Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

"Worst ask slashdot question ever"????

davidsyes (765062) writes | more than 4 years ago

User Journal 1

http://tech.slashdot.org/story/09/08/18/0143232/Suitable-Naming-Conventions-For-Workstations?art_pos=18

My comments:

Even possibly worse is that by super-descriptively naming the computers means that anyone with crash log or trojan/mapping software can map out a firm's or an agency's approximate or exact seating and office arrangement. This could be an extreme security hazard, and could in advance open the company to employee-initiated lawsuits against the company.

http://tech.slashdot.org/story/09/08/18/0143232/Suitable-Naming-Conventions-For-Workstations?art_pos=18

My comments:

Even possibly worse is that by super-descriptively naming the computers means that anyone with crash log or trojan/mapping software can map out a firm's or an agency's approximate or exact seating and office arrangement. This could be an extreme security hazard, and could in advance open the company to employee-initiated lawsuits against the company.

This could be an issue in that companies may want to cause the US government to pass laws that software vendors MUST NOT collect nor even embed in the software a collection of machine and geographic information. JUST the crash, the generic or specific type of 3rd party java/active-x/C++/etc code running, and the machine os/rev/patch level, the date and time, and a few other non-identifiable bits of info. But, all the sites visited, the location of the hardware, the user login name... hell, who can know what the crash logs collect when many if not most of them convert the stuff to hex or some other non-human readable characters? (Yes, those with skills can reverse engineer most of this, but the lay person may want to know there corresponding, readable bits before allowing the log to be sent.)

This guy's asking the question could serve the purpose of warning him that a naming convention should not give up TOO much information that could be nefariously exploited by unauthorized recipients of such scheme. Internally, the scheme is likely to be fantastic if not overdone, though.

Unfortunately, i'm thinking what i wrote may be pointless because the crash logs are just collating information already in the system's ram or files that any decent programmer can obtain. So... maybe what i wrote is meaningless... a waste of time...

cancel ×

1 comment

I don't get it (1)

bmetzler (12546) | more than 4 years ago | (#29137647)

I don't understand. How could a name like LAX10205 be an extreme security hazard? Do you have an incredibly precise GPS-guided missile system?
Check for New Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...