer Behavior-based: System Execution Control blocks attacks at application calls to the OS 2 Network Approach: Deep Packet Inspection blocks attacks at the network layer 1 Management Overhead
Tuning Sensitivity Probability of error False Positives (FP): Appropriate system execution is halted or data traffic is dropped False Negatives (FN): Malicious system execution is allowed or data traffic accepted 0 1
Close to the host is the best location for tuning accuracy
Drive the curves down for a broader acceptable operating range
Blended filtering approach Filtered Traffic Raw Traffic Stateful Firewall Exploit Filters Vulnerability Filters Smart Filters Custom Filters 1 2 3 4 5 Deep packet inspection Greater chance of false negatives Greater chance of false positives
blended approach Filtered Traffic Allow known good Raw Traffic Stop known bad Shield known vulnerabilities Shield unknown vulnerabilities (Zero-day) Stateful Firewall Exploit Filters Vulnerability Filters Smart Filters Custom Filters 1 2 3 4 5 Protect specific applications Deep packet inspection
Protection for custom web applications Unprotected Protected Tested with industry-leading web application scanner, against 1000’s of attacks 17 10. Insecure configuration management 2 9. Denial of service 0 8. Insecure storage 23 7. Improper error handling 13 6. Injection flaws 3 5. Buffer overflows 8 4. Cross site scripting (XSS) flaws 10 3. Broken authentication and session mgt. 0 2. Broken access control 25 # Vuln’s 1. Unvalidated input OWASP Top 10 Vulnerabilities 2 0 0 0 0 0 0 0 0 0 # Vuln’s
Towards self-defending hosts in a dynamic threat environment Extended Enterprise Host security (IDS/IPS) everywhere there is IP Porous perimeter Recommendation Engine In-the-cloud collaboration Sensor Networks Vulnerability info Security Manager Research challenge: sense, and tune appropriately