Next Page: 10000

          Important Factors to Consider When Choosing a Forex Broker      Cache   Translate Page      
Deck: 
The top ten factors...
Topic: 
Hub Category: 
Body: 

Over the years, the number of forex brokers has continued to increase. If you are a new trader, deciding which forex broker to use can be tough. You won’t have a successful and profitable trading experience if you are not careful when choosing your forex broker.

This article will show you some of the most important factors you need to consider before you choose a forex broker. For more information on how to make smart decisions irrespective of whether you are trading forex, CFDs, or stocks, we encourage you to visit https://www.asktraders.com/.

Top 10 Factors to Consider Before Choosing A Forex Broker

1.Regulation

Before choosing a forex broker, you need to make sure that the broker has proper regulation. Proper regulation indicates that:

  • The broker is adequately capitalized. This means that the broker will be in a position to handle trading losses.
  • The broker will keep all your funds in accounts that are both segregated and secure.
  • The broker has fair trading practices. The trader will make sure that all your trades get executed at the current prevailing market prices.

Choosing a broker before considering whether the broker has a clean regulatory record will deny you the above protections and much more. It is worth noting that regulatory standards do vary depending on the regulatory regime. If a forex broker is doing business in numerous countries, the broker will be licensed and registered by different regulators. Genuine forex brokers will have a list of their regulators on their websites. You can always confirm whether the claims made by the broker are true by checking the regulators’ websites.

2.Trade Execution

Your trades won’t get filled in a timely manner and at the best rates if you fail to make sure that the forex broker you choose has great trade execution practices. Basically, you can choose from two types of brokers. The 2 types of brokers are:

  • Market Makers – These brokers deal with desks.
  • STP brokers – These are the forex brokers who will pass the orders you make into the interbank market.

Below we have expounded on the above forex brokers:

Dealing Desk Brokers/Market Makers

If you happen to enter into a trade with a market maker, the broker will be your direct counterparty. The broker will take the other side of all your trades. What this means is that every time you make gains on any of your trades, the gains will be a loss to the broker. If the broker makes any gains, these will be a loss to you.

This does not mean that the dealing desk brokers will be working against you. Their business model involves making bids when clients enter or exit trades. They usually offset your trades market risk with trades from their other clients and their liquidity provider. Dealing desk brokers usually offer fixed spreads. They determine the rates made available to the clients.

STP (Straight Through Processing) Brokers

These brokers will route any order you make to the interbank market. The interbank market is usually comprised of mutual funds, banks, hedge funds, etc. The STP brokers lack direct control over the quotes the clients see. They usually provide floating spreads. The spreads usually widen in case of market illiquidity and volatility.

Some STP brokers will let your orders interact with other orders. This happens within an ECN (Electronic trading Network). This gives you the chance to see the best price offered at that moment. This information can help you assess the market depth.

3.Data Security

When opening an account with any forex broker, you will have to transmit a lot of your financial and personal data. Some of the data the forex broker will require includes:

  • Utility bills
  • Bank account information
  • Your passport copies
  • Credit card numbers

If the trader does not take internet security seriously, your financial and personal data may end up being stolen. This can put you at the risk of your trading activities being disrupted and your identity being stolen. Before deciding to use a forex broker for trading, you will need to make sure that the trader uses the services of a reputable internet security company.

Also, make sure that the company has installed the SSL (Secure Security Layer) encryption. The SSL encryption makes sure that your data is encrypted during transmission over the internet. This denies the wrong parties a chance to intercept this data. Be sure to check the company’s Privacy Policy Statement to ensure that the broker confirms that the data they collect is kept private.

4.The Trading Costs

Trading costs can have a big impact on trade profitability. If you are a high-volume trader, you should never ignore the trading costs factor. Quality in the forex trading business does not have to be expensive. Before choosing a forex broker, take your time to find a broker who is committed to offering the clients high-quality services at a fee they won’t have to struggle to afford. It is important to avoid compromising on the quality because you want to save yourself some money. In some cases, cheap may end up being expensive.

5.Product Coverage

Nowadays, it is possible to use a single forex broker to trade more than just currencies. Some brokers will give you access to other important areas of the capital markets. All this can be done via a single forex account. A forex broker offering broad product coverage is much better. A good broker should offer you a chance to venture into:

  • Stock indices
  • Precious metals
  • Commodities
  • Cryptocurrencies, and much more

The more product coverage a broker offers, the more chances you have of making more profits.

6.Customer Service

Good customer service is useful for all traders. However, if you are a novice trader, you will find a helpful customer support team even more useful. The team will help you solve any issues you may have when opening your account. They will also help you learn forex trading and also figure out how to use the trading software.

Choose a forex broker who allows you to have access to the customer support any time you need it. A great broker will allow you to access support in different ways. These include:

  • Via the email
  • Via calling
  • Using the live chat
  • Using a contact form

Some great forex brokers will assign personal account managers to you to make things much easier for you. While this service may be subject to meeting certain minimum deposit thresholds, having a personal account manager is always a good thing.

Conclusion

Before choosing a forex broker, it is important to do a background check on the broker to ensure that you won’t regret your decision in the future. This article offers you some of the factors that you need to check in a broker. Choosing a great broker will allow you to enjoy the trading experience and also make more profit. 


          Systems Administrator - Geller & Company - New York, NY      Cache   Translate Page      
Create/modify virtual machines in VMware vSphere. Working knowledge of McAfee DLP, HIPS, & Endpoint Encryption....
From Geller & Company - Fri, 12 Oct 2018 20:34:37 GMT - View all New York, NY jobs
          Cloud Encryption Market is Expected to Represent a Significant CAGR of 34.82% By 2022 | Million Insights      Cache   Translate Page      
...p>The market may be categorized based on verticals like aerospace and defense, banking, financial services, and insurance (BFSI), retail, healthcare, telecom and IT, government and public utilities, and others could be explored in the forecast period. The telecom and IT ...

          Comment on Leica T, TL and TL2 dynamic range and sensor measurements test results published online by John-F      Cache   Translate Page      
The Leica TL2 beat them all. Including the Fuji X-T3 and the EOS M6. Incredible! Sadly, many people scoff at Leica prices and think that the premium price is basically related to the name brand and the aura that surrounds the Leica name. I hope these tests will serve to convince them (or maybe some of them) that Leica is a serious competitor in the high-end world of digital photography. IMHO, Leica digital photography is a better option because it combines many unique advantages: superior optical engineering and knowledge of mirrorless design, superior manufacturing techniques, extensive Quality Control at every step of the manufacturing process (for both lenses and cameras), meaning no statistical (hypergeometric) sampling tests - every lens is tested and re-tested. Minimalist intelligent user interface, and no encryption of any part of the digital files are also important. Add to this one of the most modern and up-to-date ASIC chip (Maestro II) based on the same Milbeault architecture designed by Fujitsu (and also used by Nikon for its Expeed ASIC chips), the inclusion of a modern FPGA chip, the Xilinx Artix-7, to complement the work of the Maestro. And finally, a willingness to work with many different players in the world of digital photography, digital signal processing, digital sensor design, advanced physics, and university engineering faculties. Faculties and companies in the US, Belgium, France, Japan, Germany, Israel and China. All this from a “little“ company with only 1600 employees! Yes, Leica products are more expensive. But if you think that what you are buying is just a pretty box with a big name on it, you are making a big mistake. Leica cameras and lenses are a unique experience.
          Estimate all the {LWE, NTRU} schemes!, by Martin R. Albrecht and Benjamin R. Curtis and Amit Deo and Alex Davidson and Rachel Player and Eamonn W. Postlethwaite and Fernando Virdia and Thomas Wunderer      Cache   Translate Page      
We consider all LWE- and NTRU-based encryption, key encapsulation, and digital signature schemes proposed for standardisation as part of the Post-Quantum Cryptography process run by the US National Institute of Standards and Technology (NIST). In particular, we investigate the impact that different estimates for the asymptotic runtime of (block-wise) lattice reduction have on the predicted security of these schemes. Relying on the ``LWE estimator'' of Albrecht et al., we estimate the cost of running primal and dual lattice attacks against every LWE-based scheme, using every cost model proposed as part of a submission. Furthermore, we estimate the security of the proposed NTRU-based schemes against the primal attack under all cost models for lattice reduction.
          Efficient and Secure Outsourcing of Genomic Data Storage, by João Sá Sousa and Cédric Lefebvre and Zhicong Huang and Jean Louis Raisaro and Carlos Aguilar and Marc-Olivier Killijian and Jean-Pierre Hubaux      Cache   Translate Page      
Cloud computing is becoming the preferred solution for efficiently dealing with the increasing amount of genomic data. Yet, outsourcing storage and processing of sensitive data, such as genomic data, comes with important concerns related to privacy and security. This calls for new sophisticated techniques that ensure data protection from untrusted cloud providers and still enables researchers to obtain useful information. We present a novel privacy-preserving algorithm for fully outsourcing the storage of large genomic data files to a public cloud and enable researchers to efficiently search for variants of interest. To preserve data and query confidentiality from possible leakage, our solution exploits optimal encoding for genomic variants and combines it with homomorphic encryption and private information retrieval. The proposed algorithm is implemented in C++ and evaluated on real data as part of the 2016 iDash genome privacy-protection challenge. Results show that our solution outperforms the state-of-the-art and enables researchers to search over millions of encrypted variants in a few seconds. As opposed to prior beliefs that sophisticated privacy-enhancing technologies (PETs) are unpractical for real operational settings, our solution demonstrates that, in the case of genomic data, PETs can represent very efficient enablers.
          12/5/2018: NEWS: Encryption laws compromise      Cache   Translate Page      
NEW encryption laws to catch terrorists and paedophiles secretly communicating will be passed this week after the Morrison Government and Labor came to an agreement. Negotiations between both parties broke down late last week but the two sides came to...
          Australia's Liberals make it harder to roll leader      Cache   Translate Page      
Bernard Keane has the latest from Australia where the Liberal Party has passed a new rule to make it harder to get rid of its leader, Malcolm Turnbull is calling for an early election and there's a push by the government to rush a bill through imposing new powers to force tech companies to plant spyware to defeat encryption.
          Bypass of Disabled System Functions      Cache   Translate Page      

Imagine that you discover an Unrestricted File Upload vulnerability and upload a web shell to the server. Or, you have a payload that allows you to execute commands on the system through Local File Inclusion (LFI) or Remote File Inclusion (RFI) vulnerabilities.

Bypass of Disabled System Functions

When you execute the command that’s expected to call system functions on the server side, you’re greeted by a surprise warning which states that you’re not allowed to execute the function because it’s disabled.

www.example.com/shell.php?cmd=whoami

Warning: system() has been disabled for security reasons in /var/www/html/shell.php on line 6

The disable_functions directive in the php.ini configuration file allows you to disable certain PHP functions. One of the suggested hardening practices is to disable functions such as system, exec, shell_exec, passthru, by using the disable_functions directive to prevent an attacker from executing system commands. However, a user named Twoster in the Russian Antichat forum announced a new bypass method to this security mechanism. In this blog post, we discuss the technical details of the bypass.

The Exploit Code of the Bypass

Last week, Anton Lopanitsyn shared the exploit code on Github after the announcement on the Antichat forum. In the exploit code, it’s clear that the bypass relies on the imap_open() function, which is activated after the installation of the imap extension on PHP.

<?php
# CRLF (c)
# echo '1234567890'>/tmp/test0001

$server = "x -oProxyCommand=echo\tZWNobyAnMTIzNDU2Nzg5MCc+L3RtcC90ZXN0MDAwMQo=|base64\t-d|sh}";

imap_open('{'.$server.':143/imap}INBOX', '', '') or die("\n\nError: ".imap_last_error());

The imap_open() function doesn’t readily exist in the PHP core. It’s a wrapper for imapd, designed by the researchers at the University of Washington. As stated above, PHP will have the imap_open() function defined only after you've installed the IMAP PHP extension. Let’s analyze each component in the exploit code.

The Parameters of imap_open Function

We’re going to take a closer look at the mailbox parameter the function takes, to understand how the imap_open function works in the exploit. Here is the syntax of the function:

resource imap_open ( string $mailbox , string $username , string $password [, int $options = 0 [, int $n_retries = 0 [, array $params = NULL ]]] )

The value for the mailbox parameter consists of the server name and the mailbox file path on the server. The name INBOX stands for the current user’s personal mailbox. This is how you set the mailbox parameter:

$mbox = imap_open ("{localhost:993/PROTOCOL/FLAG}INBOX", "user_id", "password");

Between the brackets, you can see the server name or IP address, the port number (after the colon) and the protocol name. After the protocol name, the user can choose to set a flag as the third parameter.

The warning in the official documentation of PHP about setting up the imap_open parameters is crucial.

This warning states that unless enable_insecure_rsh is disabled, the user data should not be directly transmitted to the mailbox parameter.

This warning states that unless enable_insecure_rsh is disabled, the user data should not be directly transmitted to the mailbox parameter. Let's take a look at  how the IMAP extension works to understand what the enable_insecure_rsh configuration option does, and why the warning prompts users to disable it.

The IMAP Server Types and SSH Connection

There are two Unix-based IMAP servers that are widely used. One is imapd, developed by the University of Washington, and the other is the IMAP server developed by Cyrus.

Cyrus stores the user emails in a built-in database. So, accessing Cyrus is only possible through the IMAP protocol. This is why when Cyrus is in use, there are no connections between user accounts on the Unix system on which the IMAP is installed and the IMAP accounts.

On the other hand, imapd stores the emails in files owned by the mail users on the Unix system, such as /var/spool/mail. User accounts and access privileges on imapd are directly related to the Unix server. If your mails are stored in a spool file to which you have authorization, you can login through SSH and verify your privileges on the files.

There’s no need for the entire procedure to establish an IMAP connection when there’s SSH. The imap_open function initially establishes an SSH connection and, if authorized, proceeds without an IMAP connection. This is called the IMAP preauthenticated mode. The warning given for passing the value in the mailbox parameter is based on this. The mailbox value will be passed on to the SSH command as a parameter while setting up an SSH connection.

Before the secure SSH protocol was widely used, there was a protocol called rsh. However, it's quite insecure by default, doesn't use encryption and shouldn't be used for connections outside (and even inside) the local network. The imap.enable_insecure_rsh configuration option deactivates both rsh and ssh for preauthentication.

The -oProxyCommand in the Exploit

One of the many parameters the SSH command uses is the -o parameter, which allows you to set the options available for use during the connection. ProxyCommand is one of the options that can be set right before commencing the SSH connection. For example:

ssh -oProxyCommand="touch tmp.txt" localhost

When you execute this command, you’ll realize that the tmp.txt file will be created even if an SSH connection is not made to localhost.

The -oProxyCommand in the Exploit

Due to all the components in the exploit code, a system which has functions such as system and passthru disabled will still be vulnerable to executing commands in RFI or LFI vulnerabilities.

Additional Measures Against the Bypass

There are two ways to protect yourself against the dangers of the imap PHP extension. The first is by checking for any special characters (such as forward slashes) whenever you pass user input to imap_open, which would prevent a Remote Code Execution vulnerability. We stated above that you can use certain flags within the mailbox parameter. The /norsh flag is one of these and you should set it in order to disable the IMAP preauthenticated mode.

In addition, an effective defence against the disable_functions bypass is to disable the imap.enable_insecure_rsh option by giving a '0' value in the php.ini file. However, in PHP version 5, this option isn’t available, so you should think twice whether you need the imap extension and whether you should add imap_open to your list of disabled functions.

Authors, Netsparker Security Researchers:

Ziyahan Albeniz
Sven Morgenroth
Umran Yildirimkaya


          MemoryBank Review      Cache   Translate Page      

You can do just about anything online today, including all of your banking. If you can handle never going to the bank drive-up again, read on to see if MemoryBank is a good fit for you.

MemoryBank is a division of Republic Bank & Trust. They operate solely online. You can access your banking services on your computer, laptop, phone, or tablet - anywhere that you have an internet connection. Because they don't have the overhead of physical branches, they can pass the savings on to their customers with higher interest rates.

If you are comfortable depositing checks via your mobile phone, checking balances online, and talking with a banker over the phone rather than in person, then MemoryBank may be a good choice for you.

MemoryBank keeps things simple with only two accounts to choose from - one checking and one savings account. Keep reading to see if they are a good fit for you.

EarnMore Checking Account

You don't need a minimum opening balance or minimum average balance to keep the EarnMore Checking Account. There is no monthly fee and no minimum balances to worry yourself about each month. This account does earn interest (higher interest than many other banks) and you have the freedom of writing checks or using your MasterCard Debit Card to make purchases.

They do charge for some of their services, like most banks do for things like NSF, overdrafts, and stop payments. If you want to receive a paper statement in the mail, you'll pay a small fee for that as well.

Online Money Market Account

The Online Money Market Account gives you access to even higher interest rates with the same benefits. The only exception is the number of withdrawals you can make. Per FDIC rules, you may only make six withdrawals per cycle. If you make more withdrawals, you may have to pay an "excessive withdrawal fee."

Like the EarnMore Checking Account, the Online Money Market Account doesn't charge monthly service fees and you have 24/7 access to your accounts.

Contacting MemoryBank:

1-877-757-3400
Monday - Friday 7:30 AM to 8:00 PM E.T.

Reasons We Like MemoryBank

  • MemoryBank is FDIC insured. You don't have to worry about your money if MemoryBank goes out of business. The FDIC insures each individual's accounts up to $250,000.

  • MemoryBank has more than 92,000 network ATMs. You can use the MemoryBank app or the online ATM locator to find the ATM closest to you. In addition, MemoryBank doesn't charge a fee if you use an ATM outside of their network. But the third-party bank that you do use may charge a fee, so make sure you check ahead of time.

  • You can open an account from home in about 10 minutes. The entire application for either MemoryBank account is online. With just a few pieces of information, you can open an account and start earning interest.

  • You can live anywhere in the United States to open an account. Since the account is online, you don't have to worry about living near a branch. Everyone accesses their money electronically with these online accounts.

  • MemoryBank takes security seriously. MemoryBank uses many precautions to keep your information safe. They use 128-bit encryption, provide one-time passwords when you log in on a new device, and use chip technology to prevent credit/debit card fraud.

  • You can set up MemoryAlert notifications. You can choose the type of alerts you receive and the method you receive them. For example, you can set up alerts for a low balance threshold, transactions of a certain amount, or deposits. You can receive the alerts via text, email, or push notifications via the app.

  • You can earn Purchase Rewards. In the MemoryBank app or in your account online, you can activate offers available in your account. If you then make the purchase required to earn the reward with your MemoryBank Visa card, you'll earn the cashback. MemoryBank will deposit the rewards as cash in your bank account as stated in your account agreement.

  • You can set up a mobile wallet with your MemoryBank MasterCard Debit Card. MemoryBank is compatible with Apple Pay, Samsung Pay, and Android Pay. If you set up a mobile wallet, you can pay without taking your card with you.

  • You can get free online statements going back 18 months. You'll receive all of your bank statements online, but you can print them for free. MemoryBank gives you access to the statements for the last 18 months. This can be helpful during tax season or any other time you need to organize your finances.

  • You can deposit your money without leaving home. Since there aren't any branches, you must deposit your money electronically. You can do so with the app and mobile deposit. You just take a picture of the check and follow the instructions. You can also set up Direct Deposit with your employer.

Reasons You May Want to Look Elsewhere

  • You have limited choices. Many online banks have at least a few checking and savings accounts to choose from. MemoryBank has one checking and one savings account. Because they don't have many requirements, it's not the worst deal, but it is nice to have options when opening a new bank account.

  • You can't go into a physical branch. No one is able to go into a physical branch. If you like to be able to bank face-to-face or prefer making deposits in person rather than via the internet, this may not be the right bank for you.

  • MemoryBank doesn't have any options for business accounts. The only two accounts that MemoryBank offers are personal accounts. If you like to have your business and personal accounts at the same bank, you may want to look elsewhere.

How It Compares

  • MySavingsDirect As the name suggests, MySavingsDirect only offers online savings accounts. They have two options: the High Interest Savings and the CD. The savings account doesn't have minimum account balance requirements and it doesn't have a monthly service fee. You conduct your transactions online and don't have a physical branch to visit, just like MemoryBank.

Bottom Line

If you are ready to take the plunge into digital banking, MemoryBank could be a great place to start. Without complicated accounts to filter through and minimal fees, you can test the waters to see if digital banking is right for you.

MemoryBank Review appeared first on CreditDonkey

Disclaimer: Opinions expressed here are author's alone. Please support CreditDonkey on our mission to help you make savvy decisions. Our free online service is made possible through financial relationships with some of the products and services mentioned on this site. We may receive compensation if you shop through links in our content.

Disclaimer: This content was first published on December 4, 2018. Information including rates, fees, terms and benefits may vary, be out of date, or not applicable to you. Information is provided without warranty. Please check the bank's website for updated information.


          Scott Morrison says he'll make school anti-discrimination bill 'a conscience issue' – politics live      Cache   Translate Page      

PM says ‘let’s take the parties out of’ bill delayed until next year; as government moves closer to passing encryption legislation after in-principle support from Labor. All the day’s events, live

Timing

This is my Bill to protect children from discrimination based on their sexuality, and to protect religious freedoms. Let’s get this done. pic.twitter.com/uhKTIMHenA

File this under quelle surprise:

Bill Shorten will shortly confirm Labor will NOT support conscience vote on discrimination against gay students.

Continue reading...
          (USA-HI-Hilo) Civil Engineer      Cache   Translate Page      
* Videos * Duties Help ## Duties ### Summary USDA is a great place to start or continue your career. USDA is ranked as one of the top 10 "Best Places to Work in the Federal Government" by the Partnership for Public Service. Rankings are based on employee feedback regarding satisfaction with their work experience. Learn more about this agency ### Responsibilities This position is located in an Area or State Office, USDA, Rural Development (RD). The incumbent performs a variety of assignments requiring professional experience and technical competence in civil engineering activities, procedures, principles, techniques and evaluations utilized in the performance of supervised rural credit and development programs. * Advises and consults with private groups, public bodies and state and/or Federal agencies on the civil engineering and architectural aspects of projects financed by RD loan and grant programs. * Reviews planning documents/Preliminary Engineering Reports (PER)/Preliminary Architect Reports (PAR) and completed analyses and recommendations regarding the technical merit of applications for funding. * Reviews and concurs with Agreements for Engineering/Architect Services, construction project preliminary plans, drawings, designs, specifications and cost estimates. * Advises and gives training to state and Federal managers on civil engineering and/or environmental issues, as well as architectural, and related phases of the RD activity. * Maintains close working relationships with representatives of other Federal agencies, colleges, State and local agencies, contractors and materials suppliers to exchange information and to solicit their assistance on program matters and to keep informed of trends and costs relative to materials, practices and designs. ### Travel Required Occasional travel - 1-5 days per month as required ##### Supervisory status Yes ##### Promotion Potential 12 * #### Job family (Series) 0810 Civil Engineering #### Similar jobs * Civil Engineers * Construction Engineers * Engineers, Civil * Engineers, Construction * Requirements Help ## Requirements ### Conditions of Employment * US Citizenship is required * CONFIDENTIAL FINANCIAL DISCLOSURE REPORT: If selected, you will be required to submit Form OGE-450 within 30 days of your initial appointment date, and annually thereafter. Selectee is subject to financial Disclosure Requirements in accordance with 5 CFR, Part 2635, Sub part E regarding business or personal transactions with applicants, borrowers, or business contacts who have or who are seeking business with this Agency. Selectee must be able to obtain and maintain a security clearance. If selected you will be subject to a National Agency Check and Inquiry (NACI) and a credit report. * To be eligible for appointment to this position, the new hire must be cleared to come on board once the results of the fingerprint check, review of the OF-306, Declaration for Federal Employment, and the candidate’s Electronic Questionnaires for Investigations Processing (eQIP) entries have been reviewed and determined to be satisfactory. This position requires a favorable credit check as part of the background investigation. ### Qualifications Applicants must provide documentation (such as a transcript, professional registration, Engineer-In-Training certificate, etc) to show they meet the Basic Requirements, either Option A or Option B for this position. Failure to provide documentation may result in loss of consideration for this position: **A.** Degree: professional engineering. To be acceptable, the curriculum must: (1) be in a school of engineering with at least one curriculum accredited by the Accreditation Board for Engineering and Technology (ABET) as a professional engineering curriculum; or (2) include differential and integral calculus and courses (more advanced than first-year physics and chemistry) in five of the following seven areas of engineering science or physics: (a) statics, dynamics; (b) strength of materials (stress-strain relationships); (c) fluid mechanics, hydraulics; (d) thermodynamics; (e) electrical fields and circuits; (f) nature and properties of materials (relating particle and aggregate structure to properties); and (g) any other comparable area of fundamental engineering science or physics, such as optics, heat transfer, soil mechanics, or electronics. **OR B.**Combination of education and experience: College-level education and technical experience, that furnished a thorough knowledge of the physical and mathematical sciences underlying professional engineering, and a good understanding of the theoretical and practical engineering sciences and techniques and their applications to one of the branches of engineering. The adequacy of such background must be demonstrated by one of the following: (1) Professional registration; (2) Written test - Engineer-In-Training (EIT) examination and have completed degree requirements as stated on website; (3) Specified academic courses (see list at OPM website above); (4) Related curriculum with appropriate experience (see OPM website above). **In addition to meeting the basic requirements, applicants must meet the following:** Applicants must meet all qualification and eligibility requirements by the closing date of the announcement including the following specialized experience and identified by the grade level. **For the GS-11** **level:** Applicants must have 1 year of specialized experience equivalent to at least the GS-09; or its non-Federal equivalent that demonstrates: experience analyzing construction project preliminary plans, drawings, designs, specifications, cost estimates and contract documents for the construction of routine projects financed for loan programs such as community water supply and waste disposal systems; delivering pre-developed training programs to both individual and group levels; assisting with technical policies and procedures that strengthen the Agency’s ability to deliver quality loan programs **OR**Ph.D. or equivalent doctoral degree or 3 full years of progressively higher level graduate education leading to such a degree, if related. **Equivalent combination of education and experience are qualifying for this grade level.** **For the GS-12 level:** Applicants must have 1 year of specialized experience equivalent to at least the GS-11; or its non-Federal equivalent that demonstrates: experience examining, evaluating, reviewing and analyzing construction project preliminary plans, drawings, designs, specifications, cost estimates and contract documents for the construction of major complex projects financed for loan programs such as community water supply and waste disposal systems; identifying training needs of personnel and implementing and delivering training on both individual and group levels; recommending technical policies and procedures that strengthen the Agency’s ability to deliver quality loan programs. **There is no education substitution for this grade level.** **NOTE:** To be considered for this position, you must meet all qualification and eligibility requirements for the GS-0810 series set forth in the Office of Personnel Management (OPM) Qualifications Standards by the closing date of the announcement. A copy is available at: http://www.opm.gov/qualifications/index.asp. Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., Peace Corps, AmeriCorps) and other organizations (e.g., professional; philanthropic; religious; spiritual; community, student, social). Volunteer work helps build critical competencies, knowledge, and skills and can provide valuable training and experience that translates directly to paid employment. You will receive credit for all qualifying experience, including volunteer experience. ### Education ### Additional information * BACKGROUND INVESTIGATION AND FINGERPRINT CHECK: Selection and retention in this position is contingent on a successfully adjudicated FBI National Criminal History Check (fingerprint check) and a background investigation. * Career Transition Assistance Plan (CTAP), Reemployment Priority List (RPL) or Interagency Career Transition Assistance Plan (ICTAP): For information on how to apply as a CTAP, RPL or ICTAP eligibility see http://www.opm.gov/policy-data-oversight/workforce-restructuring/employee-guide-to-career-transition/. To exercise selection priority for this vacancy, CTAP/RPL/ICTAP candidates must meet the basic eligibility requirements and all selective factors. CTAP/ICTAP candidates must be rated and determined to be well qualified (or above) based on an evaluation of the competencies listed in the How You Will Be Evaluated section. When assessed through a score-based category rating method, CTAP/ICTAP applicants must receive a rating of at least 85 out of a possible 100. * Direct Deposit - Per Public Law 104-134 all Federal employees are required to have federal payments made by direct deposit to a financial institution of your choosing. * E-Verify: Federal law requires agencies to use the E-Verify system to confirm the employment eligibility of all new hires. If you are selected as a newly hired employee, the documentation you present for purposes of completing the Department of Homeland Security (DHS) Form I-9 on your entry-on-duty date will be verified through the DHS 'E-VERIFY' system. Under the system, the new hire is required to resolve any identified discrepancies as a condition of continued employment. * If you are a male applicant born after December 31, 1959, certify that you have registered with the Selective Service System or are exempt from having to do so. * Persons with disabilities who require alternative means for communication of program information (Braille, large print, audiotape, etc) should contact: USDA's TARGET Center at 202-720-2600 (voice and TDD). * This position is eligible for telework and other flexible work arrangements. * A 1-year probationary period is required. * If you are selected for a position with further promotion potential, you will be placed under a career development plan, and may be non-competitively promoted if you successfully complete the requirements and if recommended by management. However, promotion is neither implied nor guaranteed. Read more ### How You Will Be Evaluated You will be evaluated for this job based on how well you meet the qualifications above. Applications will be evaluated in accordance with Office of Personnel Managements (OPM) Delegated Examining Procedures using category rating. Applicants who meet basic minimum qualifications will be placed in one of two or three categories: Best Qualified, Well Qualified, or Qualified. Within these categories, applicants eligible for veteran's preference will receive selection priority over non-veterans. Category placement will be determined based on applicants quality of experience and the extent they possess the following knowledge, skills, and abilities (KSA) or competencies: * **Knowledge of Civil and Architectural Engineering standards, guides, precedents, methods and techniques.** * **Knowledge of Environmental laws, regulations, and impact analysis for Civil Engineering Projects.** * **Knowledge of building standards, principles, and practices applicable to the design, layout, and construction of commercial/business/industrial buildings and community facilities.** * **Written communication.** * **Oral communication.** Your application, including the online Assessment Questionnaire, will be reviewed to determine if you meet (a) minimum qualification requirements and (b) the resume supports the answers provided to the job-specific questions. Your resume must clearly support your responses to all the questions addressing experience and education relevant to this position. Those determined to be in the best qualified category will be referred to the selecting official for consideration. **Note**: If, after reviewing your resume and/or supporting documentation, a determination is made that you have inflated your qualifications and or experience, your rating may be lowered to more accurately reflect the submitted documentation. Please follow all instructions carefully. Errors or omissions may affect your rating. Providing inaccurate information on Federal documents could be grounds for non-selection or disciplinary action up to including removal from the Federal service. Clicking the link below will present a preview of the application form; i.e. the online questionnaire. The application form link below will only provide a preview and does not initiate the application process. To initiate the online application process, click the "Apply Online" button to the right. To view the application form, visit: https://rhs.usda.ntis.gov/cp/?event=jobs.previewApplication&jobid;=706D8F89-5EB0-4AB5-9242-A99A00B58C1E Read more ### Background checks and security clearance ##### Security clearance Public Trust - Background Investigation ##### Drug test required No * Required Documents Help ## Required Documents The following documents are required for your applicant package to be complete. Our office cannot be responsible for incompatible software, illegible fax transmissions, delays in the mail service, your system failure, etc. Encrypted documents will not be accepted. Failure to submit required, legible documents may result in loss of consideration. * Resume that includes: 1) personal information such as name, address, contact information; 2) education; 3) detailed work experience related to this position as described in the major duties including work schedule, hours worked per week, dates of employment; title, series, grade (if applicable); 4) supervisor's phone number and whether or not the supervisor may be contacted for a reference check; 5) other qualifications. * If education is required or you are using education to qualify, you must submit a copy of your college transcripts. An unofficial copy is sufficient with the application; however, if you are selected, you will be required to submit official transcripts prior to entering on duty. Education must have been successfully obtained from an accredited school, college or university. If any education was completed at a foreign institute, you must submit with your application evidence that the institute was appropriately accredited by an accrediting body recognized by the U.S. Department of Education as equivalent to U.S. education standards. There are private organizations that specialize in this evaluation and a fee is normally associated with this service. All transcripts must be in English or include an English translation. * If claiming veterans preference, you must submit a DD214, Certificate of Release from Active Duty, which shows dates of service and discharge under honorable conditions. If currently on active duty you must submit a certification of expected discharge or release from active duty service under honorable conditions not later than 120 days after the date the certification is submitted. Veterans preference must be verified prior to appointment. Without this documentation, you will not receive veteran's preference and your application will be evaluated based on the material(s) submitted. * If claiming 10-point veteran’s preference you must provide the DD214 or certification requirements (see above bullet), plus the proof of entitlement of this preference as listed on the SF-15 Application for 10-point Veterans’ Preference. The SF-15 should be included but is not required. Failure to submit these documents could result in the determination that there is insufficient documentation to support your claim for 10-point preference. For more information on veterans’ preference please visit the Feds Hire Vets website. * Surplus or displaced employees eligible for CTAP, RPL, or ICTAP priority must provide: proof of eligibility (RIF separation notice, notice of proposed removal for declining a transfer of function or directed reassignment to another commuting area, notice of disability annuity termination), SF-50 documenting separation (as applicable), and your most recent SF-50 noting position, grade level, and duty location with your application per 5 CFR 330. #### If you are relying on your education to meet qualification requirements: Education must be accredited by an accrediting institution recognized by the U.S. Department of Education in order for it to be credited towards qualifications. Therefore, provide only the attendance and/or degrees from schools accredited by accrediting institutions recognized by the U.S. Department of Education. Failure to provide all of the required information as stated in this vacancy announcement may result in an ineligible rating or may affect the overall rating. * Benefits Help ## Benefits A career with the U.S. Government provides employees with a comprehensive benefits package. As a federal employee, you and your family will have access to a range of benefits that are designed to make your federal career very rewarding. Learn more about federal benefits. Eligibility for benefits depends on the type of position you hold and whether your position is full-time, part-time, or intermittent. Contact the hiring agency for more information on the specific benefits offered. * How to Apply Help ## How to Apply Please read the entire announcement and all instructions before you begin. You must complete this application process and submit all required documents electronically by 11:59p.m. Eastern Time (ET) on the closing date of this announcement. Applying online is highly encouraged. We are available to assist you during business hours (normally 8:00a.m. - 4:00p.m., Monday - Friday). If applying online poses a hardship, contact the Agency Contact listed below well before the closing date for an alternate method. All hardship application packages must be complete and submitted no later than noon ET on the closing date of the announcement in order to be entered into the system prior to its closing. This agency provides reasonable accommodation to applicants with disabilities on a case-by-case basis; contact the Agency Contact to request this. To begin, click "Apply Online" and follow the instructions to complete the Assessment Questionnaire and attach your resume and all required documents. **NOTE:** You must verify that uploaded documents from USAJOBS transfer into the Agency's staffing system. Applicants may combine all like required documents (e.g., all SF-50s) into one or more files and scan for uploading into the application. Each file must not exceed 3MB. Grouping like documents into files will simplify the application process. Documents must be in one of the following formats: GIF, JPEG, JPG, PDF, PNG, RTF, or Word (DOC or DOCX). Uploaded documents may not require a password, digital signature, or other encryption to open. Read more ### Agency contact information ### Michelle Moore ##### Phone 314-457-5541 ##### Fax 000-000-0000 ##### Email michelle.moore3@usda.gov ##### Address USDA Rural Development Please read entire announcement Please apply online, 63120 USA Learn more about this agency ### Next steps Your application will be reviewed to verify that you meet the eligibility and qualification requirements for the position prior to issuing referral lists to the selecting official. If further evaluation or interviews are required, you will be contacted. Log in to your USAJOBS account at USAJOBS accountto check your application status. We expect to make a final job offer approximately 40 days after the deadline for applications. Multiple positions may be filled from this announcement. Read more * Fair & Transparent ## Fair & Transparent The Federal hiring process is setup to be fair and transparent. Please read the following guidance. ### Equal Employment Opportunity Policy The United States Government does not discriminate in employment on the basis of race, color, religion, sex (including pregnancy and gender identity), national origin, political affiliation, sexual orientation, marital status, disability, genetic information, age, membership in an employee organization, retaliation, parental status, military service, or other non-merit factor. * Equal Employment Opportunity (EEO) for federal employees & job applicants Read more ### Reasonable Accommodation Policy Federal agencies must provide reasonable accommodation to applicants with disabilities where appropriate. Applicants requiring reasonable accommodation for any part of the application process should follow the instructions in the job opportunity announcement. For any part of the remaining hiring process, applicants should contact the hiring agency directly. Determinations on requests for reasonable accommodation will be made on a case-by-case basis. A reasonable accommodation is any change to a job, the work environment, or the way things are usually done that enables an individual with a disability to apply for a job, perform job duties or receive equal access to job benefits. Under the Rehabilitation Act of 1973, federal agencies must provide reasonable accommodations when: * An applicant with a disability needs an accommodation to have an equal opportunity to apply for a job. * An employee with a disability needs an accommodation to perform the essential job duties or to gain access to the workplace. * An employee with a disability needs an accommodation to receive equal access to benefits, such as details, training, and office-sponsored events. You can request a reasonable accommodation at any time during the application or hiring process or while on the job. Requests are considered on a case-by-case basis. Learn more about disability employment and reasonable accommodations or how to contact an agency. Read more #### Legal and regulatory guidance * Financial suitability * Social security number request * Privacy Act * Signature and false statements * Selective Service * New employee probationary period This job originated on www.usajobs.gov. For the full announcement and to apply, visit www.usajobs.gov/GetJob/ViewDetails/518285800. Only resumes submitted according to the instructions on the job announcement listed at www.usajobs.gov will be considered. *Open & closing dates:* 12/04/2018 to 12/10/2018 *Service:* Competitive *Pay scale & grade:* GS 11 - 12 *Salary:* $62,841 to $97,918 per year *Appointment type:* Permanent *Work schedule:* Full-Time
          (USA-FL-North Fort Myers) LOAN ASSISTANT/SPECIALIST      Cache   Translate Page      
* Videos * Duties Help ## Duties ### Summary This announcement may be used to fill additional or subsequent vacancies that are identified by the organization. 1 position to be filled in North Fort Myers, FL Learn more about this agency ### Responsibilities The Loan Assistant/Specialist (GENERAL) has responsibility for loan/grant-making and loan/grant servicing for programs administered by the agency to include, but not limited to, rural housing, business and cooperative programs. Reviews and analyzes loan and grant applications, pre-applications and all supporting documents for completeness and conformance with RD statutory regulations, policies, procedures and practices and inputs data into appropriate automated database systems. Performs comprehensive review and in-depth analyses of financial credit data documents germane to the loan application eligibility, feasibility, credit-worthiness and viability within assigned loan portfolio(s). Performs servicing actions to include site visits to determine a project's conformance with loan requirements; monitor civil rights compliance; evaluate/mitigate and /or prepare environmental assessments; and review key data to ensure multi year forecasts are realistic. ### Travel Required Occasional travel - When required ##### Supervisory status No ##### Promotion Potential 09 * #### Job family (Series) 1165 Loan Specialist * Requirements Help ## Requirements ### Conditions of Employment * To be eligible for appointment to this position, the new hire must be cleared to come on board once the results of the fingerprint check, review of the OF-306, Declaration for Federal Employment, and the candidate’s Electronic Questionnaires for Investigations Processing (eQIP) entries have been reviewed and determined to be satisfactory. This position requires a favorable credit check as part of the background investigation. * CONFIDENTIAL FINANCIAL DISCLOSURE REPORT: If selected, you will be required to submit Form OGE-450 within 30 days of your initial appointment date, and annually thereafter. Selectee is subject to financial Disclosure Requirements in accordance with 5 CFR, Part 2635, Sub part E regarding business or personal transactions with applicants, borrowers, or business contacts who have or who are seeking business with this Agency. Selectee must be able to obtain and maintain a security clearance. If selected you will be subject to a National Agency Check and Inquiry (NACI) and a credit report. * Travel will be required. * Must possess and maintain a valid driver's license as a condition of employment. ### Qualifications Applicants must meet all qualifications and eligibility requirements by the closing date of the announcement including time-in-grade restrictions, specialized experience and/or education, as defined below. **SPECIALIZED EXPERIENCE STATEMENT** Specialized experience is required to qualify for this position. Specialized experience is experience which is typically in or related to the position to be filled and which has equipped the applicant with the particular knowledge, skills and abilities to successfully perform the duties of the position. To be creditable, specialized experience must have been equivalent to at least one year in the next lower grade level in the normal line of progression for the occupation in the organization. **Time in grade**: Applicants must meet one year at the next lower grade to be considered for the next higher grade. (e.g. one year at the GS-07 grade level for consideration for the GS-09 grade level.) **GS-07** **For the GS-7 level**: Applicants must have 1 year of specialized experience equivalent to at least the GS-05; or its non-Federal equivalent that demonstrates: Basic knowledge of loan examining and/or servicing principles, procedures and techniques as they apply to investigation, analysis, and evaluation of financial factors and credit risks in relation to the granting and servicing of mortgage loans. Experience may have been gained in work equivalent to furnishing general information concerning loan programs, loan eligibility requirements, or financial and credit requirements; reviewing loan applications for eligibility and financial soundness; and analyzing information provided by loan applicants and making recommendations to a higher-level loan specialist about loan eligibility **OR**Bachelors degree with Superior Academic Achievement (SAA) for two-grade interval positions **OR**completion of one full academic year of graduate education from an accredited college or university with a major in a field of study as listed below may be substituted for specialized experience. Equivalent combination of education and experience are qualifying for this grade level. **GS-09** **For the GS-09 level**: Applicants must have 1 year of specialized experience equivalent to at least the GS-07; or its non-Federal equivalent that demonstrates: experience in performing loan making and/or loan servicing duties such as regularly examining loan applications, supporting documents and credit reports; maintaining servicing activities of somewhat complex loans and/or grants; assisting higher-level loan specialists by performing assigned portions of financial credit analysis in connection with more complex loans as a way of acquiring training and competency for more difficult loan examining and servicing assignments **OR** Masters or equivalent graduate degree **OR**2 full years of progressively higher level graduate education leading to such a degree or LL.B. or J.D., if related. Equivalent combination of education and experience are qualifying for this grade level. Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., Peace Corps, AmeriCorps) and other organizations (e.g., professional; philanthropic; religious; spiritual; community, student, social). Volunteer work helps build critical competencies, knowledge, and skills and can provide valuable training and experience that translates directly to paid employment. You will receive credit for all qualifying experience, including volunteer experience. ### Education **Undergraduate and Graduate Education**: Major study – finance, business administration, economics, accounting, insurance, engineering, mathematics, banking and credit, law, real estate operations, statistics, or other fields related to the position, such as agriculture, agricultural economics, farm, livestock or ranch management, or rural sociology. For more information on the qualifications for this position, click here: http://www.opm.gov/qualifications/Standards/group-stds/gs-admin.asp ### Additional information Career Transition Assistance Plan (CTAP) AND Reemployment Priority List (RPL) WITHIN THE COMMUTING AREA. For information on how to apply as a CTAP and RPL see http://www.opm.gov/policy-data-oversight/workforce-restructuring/employee-guide-to-career-transition/ . To exercise selection priority for this vacancy, CTAP/RPL candidates must meet the basic eligibility requirements and all selective factors. CTAP candidates must be rated and determined to be well qualified (or above) based on an evaluation of the competencies listed in the How You Will Be Evaluated section. When assessed through a score-based category rating method, CTAP applicants must receive a rating of at least 85 out of a possible 100. * Direct Deposit - Per Public Law 104-134 all Federal employees are required to have federal payments made by direct deposit to a financial institution of your choosing. * E-Verify: Federal law requires agencies to use the E-Verify system to confirm the employment eligibility of all new hires. If you are selected as a newly hired employee, the documentation you present for purposes of completing the Department of Homeland Security (DHS) Form I-9 on your entry-on-duty date will be verified through the DHS E-VERIFY system. Under the system, the new hire is required to resolve any identified discrepancies as a condition of continued employment. * Relocation expenses are not authorized. * Persons with disabilities who require alternative means for communication of program information (Braille, large print, audiotape, etc) should contact: USDA's TARGET Center at 202-720-2600 (voice and TDD). * This position is eligible for telework and other flexible work arrangements at management's discretion. * Obtain and use a Government-issued charge card for business-related travel. Read more ### How You Will Be Evaluated You will be evaluated for this job based on how well you meet the qualifications above. You will be evaluated for this job based on how well you meet the qualifications above. You will be evaluated based on your qualifications for this position as evidenced by the experience, education, and training you described in your application package, as well as the responses to the Assessment Questionnaire to determine the degree to which you possess the knowledge, skills, abilities and competencies listed below: * **Knowledge of Housing, Commercial and Community Programs loan and/or grant making requirements.** * **Knowledge of Housing, Commercial and Community Programs loan and/or grant serving requirements.** * **Knowledge of Building Standards, Costs, Specifications and Contracts.** * **Program Administration/Project Management.** * ****Oral Communication.**** * **Written Communication.** Your application, including the online Assessment Questionnaire, will be reviewed to determine if you meet (a) minimum qualification requirements and (b) the resume supports the answers provided to the job-specific questions. Your resume must clearly support your responses to all the questions addressing experience and education relevant to this position. Applicants who meet the minimum qualification requirements and are determined to be among the best qualified candidates will be referred to the hiring manager for consideration. Noncompetitive candidates and applicants under some special hiring authorities need to meet minimum qualifications to be referred. **Note:** If, after reviewing your resume and/or supporting documentation, a determination is made that you have inflated your qualifications and or experience, your rating may be lowered to more accurately reflect the submitted documentation. Please follow all instructions carefully. Errors or omissions may affect your rating. Providing inaccurate information on Federal documents could be grounds for non-selection disciplinary action up to including removal from the Federal service. Clicking the link below will present a preview of the application form; i.e. the online questionnaire. The application form link below will only provide a preview and does not initiate the application process. To initiate the online application process, click the "Apply Online" button to the right. To view the application form, visit: https://rhs.usda.ntis.gov/cp/?event=jobs.previewApplication&jobid;=35BEF14D-D0DE-4ED9-A40B-A9070110E312 To view the application form, visit: https://rhs.usda.ntis.gov/cp/?event=jobs.previewApplication&jobid;=D00755F9-1E8D-4354-BE9D-A9A90011E5FD Read more ### Background checks and security clearance ##### Security clearance Q - Nonsensitive ##### Drug test required No * Required Documents Help ## Required Documents **Merit Promotion - Area Of Consideration (AOC) - RD employees:** A complete Application Package must be submitted and received prior to 11:59, ET, on the closing date. **The following documents are required for your application package to be complete.** Our office cannot be responsible for incompatible software, illegible fax transmissions, delays in the mail service, your system failure or downtime, etc. Failure to submit required, legible documents may result in loss of consideration. * ** Resume** that includes the following information: 1) personal information; 2) education; 3) work experience including the work schedule and hours worked per week as well as dates of employment (MM/YY to MM/YY); and title, series and grade (if Federal employment); **NOTE: According to 5 CFR 300.604, Time-in-Grade restrictions must be met unless advancement is permitted by 5 CFR 300.603(b)** 4) supervisors phone number and e-mail address for each work period listed and whether or not we may contact them for reference checks; and, 5) other relevant qualifications. * ** Current permanent Rural Development employees ONLY with competitive status:** Most recent non-award Notification of Personnel Action (SF-50 or equivalent) showing that you are/were in the competitive service, highest grade (or promotion potential) held on a permanent basis, federal status, position title, series and grade **AND** most recently completed performance appraisal (dated within 18 months) showing the official rating of record, signed by the supervisor, or a statement as to why the performance appraisal is unavailable. Do not submit a performance plan. * **College Transcripts** if education is required for meeting basic qualifications and/or used as a substitute for specialized experience. An unofficial copy is sufficient however, if selected; an official college transcript will be required prior to entering on duty. Education must have been successfully completed and obtained from an accredited school, college, or university. Foreign education must be evaluated by an approved organization. For additional information, refer to the U.S. Department of Education web site at http://www.ed.gov. All transcripts must be in English or include an English translation. Other required documents (as applicable): * ** CTAP/RPL:** Certification of Expected Separation, Reduction-In-Force Separation Notice, Notice of Proposed Removal, or appropriate OPM/Agency certification; AND most recent performance evaluation; AND SF-50 demonstrating your separation or the position from which you will be separated. You may also submit a cover letter with your resume; however, it is not required. Please ensure you answer all questions and follow all instructions carefully. Errors or omissions may impact your rating or may result in you not being considered for the position. Application material mailed using government postage or through an internal federal government mail system WILL NOT be considered. #### If you are relying on your education to meet qualification requirements: Education must be accredited by an accrediting institution recognized by the U.S. Department of Education in order for it to be credited towards qualifications. Therefore, provide only the attendance and/or degrees from schools accredited by accrediting institutions recognized by the U.S. Department of Education. Failure to provide all of the required information as stated in this vacancy announcement may result in an ineligible rating or may affect the overall rating. * Benefits Help ## Benefits A career with the U.S. Government provides employees with a comprehensive benefits package. As a federal employee, you and your family will have access to a range of benefits that are designed to make your federal career very rewarding. Learn more about federal benefits. A career with the U.S. Government provides employees with a comprehensive benefits package. As a federal employee, you and your family will have access to a range of benefits that are designed to make your federal career very rewarding. Learn more about federal benefits. The Federal service offers a comprehensive benefits package. Explore the benefits offered to most Federal employees at: https://www.usa.gov/benefits-for-federal-employees Eligibility for benefits depends on the type of position you hold and whether your position is full-time, part-time, or intermittent. Contact the hiring agency for more information on the specific benefits offered. * How to Apply Help ## How to Apply Please read the entire announcement and all instructions before you begin. You must complete this application process and submit all required documents electronically by 11:59p.m. Eastern Time (ET) on the closing date of this announcement. Applying online is highly encouraged. We are available to assist you during business hours (normally 8:00a.m. - 4:00p.m., Monday - Friday). If applying online poses a hardship, contact the Agency Contact listed below well before the closing date for an alternate method. All hardship application packages must be complete and submitted no later than noon ET on the closing date of the announcement in order to be entered into the system prior to its closing. This agency provides reasonable accommodation to applicants with disabilities on a case-by-case basis; contact the Agency Contact to request this. To begin, click "Apply Online" and follow the instructions to complete the Assessment Questionnaire and attach your resume and all required documents. **NOTE:** You must verify that uploaded documents from USAJOBS transfer into the Agency's staffing system. Applicants may combine all like required documents (e.g., all SF-50s) into one or more files and scan for uploading into the application. Each file must not exceed 3MB. Grouping like documents into files will simplify the application process. Documents must be in one of the following formats: GIF, JPEG, JPG, PDF, PNG, RTF, or Word (DOC or DOCX). Uploaded documents may not require a password, digital signature, or other encryption to open. Read more ### Agency contact information ### BELVIA STEVENSON ##### Phone 254.742.9705 ##### Fax 000-00-0000 ##### Email belvia.stevenson@usda.gov ##### Address USDA-Rural Development 101 SOUTH MAIN STREET, SUITE 102 TEMPLE, TEXAS, 76501 USA Learn more about this agency ### Next steps Your application will be reviewed to verify that you meet the eligibility and qualification requirements for the position prior to issuing referral lists to the selecting official. If further evaluation or interviews are required, you will be contacted. Log in to your USAJOBS account at USAJOBS accountto check your application status. We expect to make a final job offer approximately 40 days after the deadline for applications. Read more * Fair & Transparent ## Fair & Transparent The Federal hiring process is setup to be fair and transparent. Please read the following guidance. ### Equal Employment Opportunity Policy The United States Government does not discriminate in employment on the basis of race, color, religion, sex (including pregnancy and gender identity), national origin, political affiliation, sexual orientation, marital status, disability, genetic information, age, membership in an employee organization, retaliation, parental status, military service, or other non-merit factor. * Equal Employment Opportunity (EEO) for federal employees & job applicants Read more ### Reasonable Accommodation Policy Federal agencies must provide reasonable accommodation to applicants with disabilities where appropriate. Applicants requiring reasonable accommodation for any part of the application process should follow the instructions in the job opportunity announcement. For any part of the remaining hiring process, applicants should contact the hiring agency directly. Determinations on requests for reasonable accommodation will be made on a case-by-case basis. A reasonable accommodation is any change to a job, the work environment, or the way things are usually done that enables an individual with a disability to apply for a job, perform job duties or receive equal access to job benefits. Under the Rehabilitation Act of 1973, federal agencies must provide reasonable accommodations when: * An applicant with a disability needs an accommodation to have an equal opportunity to apply for a job. * An employee with a disability needs an accommodation to perform the essential job duties or to gain access to the workplace. * An employee with a disability needs an accommodation to receive equal access to benefits, such as details, training, and office-sponsored events. You can request a reasonable accommodation at any time during the application or hiring process or while on the job. Requests are considered on a case-by-case basis. Learn more about disability employment and reasonable accommodations or how to contact an agency. Read more #### Legal and regulatory guidance * Financial suitability * Social security number request * Privacy Act * Signature and false statements * Selective Service * New employee probationary period This job originated on www.usajobs.gov. For the full announcement and to apply, visit www.usajobs.gov/GetJob/ViewDetails/518373500. Only resumes submitted according to the instructions on the job announcement listed at www.usajobs.gov will be considered. *Open & closing dates:* 12/03/2018 to 12/07/2018 *Service:* Competitive *Pay scale & grade:* GS 07 - 09 *Salary:* $41,365 to $65,778 per year *Appointment type:* Permanent *Work schedule:* Full-Time
          Attorney-General expects cops to issue assistance notices on encryption Bill assent      Cache   Translate Page      
The Australian Attorney-General claims the encryption Bill is only about individual specific cases.
          Doorstop, Wamboin NSW      Cache   Translate Page      

Photo: AAP Image/Mick Tsikas

PRIME MINISTER: Well, it’s great to be out here today with Assistant Minister Reynolds and also the Commissioners from the New South Wales and the ACT Rural Fire Service. Doctor Fiona Kotvojs is the Liberal Candidate for Eden Monaro and it’s great to be here catching up with our firefighters from the Brigade here and all around these districts who’ve been up fighting fires in Queensland. It has been some relief to see the reports come in over the last few days, Linda has been up in Queensland last weekend and to see that those warning levels have come down and the worst of those events are now behind us. But we still remain active, there are still almost 90 fires still burning in Queensland but those alert levels have come down. But whether it was at Deepwater or other parts where we’ve had firefighters who have been up there supporting that effort. I want to thank them all very much for their service, their volunteer service, I stress, and the promptness in the way the NSW and the ACT Brigades responded to the call from the Queensland Government and to ensure we were able to deploy and address what was an incredibly serious situation. While there have been tragedies in Queensland at the same time what was able to be achieved and the risk that we’re able to mitigate, as Linda saw first-hand, was quite an extraordinary effort.

We're facing another very difficult season, right around the country in those conditions. We need Australians to focus on this. Yes, coming into Christmas we're thinking about holidays, our kids are finishing up school and there's a lot going on. But we need to be thinking as communities, as families, as individuals, about our state of preparedness for the fire season that is ahead. It will be a very difficult one and so the Minister and I are very keen to raise the awareness of these threats that are before us coming over the summer season.

It also means we need to be able to respond and we need to be able to continue to invest in the capability and that’s why I’m pleased today that we are investing $26 million in improving the capability nationally to fight these fires, but also in the systems and preparedness and communications backing that enables us to address this threat as well. So $11 million of that $26 million is going into the National Area Firefighting Centre, delivering more specialist large firefighting air tankers to communities across Australia. They’re the big tankers that were being used to drop on those fires up in Queensland and this is increasing the amount of capability we have in that area, to ensure that can be deployed. There’s also $2 million to support the national emergency SMS system and there is work being done, almost $6 million, for the National Fire Danger Rating System and Linda can take you through greater detail on that. $5 million to establish the Prepared Communities Fund, that’s to support high-priority state and territory initiatives that improve community preparedness, which is exactly what we’re wanting people to be doing as we’re going into the season and hopefully they already have. There’s $1.5 million to support the Public Safety Mobile Broadband trial and $750,000 to review new and emerging telephone-based emergency warning technologies.

So, we want to use all the assets and resources at our disposal to keep Australians safe. Our priorities as a Government; keep our economy strong, absolutely, that enables us to make these investments. To keep Australians safe and whether it’s safe from bushfires or safe from terrorism or safe from organised crime or any of these things, that is our objective and that is our mission as a Government. We do that with the volunteers that are represented here, the professional agencies around the country and one of the most rewarding things that we saw in responding to the Queensland fires was the teamwork. The teamwork between Commonwealth and state and territory agencies right around the country. So, I want to commend the Commissioners, particularly, for their leadership in coordinating that support and delivering that support.

Linda, I’ll ask you to make a few comments and then I’ll ask the Commissioners also.

SENATOR THE HON LINDA REYNOLDS, ASSISTANT MINISTER FOR HOME AFFAIRS:  Thank you very much, Prime Minister. What we saw in Queensland on the weekend is the absolute best of all Australians. When nature throws its worst at us, we always see the best in Australians and what has happened in Queensland is no different. I’d also like to extend my thanks to all of the 500 volunteers from around the country including some of the men and women here from the ACT and New South Wales who have just returned from Queensland.

But up in Queensland with the Deputy Prime Minister, we saw first-hand the importance of these programs. I’ll never forget the stories and seeing the look on the faces of people in Eungella whose homes and town was saved by the NSW 737 flying over and stopping the flames roaring up the mountain, the rainforest mountain. So these programs are very important. We’ve had 40 of our national aerial assets in Queensland ranging from helicopters through to the new 737. So as part of this package the Commonwealth will be providing $11 million to enhance the availability of aircraft around the country. We’re also providing $6 million for the National Fire Rating System which was developed in the 1960s and we’ve seen from the extreme bushfires again in Queensland that we do need to rethink our ratings systems so that will be a priority. We’re also putting money into communications, SMS and broadband messaging systems to make the best use of current technology and to make sure that we can get out as many messages as possible. We’ve got $5 million of that for local programs, priority programs for facilities like this here in Wamboin, for priority projects. So one stands in mind as an example – up at Eungella, we met the Queensland Remote Area Tracking Service. Two men had set up this organization to help and build telecommunications that can cope in emergencies in the mountainous area. So what we want to do is provide opportunities for local volunteer firefighters and also SES staff to get the equipment and the services that they need.

I’d finish off, Prime Minister, by saying to all Australians that firefighting and disaster management and relief is a shared responsibility. State and territory governments always have the primary responsibility for responding to these disasters but the Commonwealth is doing everything it can to make sure we assist state and territory governments and I think what we’re seeing here in the Queensland response is the very best of all of us, states, territories and the Federal Government working together. But I’d say this too to Australians; that you also have a responsibility. We saw in Queensland that householders got very little notice in areas where they were not expecting to be subject to bushfires so it is absolutely critical that every family in the country makes sure that the first conversation you have about emergency evacuation is not when you’re doing it for real. So, Members of Parliament have been given more information about disaster relief arrangements in Australia but every family needs to discuss what you’re going to do. Do you stay, do you fight, do you understand what the alerts mean and do you know what you’ll take with you? Thank you.

COMMISSIONER FITZSIMMONS: Thank you, Prime Minister, and look, we certainly are most appreciative and very much welcome today’s announcement. We know particularly with the large air tankers that it’s a bit like insurance. We want to have them here and we hope that we don’t have to use them during the fire season but as we’ve seen in recent years and as we’ve seen only in recent weeks, we’ve seen four of the large air tankers out of New South Wales rapidly deployed to assist our colleagues in Queensland. The good thing is they’ve got a capability and a capacity unparalleled to our historical firefighting environment. They were able to leave Sydney in less than two hours, they were integrated, fully loaded into firefighting operations up on the coast around Rockhampton in Queensland. Working in partnership with the Commonwealth and our interstate colleagues, accessing military bases, accessing funding, accessing personnel and expertise is very much a manifestation of the sorts of initiatives being announced here today by the Prime Minister. And we know that this funding boost will give us surety, give us confidence that we can have these high capacity assets here for the duration of what is continuing to be a longer season, right from the beginning of the season, right through to the end of the season and having a concentrated capability in the middle of the season. Working in partnership with the ACT and our colleagues around the country just in the last couple of weeks, we’ve sent just over 600 people into Queensland to provide assistance. We’ve sent eight aircraft, we’ve sent 24 firefighting trucks, we’ve got a few hundred personnel rotating through again over the coming days. With the conditions easing, it looks like a number of our crews might be stood down into the weekend, but it is an example of how investment and how commitment can make a big difference particularly to those who are finding themselves exposed to risk, like we’ve seen in Queensland in the last couple of weeks.

The outlook for the coming months as the Prime Minister indicated, is for a difficult fire season and much of the eastern seaboard through New South Wales is expecting above normal fire conditions as we head into the balance of this season and we know with the sort of assets available, with the sort of commitments around and the capacity to draw on our neighbors from right around the country, we’re going to be confident that whatever comes up, we’ve got the best-trained, the best equipped, better equipped and better trained than ever before in our history, to help respond to what mother nature might offer this season.

COMMISSIONER LANE: Thanks very much, Prime Minister, just to echo Commissioner Fitzsimmons’ comments there, it’s been a very challenging season already, at the commencement in Queensland and we’re going to see that across the rest of the nation. While some parts of the country have received welcome rain over recent weeks, there are plenty that are still in dire drought conditions and that will cross over into bushfire conditions as we come south, as the season continues from Queensland through New South Wales and into Victoria over this coming summer. So this announcement by the Commonwealth today is very welcome. Traditional funding for aircraft capability is always very helpful but on top of that, the additional money to support the ongoing research into improving our National Fire Danger Ratings and enhancements to funding to allow for even better warnings and alert systems are also very critical to us as a nation. So these are the things we work together as states and territories with the Australian Government on. It’s a welcome announcement here today. 

PRIME MINISTER: Thank you very much and we’re happy to take some questions on that and then deal with other matters if you’d like to but I won’t trouble the Commissioners with those questions. So questions? Well, it seems like we’ve been very comprehensive, that’s excellent, thank you very much, Commissioners. Happy to take other questions.

JOURNALIST: Prime Minister, on energy policy, your big stick policy is opposed by Labor, the cross bench and industry, what do you say to industry that is crying out for investment certainty?

PRIME MINISTER: What we’re delivering is a clear message which says electricity prices have to come down. We need to ensure that the laws balance things up for the consumer. We’re on the side of the customer and we want them to have lower electricity prices. And we believe that the laws and the powers should be in place so big electricity companies can’t do the wrong thing by them. That’s what this is about. We’re voting for it, Labor is voting against it. Labor’s voting against it. They’ve picked the side of the big electricity companies, we’ve picked the side of the consumer.

JOURNALIST: Are you confident the encryption laws will get done this week?

PRIME MINISTER: Well, I hope so, I said that was a key priority and overnight we’ve been able to make a lot of progress and I’m pleased that Labor is coming to their senses on this. I’m frankly surprised it’s taken this long but if they have, good.

JOURNALIST: Prime Minister, are you concerned and perhaps embarrassed to learn that Malcolm Turnbull and Bill Shorten have been discussing energy policy to, you know, discussing the NEG?

PRIME MINISTER: I’m not aware of the content of their conversations other than to the best of my knowledge some well wishes to Malcolm from Bill after Malcolm left the job as Prime Minister. And I wouldn’t find a conversation like that extraordinary, just a personal well wish. In terms of any other type of conversation, I haven’t seen any suggestion that there’s been anything other than that.

JOURNALIST: Malcolm Turnbull has urged you to revive the NEG considering that you did support it. Can you rule out, even after the election, trying to pursue that policy once more?

PRIME MINISTER: Well, the NEG is not being pursued by the Government and it wasn’t being pursued by the Government prior to the change of Prime Minister. This is what the NEG is. The NEG, as the former Prime Minister said, it’s just a mechanism. It’s like a glass. What matters is what you put in it. Now, if you put a 45 per cent emissions reduction target in the NEG, it puts power prices up. What Bill Shorten wants to do is have a legislated 45 per cent emissions reductions target, and that will put power prices up and we don’t support that. We don’t support legislating that commitment. We will meet our 26 per cent commitment, that hasn’t changed. None of that has changed. We will have met Kyoto 1, we will comfortably meet Kyoto 2, and we will be on track to meet our 2030 target as well. So we’re committed to emissions reductions, we’re committed to getting greater contracted reliable energy into the market and that is the exact same policy we’ve pursued previously with the reliability guarantee through the states and territories. But the NEG is not the deal. What matters is what the emissions reduction target is, and a 45 per cent emissions reduction target is a job-destroying, economy crunching, reckless target that will make our economy weaker. And that’s why we don’t support it.

JOURNALIST: But why can’t you keep your 26 per cent target and still consider reviving the NEG framework?

PRIME MINISTER: Because it’s not necessary, it’s not necessary. And we’re not pursuing it and it’s not our policy.

JOURNALIST: Prime Minister, what do you make of the Energy Council of Australia saying that your energy policy is trying to push prices up? What do you make of those comments?

PRIME MINISTER: Well, I disagree with them. I’m not surprised that the energy sector would not be happy about the Government increasing the powers of the customer in the market which will hold them to account. I’m not surprised that the big energy companies are squealing because, as a Government, we’ve decided to stare them down. And that’s what I’m doing. That’s what our Government is doing, and the Labor Party is not standing up for customers. They want to line up with the big energy companies. Now, already as a result of staring the electricity companies down, around almost 500,000 Australians are getting a better deal. They’ve started to drop their prices. See, I think the laws are stacked against the customer in the energy market and that’s what has caused and allowed those prices to go up amongst many other factors. And I’m seeking to right that balance and to stand up for the customer, and if the Labor Party doesn’t want to support me, well, shame on them. Absolutely shame on them.

JOURNALIST: Prime Minister, why did you save Craig Kelly?

PRIME MINISTER: Good question. There were four incumbent members, four incumbent members that I believed it was important for the Party to re-endorse at the next election. As the leader of the Parliamentary Party, it is my job to maximise the Party’s chances and standing at the next election. And we’ve got four incumbent members, members who have been on the ground, members who are well respected by their communities. They present the best opportunity to ensure the re-election of the Government. And so as the Party Leader, I’ve made it pretty clear. I wanted them endorsed and I wanted them on the ground, fighting the next election, not getting distracted by anything else. That’s my main mission, that’s their mission, and as leader, I made a call, I said I want them endorsed and the Party backed me and I appreciate their support.

JOURNALIST: What about Jane Prentice and Jim Molan?

PRIME MINISTER: Well, I wasn’t the Prime Minister at the time of Ms Prentice’s preselection. So I can’t make any comment about that, that matter was dealt with many, many months ago. What we’re talking about with the four members I sought their immediate re-endorsement is they were lower House members. They were contesting lower House seats. Like Dr Kotvojs here, she’s contesting a lower House seat. You form Government by having the best members and candidates on the ground in the House of Representatives and that’s where my focus is to ensure the re-election of the Government. I know one or two things about elections, I’ve run a lot of campaigns myself and what you need is to have the best people on the ground and an incumbent member of Parliament who has been doing a great job, which all of those four members were, and are, is the best opportunity and the best foot forward we have to put at the election and that’s why they have my backing and that’s why I made it very clear to the Party that I wanted to see them endorsed so that we can just get on with it.

JOURNALIST: Prime Minister, just on submarine contracts quickly. Has Defence during negotiations offered the French submarine builder an extension on the time of the submarine project and also the cost of those submarines?

PRIME MINISTER: I discussed the SPA with President Macron when we were in the G20 and we are now very close to finalising those arrangements and so these things remain on track.

JOURNALIST: [Inaudible]

PRIME MINISTER: Well, I’m not aware of that matter, only to say that I have been in direct discussion with the President of France, we are very close to finalising the SPA and those issues remain on track. I mean, there’s a report I understand on the ABC this morning. The Defence Minister will make a response to that and my understanding is that he has great concerns about the accuracy of that report.

JOURNALIST: There’s a group of student climate action protestors heading to Canberra today to try and meet with you. Will you meet with them?

PRIME MINISTER: I am. I’m meeting with some members from my own electorate, which you’d expect me to do, both as a local members and a Prime Minister. I’m always happy to listen. I respect everybody’s views. That’s the thing. We don’t always have to agree on everything, you know, but we do have to respect each other and we do have to take each other views seriously. And whether that’s talking about climate or whether it’s talking about energy or it’s talking about the other difficult issues we’re dealing with in the Parliament this week. You’ve got to respect everybody’s views. You can’t run their views down because they have them. And I do listen, but that doesn’t mean we always agree. But I always respect. Thanks very much.


          (USA-OH-Columbus) Security Associate      Cache   Translate Page      
**306446BR** **Auto req ID:** 306446BR **HR Job Code:** 102167 Security Associate **Job Profile:** + Participates in activities, processes, and utilizes tools needed to improve overall security posture of the organization. + Applies security concepts, reviews information, executes defined tasks, analyzes requirements, reviews logs, and creates documentation. Performs investigation and data loss prevention, data manipulation, and coordination of activities. Performs actions to address or mitigate risks and vulnerabilities. Reviews and defines controls. + Advises on less complex security procedures and products for clients, security administrators and network operations. Participates in enforcement of control security risks and threats. + Conducts security assessments and other information security routines consistently, with supervision. **Position City:** PA - Pittsburgh **Position Title:** Security Associate **Line of Business:** Technology **Building Location:** PA374 - Two PNC Plaza **Job Type:** Regular **Total Hours Per Week:** 40 **Travel:** <20% **Job Status:** Full Time **Shift:** Daylight **Scheduled Days/Hours:** Mon - Fri 8-5 EST On Call Rotation **EEO Statement:** PNC provides equal employment opportunity to qualified persons regardless of race, color, sex, religion, national origin, age, sexual orientation, gender identity, disability, veteran status, or other categories protected by law **Location(s):** OH - Cleveland, OH - Columbus, PA - Pittsburgh, ZZ - Remote Location **Required Education and Experience:** Roles at this level typically require a university / college degree, with 2+ years of relevant professional experience. In lieu of a degree, a comparable combination of education and experience (including military service) may be considered. **Job Specific Competencies:** **Analytical Thinking - Basic Experience** + Knowledge of techniques and tools that promote effective analysis and the ability to determine the root cause of organizational problems and create alternative solutions that resolve the problems in the best interest of the business. **Effective Communications - Basic Experience** + Understanding of effective communication concepts, tools and techniques; ability to effectively transmit, receive, and accurately interpret ideas, information, and needs through the application of appropriate communication behaviors. **Information Assurance - Basic Experience** + Knowledge of and the ability to protect information and information systems while ensuring their confidentiality, integrity and availability. **Information Security Management - Basic Experience** + Knowledge of the processes, tools and techniques of information security management, ability to deploy and monitor information security systems, as well as detect, resolve and prevent violations of IT security, to protect organizational data. **Information Security Technologies - Basic Experience** + Knowledge of technologies and technology-based solutions dealing with information security issues; ability to apply these in protecting information security across the organization. **IT Environment - Basic Experience** + Knowledge of an organization's IT purposes and activities; ability to create an effective IT environment for business operations. **IT Standards, Procedures & Policies - Basic Experience** + Knowledge of and the ability to utilize a variety of administrative skill sets and technical knowledge to manage organizational IT policies, standards, and procedures. **Problem Solving - Basic Experience** + Knowledge of approaches, tools, techniques for recognizing, anticipating, and resolving organizational, operational or process problems; ability to apply this knowledge appropriately to diverse situations. **IT Systems Management - Basic Experience** + Knowledge of and the ability to utilize a variety of technical tools to guarantee service availability and ensure IT system performance. **Software Security Assurance - Basic Experience** + Knowledge of and the ability to detect and prevent data security vulnerabilities of coding throughout the software development life cycle within software development organizations. **Core Competencies:** **Manages Risk - Basic Experience** + Assesses and effectively manages all of the risks associated with their business objectives and activities to ensure activities are in alignment with the bank's and unit's risk appetite and risk management framework. **Customer Focus - Basic Experience** + Knowledge of the values and practices that align customer needs and satisfaction as primary considerations in all business decisions, and ability to leverage that information in creating customized customer solutions. **Position Overview:** At PNC, our people are our greatest differentiator and competitive advantage in the markets we serve. We are all united in delivering the best experience for our customers. As a Security Associate within PNC's Network Security organization, you will be based in Pittsburgh, PA, Cleveland, OH or Columbus, OH. Remote eligibility for this position will be considered outside of the locations defined. The open position on the Network Security Operations team requires an individual with a strong understanding of network security, operational troubleshooting and self-motivation. Incumbents are responsible for managing network firewalls, Web proxy/gateway security platforms, and in-depth troubleshooting. (Platforms include Fortigate firewalls, VMware NSX distributed firewall, and Cisco ASA's,) . Experience with the security component of products such as F5 and ZScaler is a plus. The position requires an individual capable of operating in a highly visible role in a fast-paced and dynamic environment. A qualified candidate should have a strong protocol-level understanding of computer networking, a general knowledge of the networking functions of enterprise computer applications, be passionate about all aspects of information security, proactive in researching and following security trends and best practices, and capable of self-learning new technologies with minimal assistance. Extensive expertise and work as a network security administrator in some or all of the following categories is preferred: + Administration and troubleshooting of firewalls, load balancers, routing and switching. + Intrusion detection systems (IDS/IPS), network forensics, network behavioral analysis + VPN and encryption technologies (IPSec, SSL/TLS, GRE, etc) + Understanding of TCP/IP and common protocols + Virtualization, micro segmentation, and software defined network security (NSX, VMWare, converged infrastructure) + Logging, monitoring, health and fault management automation Current certifications from Fortinet, Cisco, or others is highly preferred. This position will be staffed during normal business hours, but does require rotating on-call coverage, and some work will be performed during after-hours maintenance windows.
          (USA-OH-Cleveland) Security Associate      Cache   Translate Page      
**306446BR** **Auto req ID:** 306446BR **HR Job Code:** 102167 Security Associate **Job Profile:** + Participates in activities, processes, and utilizes tools needed to improve overall security posture of the organization. + Applies security concepts, reviews information, executes defined tasks, analyzes requirements, reviews logs, and creates documentation. Performs investigation and data loss prevention, data manipulation, and coordination of activities. Performs actions to address or mitigate risks and vulnerabilities. Reviews and defines controls. + Advises on less complex security procedures and products for clients, security administrators and network operations. Participates in enforcement of control security risks and threats. + Conducts security assessments and other information security routines consistently, with supervision. **Position City:** PA - Pittsburgh **Position Title:** Security Associate **Line of Business:** Technology **Building Location:** PA374 - Two PNC Plaza **Job Type:** Regular **Total Hours Per Week:** 40 **Travel:** <20% **Job Status:** Full Time **Shift:** Daylight **Scheduled Days/Hours:** Mon - Fri 8-5 EST On Call Rotation **EEO Statement:** PNC provides equal employment opportunity to qualified persons regardless of race, color, sex, religion, national origin, age, sexual orientation, gender identity, disability, veteran status, or other categories protected by law **Location(s):** OH - Cleveland, OH - Columbus, PA - Pittsburgh, ZZ - Remote Location **Required Education and Experience:** Roles at this level typically require a university / college degree, with 2+ years of relevant professional experience. In lieu of a degree, a comparable combination of education and experience (including military service) may be considered. **Job Specific Competencies:** **Analytical Thinking - Basic Experience** + Knowledge of techniques and tools that promote effective analysis and the ability to determine the root cause of organizational problems and create alternative solutions that resolve the problems in the best interest of the business. **Effective Communications - Basic Experience** + Understanding of effective communication concepts, tools and techniques; ability to effectively transmit, receive, and accurately interpret ideas, information, and needs through the application of appropriate communication behaviors. **Information Assurance - Basic Experience** + Knowledge of and the ability to protect information and information systems while ensuring their confidentiality, integrity and availability. **Information Security Management - Basic Experience** + Knowledge of the processes, tools and techniques of information security management, ability to deploy and monitor information security systems, as well as detect, resolve and prevent violations of IT security, to protect organizational data. **Information Security Technologies - Basic Experience** + Knowledge of technologies and technology-based solutions dealing with information security issues; ability to apply these in protecting information security across the organization. **IT Environment - Basic Experience** + Knowledge of an organization's IT purposes and activities; ability to create an effective IT environment for business operations. **IT Standards, Procedures & Policies - Basic Experience** + Knowledge of and the ability to utilize a variety of administrative skill sets and technical knowledge to manage organizational IT policies, standards, and procedures. **Problem Solving - Basic Experience** + Knowledge of approaches, tools, techniques for recognizing, anticipating, and resolving organizational, operational or process problems; ability to apply this knowledge appropriately to diverse situations. **IT Systems Management - Basic Experience** + Knowledge of and the ability to utilize a variety of technical tools to guarantee service availability and ensure IT system performance. **Software Security Assurance - Basic Experience** + Knowledge of and the ability to detect and prevent data security vulnerabilities of coding throughout the software development life cycle within software development organizations. **Core Competencies:** **Manages Risk - Basic Experience** + Assesses and effectively manages all of the risks associated with their business objectives and activities to ensure activities are in alignment with the bank's and unit's risk appetite and risk management framework. **Customer Focus - Basic Experience** + Knowledge of the values and practices that align customer needs and satisfaction as primary considerations in all business decisions, and ability to leverage that information in creating customized customer solutions. **Position Overview:** At PNC, our people are our greatest differentiator and competitive advantage in the markets we serve. We are all united in delivering the best experience for our customers. As a Security Associate within PNC's Network Security organization, you will be based in Pittsburgh, PA, Cleveland, OH or Columbus, OH. Remote eligibility for this position will be considered outside of the locations defined. The open position on the Network Security Operations team requires an individual with a strong understanding of network security, operational troubleshooting and self-motivation. Incumbents are responsible for managing network firewalls, Web proxy/gateway security platforms, and in-depth troubleshooting. (Platforms include Fortigate firewalls, VMware NSX distributed firewall, and Cisco ASA's,) . Experience with the security component of products such as F5 and ZScaler is a plus. The position requires an individual capable of operating in a highly visible role in a fast-paced and dynamic environment. A qualified candidate should have a strong protocol-level understanding of computer networking, a general knowledge of the networking functions of enterprise computer applications, be passionate about all aspects of information security, proactive in researching and following security trends and best practices, and capable of self-learning new technologies with minimal assistance. Extensive expertise and work as a network security administrator in some or all of the following categories is preferred: + Administration and troubleshooting of firewalls, load balancers, routing and switching. + Intrusion detection systems (IDS/IPS), network forensics, network behavioral analysis + VPN and encryption technologies (IPSec, SSL/TLS, GRE, etc) + Understanding of TCP/IP and common protocols + Virtualization, micro segmentation, and software defined network security (NSX, VMWare, converged infrastructure) + Logging, monitoring, health and fault management automation Current certifications from Fortinet, Cisco, or others is highly preferred. This position will be staffed during normal business hours, but does require rotating on-call coverage, and some work will be performed during after-hours maintenance windows.
          (USA-PA-Pittsburgh) Security Associate      Cache   Translate Page      
**306446BR** **Auto req ID:** 306446BR **HR Job Code:** 102167 Security Associate **Job Profile:** + Participates in activities, processes, and utilizes tools needed to improve overall security posture of the organization. + Applies security concepts, reviews information, executes defined tasks, analyzes requirements, reviews logs, and creates documentation. Performs investigation and data loss prevention, data manipulation, and coordination of activities. Performs actions to address or mitigate risks and vulnerabilities. Reviews and defines controls. + Advises on less complex security procedures and products for clients, security administrators and network operations. Participates in enforcement of control security risks and threats. + Conducts security assessments and other information security routines consistently, with supervision. **Position City:** PA - Pittsburgh **Position Title:** Security Associate **Line of Business:** Technology **Building Location:** PA374 - Two PNC Plaza **Job Type:** Regular **Total Hours Per Week:** 40 **Travel:** <20% **Job Status:** Full Time **Shift:** Daylight **Scheduled Days/Hours:** Mon - Fri 8-5 EST On Call Rotation **EEO Statement:** PNC provides equal employment opportunity to qualified persons regardless of race, color, sex, religion, national origin, age, sexual orientation, gender identity, disability, veteran status, or other categories protected by law **Location(s):** OH - Cleveland, OH - Columbus, PA - Pittsburgh, ZZ - Remote Location **Required Education and Experience:** Roles at this level typically require a university / college degree, with 2+ years of relevant professional experience. In lieu of a degree, a comparable combination of education and experience (including military service) may be considered. **Job Specific Competencies:** **Analytical Thinking - Basic Experience** + Knowledge of techniques and tools that promote effective analysis and the ability to determine the root cause of organizational problems and create alternative solutions that resolve the problems in the best interest of the business. **Effective Communications - Basic Experience** + Understanding of effective communication concepts, tools and techniques; ability to effectively transmit, receive, and accurately interpret ideas, information, and needs through the application of appropriate communication behaviors. **Information Assurance - Basic Experience** + Knowledge of and the ability to protect information and information systems while ensuring their confidentiality, integrity and availability. **Information Security Management - Basic Experience** + Knowledge of the processes, tools and techniques of information security management, ability to deploy and monitor information security systems, as well as detect, resolve and prevent violations of IT security, to protect organizational data. **Information Security Technologies - Basic Experience** + Knowledge of technologies and technology-based solutions dealing with information security issues; ability to apply these in protecting information security across the organization. **IT Environment - Basic Experience** + Knowledge of an organization's IT purposes and activities; ability to create an effective IT environment for business operations. **IT Standards, Procedures & Policies - Basic Experience** + Knowledge of and the ability to utilize a variety of administrative skill sets and technical knowledge to manage organizational IT policies, standards, and procedures. **Problem Solving - Basic Experience** + Knowledge of approaches, tools, techniques for recognizing, anticipating, and resolving organizational, operational or process problems; ability to apply this knowledge appropriately to diverse situations. **IT Systems Management - Basic Experience** + Knowledge of and the ability to utilize a variety of technical tools to guarantee service availability and ensure IT system performance. **Software Security Assurance - Basic Experience** + Knowledge of and the ability to detect and prevent data security vulnerabilities of coding throughout the software development life cycle within software development organizations. **Core Competencies:** **Manages Risk - Basic Experience** + Assesses and effectively manages all of the risks associated with their business objectives and activities to ensure activities are in alignment with the bank's and unit's risk appetite and risk management framework. **Customer Focus - Basic Experience** + Knowledge of the values and practices that align customer needs and satisfaction as primary considerations in all business decisions, and ability to leverage that information in creating customized customer solutions. **Position Overview:** At PNC, our people are our greatest differentiator and competitive advantage in the markets we serve. We are all united in delivering the best experience for our customers. As a Security Associate within PNC's Network Security organization, you will be based in Pittsburgh, PA, Cleveland, OH or Columbus, OH. Remote eligibility for this position will be considered outside of the locations defined. The open position on the Network Security Operations team requires an individual with a strong understanding of network security, operational troubleshooting and self-motivation. Incumbents are responsible for managing network firewalls, Web proxy/gateway security platforms, and in-depth troubleshooting. (Platforms include Fortigate firewalls, VMware NSX distributed firewall, and Cisco ASA's,) . Experience with the security component of products such as F5 and ZScaler is a plus. The position requires an individual capable of operating in a highly visible role in a fast-paced and dynamic environment. A qualified candidate should have a strong protocol-level understanding of computer networking, a general knowledge of the networking functions of enterprise computer applications, be passionate about all aspects of information security, proactive in researching and following security trends and best practices, and capable of self-learning new technologies with minimal assistance. Extensive expertise and work as a network security administrator in some or all of the following categories is preferred: + Administration and troubleshooting of firewalls, load balancers, routing and switching. + Intrusion detection systems (IDS/IPS), network forensics, network behavioral analysis + VPN and encryption technologies (IPSec, SSL/TLS, GRE, etc) + Understanding of TCP/IP and common protocols + Virtualization, micro segmentation, and software defined network security (NSX, VMWare, converged infrastructure) + Logging, monitoring, health and fault management automation Current certifications from Fortinet, Cisco, or others is highly preferred. This position will be staffed during normal business hours, but does require rotating on-call coverage, and some work will be performed during after-hours maintenance windows.
          Systems Engineer IV      Cache   Translate Page      
GA-Alpharetta, Systems Security Engineer - Contract Alpharetta, GA The Senior Distributed Systems Security Engineer is responsible for the platform engineering and deployment of enterprise security tooling including centralized logging, hardware encryption, identity management, and vulnerability scanning solutions. This position is a key consultant regarding the security controls in the environment, and works cl
          (USA-CO-Aurora) Network Control Specialist - TS/SCI with Polygraph      Cache   Translate Page      
Job Description Seeking motivated candidates who want to work in a fast paced and unique job environment where you can truly make an impact in the world today. If you are interested in challenging and technical work or if you just want to be a part of something bigger than you, then this could be a perfect fit for your next job or maybe even the start of an exciting and brand new career. As a Network Control Specialist you will be responsible for monitoring the communications infrastructure and an extensive array of networks. This job is important, and every task you are responsible for is tied to something bigger and you will make a difference. + Exciting fast paced positon solving real world problems in multi-vendor-environment; utilizes critical thinking to troubleshoot complex network issues while maintaining constant vigilance over enterprise network resources + Responsible for performing 24/7 continuous monitoring to identify network incidents related to service interruptions, WAN/LAN outages, and system performance issues + Remediates network and system performance issues and coordinates and implements network changes in accordance with established network maintenance activity processes and procedures + Responsible for day-to-day O&M and administration on routers, switches, multiplexers, load balancers, and encryption and decryption devices within a multi-vendor environment + Troubleshoots SONET, MPLS, BGP, OSPF, IS-IS, Ethernet, Frame-Relay, VRF/VPN, VPLS, Tunneling and other networking technologies to identify potential switching and routing conflicts + Responsible for proactive configuration of network paths for optimum network performance and to reduce impacts to service + Interacts with Cyber Network Defense (CND) analyst to investigate network security related incidents and works to identify root causes and executes mitigation strategies + Provides Situational Awareness (SA) information to the customer for all service impacts + Maintains Job Qualification Standard (JQS) requirements and job certification with an implemented Annual Plan of Instruction (APOI) per customer direction in conjunction with DoD 8570 Requirements Education Bachelors Degree in Computer Science, Engineering, or a related technical discipline, or the equivalent combination of education, technical certifications or training, or work experience. Qualifications 2-5 years of directly related experience in network administration and support + Must have current TS/SCI with CI Polygraph + Must possess appropriate current DOD Information Assurance (IA) certification to be considered for employment; i.e., CompTIA Security+CE, or CCNA-Security + Must attain the required DOD 8570 Computing Environment (CE) certification within six (6) months of hire date + Experience with ITIL Incident Management processes + Position requires shift work: Panama Schedule: Example shown Below + As part of your role/function on the program, you will be granted privileged user access Panama 12-Hour Shift Schedule Example. (This is the schedule we follow today but is subject to change based on Government Requirements) SCHEDULE (ROTATION BETWEEN SHIFTS TAKES PLACE EVERY TWO MONTHS) MON TUE WED THU FRI SAT SUN MON TUE WED THU FRI SAT SUN MON WORK WORK OFF OFF WORK WORK WORK OFF OFF WORK WORK OFF OFF OFF As part of your role/function on the program, you will be granted privileged user access. Privileged Users are subject to greater scrutiny as a direct result of the significant responsibilities placed upon them. Please be aware that because of these critical duties, you will be subject to additional IT system monitoring, and supervisory evaluation to ensure continuous adherence to Privileged User processes and procedures. Privileged Users are subject to a zero tolerance policy for security violations. Benefits of this Position: + Opportunity for Fast Growth within the program + Professional Development Assistance – Covering the Cost of Obtaining Professional & Technical Certifications (depending on program) + Educational Reimbursement – toward degree programs and individual coursework + 401K Match – with 100% vesting on day one + Health, Dental and Vision Coverage to keep you healthy, starting your first day + We know work-life balance is important, GDIT offers Paid Time Off, Plus 10 Paid Holidays + Parking and transit commuter benefits Why Work at General Dynamics IT? + Work with top talent and some of the brightest minds in your field + Support missions that make a difference to our Nation + Become part of an organization that that is committed to the highest ethical standards in all that we do + Thrive in the stability of a large organization, with the ability to move onto new opportunities, supporting different missions, building your career within GDIT + Want to move, or find a job close to home? We have positions in several locations in the United States and the world + Enjoy a culture that supports work-life balance General Dynamics is a and . #ISDCJ #DPOST #ZRPOST As a trusted systems integrator for more than 50 years, General Dynamics Information Technology provides information technology (IT), systems engineering, professional services and simulation and training to customers in the defense, federal civilian government, health, homeland security, intelligence, state and local government and commercial sectors.With approximately 32,000 professionals worldwide, the company delivers IT enterprise solutions, manages large-scale, mission-critical IT programs and provides mission support services. GDIT is an Equal Opportunity/Affirmative Action Employer - Minorities/Females/Protected Veterans/Individuals with Disabilities. Job ID2018-49644 Number of Positions1 Job FunctionInformation Technology Security Clearance LevelTop Secret/SCI with Polygraph Full/Part TimeFull Time
          Lynda - SQL Server Security, Encryption, and Masking      Cache   Translate Page      

Lynda - SQL Server  Security, Encryption, and Masking

Lynda - SQL Server: Security, Encryption, and Masking
English | Size: 128.53 MB
Genre: eLearning


          Comment on On Switching From an iPad Pro and a MacBook to a Pixelbook by Bryan      Cache   Translate Page      
@Sören Nils Kuklau In practice you have to backup your students' data, which means you have to share it with somebody. Moreover, when you get right down to it, most backup services will delegate either to Amazon, Google (via GCloud) or Microsoft. This even holds if you set up your own server, unless it's a physical box you bought which you locate in a premises you own; which is simple not feasible for the average teacher. I see no evidence that Google is any worse than most other companies when it comes to privacy: indeed, across the valley, Facebook seems to be the worst. Apple is unique, but they now price their lineup as luxury brands, instead of premium quality, and even with European school funding it's not practical to buy Apple hardware. With regard to WhatsApp, to day WhatsApp uses point-to-point encryption, and while Facebook begun to nibble at at that, at present it's the safest easiest way to communicate with classes which have a mix of Android and iOS devices. It's certainly safer than SMS, Google Chat, Skype, Viber and most of the other options students might use. I hear people rave about Telegram, but I don't see anyone systematically ensuring that the binary on the Android/iOS app-store is compiled from the open source (cf the recent NPM hack). For a mixed Android/iOS environment, with mixed Windows/macOS PCs at home for homework, GSuite is the best option.
          [研究] SQL Server 2017 安裝失敗      Cache   Translate Page      
[研究] SQL Server 2017 安裝失敗

2018-12-04

情況:砍掉 C:\,重新安裝作業系統,D:\DATABASE 目錄保留不動。

出錯:SQL Server 2017 安裝過程中,設定資料目錄為 D:\DATABASE,結果安裝程式好像想升級原來在 D:\DATABASE 目錄的檔案,結果失敗。

解決:為了保險和乾淨,最後把 D:\DATABASE 先改名,再次重新安裝作業系統 ( 砍掉 C:)

Click 圖片可以看 100% 原尺寸圖片

Summary_ISGDB_20181204_121139.txt 內容
Overall summary:
  Final result:                  失敗: 請參閱下面的詳細資料
  Exit code (Decimal):           -2066808828
  Start time:                    2018-12-04 12:11:40
  End time:                      2018-12-04 12:42:27
  Requested action:              Install

Setup completed with required actions for features.
Troubleshooting information for those features:
  Next step for DQ:              使用下列資訊解決錯誤,解除安裝這項功能,然後重新執行安裝程序。
  Next step for FullText:        使用下列資訊解決錯誤,解除安裝這項功能,然後重新執行安裝程序。
  Next step for sql_inst_mpy:    使用下列資訊解決錯誤,解除安裝這項功能,然後重新執行安裝程序。
  Next step for sql_inst_mr:     使用下列資訊解決錯誤,解除安裝這項功能,然後重新執行安裝程序。
  Next step for AdvancedAnalytics: 使用下列資訊解決錯誤,解除安裝這項功能,然後重新執行安裝程序。
  Next step for SQLEngine:       使用下列資訊解決錯誤,解除安裝這項功能,然後重新執行安裝程序。
  Next step for Replication:     使用下列資訊解決錯誤,解除安裝這項功能,然後重新執行安裝程序。


Machine Properties:
  Machine name:                  MyDB
  Machine processor count:       4
  OS version:                    Microsoft Windows Server 2019 Standard (10.0.17763)
  OS service pack:             
  OS region:                     台灣
  OS language:                   中文(香港特別行政區)
  OS architecture:               x64
  Process architecture:          64 位元
  OS clustered:                  否

Product features discovered:
  Product              Instance             Instance ID                    Feature                                  Language             Edition              Version         Clustered  Configured

Package properties:
  Description:                   Microsoft SQL Server 2017
  ProductName:                   SQL Server 2017
  Type:                          RTM
  Version:                       14
  SPLevel:                       0
  Installation location:         F:\x64\setup\
  Installation edition:          Standard

Product Update Status:
  未探索到任何項目。

使用者輸入設定:
  ACTION:                        Install
  ADDCURRENTUSERASSQLADMIN:      false
  AGTSVCACCOUNT:                 NT Service\SQLSERVERAGENT
  AGTSVCPASSWORD:                *****
  AGTSVCSTARTUPTYPE:             Manual
  ASBACKUPDIR:                   C:\Program Files\Microsoft SQL Server\MSAS14.MSSQLSERVER\OLAP\Backup
  ASCOLLATION:                   Chinese_Taiwan_Stroke_CI_AS
  ASCONFIGDIR:                   C:\Program Files\Microsoft SQL Server\MSAS14.MSSQLSERVER\OLAP\Config
  ASDATADIR:                     C:\Program Files\Microsoft SQL Server\MSAS14.MSSQLSERVER\OLAP\Data
  ASLOGDIR:                      C:\Program Files\Microsoft SQL Server\MSAS14.MSSQLSERVER\OLAP\Log
  ASPROVIDERMSOLAP:              1
  ASSERVERMODE:                  TABULAR
  ASSVCACCOUNT:                  NT Service\MSSQLServerOLAPService
  ASSVCPASSWORD:                 <空的>
  ASSVCSTARTUPTYPE:              Automatic
  ASSYSADMINACCOUNTS:            MyDB\Administrator
  ASTELSVCACCT:                  NT Service\SSASTELEMETRY
  ASTELSVCPASSWORD:              <空的>
  ASTELSVCSTARTUPTYPE:           Automatic
  ASTEMPDIR:                     C:\Program Files\Microsoft SQL Server\MSAS14.MSSQLSERVER\OLAP\Temp
  BROWSERSVCSTARTUPTYPE:         Disabled
  CLTCTLRNAME:                   MyController
  CLTRESULTDIR:                  C:\Program Files (x86)\Microsoft SQL Server\DReplayClient\ResultDir\
  CLTSTARTUPTYPE:                Manual
  CLTSVCACCOUNT:                 NT Service\SQL Server Distributed Replay Client
  CLTSVCPASSWORD:                <空的>
  CLTWORKINGDIR:                 C:\Program Files (x86)\Microsoft SQL Server\DReplayClient\WorkingDir\
  COMMFABRICENCRYPTION:          0
  COMMFABRICNETWORKLEVEL:        0
  COMMFABRICPORT:                0
  CONFIGURATIONFILE:             C:\Program Files\Microsoft SQL Server\140\Setup Bootstrap\Log\20181204_121139\ConfigurationFile.ini
  CTLRSTARTUPTYPE:               Manual
  CTLRSVCACCOUNT:                NT Service\SQL Server Distributed Replay Controller
  CTLRSVCPASSWORD:               <空的>
  CTLRUSERS:                     MyDB\Administrator
  ENABLERANU:                    false
  ENU:                           false
  EXTSVCACCOUNT:                 NT Service\MSSQLLaunchpad
  EXTSVCPASSWORD:                <空的>
  FEATURES:                      SQLENGINE, REPLICATION, ADVANCEDANALYTICS, SQL_INST_MR, SQL_INST_MPY, FULLTEXT, DQ, AS, DQC, CONN, IS, IS_WORKER, BC, SDK, DREPLAY_CTLR, DREPLAY_CLT, SNAC_SDK
  FILESTREAMLEVEL:               0
  FILESTREAMSHARENAME:           <空的>
  FTSVCACCOUNT:                  NT Service\MSSQLFDLauncher
  FTSVCPASSWORD:                 <空的>
  HELP:                          false
  IACCEPTPYTHONLICENSETERMS:     true
  IACCEPTROPENLICENSETERMS:      true
  IACCEPTSQLSERVERLICENSETERMS:  true
  INDICATEPROGRESS:              false
  INSTALLSHAREDDIR:              C:\Program Files\Microsoft SQL Server\
  INSTALLSHAREDWOWDIR:           C:\Program Files (x86)\Microsoft SQL Server\
  INSTALLSQLDATADIR:             <空的>
  INSTANCEDIR:                   C:\Program Files\Microsoft SQL Server\
  INSTANCEID:                    MSSQLSERVER
  INSTANCENAME:                  MSSQLSERVER
  ISMASTERSVCACCOUNT:            NT AUTHORITY\Network Service
  ISMASTERSVCPASSWORD:           <空的>
  ISMASTERSVCPORT:               8391
  ISMASTERSVCSSLCERTCN:          <空的>
  ISMASTERSVCSTARTUPTYPE:        Automatic
  ISMASTERSVCTHUMBPRINT:         <空的>
  ISSVCACCOUNT:                  NT Service\MsDtsServer140
  ISSVCPASSWORD:                 <空的>
  ISSVCSTARTUPTYPE:              Automatic
  ISTELSVCACCT:                  NT Service\SSISTELEMETRY140
  ISTELSVCPASSWORD:              <空的>
  ISTELSVCSTARTUPTYPE:           Automatic
  ISWORKERSVCACCOUNT:            NT Service\SSISScaleOutWorker140
  ISWORKERSVCCERT:               <空的>
  ISWORKERSVCMASTER:             https://MyDB:8391
  ISWORKERSVCPASSWORD:           <空的>
  ISWORKERSVCSTARTUPTYPE:        Automatic
  MATRIXCMBRICKCOMMPORT:         0
  MATRIXCMSERVERNAME:            <空的>
  MATRIXNAME:                    <空的>
  MRCACHEDIRECTORY:           
  NPENABLED:                     0
  PBDMSSVCACCOUNT:               <空的>
  PBDMSSVCPASSWORD:              <空的>
  PBDMSSVCSTARTUPTYPE:           0
  PBENGSVCACCOUNT:               <空的>
  PBENGSVCPASSWORD:              <空的>
  PBENGSVCSTARTUPTYPE:           0
  PBPORTRANGE:                   <空的>
  PBSCALEOUT:                    false
  PID:                           *****
  QUIET:                         false
  QUIETSIMPLE:                   false
  ROLE:                       
  RSINSTALLMODE:                 DefaultNativeMode
  RSSVCACCOUNT:                  <空的>
  RSSVCPASSWORD:                 <空的>
  RSSVCSTARTUPTYPE:              Automatic
  SAPWD:                         *****
  SECURITYMODE:                  SQL
  SQLBACKUPDIR:                  D:\BACKUP
  SQLCOLLATION:                  Chinese_Taiwan_Stroke_CI_AS
  SQLSVCACCOUNT:                 NT Service\MSSQLSERVER
  SQLSVCINSTANTFILEINIT:         false
  SQLSVCPASSWORD:                <空的>
  SQLSVCSTARTUPTYPE:             Automatic
  SQLSYSADMINACCOUNTS:           MyDB\Administrator
  SQLTELSVCACCT:                 NT Service\SQLTELEMETRY
  SQLTELSVCPASSWORD:             <空的>
  SQLTELSVCSTARTUPTYPE:          Automatic
  SQLTEMPDBDIR:                  <空的>
  SQLTEMPDBFILECOUNT:            4
  SQLTEMPDBFILEGROWTH:           64
  SQLTEMPDBFILESIZE:             8
  SQLTEMPDBLOGDIR:               <空的>
  SQLTEMPDBLOGFILEGROWTH:        64
  SQLTEMPDBLOGFILESIZE:          8
  SQLUSERDBDIR:                  D:\DATABASE
  SQLUSERDBLOGDIR:               <空的>
  SUPPRESSPRIVACYSTATEMENTNOTICE: false
  TCPENABLED:                    1
  UIMODE:                        Normal
  UpdateEnabled:                 true
  UpdateSource:                  MU
  USEMICROSOFTUPDATE:            false
  X86:                           false

  Configuration file:            C:\Program Files\Microsoft SQL Server\140\Setup Bootstrap\Log\20181204_121139\ConfigurationFile.ini

Detailed results:
  Feature:                       Data Quality Services
  Status:                        失敗
  Reason for failure:            功能的相依性發生錯誤,導致功能的安裝程序失敗。
  Next Step:                     使用下列資訊解決錯誤,解除安裝這項功能,然後重新執行安裝程序。
  Component name:                SQL Server 資料庫引擎服務執行個體功能
  Component error code:          0x84CF0004
  Error description:             更新資料夾 'D:\DATABASE\20181022 卸離的DB' 的權限設定時,無法更新檔案 'D:\DATABASE\20181022 卸離的DB\IGS_log.ldf' 的權限設定。資料夾權限設定應該設為 'D:P(A;OICI;FA;;;BA)(A;OICI;FA;;;SY)(A;OICI;FA;;;CO)(A;OICI;FA;;;S-1-5-80-3880718306-3832830129-1677859214-2598158968-1052248003)'。
  Error help link:               https://go.microsoft.com/fwlink?LinkId=20476&ProdName=Microsoft+SQL+Server&EvtSrc=setup.rll&EvtID=50000&ProdVer=14.0.1000.169&EvtType=0x1D1BA995%400xE3AF15CF%401232%401&EvtType=0x1D1BA995%400xE3AF15CF%401232%401

  Feature:                       搜尋的全文檢索和語意擷取
  Status:                        失敗
  Reason for failure:            功能的相依性發生錯誤,導致功能的安裝程序失敗。
  Next Step:                     使用下列資訊解決錯誤,解除安裝這項功能,然後重新執行安裝程序。
  Component name:                SQL Server 資料庫引擎服務執行個體功能
  Component error code:          0x84CF0004
  Error description:             更新資料夾 'D:\DATABASE\20181022 卸離的DB' 的權限設定時,無法更新檔案 'D:\DATABASE\20181022 卸離的DB\IGS_log.ldf' 的權限設定。資料夾權限設定應該設為 'D:P(A;OICI;FA;;;BA)(A;OICI;FA;;;SY)(A;OICI;FA;;;CO)(A;OICI;FA;;;S-1-5-80-3880718306-3832830129-1677859214-2598158968-1052248003)'。
  Error help link:               https://go.microsoft.com/fwlink?LinkId=20476&ProdName=Microsoft+SQL+Server&EvtSrc=setup.rll&EvtID=50000&ProdVer=14.0.1000.169&EvtType=0x1D1BA995%400xE3AF15CF%401232%401&EvtType=0x1D1BA995%400xE3AF15CF%401232%401

  Feature:                       Python
  Status:                        失敗
  Reason for failure:            功能的相依性發生錯誤,導致功能的安裝程序失敗。
  Next Step:                     使用下列資訊解決錯誤,解除安裝這項功能,然後重新執行安裝程序。
  Component name:                SQL Server 資料庫引擎服務執行個體功能
  Component error code:          0x84CF0004
  Error description:             更新資料夾 'D:\DATABASE\20181022 卸離的DB' 的權限設定時,無法更新檔案 'D:\DATABASE\20181022 卸離的DB\IGS_log.ldf' 的權限設定。資料夾權限設定應該設為 'D:P(A;OICI;FA;;;BA)(A;OICI;FA;;;SY)(A;OICI;FA;;;CO)(A;OICI;FA;;;S-1-5-80-3880718306-3832830129-1677859214-2598158968-1052248003)'。
  Error help link:               https://go.microsoft.com/fwlink?LinkId=20476&ProdName=Microsoft+SQL+Server&EvtSrc=setup.rll&EvtID=50000&ProdVer=14.0.1000.169&EvtType=0x1D1BA995%400xE3AF15CF%401232%401&EvtType=0x1D1BA995%400xE3AF15CF%401232%401

  Feature:                       R
  Status:                        失敗
  Reason for failure:            功能的相依性發生錯誤,導致功能的安裝程序失敗。
  Next Step:                     使用下列資訊解決錯誤,解除安裝這項功能,然後重新執行安裝程序。
  Component name:                SQL Server 資料庫引擎服務執行個體功能
  Component error code:          0x84CF0004
  Error description:             更新資料夾 'D:\DATABASE\20181022 卸離的DB' 的權限設定時,無法更新檔案 'D:\DATABASE\20181022 卸離的DB\IGS_log.ldf' 的權限設定。資料夾權限設定應該設為 'D:P(A;OICI;FA;;;BA)(A;OICI;FA;;;SY)(A;OICI;FA;;;CO)(A;OICI;FA;;;S-1-5-80-3880718306-3832830129-1677859214-2598158968-1052248003)'。
  Error help link:               https://go.microsoft.com/fwlink?LinkId=20476&ProdName=Microsoft+SQL+Server&EvtSrc=setup.rll&EvtID=50000&ProdVer=14.0.1000.169&EvtType=0x1D1BA995%400xE3AF15CF%401232%401&EvtType=0x1D1BA995%400xE3AF15CF%401232%401

  Feature:                       Machine Learning 服務 (資料庫內)
  Status:                        失敗
  Reason for failure:            功能的相依性發生錯誤,導致功能的安裝程序失敗。
  Next Step:                     使用下列資訊解決錯誤,解除安裝這項功能,然後重新執行安裝程序。
  Component name:                SQL Server 資料庫引擎服務執行個體功能
  Component error code:          0x84CF0004
  Error description:             更新資料夾 'D:\DATABASE\20181022 卸離的DB' 的權限設定時,無法更新檔案 'D:\DATABASE\20181022 卸離的DB\IGS_log.ldf' 的權限設定。資料夾權限設定應該設為 'D:P(A;OICI;FA;;;BA)(A;OICI;FA;;;SY)(A;OICI;FA;;;CO)(A;OICI;FA;;;S-1-5-80-3880718306-3832830129-1677859214-2598158968-1052248003)'。
  Error help link:               https://go.microsoft.com/fwlink?LinkId=20476&ProdName=Microsoft+SQL+Server&EvtSrc=setup.rll&EvtID=50000&ProdVer=14.0.1000.169&EvtType=0x1D1BA995%400xE3AF15CF%401232%401&EvtType=0x1D1BA995%400xE3AF15CF%401232%401

  Feature:                       資料庫引擎服務
  Status:                        失敗
  Reason for failure:            功能的安裝程序期間發生錯誤。
  Next Step:                     使用下列資訊解決錯誤,解除安裝這項功能,然後重新執行安裝程序。
  Component name:                SQL Server 資料庫引擎服務執行個體功能
  Component error code:          0x84CF0004
  Error description:             更新資料夾 'D:\DATABASE\20181022 卸離的DB' 的權限設定時,無法更新檔案 'D:\DATABASE\20181022 卸離的DB\IGS_log.ldf' 的權限設定。資料夾權限設定應該設為 'D:P(A;OICI;FA;;;BA)(A;OICI;FA;;;SY)(A;OICI;FA;;;CO)(A;OICI;FA;;;S-1-5-80-3880718306-3832830129-1677859214-2598158968-1052248003)'。
  Error help link:               https://go.microsoft.com/fwlink?LinkId=20476&ProdName=Microsoft+SQL+Server&EvtSrc=setup.rll&EvtID=50000&ProdVer=14.0.1000.169&EvtType=0x1D1BA995%400xE3AF15CF%401232%401&EvtType=0x1D1BA995%400xE3AF15CF%401232%401

  Feature:                       SQL Server 複寫
  Status:                        失敗
  Reason for failure:            功能的相依性發生錯誤,導致功能的安裝程序失敗。
  Next Step:                     使用下列資訊解決錯誤,解除安裝這項功能,然後重新執行安裝程序。
  Component name:                SQL Server 資料庫引擎服務執行個體功能
  Component error code:          0x84CF0004
  Error description:             更新資料夾 'D:\DATABASE\20181022 卸離的DB' 的權限設定時,無法更新檔案 'D:\DATABASE\20181022 卸離的DB\IGS_log.ldf' 的權限設定。資料夾權限設定應該設為 'D:P(A;OICI;FA;;;BA)(A;OICI;FA;;;SY)(A;OICI;FA;;;CO)(A;OICI;FA;;;S-1-5-80-3880718306-3832830129-1677859214-2598158968-1052248003)'。
  Error help link:               https://go.microsoft.com/fwlink?LinkId=20476&ProdName=Microsoft+SQL+Server&EvtSrc=setup.rll&EvtID=50000&ProdVer=14.0.1000.169&EvtType=0x1D1BA995%400xE3AF15CF%401232%401&EvtType=0x1D1BA995%400xE3AF15CF%401232%401

  Feature:                       Analysis Services
  Status:                        通過

  Feature:                       SQL Browser
  Status:                        通過

  Feature:                       SQL 寫入器
  Status:                        通過

  Feature:                       Distributed Replay Client
  Status:                        通過

  Feature:                       Distributed Replay Controller
  Status:                        通過

  Feature:                       用戶端工具 SDK
  Status:                        通過

  Feature:                       用戶端工具連接性
  Status:                        通過

  Feature:                       用戶端工具回溯相容性
  Status:                        通過

  Feature:                       Scale Out 背景工作
  Status:                        通過

  Feature:                       Integration Services
  Status:                        通過

  Feature:                       SQL 用戶端連接性
  Status:                        通過

  Feature:                       SQL 用戶端連接性 SDK
  Status:                        通過

  Feature:                       Data Quality Client
  Status:                        通過

  Feature:                       安裝程式支援檔案
  Status:                        通過

Rules with failures:

Global rules:

Scenario specific rules:

Rules report file:               C:\Program Files\Microsoft SQL Server\140\Setup Bootstrap\Log\20181204_121139\SystemConfigurationCheck_Report.htm


(完)
          Comment on Week in Review: IoT, Security, Auto by Oliver Harris      Cache   Translate Page      
I believe Mr Vargas makes a very good point. In order to bypass the cybersecurity issue due to "employees who fall for phishing emails", we at CiGen (a robotic process automation pure-play specialist) advocate the use of automation. The idea is that once you minimise RPA security risks by implementing role-based access or encryption, automation will render business operations less hazardous overall. Overall, RPA actually lowers security-related efforts associated with training employees and teaching them security practices (e.g. password management, applications of privacy settings) because it ensures a zero-touch environment. By reducing reliance on manual work, automation minimises security risks at a macro level. Besides security risks, the zero-touch environment of RPA also helps mitigate other human-related risks in business operations. An automated environment is free from biases, prejudices or variability, all of which mar human work with the risk of error. Because of this RPA ensures less risky and consistent work with trustworthy data.
          Gov’t looks to pass LGBTI students protection laws and encryption legislation by end of final sitting week      Cache   Translate Page      
With the end of the parliamentary year in sight, the Government looks to be closing in on passing two key pieces of legislation. Hopes are growing protections for LBGTI school students will be passed by week's end. And on the national security front, laws giving police the power to snoop on encrypted communications are looking likely to pass too.
          A cybersecurity expert quit Apple and joined the ACLU to help fight government efforts to put 'back doors' in smartphones      Cache   Translate Page      

Tim CookAP

  • A high-profile security and encryption expert at Apple has left the company to join the American Civil Liberties Union
  • Joh Callas is joining the ACLU to focus on fighting government surveillance and efforts to install "back doors" on tech platforms as well as exploring issues like artificial intelligence.  
  • Callas' move comes as tech workers become increasingly engaged and active about how tech is used for everything from censorship to discrimination.

A senior Apple security expert left for a much lower-paying job at the American Civil Liberties Union this week, the latest sign of increasing activity on policy issues by Silicon Valley privacy specialists and other engineers.

Jon Callas, who led a team of hackers breaking into pre-release Apple products to test their security, started Monday in a two-year role as technology fellow at the ACLU. Prior to his latest stint at Apple, Callas designed an encryption system to protect data on Macs and co-founded communications companies Silent Circle, Blackphone and PGP Corp.

See the rest of the story at Business Insider

See Also:

SEE ALSO: One photo shows why Apple is smart to not release a 5G iPhone anytime soon


          Thinking about changing your iPhone for Android? 7 reasons not to do it      Cache   Translate Page      


When it is debated on which is the best intelligent mobile phone of the market the iPhone always appears. That does not mean that there are no other terminals that may have better specifications. There are smartphones with Android operating system that are very interesting and with features that we probably never see in Apple. Functions that make us silver to make the jump to the green android .

If you have also thought about setting aside your iPhone for a Samsung or Huawei with Android, we give you 7 reasons not to do so .

1. iPhones are faster
The comparisons of the iPhone with other smartphones are countless, and in all the same conclusion appears: the one of the apple is faster than the rest . The combination of hardware and software make it one of the most balanced devices that exists. The A12 Bionic chip has proven to be a real beast in the benchmarks , becoming comparable with PC processors.

To try to draw attention, competing Android smartphones mount many GBs of RAM or processors of vertigo that, on paper, looks very good. But the reality is that none of it reaches him in terms of speed .

2. For Apple, privacy is very important
Android is an operating system developed by Google, the most famous Internet search engine in the world. Although they never admit it openly, they are interested in user data to improve the rest of their services and, why not, market them to third parties.

Apple, for its part, is not interested in user data . In fact, it is one of the main pillars of the company. It takes very seriously that the user is the only one able to access all their data. You just have to remember how reluctant it is to unlock the iPhone involved in scandals or crimes.

3. The Apple ecosystem


It is very common for a person to have an iPhone or MacBook and, little by little, end up making the rest of the products of the brand. This is thanks to the ecosystem that Apple has managed to assemble, in which the devices communicate perfectly.

The reason for this perfect communication is due to characteristics such as AirDrop, Handoff or Continuity . The first allows sharing files, the second to continue with tasks already started on other devices and the last to, for example, answer calls from the Mac.

Finding such a degree of compatibility in other operating systems is very complicated . Only Microsoft with Windows Phone and Windows 10 could have achieved something like that. Unfortunately, the computer giant discontinued the development of the system for smartphones.

4. More updates
One of the strengths of Apple is its more than correct policy of updates . The Mac, iPhone and iPad are devices that receive many updates throughout their lives. An example of this is the iPhone 5s, which despite being launched in 2013 continues to receive them, being compatible with iOS 12. Who can say that 5 years later?

Android sins a lot in this regard . The only smartphones that usually receive more than two years of updates are the Google Pixel. If you want to have the latest version in a relatively old terminal, you should root it and put a ROM developed by the user community. Not everyone has the necessary knowledge for this.

5. Best apps
Both in the App Store and Google Play there are millions of applications. However, there is no doubt that in the Apple store they are of better quality . This is due to the strict quality and safety controls that must pass before being published.

In addition, most important apps continue to appear earlier in the iOS App Store than in the Android Google Play, although the search engine system has more followers.

6. iPhones are more secure


One of the biggest criticisms of iOS can also be a plus point. The operating system of the iPhone and iPad is very closed. This prevents the user from being able to customize it to the Android grade. But it is thanks to this that it is safer .

Apart from the tools to perform Jailbreak, which are specifically designed for this, it is almost impossible to break the iPhone encryption .

7. The best service, both before and after the sale
Whatever the problem you have with your apple product, taking it to the Apple Store is always the best decision . The staff that works there is the one to give the best answer.

Other brands such as Samsung or LG do not have physical stores (or are not so common). And although Google does a little better, it does not reach the level of its competitor.

Via | iDropNews

          HIPAA Notifications Are Now Within 30 Days Since Breach If You're In Colorado      Cache   Translate Page      
According to bizjournals.com, any HIPAA-covered entities that do business in Colorado will now have 30 days to notify Coloradans (or Coloradoans, if you prefer) of a data breach involving personal information, and not the customary 60 calendar days under HIPAA. The reason? A bill on data security that went into effect in September.
As usual, the use of encryption provides safe harbor. Indeed, the bill – HB18-1128 – goes out of its way to define data breaches as unauthorized access to "unencrypted" personal information. Furthermore, it notes that cryptographically protected information is still subject to the reporting requirements if the encryption key is compromised; that "encryption" is whatever the security community generally holds to be as such; and that a breached entity does not need to provide notification if it determines that "misuse of information… has not occurred and is not reasonably likely to occur."
In the past, variations of that last part were heavily criticized. Naturally, it's in the breached entity's interest to declare that there won't be misuse of the hacked information, ergo no need to inform anyone about it. In 2018, however, it'd be a laughable position to take.  

Surprising Development? Not Really

Colorado's "encroachment" on HIPAA can take one aback but this would be merely a knee-jerk reaction to unfamiliar news: to date, if one was covered under HIPAA, state privacy and information security laws left HIPAA-covered entities alone. But there's absolutely no reason for it. After all, it wouldn't be the first time that a state decided to pass laws that are more severe than federal ones.
Furthermore, think about the purpose of notifications. Supposedly, it's so (potentially) affected individuals can get a start on protecting themselves. If the past ten years have shown us anything, it's that receiving a notification 30 days after the discovery of a data breach can already be too late. In that light, waiting 60 days could be disastrous.
It's a wonder that HIPAA hasn't updated its rules to reflect reality. HIPAA was, arguably, a trailblazer when it came to protecting personal information, with its no-nonsense approach and enforcement of the rules. That last one was a biggie: When Massachusetts General Hospital (MGH) was fined $1 million in 2011 – the largest amount at that time for a data breach – the medical sector not only took notice, they went into action. At minimum, entities started to encrypt their laptops; those paying attention did far, far more.
At the time, HIPAA's 60-day deadline was seen as revolutionary by some (if memory serves, existing data breach laws didn't codify a deadline for alerting people). Of course, companies being what they are, covered-entities ended up doing as most people feared would do: they put off sending notifications for as long as possible, like mailing letters on the 59th day.
Not everyone did this and HIPAA specifically prohibited the practice. A handful were fined as a result of purposefully delaying the inevitable. But waiting until the last possible moment to send notifications appears to be the ongoing behavior, regardless. The same thing happens for non-HIPAA data breaches, except that most states have set a 30-day limit, so companies send it on the 29th day.  

Update Those BA Docs!

Unsurprisingly, Colorado's law also affects business associates to HIPAA-covered entities. All hospitals, clinics, private practitioners, and others in the medical sector should immediately update legal documents that establish obligations between themselves and BAs.
Remember, a covered entity's data breach is the covered entity's responsibility, and a BA's data breach is also the covered entity's responsibility.  

 

Related Articles and Sites:
https://www.bizjournals.com/denver/news/2018/11/29/amendments-to-data-breach-notification-law-in.html
https://www.databreaches.net/amendments-to-data-breach-notification-law-in-colorado-impact-hipaa-regulated-entities/
http://leg.colorado.gov/bills/hb18-1128


          Encryption laws: Tech firms get right to 'appeal' spies’ orders      Cache   Translate Page      
The government has agreed to a suite of changes to its bill that will give intelligence agencies and police the ability to force tech companies to help them crack secure messages
          Sarment Holdings Enters Into Partnership With Blackberry to Deliver Digital Security to the Global Luxury Consumer World      Cache   Translate Page      

Sarment introduce KEYYES CHAT as a first of a series of highly secured modules for consumers Encryption messaging application targeted to cater to security-conscious users KEYYES CHAT will be available at the Apple App Store and Google Play Store in Q2 2019 TORONTO, Nov. 26, 2018...


          IBM DS8880 Encryption for data at rest and Transparent Cloud Tiering (DS8000 Release 8.5)      Cache   Translate Page      
Draft Redpaper, last updated: Tue, 4 Dec 2018

-update for Release 8.5 - IBM experts recognize the need for data protection, both from hardware or software failures, and also from physical relocation of hardware, theft, and retasking of existing hardware.

          Sarment Holdings Enters Into Partnership With Blackberry to Deliver Digital Security to the Global Luxury Consumer World      Cache   Translate Page      

Sarment introduce KEYYES CHAT as a first of a series of highly secured modules for consumers Encryption messaging application targeted to cater to security-conscious users KEYYES CHAT will be available at the Apple App Store and Google Play Store in Q2 2019 TORONTO, Nov. 26, 2018...


          Wednesday AM      Cache   Translate Page      
On today's program: Concerns that Australia's new submarine fleet will be more expensive and take longer to arrive after the latest negotiations with Naval Group; Cyber security expert Alistair MacGibbon says hard-won new encryption laws will restore powers police have had since 1979; And a shortage of females pushes the normally monogamous endangered Swift Parrots to illicit affairs.
          Controversial encryption laws poised to pass after Labor-Coalition reach agreement - SBS News      Cache   Translate Page      
  1. Controversial encryption laws poised to pass after Labor-Coalition reach agreement  SBS News
  2. In-principle deal struck on encryption bill dubbed 'sheer stupidity'  NEWS.com.au
  3. Encryption laws: Tech firms get right to 'appeal' spies' orders  SBS News
  4. Labor and Coalition in last-minute blowup over encryption deal  The Guardian
  5. Government to read your WhatsApp messages under world-first legislation  Daily Mail
  6. View full coverage on Google News

          State Separation for Code-Based Game-Playing Proofs, by Chris Brzuska and Antoine Delignat-Lavaud and Cedric Fournet and Konrad Kohbrok and Markulf Kohlweiss      Cache   Translate Page      
The security analysis of real-world protocols involves reduction steps that are conceptually simple but still have to account for many protocol complications found in standards and implementations. Taking inspiration from universal composability, abstract cryptography, process algebras, and type-based verification frameworks, we propose a method to simplify large reductions, avoid mistakes in carrying them out, and obtain concise security statements. Our method decomposes monolithic games into collections of stateful *packages* representing collections of oracles that call one another using well-defined interfaces. Every component scheme yields a pair of a real and an ideal package. In security proofs, we then successively replace each real package with its ideal counterpart, treating the other packages as the reduction. We build this reduction by applying a number of algebraic operations on packages justified by their state separation. Our method handles reductions that emulate the game perfectly, and leaves more complex arguments to existing game-based proof techniques such as the code-based analysis suggested by Bellare and Rogaway. It also facilitates computer-aided proofs, inasmuch as the perfect reductions steps can be automatically discharged by proof assistants. We illustrate our method on two generic composition proofs: (1) a proof of self-composition using a hybrid argument; and (2) the composition of keying and keyed components. For concreteness, we apply them to the KEM-DEM proof of hybrid-encryption by Cramer and Shoup and to the composition of forward-secure game-based key exchange protocols with symmetric-key protocols.
          Quantum computers pose a security threat that we’re still totally unprepared for      Cache   Translate Page      
Some US experts think it could take at least 20 years to get quantum-proof encryption widely deployed.
          Blockchain Cryptography for Developers (Nakov @ BlockWorld 2018, San Jose)      Cache   Translate Page      

Blockchain Cryptography for Developers (Nakov @ BlockWorld 2018, San Jose, CA, USA) Elliptic Curve Cryptography (ECC) ECC Concepts, Elliptic Curves, the secp256k1 Curve Private Key -> Public Key -> Blockchain Address Sign / Verify Transactions in Ethereum Cryptographic Hash Functions: SHA256, SHA3, RIPEMD160, … HMAC and Key Derivation: HMAC, PBKDF2, SCrypt Blockchain Cryptography and Wallets: JSON / UTC, BIP39, BIP44 Wallet Encryption: AES + Padding + CBC/CTR, Scrypt, HMAC Learn more at: http://nakov.com/blog/2018/04/15/blockchain-cryptography-for-developers-ecc-secp256k1-scrypt-aes-wallets/
          Smart Safety: Home VPN Routers - One-step security for all your Wi-Fi devices      Cache   Translate Page      

Internet data privacy and security is one of the biggest concerns of this century. When businesses and companies are not busy harvesting your traffic for personal purposes, the government is also collecting other forms of data. 
A VPN has, over time, proven to be the easiest and best way to combat this.
Even while using a VPN, you have to ensure there are no loose ends. That means no one device is the weak link in your security chain. For that reason, you would be better off with a home router VPN.

Why set up a home VPN router?
The most important reason to install a VPN app for your router is in the total security it provides. You get to secure all devices on the Wi-Fi network at once. This saves you the time of installing the app on each and every device present on the network. 
Furthermore, it would also save you the cost of having to purchase a VPN app which only worked on one/ a couple of devices at once.
Besides that, installing a VPN on your router is a gateway to better security. You never have to worry about forgetting to turn on your VPN app before connecting to the internet.

Setting up a VPN for your router
You don’t have to be a computer genius to beef up your router security with a VPN. Depending on your situation, there are a total of four different ways to make this work for you. For example, you could

1) Install a VPN app for routers
Choose your preferred VPN provider and purchase a suitable plan from them. Make sure the app on offer is compatible with your choice router too. 
If you don’t already have one, this is the point where you buy a router too. Set up the router accordingly, adding the VPN details to it, and you are good to go.

2) Buy a router preconfigured with ExpressVPN
There are a variety of Linksys routers out there which comes with the ExpressVPN protection model on board. Just like when you were buying a normal router, you get to choose which model works best for you. 
Alongside the added benefit of buying from one of the most recognized Wi-Fi router brands out there, you also get a very strong encryption protocol from ExpressVPN out of the box.

3) Set up your router with ExpressVPN
For those that already have a router at home, there is good news for you too. By simply purchasing the ExpressVPN app, you can set it up on your router and have it broadcast a more secure, encrypted network to all of your connected devices.

The first and third models might be a little bit technical for those who don’t like to get their hands in the techy stuff. If that sounds like you, getting the Linksys model is the best bet.
Ensure you pick one with the right specs for your needs. From there, you just need to plug and use the router – no hassles of setup, installation and special configurations required.


           Comment on Do We Need a Fifth Political Theory? by Edith Aint       Cache   Translate Page      
Damn, that's back when I was a baby....I ain't so scared about different ideas, just the Feds showing up at my front door. Decided to read it, certainly an interesting concept, but a bit "techy" for me. Is encryption technology really secure enough to do all that?
          Error saving PDF using FIPS      Cache   Translate Page      

All,

 

I am currently trying to use an old (2011) PDF form that was generated using Password Security.  Our network requires the use of FIPS which will not allow me to make any changes to this form and save my work.

 

I am required to fill out this form, digitally sign the document and send it on to the next individual for their review and digital signature.

 

Is there anyway to accomplish this or will I have to generate a new form that does not use Password Security which is not allowed using FIPS?

 

Thanks in advance.

 

Additional Info:

 

Version: Adobe Acrobat Reader DC 2019.008.20081

Security Method: Password Security

Encryption Level: 128 bit AES

FIPS enabled

 

V/r,


          Australia rushes its ‘dangerous’ anti-encryption bill into parliament, despite massive opposition      Cache   Translate Page      
Australia’s controversial anti-encryption bill is one step closer to becoming law, after the two leading but sparring party political giants struck a deal to pass the legislation. The bill, in short, grants Australian police greater powers to issue “technical notices” — a nice way of forcing companies — even websites — operating in Australia to […]
          Australia rushes its ‘dangerous’ anti-encryption bill into parliament, despite massive opposition      Cache   Translate Page      
Australia’s controversial anti-encryption bill is one step closer to becoming law, after the two leading but sparring party political giants struck a deal to pass the legislation. The bill, in short, grants Australian police greater powers to issue “technical notices” — a nice way of forcing companies — even websites — operating in Australia to […]
          Openwashing, Entryism and Failure      Cache   Translate Page      

read more


          What file encryption software should I use on Windows 10?      Cache   Translate Page      

If you are searching for a software to encrypt your files, you’ve come to the right place. In this guide, you will find useful information about products that encrypt files, not a full drive tool like Microsoft’s Bitlocker. Full disk encryption is an efficient data protection feature, but it is not helpful when you wish […]

The post What file encryption software should I use on Windows 10? appeared first on Windows Report - Windows 10 and Microsoft News, How-to Tips.


          i have an Android app which allows to transfer PDF files to firebase database . i need an encryption algorithm to implement on PDF files      Cache   Translate Page      
I need an Android app. I already have a design for it, I just need it to be built. (Budget: ₹600 - ₹1500 INR, Jobs: Android, Mobile App Development)
          The Lawfare Podcast: Global Developments in Encryption and Surveillance Law      Cache   Translate Page      
In August, legal and technical experts gathered in Santa Barbara for the Crypto 2018 Workshop on Encryption and Surveillance to further the ongoing debate over the impact of strong encryption and law enforcement surveillance capabilities. Over the past several days, Lawfare has published a series of reflections that capture some of the views presented at the conference. On this episode of the Lawfare Podcast, we’ve brought you one of the conversations from the event itself, in which Jim Baker of Brookings and Lawfare, Cindy Cohn of the EFF, Sven Herpig of the New Responsibilities Foundation, Adam Ingle of Australia’s Department of Home Affairs, and Ian Levy of the U.K.’s GCHQ discussed recent developments in the laws and policy governing encryption and surveillance around the world.
          Coalition and Labor strike deal on encryption legislation      Cache   Translate Page      
LinuxSecurity.com: New national security laws dealing with encrypted communications are likely to pass Parliament by the end of the week, as Labor and the government have come to an in-principle agreement on key parts of the Bill after a series of concessions from the Coalition.
          Australia legisla para rebajar o eliminar el cifrado en comunicaciones: la tendencia se abre paso      Cache   Translate Page      

Australia legisla para rebajar o eliminar el cifrado en comunicaciones: la tendencia se abre paso#source%3Dgooglier%2Ecom#https%3A%2F%2Fgooglier%2Ecom%2Fpage%2F%2F10000

El Gobierno de Australia y el principal grupo de la oposición han llegado a un acuerdo para aprobar en el parlamento la posibilidad de que la policía y las agencias de inteligencia puedan obtener acceso a mensajes cifrados en WhatsApp y otras aplicaciones similares, según informa Bloomberg.

Compañías como Google o Facebook han intentado frenar el acuerdo desde su participación en The Digital Industry Group, una asociación a la que se han unido Amnistía Internacional y el Centro de Derecho de los Derechos Humanos.

Sin embargo, la presión del lobby no ha sido suficiente para que la legislación no vaya a aprobar esta semana. Por una parte, la postura de ambos gigantes de Internet tiene mucho sentido, porque tendrían que comprometer la privacidad de sus usuarios por orden política o judicial. Pese a esta supuesta preocupación, en el caso de Facebook, tal y como ha comentado Jan Koum, uno de los fundadores de WhatsApp, es algo que ya se estaba planteando internamente, aunque con otro objetivo: monetizar mejor.

La "época dorada" del cifrado puede acercarse a su fin

Cifrado

Aunque las tecnologías de cifrado de plataformas como WhatsApp siguen lejos de las mejores implementaciones del mercado, la situación actual es mucho mejor a la de hace unos años, cuando los mensajes eran enviados en texto plano y, por tanto, era extremadamente fácil rastrearlos en una red local. Además, hasta ahora se ha gozado de cierta protección por parte de las leyes, hecho por el cual, por ejemplo, Apple pudo negarse a colaborar con el FBI en el caso de San Bernardino.

Hasta ahora, la mayoría de leyes primaban la privacidad, pero sólo es cuestión de cambiarlas

Por ello, las situación que se ha vivido hasta ahora en cuanto a anonimato (con honrosas excepciones, "hola, NSA") puede considerarse casi idílica, pues de no ser así, el cambio de leyes no estaría en el centro del asunto: ni siquiera haría falta. En ese sentido, uno de los asesores de seguridad del Gobierno australiano, Alastair MacGibbon, defendió en una entrevista que si durante 40 años las autoridades podían acceder legalmente a las conversaciones telefónicas, en la nueva era hacen falta nuevos poderes para seguir el ritmo moderno.

La medida se justifica como manera de ayudar a prevenir ataques terroristas y el crimen organizado, o para encontrar a los culpables en la investigación, pero los críticos, según recoge la noticia, acusan a los grupos del acuerdo de haber ido demasiado lejos, y en palabras de Digital Rights Watch, "y tiene el probable impacto de debilitar la ciberseguridad australiana, reducir la confianza en el comercio electrónico, así como reducir la seguridad del almacenamiento de datos y la protección de los derechos civiles".

La tendencia puede propagarse

En Australia el asunto ya es serio, porque en poco tiempo, la medida puede formar parte del marco regulador del país. Sin embargo, existen más países que aunque todavía no hayan llegado a legislar, parecen encaminados a ello.

Es el caso de Reino Unido, país del que hace unos días hablábamos al respecto, a raíz de la noticia de que los servicios de inteligencia quieren poder infiltrarse en conversaciones filtradas. No acabar con él, pero sí negociar con los proveedores de servicios participar de forma oculta en las conversaciones, eliminando las notificaciones que, por ejemplo, se muestran en el caso de WhatsApp.

El problema de que la idea continúe en expansión no es sólo que lo opinen los expertos consultados por medio, sino que es la propia ONU la que defiende que el cifrado y el anonimato de las conversaciones son cruciales para la libertad de expresión. Lo afirmó en un informe de 2015, pero la cosa parece ir a peor.

También te recomendamos

#CienciaenelParlamento o cómo Twitter puede crear una cultura política científica

La agencia de espionaje británica detalla cómo quiere infiltrarse en conversaciones sin romper el cifrado

En Australia la gente corrió a sacar sus datos del nuevo registro de salud del Estado, y la web se cayó como para probar el punto

-
La noticia Australia legisla para rebajar o eliminar el cifrado en comunicaciones: la tendencia se abre paso fue publicada originalmente en Genbeta por Antonio Sabán .


          Create your own personal cloud with the $136 Synology 2-bay NAS      Cache   Translate Page      
Home media server. The Synology DiskStation DS218j diskless 2-bay network-attached storage device has dropped to $135.99 on Amazon. Today's deal matches what Amazon had for Black Friday. The NAS sells for $170 and doesn't drop from that price except for rare deals like this. NAS systems let you create your own media server at home. If you have a lot of digital music and movies, you can use a NAS like this one to put all those files in a central location and access it from any system in your home. It's also a good thing to have for small businesses where multiple people might need access to the same files. The DS218j is an entry-level NAS so it's designed for more basic use at home and as a sort of personal cloud. It has a dual-core CPU with hardware encryption and operating temperatures that range between 40 and 104 degrees Fahrenheit. Once setup, you'll be able to access the NAS from anywhere using mobile apps on iOS, Android, and Windows. These are diskless bays, which means ther...
          Hasty PJCIS examination of encryption Bill produces rushed and contemptuous report      Cache   Translate Page      
The Australian Labor Party agrees to reverse the sensible order of creating legislation, and will pass encryption-busting Bill, before then reviewing its consequences.
          Quantum computers pose a security threat that we're still totally unprepared for - MIT Technology Review      Cache   Translate Page      

MIT Technology Review

Quantum computers pose a security threat that we're still totally unprepared for
MIT Technology Review
The report cites an example of encryption that protects the process of swapping identical digital keys between two parties, who use them to decrypt secure messages sent to one another. A powerful quantum computer could crack RSA-1024, a popular ...
Dec. 4, 2018 FOR IMMEDIATE RELEASE New Cryptography Must Be Developed and Deployed Now, Even Though A ...National Academies of Sciences, Engineering, and Medicine

all 94 news articles »

          Australia rushes its ‘dangerous’ anti-encryption bill into parliament, despite massive opposition      Cache   Translate Page      
Australia’s controversial anti-encryption bill is one step closer to becoming law, after the two leading but sparring party political giants struck a deal to pass the legislation. The bill, in short, grants Australian police greater powers to issue “technical notices” — a nice way of forcing companies — even websites — operating in Australia to […]
          Weekly output: Apple Tax on storage, CrowdStrike CEO, Facebook Pages, Rod Rosenstein on security and encryption      Cache   Translate Page      
This year is officially in the home stretch, but some of this week’s work almost certainly won’t show up in my bank account until 2019. Remembering your clients’ varying payment schedules is essential to keeping some level of freelance accounting … Continue reading
          Yi Smart Dash Camera International Version 1080P 60Fps      Cache   Translate Page      
Yi Smart Dash Camera International Version 1080P 60Fps





Xiaomi Yi Smart Car Dash Camera INTERNATIONAL VERSION
DI JAMIN 100% Original dan BERGARANSI 1 Tahun.
WARNA SPACE GREY and GOLD

Kelengkapan :
1 x Xiaomi Yi DVR Car International Version
1 x Bracket 3M
1 x Car Charger Adapter
1 x USB Cable
1 x User Manual

Note :
1. Garansi Camera 12 Bulan
2. Ready Stock (Ditanyakan untuk ketersediaan warna )
3. Mohon konfirmasi stock dulu sebelum melakukan pemesanan
4. Pengiriman ( Maksimal H + 1 )
5. Packing menggunakan Bubble Wrap ( Jadi di pastikan AMAN )

Spesifikasi :
2.7 inches LCD display screen
165 degree wide view angle
Sensor Camera 3 MP
ADAS warning system
1080P 60fps
Built-in WiFi for sharing
Compact and lightweight
Made of high quality PC and ABS material, shock-proof
Easy and convenient to install
Built-in battery: 240mAh Li-polymer
CPU: YI A12 dual core + DSP enhanced WDR 3D noise reduction
Video resolution: 1080P 60fps
Memory: Micro SD card, maximum 64GB (not included in the package)
WiFi standard: 802.11n
Lens: F1.8, 165 degree wide view angle
Wireless encryption: WEP / WPA / WPA2
Video compression: H.264
Output: 5V / 1A (Micro USB)
Display: 2.7 inches 16 : 9 426 x 240 LCD
Built-in G-sensor: High precision six axis sensor
Support: Android, iOS

Berat : 500 Gram

Harga ( Updated Desember 2018 ) : Rp. 740.000,-

Belanja Online Klik Disini:
https://www.palugada.com/Yi-Smart-Dash-Camera-International-Version
          OSS Leftovers      Cache   Translate Page      
  • Bypassing Procurement Can Introduce Some Unwanted Visitors

    The federal IT procurement safety net may be developing some holes. Many federal developers are forgoing traditional software purchasing in favor of going directly to the source and downloading code from tens of millions of open source repositories and libraries. While this can certainly expedite innovation, it also has the potential to expose agencies to security risks if they’re not careful.

    This backdoor approach to code procurement can let in some unwanted visitors through that door: unknown and dangerous vulnerabilities that may have gone undetected in the code. Without the checks and balances of procurement, how can they be sure that the code they are downloading does not contain some form of malware or another bad actor? How can they stay agile while keeping their applications and networks safe?

  • Red Hat’s David Egts: Agencies Should Screen Open Source Code for Cyber Risks

    David Egts, chief technologist for Red Hat’s North American public sector, has said federal agencies should assess open source code for cyber vulnerabilities prior to adoption.

    Egts wrote in a Nextgov piece published Monday that agencies should monitor open-source libraries and repositories that developers use to download the code and deploy a code analyzer to detect memory corruptions, resources leaks and other issues that could be leveraged by adversaries.

    “Agencies can also participate in crowdsourced security initiatives designed to test the efficacy of their defenses and reinforce the notion that security must be taken seriously by everyone, including developers,” he noted.

  • 2019 Telecoms Forecast: The Year Of 5G And Open Source

    2019 looks set to be a pivotal year for the telecoms industry. 5G edges ever closer to a full launch, while new use cases in cloud computing and IoT are coming to light and driving greater-than-ever demand for high capacity, low latency connectivity.

    As we reach 2019, it’s important look at how these new demands are shaping the telecoms industry. There has been a distinct move away from just providing faster network speeds to consumers, and towards enabling a whole host of new technologies on mobile networks, meaning it’s vital for companies to assess which are simply hype, and which will lead to fruition in 2019.

  • Al Lowe reveals his Sierra source code collection—then puts all of it on eBay

     

    As of press time, Lowe has listed auctions for the first two Leisure Suit Larry games' source code, with bids already climbing (both well above the $400 mark after they went live). Lowe indicated to Lindsey that more games' code will follow on eBay, and this will likely include a stunning treasure trove: Lowe's other Leisure Suit Larry games, King's Quest III, Police Quest I, and Lowe's games based on Disney franchises Winnie The Pooh and Black Cauldron.

  • SQLite Release 3.26.0
  • SQLite 3.26 Adds Defensive Option & Optimizations

    The SQLite 3.26 release features an optimization around updates on tables with indexes on expressions, a new SQLITE_DBCONFIG_DEFENSIVE option to disable the ability to create corrupt database files with basic SQL, support for read-only shadow tables in the new defensive mode, a table_xinfo PRAGMA that can show hidden columns on virtual tables, enhanced triggers, improvements to the SQLite Geopoly extension, additions to the SQLite Session extension, and various other changes.

  • Microsoft Open Sources SEAL Homomorphic Encryption Library [Ed: This is the company that puts back doors in everything it makes, even disk encryption. Now it is openwashing this to make it a 'standard']

          Vsign RA      Cache   Translate Page      
Vsign RA is application for RA users to apply DSC form for class1, class2, class3.
RA can apply DSC form for individual user type.
RA can apply DSC for following certificate type
1.Signature
2.Encryption
3.Combo

Recent changes:
Username length increased.
          Update: SafeInCloud Pro (Productivity)      Cache   Translate Page      

SafeInCloud Pro 18.7.0


Device: iOS Universal
Category: Productivity
Price: $7.99, Version: 18.6.4 -> 18.7.0 (iTunes)

Description:

SafeInCloud Password Manager allows you to keep your logins, passwords, and other private info safe and secure in an encrypted database. You can synchronize your data with another phone, tablet, Mac or PC via your own cloud account.

No subscriptions, no monthly fees! You purchase SafeInCloud once and use it on all your iOS devices without any additional fees. You can share this app with up to 5 members of iCloud Family Sharing group.

KEY FEATURES
◆ Easy to Use
◆ Strong Encryption (256-bit Advanced Encryption Standard)
◆ Cloud Synchronization (Google Drive, Dropbox, OneDrive, Yandex Disk, NAS, ownCloud, WebDAV)
◆ Login with Touch ID & Face ID
◆ Autofill in Apps
◆ Apple Watch App
◆ Password Strength Analysis
◆ Password Generator
◆ Free Desktop App (Windows, Mac)
◆ Automatic Data Import
◆ Cross-Platform

EASY TO USE
Try it yourself and enjoy an easy-to-use yet powerful user interface.

STRONG ENCRYPTION
Your data is always encrypted on a device and in a cloud with a strong 256-bit Advanced Encryption Standard (AES). This algorithm is used by the U.S. Government for protection of a top secret information. AES is also widely adopted worldwide and became the de facto encryption standard.

CLOUD SYNCHRONIZATION
Your database is automatically synchronized with your own cloud account (Google Drive, Dropbox, OneDrive, Yandex Disk, NAS, ownCloud, WebDAV). Thus you can easily restore your entire database from a cloud to a new phone or computer (in case of a loss or an upgrade). Your phone, tablet and computer are also automatically synchronized between each other via a cloud.

LOGIN WITH TOUCH ID & FACE ID
You can instantly unlock SafeInCloud with a fingerprint on devices with Touch ID. You can also unlock SafeInCloud by face recognition using Face ID technology.

AUTOFILL IN APPS
You can autofill login and password fields into any app on your phone directly from SafeInCloud. You don't need to copy and paste them manually.

APPLE WATCH APP
You can put some selected cards on your wrist to easily access them on the run. These could be your credit card PINs, door and locker codes.

PASSWORD STRENGTH ANALYSIS
SafeInCloud analyses your password strengths and shows a strength indicator next to each password. The strength indicator displays an estimated crack time for a password. All cards with weak passwords are marked with a red sign.

PASSWORD GENERATOR
The password generator helps you generating random and secure passwords. There is also an option to generate memorable, but still strong passwords.

FREE DESKTOP APP
Download a free Desktop application for Windows or Mac OS from www.safe-in-cloud.com to be able access your database on your computer. The Desktop application also makes data entry and editing fast and easy using a hardware keyboard.

AUTOMATIC DATA IMPORT
The Desktop application can automatically import your data from another password manager. You don't need to manually reenter all your passwords.

What's New

◆ Fix for "Wrong password" error for huge databases
◆ Improvements and bug fixes
If you have questions, suggestions or problems, please contact support@safe-in-cloud.com.

SafeInCloud Pro


          Will Quantum Computing Break Blockchain?      Cache   Translate Page      
Recent research on quantum computing has shown that in the coming years, quantum computers will be able to break blockchain encryption.
          UK Parliament Releases Facebook Document on the Handling of User Data, Australia Set to Give Law Enforcement Power to Access Encrypted Messages, Microsoft Open-Sourced Windows UI/UX Frameworks, Iridium Browser New Release and CrossOver 18.1 Now Available      Cache   Translate Page      

News briefs for December 5, 2018.

The UK Parliament released a 250-page previously sealed Facebook document that reveals how the company handled crucial decisions regarding user data. The Verge reports that "In emails released as part of the cache, Facebook executives are shown dealing with other major tech companies on 'whitelisting' for its platform" and that according to British lawmaker Damian Collins "the agreements allowed the companies access to user data after new restrictions were put in place to end most companies' access. Companies offered access included Netflix and Airbnb, according to the emails." You can see the 250-page document here.

Australia plans to give law enforcement and intelligence agencies the ability to access encrypted messages on platforms like WhatsApp, putting public safety concerns ahead of personal privacy. Bloomberg reports that "Amid protests from companies such as Facebook Inc. and Google, the government and main opposition struck a deal on Tuesday that should see the legislation passed by parliament this week. Under the proposed powers, technology companies could be forced to help decrypt communications on popular messaging apps, or even build new functionality to help police access data."

Microsoft yesterday open-sourced Windows Forms, the WinUI (Windows UI Library) and WPF (Windows Presentation Foundation). According to Phoronix, the full source code is available on GitHub and the UI/UX frameworks are now open source under the MIT license. For more information, see this Windows blog post.

Iridium Browser recently released build 2018.11.71 for Debian-based systems. The new version is based on Chromium 71.0.3578.30, and it's available for Fedora and openSUSE as well. Iridium Browser is "Iridium Browser is based on the Chromium code base. All modifications enhance the privacy of the user and make sure that the latest and best secure technologies are used. Automatic transmission of partial queries, keywords and metrics to central services is prevented and only occurs with the approval of the user. In addition, all our builds are reproducible and modifications are auditable, setting the project ahead of other secure browser providers." You can download it from here.

CodeWeavers announced the release of CrossOver 18.1 yesterday for both Linux and macOS. According to the announcement, "CrossOver 18.1 restores controller support for Steam on both macOS and Linux. macOS customers with active support entitlements will be upgraded to CrossOver 18.1 the next time they launch CrossOver. Linux users can download the latest version from here.


          Automatically Encrypt Your Office Document in Windows 10      Cache   Translate Page      
Want to password protect a folder in Windows 10 with folder encryption software? Here’s how to automatically encrypt your Office document in Windows 10 PC. Though Microsoft Office allows you to use a password to protect the document, Lock My Folders gives you peace of mind by adding a second layer of encryption that is outside of Microsoft Office. This can prevent anyone from cracking your password using any Office password cracker utilities when your document is stolen or lost. Lock My Folders is a standalone software that lets you create a secure folder. Any document saved inside the secure
          Bitwarden: a free and secure open source password manager for all your devices      Cache   Translate Page      


Bitwarden makes it easy to store your logins and passwords while keeping them synced between devices across all platforms

If you're looking for a password manager or an alternative password manager, Bitwarden is a good contender. It's open source with fully functional free accounts that include all the features you'd find in other password managers such as browser integration, secure password generation, access through a web vault, 2FA, the ability to sync across devices, and end-to-end encryption (Bitwarden uses end-to-end AES-256 bit encryption, salted hashing, and PBKDF2 SHA-256).

Bitwarden offers a variety of ways of accessing your data:
> WebVault is optimized for use on desktop, laptop, tablet, and mobile devices
> Desktop applications for Windows, MacOS and Linux (no Internet connection needed to access passwords)
> Web browser extensions for Google Chrome, Firefox, Vivaldi, Opera, Tor, Microsoft Edge, Safari, and Brave
> Mobile apps for Android and iOS
> Web vault, accessible from any web browser

Data can be imported from a large array of password managers including LastPass, 1Password, Blur, Chrome, Dashlane, Enpass, Firefox, KeePass, Opera, PassKeep, RoboForm, Vivaldi, Zoho and more.  Read More

          10 useful and free networking tools that are Windows 10 apps      Cache   Translate Page      

Networking tools for windows are typically command-line programs or desktop applications. Under Windows 10, there’s a third format: apps that you download from the online Microsoft Store.

Here we’re highlighting 10 networking tools that are available in the Microsoft Store and can be pinned as tile icons on the Windows 10 Start menu for convenient access. They’re all useful, and they’re all free.

All My LAN

All My LAN lists your network's IP address, its profile name, and its maximum upload and download speeds. The amount of data that has been sent and received over the network is depicted in two line charts. By moving a slider, you can adjust the charts to represent the amount of data that was transmitted throughout the current day or up to the last 30 days. The charts can be combined to view as one chart.

This app can also scan for any multicast DNS services or UPnP devices that are connected to your network. Clicking the name of a found device or service pulls up information about it, such as its IP address, manufacturer, and product name and model.

Developer: Thoroughsoft

Data Usage

This app can audit a Windows 10 desktop or laptop and report all the mobile data or Wi-Fi networks it’s been connected to. When you run Data Usage for the first time, it may take a while anywhere from several seconds to a minute or so as it scours your computer for its record of network connections.

Data Usage presents the amount of data that the computer has consumed on networks as line and pie charts. The line chart tallies the total amount of data for each network your computer connected to over the current month. (This can be changed to show the previous month, the last 7 days or a range between two days you select.) The pie chart breaks down by percentage how much data was used on each network over the selected range of dates. Reports can be exported as CSV files, which break down the amount of data that was used by day.

Data Usage is free but comes with banner ads. The pro version ($1.49) removes them.

Developer: smart_Apps

Network Inspector

This app is comprised of tools that scan information about nearby network signals, including Wi-Fi ones, but its purpose has an emphasis on Bluetooth. When its Bluetooth Watcher tool is activated, Network Inspector continuously updates a list of Bluetooth devices that are within range. The app has a search box you can use to find a Bluetooth device that’s transmitting by entering its device ID into it.

Another tool, an HTTP inspector, scans for and lists any HTTP servers on the local subnet of the network on which your Windows 10 computer runs. You can view the pages that are found, and other information about them, such as their headers.

The developer has made the Network Inspector source available, which can be examined within the app itself. Network Inspector is free but comes with banner ads. To remove them, you’ll have to pay $20. But the price includes full access to the app’s source code for you to use and modify.

Developer: Shipwreck Software

Network Port Scanner

Network Port Scanner is a standard port scanner for checking your network for any ports that are open and revealing the IP addresses they are open to. You can enter a range of IPs and ports for this app to scan, as well as setting a timeout in milliseconds.

Developer: Cenix

Termius

Termius is a full SSH client that lets you connect multiple times to a host, or multitask by connecting to several hosts at once and switching among them. It supports port-forwarding. You can organize your servers under group categories, and pair credentials and servers for quicker access.


10 useful and free networking tools that are Windows 10 apps
Crystalnix

Termius SSH client from Crystalnix

You can customize the UI of your sessions by choosing from several color themes and resizable fonts. These can be applied to the aforementioned groups of servers that you set up.

Termius is free. If you subscribe to a premium plan (starting at $7 monthly), you get some more features. These include storing frequently used scripts that can be executed across SSH sessions, and syncing credentials and settings across devices with AES-256 encryption on the client side and backed up to the cloud. An SFTP client is also added for you to manage and transfer files between local and remote computers. (For a totally free alternative to consider, check out Remote Terminal and Remote Terminal 2 .)

Developer:Crystalnix

UDP Sender/Receiver

This app lets you send UDP messages (datagrams, for example) to another client and to listen for UDP packets to test the responsiveness of this protocol on your network. UDP Sender/Receiver features three modes of use: Sender Only lets you enter remote IP and remote port numbers for a host, and a datagram, and the app then sends the datagram to the other client. In Receiver Only mode, the app listens for UDP packets from the local port. Sender/Receiver combines these two functions: sending your datagram and listening for a response.

Developer:ReddysSoftware

vxUtil

This is a suite of commonly used network and internet utilities. vxUtil includes DNS audit, DNS lookup, finger, port scanner, subnet calculator and WHOIS lookup. It also has tools to get the HTML from a URL, grab quotations from a quote server, remotely turn on a computer via Wake-on-LAN that’s asleep or turned off, and view the clock on a time server.


10 useful and free networking tools that are Windows 10 apps
Cambridge Computer Corp.

vxUtil port scanner from Cambridge Computer Corp.

There’s nothing flashy here. These are the same kind of simple but essential network tools you find as desktop applications or terminal programs. vxUtil just brings several of them together under a single Windows app. So you can pin this app as a tile on the Start menu to have these tools conveniently available from it.

Developer:Cambridge Computer Corp.

Wake on LAN (Magic Packet)

This app lets you create shortcuts to wake a computer or other device on your LAN. In Wake on LAN , you create a configuration for the device (entering its name, MAC address and, if it’s on a WAN, host and port information). These configurations can be pinned to the Start menu, so you can wake a device by clicking/tapping its tile.

Developer:HM Software NL

What's IP This app is similar to All My LAN, but simpler and with an a
          Geoeconomics: the Chinese Strategy of Technological Advancement and Cybersecurity | Lawfare      Cache   Translate Page      
Final paragraph below; on a related note, see The Race Is On to Protect Data From the Next Leap in Computers. And China Has the Lead. | NYT
"When it comes to artificial intelligence, public-private collaboration and coordination is reportedly pervasive, and China has recruited big Chinese tech firms as part of the “AI national team.” Western commentators often portray the success of Chinese technology firms as the result of unfair practices, like theft of intellectual property and the provision of state subsidies. But, as Kai-Fu Lee notes, this also stems from China’s ability to endorse particular objectives and set the tone for private capital choices, as it has done in seeking to foster the development of artificial intelligence. China likewise leads the way in providing infrastructure to support these technological developments, such as building cities and highways with built-in sensors designed to facilitate the use of driverless cars. The Chinese government views its state capitalist model as a national strength that does not contradict international trade rules, which that it needs to secure against U.S. attempts to halt or reverse China’s rise. A key question for the future of international economic law is whether these different economic models will be able to coexist under the same legal framework."
Geoeconomics: the Chinese Strategy of Technological Advancement and Cybersecurity | Lawfare

          Emerald Who's Who is a Scam      Cache   Translate Page      

I am writing this article in here so that everyone else out there can be aware of this SCAM and FRAUDULENT company named Emerald Who's Who. These people are very professional at their SCAM business to the extent that you will feel very stuck in their deal. I was almost caught yesterday except for this small silly mistake that they did and got my defensive mechanisms up.

If you are intereseted in this story, click to read more. If you are not intereseted in the details, simply be aware of anybody calling you over your phone from a company named Emerald Who's Who.

My story with this is short and simple. A long time ago (around 6 months ago), I received an email from Emerald Who's Who informing me that I have been referred to them by experts in my domain as one of the credible people in my field. As such, they are inviting me to become listed as part of their Who's Who. I visited their scam website and, to my surprise, it looked like a normal one with some listings of other members on it (some of them being well known in my region). The website uses SSL encryption verified by Verisign so these people must be doing some real business (although not completely verified). I felt safe about it so I completed the form (a very long one) and submitted it.

Six months after that (literally six months), I recieved a call during a business meeting that I had. The man on the other hand of the line was very business oriented and used terms that caused me to feel really special. I know I am special in one way or another but I just did not know that Louis Gerstner was my next possible competitor ;)

He asked me many questions related to the way I conceive my business, what I think makes NetDesignPlus a special web development company, as well as many other questions that made him look really interested in preparing a mini-bio about me.

So far, I was the rat in the trap. I was thinking about all the possible ways to make use of this connection to the maximum extent possible. The guy moved forward to add that in addition to being listed, I can make use of some optional premium services in return for money. These services include being published in many forms (online, catalogs, journals, etc.) as well as a selective service that allows me to use their services to select potential customers from their database of professionals, etc.

The interview lasted around 20 minutes during which I completely believed this guy. Then, the BIG mistake was done when he started becoming pushy towards my credit card. I tried being polite with this extremely polite person by telling him that I will review his proposal (which he promised to send by email) and then, I will proceed and register for the package that I choose.

At this point, he started becoming more and more pushy (he must be this way since the rat is starting to vision the trap now) by offering me packages for lower prices and trying to get my credit card number over the phone. I explicitly mentioned to him that I cannot give my credit card number to anyone (isn't this what my bank told me when I got it?). How about giving it over the phone to some person calling himself Jerry Aguire (yup, Aguire and not Maguire). At this point, he said that he has an alternative solution for me where he can send me the proposal while he is over the phone and then, I can check it while he is on the phone with me and decide whether I want to buy or not while he is on the phone with me. I asked why I cannot get some time. He said that they have thousands of requests that they need to consider (poor them) and cannot go back and forth on a single application. At this point, I realized the scam and decided to have some fun (by increasing his phone bill as much as I can). So I told him that I have my credit card ready (and got him to wait for me to get it). Then I spent another 20 minutes trying to get as much information as possible about him (I got his phone number that surely nobody answers) and I tried recording his voice on my mobile phone (didn't work since the call was already in progress).

Finally, I really got tired of this so I told him that I will try to do my best to get back to him within the 24 hours period that he agreed on (I thought they cannot go back and forth on applications).


In brief, this guy is a real genius. The approach that he uses during his phone call simply traps you. You must be very aggressive to succeed in escaping his offers and proposals.

I hope this article helps some people out there escape this type of scams.

The links below are for you to read more about other people who went through the same story:


          Apple security expert moves to ACLU as ‘public interest tech’ builds      Cache   Translate Page      

“A senior Apple Inc security expert left for a much lower-paying job at the American Civil Liberties Union this week, the latest sign of increasing activity on policy issues by Silicon Valley privacy specialists and other engineers,” Joseph Menn reports for Reuters. “Jon Callas, who led a team of hackers breaking into pre-release Apple products to test their security, started Monday in a two-year role as technology fellow at the ACLU. Prior to his latest stint at Apple, Callas designed an encryption system to protect data on Macs and co-founded communications companies Silent Circle, Blackphone and PGP Corp.”

“Past tech fellows at ACLU joined earlier in their careers, but the ACLU wants seasoned experts. ‘It’s critical for organizations like the ACLU to address the asymmetry of expertise between entities like the National Security Agency and Silicon Valley corporations and those of us who are trying to rein them in,’ [Ben Wizner, director of the ACLU’s Speech, Privacy and Technology Project] said,” Menn reports. “Callas’ move comes after a year of unprecedented activism by rank and file engineers at Alphabet Inc’s Google, Facebook Inc and other technology powerhouses under fire for enabling the spread of misinformation and government-led misdeeds.”

“Callas said phone makers had improved security and he wanted to see progress continue and widen without companies succumbing to pressure to install back doors,” Menn reports. “Famed cryptography author Bruce Schneier encouraged Callas to take the ACLU post. Schneier said he was seeing a broader sense of public obligation, with a hundred applicants for a recent opening at the nonprofit Electronic Frontier Foundation.”

Read more in the full article here .

MacDailyNews Take: We’re with anyone who opposes “back doors” (which become front doors the moments after they are installed).


          全同态加密的发展与应用      Cache   Translate Page      

全同态加密的发展与应用
1976 年,Diffie 和 Hellman[DH76] 开创了公钥密码学,在密码学发展中具有划时代的意义。 不久,Rivest 等人 [RSA78] 提出第一个公钥加密 方案:RSA加密方案。Rivest等人[RAD78]随 后就指出 RSA 加密系统具有乘法同态性质:给定两个密文 C1=m18modN 和 C2=m28modN,通过计 算,c1c2 modN=(m1m2)8 modN, 我们就可以在不掌握私钥信息的情况下“同态”计算出明文 m1m2 的有效密文。根据此发现,他们提出了 “ 全同态加密”(Fully Homomorphic Encryption, FHE)的概念(当时称为私密同态,Privacy Homomorphism)。 尽管上述 RSA 公钥加密方案是乘法同态 的,但是由于它是一个确定性的公钥加密方案, 因而不是语义安全的。第一个语义安全的公钥加密方案由 Goldwaser 和 Micali[GM82] 提 出, 并 且当明文空间为 {0,1} 时,它是加法同态的。另 外,ElGamal[ElG84] 语义安全加密方案是乘法同 态的。上述方案具有一个共同点:它们都只能 支持同态计算一种运算,或者加法,或者乘法, 因此被称为单同态加密。

近年来,云计算受到广泛关注,它拥有强大的计算能力,可以帮助人们执行复杂的计算。 但是,在保护用户数据私密性的前提下,如何利用云计算的强大计算能力是云计算从理论走向实用必须解决的关键问题。在此迫切需求下,全同态加密如约而至。从数学上说,同态就是 保持运算,即先运算再同态与先同态再运算所得到的结果是一样的。而全同态加密是一类特 殊的加密方案,它允许用户通过加密保护数据的私密性,同时允许服务器(比如“云”)对密文执行任意可计算的运算 ( 同时包含加法、乘法 ),得到的结果是对相应明文执行相应运算结果的某个有效密文。这个特性对保护信息的安全具有重要意义:利用全同态加密可对多个密文进行同态计算之后再解密,不必对每个密文 解密而花费高昂的计算代价;利用全同态加密可以实现无密钥方对密文的计算,既可以减少通信代价,又可以转移计算任务,由此可平衡各方的计算代价;利用全同态加密可以实现让解密方只能获知最后的结果,而无法获得每个密文的消息与同态计算方式,可以提高信息的安全性。正是由于全同态加密技术在计算复杂性、通信复杂性与安全性上的优势,越来越多的研究力量投入到其理论和应用的探索中。

鉴于全同态加密的强大功能,一经提出便成为密码界的公开问题,被誉为“密码学圣杯”, 由 Gentry 在 2009 年摘取。之后,全同态加密迅速吸引了一批资深专家、学者对之进行广泛、深 入的研究,并取得了一系列的成果。目前可以构造全同态加密的密码学假设主要有:理想格上的 理想陪集问题(Ideal Coset Problem, ICP)、整数 上的近似最大公因子问题(Approximate Greatest Common Devisior, AGCD)、带错学习问题(Learning with Errors, LWE)等等。

下面我们先从构造技术的发展来分类介绍全同态加密的研究进展,然后给出一个简单易懂的全同态加密实例,最后介绍全同态加密的典型应用。

全同态加密的发展现状 第一代全同态加密 2009 年,Gentry [Gen09] 取得突破性进展,构造出第一个全同态加密方案(Fully Homomorphic Encryption, FHE) 摘取了“ 密码学圣杯”。Gentry 设计了一个构造全同态加密方案的 “蓝图”:首先构造一个类同态加密( Somewhat Homomorphic Encryption, SHE)方案(这类方案能够同态计算一定深度的电路);然后压缩解密电路(需要稀疏子集和假设),使得它能够同态计算它本身的增强的解密电路,得到一个可以“自举”(Bootstrapping)的同态加密方案;最后有序执行自举操作(需要循环安全假设),得到一个可以同态计算任意电路的 方案,即全同态加密。同时,基于理想格上的 ICP 假设,并结合稀疏子集和与循环安全假设, 他也开创性地构造了一个具体的方案。 随后,van Dijk 等人 [vDGHV10] 提出了一个 整数上的全同态加密方案,这个设计完全模仿 了 Gentry 的蓝图。该方案的安全性基于 AGCD 假设和稀疏子集和假设。它的主要优点在于概 念简单,易于理解,其缺点在于公钥太大。

这些被称为第一代全同态加密方案。

第二代全同态加密

随着 Gentry 全同态加密方案的提出,人们开始尝试基于 (R)LWE 构造全同态加密方案,并 结合理想格的代数结构、快速运算等优良性质 来进行方案的优化和实现,最终取得了巨大的成功。

2011 年,Brakerski 和 Vaikuntanathan [BV11a, BV11b] 基于 LWE 与 RLWE 分别提出了全同态 加密方案,其核心技术是再线性化和模数转换。 这些新技术的出现使得我们无需 压缩解密电路, 从而也就不需要稀疏子集和假设,这样方案的 安全性完全基于 (R)LWE 的困难性。Brakerski 和 Vaikuntanathan [BV11b] 还提出了循环安全的类 同态加密方案。但是,他们的方案不能够利用 自举以达到全同态的目的,这是因为他们所得到的循环安全是相对于私钥作为环元素表示的, 而不是自举算法所需要的比特表示。构造循环安全的可自举的同态加密依然是一个公开问题。 Brakerski 等人 [BGV12] 指出:依次使用模数转换能够很好的控制噪音的增长。据此他们 设计了一个层次型的全同态加密方案:BGV。层次型全同态加密可以同态计算任意多项式深度的电路,从而在实际应用中无需启用计算量过大的自举。 研究人员对 BGV 方案做了大量的优化、实现 [GHS12a, GHS12b, GHS12c, AP13, HS14, HS15, HS18],对 BGV 方案的研究越来越深刻、完善, 效率也越来越高。其中,Halevi 和 Shoup [HS14] 先是针对 BGV 算法开发了 Helib 库,随后实现 了 BGV 自举算法 [HS15]:在打包的情形下(对 约 300 比特消息实施自举),一次自举算法大约耗费 5 分钟。分销来看,1 个比特的自举大约需要 1 秒。最近,Halevi 和 Shoup [HS18] 又改进 了该自举技术,最快可提升速度大约 75 倍,使得自举时间降到了大约 13ms。目前来看,(优 化后的)BGV 方案是最高效的全同态加密方案 之一。 2012 年,Brakerski [Bra12] 又提出了一个基 于 LWE 的无模数转换的全同态加密方案,该方案不需要模数转换管理噪音,也能够很好地控制噪音的增长。

以上方案与第一代方案相比,无需压缩解密电路,也就不需要稀疏子集和假设。这样一来, 方案的效率与安全性都得到极大的提升,但在同态计算时仍然需要计算密钥的辅助,故被称为第二代全同态加密方案。

第三代全同态加密

上述所有方案无论是层次型的还是纯的全同态加密,都需要“计算密钥”(私钥信息的加密, 可以看做公钥的一部分)的辅助才能达到全同态的目的。但是计算密钥的尺寸一般来说都很大,是制约全同态加密效率的一大瓶颈。

2013 年,Gentry 等 人 [GSW13] 利 用“ 近 似 特征向量”技术,设计了一个无需计算密钥的全同态加密方案:GSW,标志着第三代全同态加密方案的诞生。他们进而还设计了基于身份和基于属性的全同态加密方案,掀起了全同态加密研究的一个新高潮。此后,研究人员在高效的自举算法、多密钥全同态加密、CCA1 安全的全同态加密和电路私密的全同态加密等方面进行了大量的研究,得到了丰硕的成果。下面逐一介绍。 高效的自举算法 Brakerski 和 Vaikuntanathan [BV14] 在 GSW 的基础上,设计了第一个安全性与普通的基于 LWE 的公钥加密算法的安全性相当的全同态加 密算法,使得全同态加密的安全性进一步得到了保障。他们的主要技术就是利用 GSW 方案的噪音增长是非对称的性质,结合 Barrington 定理构造了一个能够很好控制噪音增长的自举算法。 Alperin-Sheriff 和 Peikert [AP14] 基于上述新 成果 [GSW13, BV14],提出了一个更简单的对称 的 GSW 方案,并用之设计了一个快速的自举算 法:直接同态计算解密函数。该自举方法直接、简单、高效,向实际应用迈出了坚实的一步。 Hiromasa 等人 [HAO15] 提出了一个打包形式的 GSW 方案(要假定循环安全假设成立),并结 合 [AP14] 巧妙地设计了一个打包形式的自举算 法,效率得到了一定的提高。 Ducas 和 Micciancio [DM15] 在 [AP14] 的基础上,利用一个变形的基于 RLWE 的 GSW 方案 来直接同态计算解密函数,大大提升了效率, 他们的测试表明:1 秒内就可以完成一次自举过 程。Chillotti 等 人 [CGGI16] 改进了 [DM15] 的方案,在自举时,他们巧妙地用矩阵与向量间的 运算来代替矩阵与矩阵间的运算,有效地降低了自举所花费的时间:0.1 秒内就可以完成一次自举过程。随后,Chillotti [CGGI17] 等人又改进这一自举过程至 13ms。从公开发表的文献来看, 这是目前最高效的自举方案之一。 此外,Gama 等 人 [GINX16] 也 在 [AP14] 的 基础上设计了一个更高效的自举算法:运行一 次自举算法累积的噪音的上界是线性的。这意 味着全同态加密的安全性与公钥加密的安全性 是一致的(除了额外的循环安全要求)。 多密钥全同态加密 Lopez-Alt 等人 [LTV12] 最先开始研究多密 钥全同态加密,他们基于 NTRU 构造了第一个 多密钥全同态加密,并利用它设计了一个多方安全计算协议。但是,他们的方案用到了一个非标准的假设,并且近年来也遭受到比较严重的攻击。所以设计安全的多密钥全同态加密引起了人们的注意,并研究出多个基于 LWE 的多 密钥全同态加密 [CM15, MW16, PS16, BP16]。其 中,[CM15, MW16] 的多密钥全同态加密方案的密文会随着不同的密钥数的增长而膨胀,而且同 态计算后的密文不能继续执行同态运算。Peikert 等人 [PS16] 利用全同态加密 [GSW13] 与全同态 签名 [GVW15],一定程度上解决了上述两个问题。 Brakerski 等人 [BP16] 提出了完全动态的多密钥全同态加密,基本解决了上述两个问题。但是,他们利用了笨重的自举技术,并不实用。 CCA1 安全的全同态加密 CCA 安全对于加密来说已经成为标准的安 全性要求。遗憾的是 CCA 安全与同态性质是矛 盾的,不可能同时实现。但是,可以通过控制 同态计算来达到 CCA 安全。赖俊祚等人 [LDM+16] 提出了第一个 CCA2 安全的密钥控制的全同态加 密方案。但是他们的方案利用了不可区分混淆器来验证密文的合法性。 众所周知,CCA1 安全与同态性质并无矛盾之处,它们可以共存。Canetti 等人 [CRRV17] 研 究了 CCA1 安全的全同态加密方案,给出了 3 个 构造:前两个都是由多身份全同态加密转化而来(我们也提出了这个转化方式,遗憾的是未 能及时发表),并构造了两个多身份全同态加密方案,第三个使用了 SNARKs,得到了一个紧 凑的方案。前两个构造的缺点是密文不紧凑, 第三个构造建立在非标准的假设上。 电路私密的全同态加密

在全同态加密领域,有时不但要保护好数 据的私密性,而且要保护好电路的私密性。电路的私密性是指同态计算出来的密文不泄露电路的任何信息,也就是说只有执行同态运算的人才知道电路,而其他人 ( 包括解密者 ) 都不能从同态计算出来的密文挖掘出电路的信息。

Gentry[Gen09a] 在提出全同态加密的时候就已经考虑了这个问题,他建议在输出同态计算 密文之前,给它增加一个大的噪音,完全掩盖该密文所隐含的同态计算所积累的噪音。这一方法的缺点也是明显的:这样的密文所含的噪音太大,故不能再对它执行同态运算了。 Ducas 等人 [DS16] 多次调用自举算法来控制同态计算后的噪音分布,使得同态计算后的密文 的噪音分布与新鲜密文的噪音分布是统计不可区分的。他们的方法可以运用到所有 ( 理想 ) 格全同态加密方案 [Gen09a, Gen09b, BGV12, Bra12, GSW13]。这个方法依赖于高效的自举算法,目前并不可行。 Bourse 等人 [BPMW16 ] 利用高斯噪音的特性,巧妙地部分解决了上述方案的缺点:在同态计算的每一步,只需要增加一个与当前噪音大小相当的高斯噪音,即可一定程度上保证电 路的私密性。这个技巧的优点是避免了复杂的自举,缺点是泄露了电路的深度。 Chongchitmate 等人 [CO17] 研究了存在恶意用户情形下的多密钥全同态加密,提出了一个一般的转换,可以把任意非电路私密的多密钥全同态加密转换为电路私密的多密钥全同态加密。

在短短的 10 年内,国际上在全同态加密技术方面已经取得了丰硕的成果,全同态加密也从第一代发展到了第三代,其效率与安全性都得到了极大地提升。

全同态加密实例:GSW 2013 年,Gentry 等 人 [GSW13] 利 用“ 近 似 特征向量”技术,设计了一个无需计算密钥的层次型全同态加密方案:GSW,标志着第三代全同态加密方案的诞生。在很多应用场景下, 层次型全同态加密的同态能力就足够了。由于 GSW 无需计算密钥参与同态计算,所以它是最简单最易理解的全同态加密。这里我们以 GSW 为例,说明全同态加密的设计思想。

全同态加密除了传统公钥加密拥有的密钥生成、加密、解密等算法外,还有一个同态计算算法。为了清晰地叙述 GSW,我们增加了参数设置算法 Setup,并把密钥生成算法分解为私钥生成算法和公钥生成算法。注意到任意电路可以分解为一系列的加法和乘法运算,因此我们还把同态计算算法分解为同态加法和同态乘法。

为了详细描述 GSW,我们需要两个工具: 一个是 Regev [Reg05] 提出的 LWE,用来保证 GSW 的安全性,另一个是 Micciancio 和 Peikert [MP12] 提出的矩阵 G,用来支持同态计算。

考虑有限域 Zq, 判定型 LWE 就是区分(B,sB+e)与(B,u),这里B←Zq(n-1)m,s←Zqn-1,e ← Dm, u ← Zqm。Regev 证明了 LWE 是困难的。 目前人们普遍认为 LWE 甚至是抵抗量子攻击的。

设 G 是一个具有下面性质的公开矩阵: 对任意的 u,容易抽取满足 G G-1(u) = u 的短向量 G-1(u)。

现在我们详细描述 GSW 方案:

Setup(1n,1L): 给定安全参数 n,最大同 态深度 L,选取公共参数 prms = (n,m,q,D), 令 K=" logq 」+1。

SKGen(prms): 随机选取 s ← Zqn-1, 令私钥 sk = t = (-s||1) ∈ Zqn 。

PKGen(sk): 随机选取矩阵 B ← Zq(n-1)×m, 抽 取高斯错误e←Dm, 计算b = sB+e, 令公钥pk = A = (B, b) ∈ Zqn×m。

Enc(μ,pk): 给定明文消息 μ ∈ {0,1}, 随机选取矩阵R←Z2m×nk, 计算密文C= AR+μG ∈ Zqn×nk。

Dec(sk, C): 令 w = (0,0,...,q/2)T, 先 计 算 tC- G-1(w) =μtw+e=μq/2 + e,再根据该数值的大小 判定出消息是 0 还是 1。

注意:只要密文满足形式 C = AR+μG(称 为解密形式)且 R 是一个小矩阵,就可以成功 解密。

Add: C1"


          Marriott Breach Encryption Exploited      Cache   Translate Page      

Marriott Breach Encryption Exploited

kdobieski

Tue, 12/04/2018 09:12

And now Marriott reveals that intruder tactics included encrypting information from the hacked database, a move that is often used to avoid detection when removing the stolen information from a company’s network. This type of blind spot is not as uncommon as we’d like to think. A recent Venafi study revealed that “Nearly a quarter (23%) of security professionals don’t know how much of their encrypted traffic is decrypted and inspected.”

According to Michael Thelander, Director of Product Marketing at Venafi, “Session logging might tell where SSH keys were used while the attackers were in the network, but there’s a real possibility that keys could have been exfiltrated in parallel with the data. If that’s the case, we may not know it happened until newly-decrypted payment card data begins to drive new fraud schemes.”

Even worse, the company cannot confirm that stolen keys are all accounted for. According to Krebs on Security , “customer payment card data was protected by encryption technology, but that the company couldn’t rule out the possibility the attackers had also made off with the encryption keys needed to decrypt the data.”

As Robyn Weisman states in her coverage of the GAO report on the Equifax breach, “what should have been a secure tunnel for the safe transmission of legitimate data became a secure tunnel for exfiltrating stolen private financial records.” In the case of Marriott, the information includes some combination of name, mailing address, phone number, email address, passport number.

Although Marriot “deeply regrets [what] happened”, the challenge remains to determine what went wrong when acquiring the besieged Starwood, and how baited keys and certificates may still be an issue.

To me, this only underscores why organizations need to have a complete an accurate accounting of all of their machine identities, such as TLS certificates and SSH keys. Continuous monitoring of all keys and certificates is the only way that organizations can detect when any of these machine identities is doing something that may indicate suspicious activity. Any key or certificate that is out of your control is one that is available for use by attackers.

As Thelander sums up, “Without constant visibility into the location of the keys and certificates that protect machine identities, there’s no way of knowing what systems are vulnerable, where pivots have occurred, and where new attacks will be pointed.”

Related Posts

Equifax and Beyond: How Can the Loss of 100 Million+ Records Go Undetected? Another Key Unlocks Crime in the Cloud: OneLogin Breach Traced Back to Attacker’s Theft of a Highly Sensitive Key 7 Data Breaches Caused by Human Error: Did Encryption Play a Role?
Marriott Breach   Encryption Exploited

Scott Carter

Every time I see a breach such as the recent one at Marriott, I look for details of how encryption was misused to hide or prolong the breach and the resulting exfiltration. (It’s an occupational hazard of working for the leader in machine identity protection). But even though I know that encryption plays a critical role in many of these breaches, details about how keys and certificates were misused in attacks are not often forthcoming.

Earlier this year, we did see an example of how a certificate gone wrong may have prolonged a breach. The U.S. Government Accountability Office (GAO) released a comprehensive report that revealed that an expired certificate on an SSL/TLS inspection system was not replaced for 10 months or so. This may have allowed attackers to exfiltrate data undetected for an extended period of time.


Marriott Breach   Encryption Exploited
Want to know what lead to the Equifax breach?

Read here to find out.


Marriott Breach   Encryption Exploited
Learn more about machine identity protection.

Explore now.

Recent Articles By Author

What Executives Need to Know about New NIST Guidelines for TLS Management Sennheiser Debacle: The Consequences of Poorly Secured Certificates OCSP Must-Staple; Revocation Solution More from kdobieski

*** This is a Security Bloggers Network syndicated blog from Rss blog authored bykdobieski. Read the original post at: https://www.venafi.com/blog/marriott-breach-encryption-exploited


          Quantum computers pose a security threat that we're still totally unprepared for - MIT Technology Review      Cache   Translate Page      

MIT Technology Review

Quantum computers pose a security threat that we're still totally unprepared for
MIT Technology Review
The report cites an example of encryption that protects the process of swapping identical digital keys between two parties, who use them to decrypt secure messages sent to one another. A powerful quantum computer could crack RSA-1024, a popular ...

and more »

          Australia : Government must listen to concerns on encryption legislation      Cache   Translate Page      
Source: MEAA
          PHP 7.2 upgrade      Cache   Translate Page      

The PHP developers deprecated mcrypt in version 7.1, and removed support in version 7.2. Applications should use other solutionions like openssl for encryption needs.

If you do decide to install the mcrypt PECL module for PHP 7.2, you’d need to do so using the following commands FOR CPANEL:

yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
yum install libmcrypt
yum install libmcrypt-devel
/opt/cpanel/ea-php72/root/usr/bin/pecl install channel://pecl.php.net/mcrypt-1.0.1


          Comment on Australia rushes its ‘dangerous’ anti-encryption bill into parliament, despite massive opposition by None Noone      Cache   Translate Page      
So bill passed and then tied up in the courts for years? Meanwhile the conservatives get ousted, liberals come in and shutter the law rendering it moot? So what's the point of this?
          Comment on Australia rushes its ‘dangerous’ anti-encryption bill into parliament, despite massive opposition by Tim Gallagher      Cache   Translate Page      
Its the law of Mathematics there are NO magic keys. Breaking asymmetric 256-bit is still impossible. Fifty supercomputers completing 1 x billion calculations per second would, in theory, require about 3×1051years to exhaust the 256-bit key space. Today's level of tech, it is still impossible to break or brute-force a 256-bit encryption algorithm. It would take literally billions of years to break this type of encryption. To consider any Govt a trusted 3rd party is misguided.
          Laravel Cashier Braintree Payment Gateway Tutorial With Example      Cache   Translate Page      
In this tutorial, we will see Laravel Cashier Braintree Payment Gateway Tutorial With Example We will build a Subscription based Platform in which the user can choose a plan, and according to that, he will be charged. We use Braintree for this demo, and we will discuss the stripe in the next tutorial. So, we will build a simple payment gateway in which a user can charge according to their selected plan. It is a straightforward system to work with, and for that, we need to create a developer account at Braintree. So, if you have not created yet, then please go to this link. Laravel Cashier Braintree Payment Gateway Integrate payment gateway in any web application used to be a very tough task. But nowadays, there are lots of SDKs available to work with that is why it is effortless to integrate any payment gateway to any web application. Now, you can find the Official Laravel Documentation to integrate Braintree here. Braintree Caveats For many operations, the Stripe and Braintree implementations of the Cashier function is the same. Both services provide the subscription billing with the credit cards, but Braintree also supports the payments via PayPal. We will not use Paypal for this example. However, Braintree also lacks some features that are supported by the Stripe. You should keep the following things in mind when deciding to use Stripe or Braintree: Braintree supports PayPal while Stripe does not. Braintree does not support the increment and decrement methods on subscriptions. This is a Braintree limitation, not a Cashier limitation. Braintree does not support percentage based discounts. This is a Braintree limitation, not a Cashier limitation. Let us start this small project by installing the Laravel Framework. I am using Laravel 5.7 for this example. Step 1: Install and configure Laravel Install Laravel using the following command. laravel new subscription Now, go inside the project folder and configure the database inside the .env file. DB_CONNECTION=mysql DB_HOST=127.0.0.1 DB_PORT=3306 DB_DATABASE=subscription DB_USERNAME=root DB_PASSWORD=root Also, install the npm dependencies using the following command. npm install Compile the CSS and JS files. npm run dev Also, create the standard authentication using the following command. php artisan make:auth Step 2: Install and configure Braintree package Next step is to install the Laravel Cashier package. So let us install that. composer require "laravel/cashier-braintree":"~2.0" Next step is to register the Laravel\Cashier\CashierServiceProvider  service provider in your config/app.php configuration file. ... Laravel\Cashier\CashierServiceProvider::class, ... Now, we need to create and modify the database migrations. First, edit the create_users_table.php file and add the following fields inside the schema. Schema::table('users', function ($table) { $table->string('braintree_id')->nullable(); $table->string('paypal_email')->nullable(); $table->string('card_brand')->nullable(); $table->string('card_last_four')->nullable(); $table->timestamp('trial_ends_at')->nullable(); }); So, our final create_users_table.php file looks like below. <?php use Illuminate\Support\Facades\Schema; use Illuminate\Database\Schema\Blueprint; use Illuminate\Database\Migrations\Migration; class CreateUsersTable extends Migration { /** * Run the migrations. * * @return void */ public function up() { Schema::create('users', function (Blueprint $table) { $table->increments('id'); $table->string('name'); $table->string('email')->unique(); $table->timestamp('email_verified_at')->nullable(); $table->string('password'); $table->string('braintree_id')->nullable(); $table->string('paypal_email')->nullable(); $table->string('card_brand')->nullable(); $table->string('card_last_four')->nullable(); $table->timestamp('trial_ends_at')->nullable(); $table->rememberToken(); $table->timestamps(); }); } /** * Reverse the migrations. * * @return void */ public function down() { Schema::dropIfExists('users'); } } Also, we need to create two more migrations file. To create the files, hit the following commands. php artisan make:migration create_plans_table php artisan make:migration create_subscriptions_table Now, write the following schemas inside it. <?php // create_subscriptions_table.php use Illuminate\Support\Facades\Schema; use Illuminate\Database\Schema\Blueprint; use Illuminate\Database\Migrations\Migration; class CreateSubsriptionsTable extends Migration { /** * Run the migrations. * * @return void */ public function up() { Schema::create('subsriptions', function (Blueprint $table) { $table->increments('id'); $table->integer('user_id'); $table->string('name'); $table->string('braintree_id'); $table->string('braintree_plan'); $table->integer('quantity'); $table->timestamp('trial_ends_at')->nullable(); $table->timestamp('ends_at')->nullable(); $table->timestamps(); }); } /** * Reverse the migrations. * * @return void */ public function down() { Schema::dropIfExists('subsriptions'); } } And the following is plans table schema. <?php // create_plans_table.php use Illuminate\Support\Facades\Schema; use Illuminate\Database\Schema\Blueprint; use Illuminate\Database\Migrations\Migration; class CreatePlansTable extends Migration { /** * Run the migrations. * * @return void */ public function up() { Schema::create('plans', function (Blueprint $table) { $table->increments('id'); $table->string('name'); $table->string('slug')->unique(); $table->string('braintree_plan'); $table->float('cost'); $table->text('description')->nullable(); $table->timestamps(); }); } /** * Reverse the migrations. * * @return void */ public function down() { Schema::dropIfExists('plans'); } } Now go to the terminal and create the tables using the following command. php artisan migrate It will create the tables.   Now, add the Billable Trait inside the User.php model. // User.php use Laravel\Cashier\Billable; class User extends Authenticatable { use Billable; } Step 3: Grab and add API keys for Braintree Now, if you have not created a developer account at Braintree, then please create one. After that, you will be redirected to the Dashboard and then go to the Account >> My User and click the View Authorizations link under the API Keys, Tokenization Keys, Encryption Keys section.   After clicking the View Authorizations link, you will be redirected to your Sandbox API Keys page.   Now, you need to click the View links inside the table, and now you can see your following keys and data. Your Public Key Your Private Key Your Environment Your Merchant Id You need to add these keys inside your .env file. BRAINTREE_ENV=sandbox BRAINTREE_MERCHANT_ID=your merchant id BRAINTREE_PUBLIC_KEY=your public key BRAINTREE_PRIVATE_KEY=your private key Next step is that you should configure the following options inside your services.php file. // services.php 'braintree' => [ 'model' => App\User::class, 'environment' => env('BRAINTREE_ENV'), 'merchant_id' => env('BRAINTREE_MERCHANT_ID'), 'public_key' => env('BRAINTREE_PUBLIC_KEY'), 'private_key' => env('BRAINTREE_PRIVATE_KEY'), ], Then you should add the following Braintree SDK calls to your AppServiceProvider’s boot method. // AppServiceProvider.php use Braintree_Configuration; public function boot() { Braintree_Configuration::environment(env('BRAINTREE_ENV')); Braintree_Configuration::merchantId(env('BRAINTREE_MERCHANT_ID')); Braintree_Configuration::publicKey(env('BRAINTREE_PUBLIC_KEY')); Braintree_Configuration::privateKey(env('BRAINTREE_PRIVATE_KEY')); } You can also set the currency. Dollar($) is by default. You can change the default currency by calling the Cashier::useCurrency method from within the boot method of one of your service providers. In our case we have used the AppServiceProvider. The useCurrency method accepts two string parameters: the currency and the currency’s symbol. // AppServiceProvider.php use Laravel\Cashier\Cashier; Cashier::useCurrency('eur', '€'); Step 4: Create plans on Braintree dashboard Now, for this example, we will create only two plans. You can create as per your requirement. You can find the plans inside your dashboard on the left sidebar. I have created two plans. Basic Professional   Also, you need to add the plans manually inside the plans table inside MySQL.   Make sure both plans have the same names as on MySQL and Braintree dashboard. Step 5: Display plans on Frontend First, define the routes for our application inside the routes >> web.php file. // web.php Route::group(['middleware' => 'auth'], function() { Route::get('/home', 'HomeController@index')->name('home'); Route::get('/plans', 'PlanController@index')->name('plans.index'); }); We have taken the auth middleware to protect the routes related to payment and home. Now, create the Plan.php model and PlanController.php file. php artisan make:model Plan php artisan make:controller PlanController Define the index method inside the PlanController. // PlanController.php use App\Plan; public function index() { $plans = Plan::all(); return view('plans.index', compact('plans')); } Now, inside the resources >> views folder, create one folder called plans and inside that folder, create one file called index.blade.php file. Write the following code. @extends('layouts.app') @section('content') <div class="container"> <div class="row justify-content-center"> <div class="col-md-12"> <div class="card"> <div class="card-header">Plans</div> <div class="card-body"> <ul class="list-group"> @foreach($plans as $plan) <li class="list-group-item clearfix"> <div class="pull-left"> <h5>{{ $plan->name }}</h5> <h5>${{ number_format($plan->cost, 2) }} monthly</h5> <h5>{{ $plan->description }}</h5> <a href="" class="btn btn-outline-dark pull-right">Choose</a> </div> </li> @endforeach </ul> </div> </div> </div> </div> </div> @endsection Save the file and navigate to the URL: http://subscription.test/plans. If you have not registered yet, then please register one user in our application. You will see something like this.   So, we have successfully displayed the plans from the database. Now, the next step is when a user chooses the plan, you will redirect to a page from where a user can be charged for that plan. Step 6: Show the plan So, when the user chooses the plan, we need to redirect the user to a particular plan page. Define one more route inside the routes >> web.php file. // web.php Route::group(['middleware' => 'auth'], function() { Route::get('/home', 'HomeController@index')->name('home'); Route::get('/plans', 'PlanController@index')->name('plans.index'); Route::get('/plan/{plan}', 'PlanController@show')->name('plans.show'); }); Now, by default, RouteModelBinding works with the ID of the model. But we will not pass the ID to show the particular plan instead we will pass the slug. So we need to define it inside the Plan.php model. Also, define the fillable fields as well. <?php // Plan.php namespace App; use Illuminate\Database\Eloquent\Model; class Plan extends Model { protected $fillable = [ 'name', 'slug', 'braintree_plan', 'cost', 'description' ]; public function getRouteKeyName() { return 'slug'; } } Here, we have defined the function called getRouteKeyName. So based on this function, now we can fetch the record based on the slug and not based on the ID. That is why we have taken the slug field as a unique field in the database. Now, define the show() function inside the PlanController.php file. // PlanController.php public function show(Plan $plan, Request $request) { return view('plans.show', compact('plan')); } Next step is to create a view file called show.blade.php inside the resources >> views >> plans folder. Add the following code inside the show.blade.php file. @extends('layouts.app') @section('content') <div class="container"> <div class="row justify-content-center"> <div class="col-md-12"> <div class="card"> <div class="card-header">{{ $plan->name }}</div> <div class="card-body"> </div> </div> </div> </div> </div> @endsection So, here, we will display the payment form. Step 7: Display the Payment Form For displaying the Payment Form, we will use the Drop-in UI. You can find the complete documentation here. We are using Version 2 of the Drop-in UI. There is version 3 but let us stick with version 2 for this example. Now, we are implementing the Client Side configuration. Configure the container and from where the Drop-in UI will add the payment method nonce. Make sure to replace CLIENT_AUTHORIZATION with your generated client token. Now, we need to include the External JS files in our project. For that, we need to modify the resources >> views >> layouts >> app.blade.php file. <!DOCTYPE html> <html lang="{{ str_replace('_', '-', app()->getLocale()) }}"> <head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1"> <!-- CSRF Token --> <meta name="csrf-token" content="{{ csrf_token() }}"> <title>{{ config('app.name', 'Laravel') }}</title> <!-- Fonts --> <link rel="dns-prefetch" href="//fonts.gstatic.com"> <link href="https://fonts.googleapis.com/css?family=Nunito#source%3Dgooglier%2Ecom#https%3A%2F%2Fgooglier%2Ecom%2Fpage%2F%2F10000" rel="stylesheet" type="text/css"> <!-- Styles --> <link href="{{ asset('css/app.css') }}#source%3Dgooglier%2Ecom#https%3A%2F%2Fgooglier%2Ecom%2Fpage%2F%2F10000" rel="stylesheet"> </head> <body> <div id="app"> <nav class="navbar navbar-expand-md navbar-light navbar-laravel"> <div class="container"> <a class="navbar-brand" href="{{ url('/') }}"> {{ config('app.name', 'Laravel') }} </a> <button class="navbar-toggler" type="button" data-toggle="collapse" data-target="#navbarSupportedContent" aria-controls="navbarSupportedContent" aria-expanded="false" aria-label="{{ __('Toggle navigation') }}"> <span class="navbar-toggler-icon"></span> </button> <div class="collapse navbar-collapse" id="navbarSupportedContent"> <!-- Left Side Of Navbar --> <ul class="navbar-nav mr-auto"> </ul> <!-- Right Side Of Navbar --> <ul class="navbar-nav ml-auto"> <!-- Authentication Links --> @guest <li class="nav-item"> <a class="nav-link" href="{{ route('login') }}">{{ __('Login') }}</a> </li> <li class="nav-item"> @if (Route::has('register')) <a class="nav-link" href="{{ route('register') }}">{{ __('Register') }}</a> @endif </li> @else <li class="nav-item"> <a class="nav-link" href="{{ route('plans.index') }}">{{ __('Plans') }}</a> </li> <li class="nav-item dropdown"> <a id="navbarDropdown" class="nav-link dropdown-toggle" href="#" role="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false" v-pre> {{ Auth::user()->name }} <span class="caret"></span> </a> <div class="dropdown-menu dropdown-menu-right" aria-labelledby="navbarDropdown"> <a class="dropdown-item" href="{{ route('logout') }}" onclick="event.preventDefault(); document.getElementById('logout-form').submit();"> {{ __('Logout') }} </a> <form id="logout-form" action="{{ route('logout') }}" method="POST" style="display: none;"> @csrf </form> </div> </li> @endguest </ul> </div> </div> </nav> <main class="py-4"> @yield('content') </main> </div> <!-- Scripts --> <script src="{{ asset('js/app.js') }}"></script> @yield('scripts'); </body> </html> Here, we have defined one navigation link called plans and also add one section for scripts. So, now we can add the Javascript per pagewise using @yield directive. Also, we need to fetch the Client Token for authorization. So we will fetch that token from Backend using AJAX request. So, define one route inside the web.php file. // web.php Route::group(['middleware' => 'auth'], function() { Route::get('/home', 'HomeController@index')->name('home'); Route::get('/plans', 'PlanController@index')->name('plans.index'); Route::get('/plan/{plan}', 'PlanController@show')->name('plans.show'); Route::get('/braintree/token', 'BraintreeTokenController@index')->name('token'); }); Create a new Controller called BraintreeTokenController using the following command. php artisan make:controller BraintreeTokenController Write the following code inside the BraintreeTokenController.php file. <?php // BraintreeTokenController.php namespace App\Http\Controllers; use Illuminate\Http\Request; use Braintree_ClientToken; class BraintreeTokenController extends Controller { public function index() { return response()->json([ 'data' => [ 'token' => Braintree_ClientToken::generate() ] ]); } } The index() function returns the ClientToken to the Clientside JS file, and now we can authorize our Laravel application with the Braintree developer account. So, write the final code inside the show.blade.php file. @extends('layouts.app') @section('content') <div class="container"> <div class="row justify-content-center"> <div class="col-md-12"> <div class="card"> <div class="card-header">{{ $plan->name }}</div> <div class="card-body"> <form method="post" action="{{ route('subscription.create') }}"> @csrf <div id="dropin-container"></div> <hr /> <input type="hidden" name="plan" value="{{ $plan->id }}" /> <button type="submit" class="btn btn-outline-dark d-none" id="payment-button">Pay</button> </form> </div> </div> </div> </div> </div> @endsection @section('scripts') <script src="https://js.braintreegateway.com/js/braintree-2.32.1.min.js"></script> <script> jQuery.ajax({ url: "{{ route('token') }}", }) .done(function(res) { braintree.setup(res.data.token, 'dropin', { container: 'dropin-container', onReady: function() { jQuery('#payment-button').removeClass('d-none') } }); }); </script> @endsection So, when the document is loaded, we will send an Ajax request to the Laravel server and get the Client Auth token. From that token, included js will generate the Payment Form. We defined the form like this. <form method="post" action=""> @csrf <div id="dropin-container"></div> <hr /> <input type="hidden" name="plan" value="{{ $plan->id }}" /> <button type="submit" class="btn btn-outline-dark d-none" id="payment-button">Pay</button> </form> Also, write the Javascript like this. @section('scripts') <script src="https://js.braintreegateway.com/js/braintree-2.32.1.min.js"></script> <script> jQuery.ajax({ url: "{{ route('token') }}", }) .done(function(res) { braintree.setup(res.data.token, 'dropin', { container: 'dropin-container', onReady: function() { jQuery('#payment-button').removeClass('d-none') } }); }); </script> @endsection So, when the request succeeds, it will return the token, and we use that token to create a Payment Form. The form looks like this.   So, here we need to enter the two details. You can enter the details like below inputs. Card Number: 4242 4242 4242 4242 Expiration Date: 10/21 or whatever you like These are dummy details, but these details generally used in sandbox account to check the application. Right now nothing will happen because we need to define the form action to store the data inside the database tables. So let us define the post route. Step 8: Save the plan details Define the final route inside the web.php file. <?php // web.php Route::get('/', function () { return view('welcome'); }); Auth::routes(); Route::group(['middleware' => 'auth'], function() { Route::get('/home', 'HomeController@index')->name('home'); Route::get('/plans', 'PlanController@index')->name('plans.index'); Route::get('/plan/{plan}', 'PlanController@show')->name('plans.show'); Route::get('/braintree/token', 'BraintreeTokenController@index')->name('token'); Route::post('/subscription', 'SubscriptionController@create')->name('subscription.create'); }); We have defined the post route for the subscription details. Now, create SubscriptionController using the following command. php artisan make:controller SubscriptionController Inside that controller, we need to define one function called create(). <?php // SubscriptionController.php namespace App\Http\Controllers; use Illuminate\Http\Request; use App\Plan; class SubscriptionController extends Controller { public function create(Request $request, Plan $plan) { $plan = Plan::findOrFail($request->get('plan')); $request->user() ->newSubscription('main', $plan->braintree_plan) ->create($request->payment_method_nonce); return redirect()->route('home')->with('success', 'Your plan subscribed successfully'); } } First, we have to fetch the plan according to the id. Then we need to pass that plan to the subscribedToPlan() function. So, here we have used the Billable trait’s subscribedToPlan() method and pass the first parameter plan and the second parameter main. We are creating a new Subscription, and if the payment made successfully then, it would redirect to the HomePage with a  success message. Write the following code inside the home.blade.php file. @extends('layouts.app') @section('content') <div class="container"> <div class="row justify-content-center"> <div class="col-md-8"> @if(session()->get('success')) <div class="alert alert-success"> {{ session()->get('success') }} </div> @endif <div class="card"> <div class="card-header">Dashboard</div> <div class="card-body"> @if (session('status')) <div class="alert alert-success" role="alert"> {{ session('status') }} </div> @endif You are logged in! </div> </div> </div> </div> </div> @endsection So, if your all of the configurations are right, then you should go to any of the plans and try to subscribe to the plan. If you are redirecting to the homepage, then you are almost done.   You can see that one database entry inside the subscriptions table is there.   That means, we have successfully subscribed the Professional plan. Also, there is updation on the user’s table. We have already added some more fields. You can see inside your Dashboard that Sales and Transaction volume is there. So, our Laravel Cashier Braintree Payment Gateway Tutorial With Example is almost complete. Step 9: Security Tweaks Now, we need to keep in mind one thing that if the user is already subscribed to one plan, then we need the user to prevent to choose that plan. So, we need to add one condition on the choose button. So, add the condition inside the index.blade.php file. @if(!auth()->user()->subscribedToPlan($plan->braintree_plan, 'main')) <a href="{{ route('plans.show', $plan->slug) }}" class="btn btn-outline-dark pull-right">Choose</a> @endif Also, we need to add the condition inside the PlanController.php file’s show() function. // PlanController.php public function show(Plan $plan, Request $request) { if($request->user()->subscribedToPlan($plan->braintree_plan, 'main')) { return redirect()->route('home')->with('success', 'You have already subscribed the plan'); } return view('plans.show', compact('plan')); } Also, we need to do the same thing inside the SubscriptionController’s create() method. // SubscriptionController.php public function create(Request $request, Plan $plan) { if($request->user()->subscribedToPlan($plan->braintree_plan, 'main')) { return redirect()->route('home'); } $plan = Plan::findOrFail($request->get('plan')); $request->user() ->newSubscription('main', $plan->braintree_plan) ->create($request->payment_method_nonce); return redirect()->route('home')->with('success', 'Your plan subscribed successfully'); } Save the file, and now you are good to go. I am putting this Laravel Cashier Braintree Payment Gateway Tutorial’s whole code on Github. Finally, Laravel Cashier Braintree Payment Gateway Tutorial With Example article is over. There are still so many things that we can do with the project. But for basic understanding, this is enough. Thanks. Github Code   The post Laravel Cashier Braintree Payment Gateway Tutorial With Example appeared first on AppDividend.
          Cyber Smart: Five Habits to Protect Your Family, Money, and Identity from Cyber Criminals      Cache   Translate Page      

Pick your books posted a photo:

Cyber Smart: Five Habits to Protect Your Family, Money, and Identity from Cyber Criminals



Cyber Smart: Five Habits to Protect Your Family, Money, and Identity from Cyber Criminals
Bart R. McDonough (Author)
Release Date: January 7, 2019
Buy new: $19.95 $16.95

(Visit the Hot New Releases in Security & Encryption list for authoritative information on this product’s current rank.)

Buy now: Cyber Smart: Five Habits to Protect Your Family, Money, and Identity from Cyber Criminals

www1.pickyourbook.net/2018/12/05/2-cyber-smart-five-habit...


          رفع خطای CredSSP Encryption Oracle در ریموت      Cache   Translate Page      

رفع خطای CredSSP Encryption Oracle در ریموت در این بخش از سری مطالب آموزشی فاوا افزار با آموزش رفع خطای CredSSP Encryption Oracle در ریموت در خدمت شما دوستان گرامی خواهیم بود. ویندوز 10 پس از آپدیت به نسخه جدید 1803 ، بخشی را در Group Policy تعریف کرده است که اگر به سروری در […]

نوشته رفع خطای CredSSP Encryption Oracle در ریموت اولین بار در سرور HP | فروش سرور HP | خرید سرور HP پدیدار شد.


          Coalition faces losing Nauru bill battle on last sitting day of year – politics live      Cache   Translate Page      

A crossbench-Labor deal may see the government defeated on Kerryn Phelps’ medical evacuation legislation. All the day’s events, live

Again, a government losing a vote on the floor happens – when it comes to procedure.

Legislative losses are very, very rare.

The last time a govt lost a vote on legislation on the floor of the HoR was in 1929 when the Maritime Industries Bill was amended by 35 votes to 34. PM Stanley Brice called an election the next day - and lost. #auspol

It must not be thought … that a single defeat necessarily demands either resignation or dissolution. Such a result follows only where the defeat implies loss of confidence … [259]

What a Government will treat as a matter of sufficient importance to demand resignation or dissolution is, primarily, a question for the Government. The Opposition can always test the opinion of the House by a vote of no confidence. No Government [in the United Kingdom] since 1832 has failed to regard such a motion, if carried, as decisive. A House whose opinion was rejected has always at hand the ultimate remedy of the refusal of supply.[260]

Some more of your snapshots:

Greg: The major turn around and thus lowlight of the year was the brain snap of the Liberal Party in August. They shot themselves in the foot and have continued to do so while their feet are in their mouths since...fancy thinking the public would wear Peter Dutton when their best marketing politician Malcolm Turnbull was actually making headway.

Continue reading...
           ePrint Report: Lossy Trapdoor Permutations with Improved Lossiness       Cache   Translate Page      

ePrint Report: Lossy Trapdoor Permutations with Improved Lossiness
Benedikt Auerbach, Eike Kiltz, Bertram Poettering, Stefan Schoenen

Lossy trapdoor functions (Peikert and Waters, STOC 2008 and SIAM J. Computing 2011) imply, via black-box transformations, a number of interesting cryptographic primitives, including chosen-ciphertext secure public-key encryption. Kiltz, O'Neill, and Smith (CRYPTO 2010) showed that the RSA trapdoor permutation is lossy under the Phi-hiding assumption, but syntactically it is not a lossy trapdoor function since it acts on Z_N and not on strings. Using a domain extension technique by Freeman et al. (PKC 2010 and J. Cryptology 2013) it can be extended to a lossy trapdoor permutation, but with considerably reduced lossiness.

In this work we give new constructions of lossy trapdoor permutations from the Phi-hiding assumption, the quadratic residuosity assumption, and the decisional composite residuosity assumption, all with improved lossiness. Furthermore, we propose the first all-but-one lossy trapdoor permutation from the Phi-hiding assumption. A technical vehicle used for achieving this is a novel transform that converts trapdoor functions with index-dependent domain into trapdoor functions with fixed domain.
           ePrint Report: Code-based Cryptosystem from Quasi-Cyclic Elliptic Codes       Cache   Translate Page      

ePrint Report: Code-based Cryptosystem from Quasi-Cyclic Elliptic Codes
Fangguo Zhang, Zhuoran Zhang

With the fast development of quantum computation, code based cryptography arises public concern as a candidate of post quantum cryptography. However, the large key-size becomes a main drawback such that the code-based schemes seldom become practical although they performed pretty well on the speed of both encryption and decryption algorithm. Algebraic geometry codes was considered to be a good solution to reduce the size of keys, but because of its special construction, there have lots of attacks against them. In this paper, we propose a public key encryption scheme based on elliptic codes which can resist the known attacks. By using automorphism on the rational points of the elliptic curve, we construct quasi-cyclic elliptic codes, which reduce the key size further. We apply the list-decoding algorithm to decryption thus more errors beyond half of the minimum distance of the code could be correct, which is the key point to resist the known attacks for AG codes based cryptosystem.
           Job Posting: Senior Cryptography Engineer - Cloud       Cache   Translate Page      

Job Posting: Senior Cryptography Engineer - Cloud
DarkMatter Abu Dhabi

At DarkMatter, we are building an organization of specialists to provide the ultimate integrated cyber security protection available. Whatever the scope, scale or sensitivity of our clients’ work, we\'ll assess their risks, resolve their vulnerabilities and always keep them ahead of the threat, offering them the best possible products and solutions.

As a Senior Cryptography Engineer - Cloud Engineer, you will:

-Design, implement and deploy cryptographic algorithms tailored for a cloud environment.

-Conduct research and development in differential privacy, secret sharing, multi-party secure computation and fully homomorphic encryption.

-Perform security assessments of crypto-primitives, cryptosystems and cloud security solutions at the theoretical and implementation level.

-Work closely with the other teams in the organization to design and deploy safe cloud-based solutions .

-Be involved in the integration of developed cryptosystems within DarkMatter products.

To bring your dream to life, you’ll need:

-PhD degree in Cryptography, Applied Cryptography, Information Theory and Mathematics or Computer Science.

-Extensive experience developing in various programming languages.

-A desire to innovate in the UAE

Closing date for applications:

Contact: Mehdi Messaoudi

Talent Sourcing Specialist

mehdi.messaoudi (at) darkmatter.ae

More information: https://careers.darkmatter.ae/jobs/senior-cryptography-engineer-cloud-engineer-abu-dhabi-united-arab-emirates


           Job Posting: Ph.D. (industry funding) in security and blockchain       Cache   Translate Page      

Job Posting: Ph.D. (industry funding) in security and blockchain
Department of Computer Science, University of Surrey, Guildford, UK

Three industrial funded PhD studentships (3-3.5 years) are available at Department of Computer Science, Surrey Centre for Cyber Security, University of Surrey. These studentships are related to industrial blockchain projects. The ideal PhD candidates (holding MSc. degree of Math, Computer Science, Engineering) should be equipped with (at least be interested in) adequate knowledge of programming (e.g., Python, C++, Java), basic knowledge of applied cryptography(e.g., signature, encryption, zero-knowledge proof)/machine learning/formal method, have good communication skill, teamwork awareness, and be willing to work with industries.

The start date of these PhDs will be in January or April 2019.

About SCCS: SCCS was established by the University of Surrey to consolidate and organise its cyber security activities across the University. SCCS is one of the 17 Academic Centres of Excellence in Cyber Security Research (ACEs-CSR) recognised by the UK National Cyber Security Centre (NCSC) in partnership with the Engineering and Physical Sciences Research Council (EPSRC).

Closing date for applications: 31 March 2019

Contact: Dr. Kaitai Liang

k.liang (at) surrey.ac.uk


           Job Posting: Doctoral student, Network security in 5G and beyond 5G systems       Cache   Translate Page      

Job Posting: Doctoral student, Network security in 5G and beyond 5G systems
University of Oulu, Finland

Applications are invited for a one-year, full-time doctoral student position starting at the earliest on 01.02.2019 in an Academy of Finland project at the CWC-NS research unit. A trial period of 6 months is applied in the position.

The student selected for the task will be working on the design of secure and/or privacy-preserving protocols and architectures for 5G and beyond 5G networks. The main application area will be network Software Defined Networking (SDN), Network Function Virtualization (NFV) and Network Slicing based 5G and Industrial IoT networks where applications are typically latency-sensitive and produce high amounts of data requiring fast processing and refining. During the studies, the student should be applying (a combination of) various advanced cryptographic technologies, such as light weight authentication mechanisms, encryption algorithms, machine learning and novel technologies such as blockchain, secure transaction methods and smart contracts to design secure communication solutions that achieve a good balance between security, user privacy and usability. The work will include real-world prototyping with relevant technologies. Good knowledge in applied mathematics and experience in software implementations highly required.

The position is supervised by Adj. Prof. Madhusanka Liyanage (technical supervision) and. Assoc. Prof. Mika Ylianttila (responsible supervisor).

Closing date for applications: 31 December 2018

Contact: Contact: Adj. Prof. Madhusanka Liyanage, madhusanka.liyanage(at)oulu.fi;

More information: https://rekry.saima.fi/certiahome/open_job_view.html?did=5600&jc=1&id=00006567&lang=en


          Say goodbye to Allo      Cache   Translate Page      
Google Allo will soon see the end of its short life, according to 9 to 5 Google who has received a tip from a source familiar with the matter. Allo was designed as the next big thing in Android messaging apps, though it never lived up to its potential. As the original article notes, there has been no activity from Google to update the platform or address a myriad of user problems, and the developer lead has left Google and moved on to Facebook. Allo is the latest in a series of cross-platform messaging apps from Google to compete with the likes of Whats App and Facebook Messenger and offered consumer-facing features like stickers and encryption. Despite its promise, the app never gained traction and seeing it shuttered would be unsurprising. Thankfully, we've found out that Verizon has decided to embrace the RCS universal profile standard and will be seeing a test-run of RCS messaging on Pixel 3 devices starting December 6. RCS provides many of the same features and benefits of a ...
          Government Wants a Safe Way to Access Our Encrypted Data — Is That Possible?       Cache   Translate Page      

Birthdays, addresses, credit cards, social security — so much of our personal information is on the internet and stored on electronic devices. Although it seems a little daunting, having personal information in digital form isn’t necessarily a bad thing. It makes everyday life more efficient and convenient – not to mention advancements in data encryption and security protocols have increased privacy protections. Data protection is so robust that federal officials have pressured tech companies to create so-called backdoors to grant only law enforcement the ability to work around encrypted devices. But doing so would pose significant risk to tens of millions of Americans who rely on cybersecurity.  Technology experts have continued to warn that it’s impossible for backdoors to guarantee access to just good actors. Bad actors will eventually expose any crack in one’s armor. Nonetheless, Deputy Attorney General Rod Rosenstein called for backdoors once again during a cybercrime symposium last week. “We encourage technology companies to develop ‘responsible encryption’ — effective, secure encryption that resists criminal intrusion but allows lawful access with judicial authorization,” he said. But what Rosenstein is suggesting is just not technologically possible. The government has already tried. Examples of failed governmental “backdoors”: Clipper Chip— A computer chip backdoor that the Clinton administration endorsed in 1996. Not only did it pose a threat to personal privacy, but a researcher found a flaw in the […]

The post Government Wants a Safe Way to Access Our Encrypted Data — Is That Possible?  appeared first on Americans for Prosperity.


          What is SSL, TLS? And why it’s time to upgrade to TLS 1.3      Cache   Translate Page      

Since the early days of the web, the SSL protocol and its descendent, TLS, have provided the encryption and security that make modern internet commerce possible. The decades-long history of these protocols has been marked by continuous updates that aim to keep pace with increasingly sophisticated attackers. The next major version of the protocol, TLS 1.3, will soon be finalized — and most anyone who runs a website will want to upgrade, because cybercriminals are catching up.

What is SSL?

Secure Sockets Layer, or SSL, was the original name of the protocol when it was developed in the mid-1990s by Netscape, the company that made the most popular Web browser at the time. SSL 1.0 was never released to the public, and SSL 2.0 had serious flaws. SSL 3.0, released in 1996, was completely revamped, and set the stage for what followed.

To read this article in full, please click here


          UK Parliament Releases Facebook Document on the Handling of User Data, Australia Set to Give Law Enforcement Power to Access Encrypted Messages, Microsoft Open-Sourced Windows UI/UX Frameworks, Iridium Browser New Release and CrossOver 18.1 Now Available      Cache   Translate Page      

News briefs for December 5, 2018.

The UK Parliament released a 250-page previously sealed Facebook document that reveals how the company handled crucial decisions regarding user data. The Verge reports that "In emails released as part of the cache, Facebook executives are shown dealing with other major tech companies on 'whitelisting' for its platform" and that according to British lawmaker Damian Collins "the agreements allowed the companies access to user data after new restrictions were put in place to end most companies' access. Companies offered access included Netflix and Airbnb, according to the emails." You can see the 250-page document here.

Australia plans to give law enforcement and intelligence agencies the ability to access encrypted messages on platforms like WhatsApp, putting public safety concerns ahead of personal privacy. Bloomberg reports that "Amid protests from companies such as Facebook Inc. and Google, the government and main opposition struck a deal on Tuesday that should see the legislation passed by parliament this week. Under the proposed powers, technology companies could be forced to help decrypt communications on popular messaging apps, or even build new functionality to help police access data."

Microsoft yesterday open-sourced Windows Forms, the WinUI (Windows UI Library) and WPF (Windows Presentation Foundation). According to Phoronix, the full source code is available on GitHub and the UI/UX frameworks are now open source under the MIT license. For more information, see this Windows blog post.

Iridium Browser recently released build 2018.11.71 for Debian-based systems. The new version is based on Chromium 71.0.3578.30, and it's available for Fedora and openSUSE as well. Iridium Browser is "Iridium Browser is based on the Chromium code base. All modifications enhance the privacy of the user and make sure that the latest and best secure technologies are used. Automatic transmission of partial queries, keywords and metrics to central services is prevented and only occurs with the approval of the user. In addition, all our builds are reproducible and modifications are auditable, setting the project ahead of other secure browser providers." You can download it from here.

CodeWeavers announced the release of CrossOver 18.1 yesterday for both Linux and macOS. According to the announcement, "CrossOver 18.1 restores controller support for Steam on both macOS and Linux. macOS customers with active support entitlements will be upgraded to CrossOver 18.1 the next time they launch CrossOver. Linux users can download the latest version from here.


          Comment on On Switching From an iPad Pro and a MacBook to a Pixelbook by Sören Nils Kuklau      Cache   Translate Page      
<blockquote> With regard to WhatsApp, to day WhatsApp uses point-to-point encryption </blockquote> It’s not the message contents; those are indeed fairly secure. It’s the contacts. You’re donating a social graph to Facebook without your peers opting in or necessarily even knowing about it. (For example, if your phone address book contains your dentist and plumber, you’ve just given those to Facebook.) I don’t disagree that GSuite is a good option. Fraser does make good points. I merely propose that an elephant in the room is being ignored.


Next Page: 10000

Site Map 2018_01_14
Site Map 2018_01_15
Site Map 2018_01_16
Site Map 2018_01_17
Site Map 2018_01_18
Site Map 2018_01_19
Site Map 2018_01_20
Site Map 2018_01_21
Site Map 2018_01_22
Site Map 2018_01_23
Site Map 2018_01_24
Site Map 2018_01_25
Site Map 2018_01_26
Site Map 2018_01_27
Site Map 2018_01_28
Site Map 2018_01_29
Site Map 2018_01_30
Site Map 2018_01_31
Site Map 2018_02_01
Site Map 2018_02_02
Site Map 2018_02_03
Site Map 2018_02_04
Site Map 2018_02_05
Site Map 2018_02_06
Site Map 2018_02_07
Site Map 2018_02_08
Site Map 2018_02_09
Site Map 2018_02_10
Site Map 2018_02_11
Site Map 2018_02_12
Site Map 2018_02_13
Site Map 2018_02_14
Site Map 2018_02_15
Site Map 2018_02_15
Site Map 2018_02_16
Site Map 2018_02_17
Site Map 2018_02_18
Site Map 2018_02_19
Site Map 2018_02_20
Site Map 2018_02_21
Site Map 2018_02_22
Site Map 2018_02_23
Site Map 2018_02_24
Site Map 2018_02_25
Site Map 2018_02_26
Site Map 2018_02_27
Site Map 2018_02_28
Site Map 2018_03_01
Site Map 2018_03_02
Site Map 2018_03_03
Site Map 2018_03_04
Site Map 2018_03_05
Site Map 2018_03_06
Site Map 2018_03_07
Site Map 2018_03_08
Site Map 2018_03_09
Site Map 2018_03_10
Site Map 2018_03_11
Site Map 2018_03_12
Site Map 2018_03_13
Site Map 2018_03_14
Site Map 2018_03_15
Site Map 2018_03_16
Site Map 2018_03_17
Site Map 2018_03_18
Site Map 2018_03_19
Site Map 2018_03_20
Site Map 2018_03_21
Site Map 2018_03_22
Site Map 2018_03_23
Site Map 2018_03_24
Site Map 2018_03_25
Site Map 2018_03_26
Site Map 2018_03_27
Site Map 2018_03_28
Site Map 2018_03_29
Site Map 2018_03_30
Site Map 2018_03_31
Site Map 2018_04_01
Site Map 2018_04_02
Site Map 2018_04_03
Site Map 2018_04_04
Site Map 2018_04_05
Site Map 2018_04_06
Site Map 2018_04_07
Site Map 2018_04_08
Site Map 2018_04_09
Site Map 2018_04_10
Site Map 2018_04_11
Site Map 2018_04_12
Site Map 2018_04_13
Site Map 2018_04_14
Site Map 2018_04_15
Site Map 2018_04_16
Site Map 2018_04_17
Site Map 2018_04_18
Site Map 2018_04_19
Site Map 2018_04_20
Site Map 2018_04_21
Site Map 2018_04_22
Site Map 2018_04_23
Site Map 2018_04_24
Site Map 2018_04_25
Site Map 2018_04_26
Site Map 2018_04_27
Site Map 2018_04_28
Site Map 2018_04_29
Site Map 2018_04_30
Site Map 2018_05_01
Site Map 2018_05_02
Site Map 2018_05_03
Site Map 2018_05_04
Site Map 2018_05_05
Site Map 2018_05_06
Site Map 2018_05_07
Site Map 2018_05_08
Site Map 2018_05_09
Site Map 2018_05_15
Site Map 2018_05_16
Site Map 2018_05_17
Site Map 2018_05_18
Site Map 2018_05_19
Site Map 2018_05_20
Site Map 2018_05_21
Site Map 2018_05_22
Site Map 2018_05_23
Site Map 2018_05_24
Site Map 2018_05_25
Site Map 2018_05_26
Site Map 2018_05_27
Site Map 2018_05_28
Site Map 2018_05_29
Site Map 2018_05_30
Site Map 2018_05_31
Site Map 2018_06_01
Site Map 2018_06_02
Site Map 2018_06_03
Site Map 2018_06_04
Site Map 2018_06_05
Site Map 2018_06_06
Site Map 2018_06_07
Site Map 2018_06_08
Site Map 2018_06_09
Site Map 2018_06_10
Site Map 2018_06_11
Site Map 2018_06_12
Site Map 2018_06_13
Site Map 2018_06_14
Site Map 2018_06_15
Site Map 2018_06_16
Site Map 2018_06_17
Site Map 2018_06_18
Site Map 2018_06_19
Site Map 2018_06_20
Site Map 2018_06_21
Site Map 2018_06_22
Site Map 2018_06_23
Site Map 2018_06_24
Site Map 2018_06_25
Site Map 2018_06_26
Site Map 2018_06_27
Site Map 2018_06_28
Site Map 2018_06_29
Site Map 2018_06_30
Site Map 2018_07_01
Site Map 2018_07_02
Site Map 2018_07_03
Site Map 2018_07_04
Site Map 2018_07_05
Site Map 2018_07_06
Site Map 2018_07_07
Site Map 2018_07_08
Site Map 2018_07_09
Site Map 2018_07_10
Site Map 2018_07_11
Site Map 2018_07_12
Site Map 2018_07_13
Site Map 2018_07_14
Site Map 2018_07_15
Site Map 2018_07_16
Site Map 2018_07_17
Site Map 2018_07_18
Site Map 2018_07_19
Site Map 2018_07_20
Site Map 2018_07_21
Site Map 2018_07_22
Site Map 2018_07_23
Site Map 2018_07_24
Site Map 2018_07_25
Site Map 2018_07_26
Site Map 2018_07_27
Site Map 2018_07_28
Site Map 2018_07_29
Site Map 2018_07_30
Site Map 2018_07_31
Site Map 2018_08_01
Site Map 2018_08_02
Site Map 2018_08_03
Site Map 2018_08_04
Site Map 2018_08_05
Site Map 2018_08_06
Site Map 2018_08_07
Site Map 2018_08_08
Site Map 2018_08_09
Site Map 2018_08_10
Site Map 2018_08_11
Site Map 2018_08_12
Site Map 2018_08_13
Site Map 2018_08_15
Site Map 2018_08_16
Site Map 2018_08_17
Site Map 2018_08_18
Site Map 2018_08_19
Site Map 2018_08_20
Site Map 2018_08_21
Site Map 2018_08_22
Site Map 2018_08_23
Site Map 2018_08_24
Site Map 2018_08_25
Site Map 2018_08_26
Site Map 2018_08_27
Site Map 2018_08_28
Site Map 2018_08_29
Site Map 2018_08_30
Site Map 2018_08_31
Site Map 2018_09_01
Site Map 2018_09_02
Site Map 2018_09_03
Site Map 2018_09_04
Site Map 2018_09_05
Site Map 2018_09_06
Site Map 2018_09_07
Site Map 2018_09_08
Site Map 2018_09_09
Site Map 2018_09_10
Site Map 2018_09_11
Site Map 2018_09_12
Site Map 2018_09_13
Site Map 2018_09_14
Site Map 2018_09_15
Site Map 2018_09_16
Site Map 2018_09_17
Site Map 2018_09_18
Site Map 2018_09_19
Site Map 2018_09_20
Site Map 2018_09_21
Site Map 2018_09_23
Site Map 2018_09_24
Site Map 2018_09_25
Site Map 2018_09_26
Site Map 2018_09_27
Site Map 2018_09_28
Site Map 2018_09_29
Site Map 2018_09_30
Site Map 2018_10_01
Site Map 2018_10_02
Site Map 2018_10_03
Site Map 2018_10_04
Site Map 2018_10_05
Site Map 2018_10_06
Site Map 2018_10_07
Site Map 2018_10_08
Site Map 2018_10_09
Site Map 2018_10_10
Site Map 2018_10_11
Site Map 2018_10_12
Site Map 2018_10_13
Site Map 2018_10_14
Site Map 2018_10_15
Site Map 2018_10_16
Site Map 2018_10_17
Site Map 2018_10_18
Site Map 2018_10_19
Site Map 2018_10_20
Site Map 2018_10_21
Site Map 2018_10_22
Site Map 2018_10_23
Site Map 2018_10_24
Site Map 2018_10_25
Site Map 2018_10_26
Site Map 2018_10_27
Site Map 2018_10_28
Site Map 2018_10_29
Site Map 2018_10_30
Site Map 2018_10_31
Site Map 2018_11_01
Site Map 2018_11_02
Site Map 2018_11_03
Site Map 2018_11_04
Site Map 2018_11_05
Site Map 2018_11_06
Site Map 2018_11_07
Site Map 2018_11_08
Site Map 2018_11_09
Site Map 2018_11_10
Site Map 2018_11_11
Site Map 2018_11_12
Site Map 2018_11_13
Site Map 2018_11_14
Site Map 2018_11_15
Site Map 2018_11_16
Site Map 2018_11_17
Site Map 2018_11_18
Site Map 2018_11_19
Site Map 2018_11_20
Site Map 2018_11_21
Site Map 2018_11_22
Site Map 2018_11_23
Site Map 2018_11_24
Site Map 2018_11_25
Site Map 2018_11_26
Site Map 2018_11_27
Site Map 2018_11_28
Site Map 2018_11_29
Site Map 2018_11_30
Site Map 2018_12_01
Site Map 2018_12_02
Site Map 2018_12_03
Site Map 2018_12_04
Site Map 2018_12_05