I thought the same thing. I love avacodos, but I've given up purchasing them because I'm so bad at finding the millisecond they are ready to eat before they turn to mush.
I've started buying them when they're very hard (Costco sells them by the bag) and then waiting for them to ripen at home. This keeps them from getting bruised by other shoppers. So far, I've had good luck with them being ripe and good for about 3 days.
Yes, this is absolutely the secret to awesome avocados. Buy the unripe ones--the ones shoppers aren't squeezing to death--and let them ripen over a few days. Then, a few days before you run out, go grab the next batch.
I visited an orchard a couple of years ago. The owner stored his pears at 0 degrees celsius and apples a little bit warmer - 4 degrees celcius if I'm not mistaken.
Since that day I've put my apples and pears in the refridgerator, and haven't had to suffer as many overripe pears and apples.
This could be of so much help when MarsOne guys stranded on Mars will need to know if they can eat their bananas! For once there will be some science in their project.
Add photo interpretation (heck, do it manually at first as MVP) and you might get quite a few "colorblind" users. Fruit ripeness is a huge problem for many and bananas are usually the example.
This appears to be running on port 4567, just FYI many firewalls won't allow nonstandard ports. Perhaps port forwarding or a DNAT rule could help you reach a larger audience?
Yeah I don't get these corporate firewalls, as a cyber security student I've yet to see a single occasion where blocking a port has helped block an attack rather than annoy powerusers (or normal users also, occasionally).
So that's why I use https://torproject.org/download the whole day and never have any trouble with blocked sites (e.g. Pastebin; Slideshare) or blocked ports (e.g. :8080 was used today by some random site in XHR).
In the real world, it's common to see network professionals who apparently specialize in preventing communications between computers. Similarly, it's common to see DBA's whose number one goal seems to be preventing anyone from accessing the data. And it's also common to find engineers who seem focused on seeing every goal as impossible, and business analysts who when they hear what you want tell you why you can't have it. It's not rational but it's very common!
Thanks for the snarky remark, but I posted that post via Tor from inside the corporate firewall. In fact I mentioned that I use it the whole day. If that doesn't prove it works, I don't know what should.
The whole point of the Tor network is that anyone can access the Internet through it uncensored, regardless of countries' or corporate firewalls.
That's true. You probably can get out. Until the security team catches you, which they really, really can do. Trust me, I do it for a living. And then you're in trouble for violating the terms of your employment, and then HR gets involved, and then you are fired.
Like I said, if you're going to work in security, you're going to have to consider a lot more than can it be done. Corporate security is more closely tied to HR and the business than it is IT. You can't break the rules just because it's technically possible. It would be your job to find the people who are doing exactly that and report them to HR.
> Until the security team catches you, which they really, really can do. Trust me, I do it for a living.
True, I don't doubt they can if they wanted to, simply look for connections to known Tor nodes (of which there is a list). So long as I don't bother using a bridge node of course.
As for being fired, I don't think it's that strict. The company policy is aimed at blocking people from posting the company's slides on Slideshare, using icons from icon sites without a license (some icon site is also blocked) or pasting sensitive data on Pastebin by accident. As long as I don't do these things, I am not violating corporate policy, while I do need some of these sites to do my work.
If they make shitty policies that apply to the people who don't know what they are doing as well as to the people who do know what they are doing (or even need some of those sites), they can expect people to work around it. Rules are to be followed within reason. And if people are that strict, I don't want to stay in that company. Even as a student I'm asked to do work enough times that I don't doubt I could switch jobs in a matter of weeks.
>Even as a student I'm asked to do work enough times that I don't doubt I could switch jobs in a matter of weeks.
That's true, no one should ever be unemployed if they have infosec on their resume.
Do everything you can to learn how to bypass anything. Hack as much as you get your hands on. Break everything. Code all the things. It's really good for you and good for your career.
But I've had enough interns come work with me and then the company gets a letter from HBO because the intern thought no one was watching him torrent off our 2Gbps pipe. I've had college hires who spent the day browsing porn in incognito mode thinking the company couldn't see it. I've seen people using VPNs to mask the fact that they're getting paid to watch Netflix. And every single one of them wonder how in the hell we knew what they were doing.
Companies spend literally millions of dollars in security products to know exactly how their employees are misuing company property and company time. If you think there isn't a security tool that shows people using Tor, I think you're wrong.
I'm not telling you to stop. I'm not your manager. I just like helping people in infosec keep from making rookie mistakes. I've seen it way too often.
> If you think there isn't a security tool that shows people using Tor, I think you're wrong.
Targetting Tor specifically, yes I'm quite sure it's trivial to find a way to detect its usage. Even with bridge nodes on :443, traffic analysis probably reveals it, and especially on company-owned laptops you could scan for certain software.
So I'm not claiming that it's impossible, I just think it's not as easy as you say it is if they're not specifically looking for it (as long as there is no abuse, there is no immediate incentive to look for it).
As for interns downloading illegal or personal data over a company's connection, yeah, that is clearly abuse. We agree on that. I even know of people here that download random stuff over 4g (built into our laptops) abroad. In fact the 4g disables any blocks the company put in place because it's outside their firewall so many use it for that. If they want to fire anyone, they should start there.
Ssh proxy to my private server. Squid proxy behind Tor. You might know I'm doing something, but what exactly I'm doing. No way. (Taking reasonable precautions to prevent DNS leakage, etc)
At that point though, it doesn't matter. If company policy says you can't use anonymizing proxies or can't SSH out or can't mask your traffic in any way, you're hosed right there. And most enterprises would have an employee handbook that says that. Immediately you're in breech of guidelines and misusing company resources.
So many people in this thread are trying to argue ways to hide your traffic. All I'm saying is, no matter how clever you get to hide what you're doing, you're in breech of your terms of employment from the very first step. No matter how clever you get, I've seen people fired based on my report that they were using SSH to get to their private server. Doesn't matter if they were checking their email or if they were hiring a hitman on Silk Road.
Enterprises don't care what you're doing, they care what you're not doing, and what you're not doing is the job they paid you to do under the terms you agreed to do it.
I humbly submit you haven't seen an environment that was high security.
There's two general ways to treat Internet traffic, whitelisting and blacklisting. Many companies will simply use blacklists. These are easy to bypass as you are well aware. I have seen more than one environment that was whitelist based, no machine can access any other machine that isn't required for it to do it's job. Anyone needing to override a block enters a username, password, and reason, if they have the authority to do so, which leaves an audit trail.
Security and convenience is often a trade off, you do a risk assessment to determine if it's worth the risk to you and your company. For many people and companies, it's not, so they blacklist.
You should add email notifications too. I'm in Canada so my carrier isn't listed, but I want to know when to eat my bananas. Last time I was at the grocery store they only had extremely green bananas so now I'm playing the waiting game.
Add an 'upload a photo' option to automatically set the current banana color. And then I'll have a photo history of all the bananas I've ever eaten as well!
Thinking of a drunk scenario, where I could end up setting bad alerts for me and eating a lot of green bananas; it would be wise to add a drunk check such as simple math sums.
Since HTTP is deprecated, and you can't get TLS certificates for IP addresses, that means pages hosted like this will be at a disadvantage from now on right?
Yup - ripening in a mixed fruit bowl, hanging on a banana hanger, or in a bag with ethylene producing fruit (like an apple) will dramatically impact the timing - several days difference...