Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Comments

top

Windows Flaw Allowed Hackers To Spy On NATO, Ukraine, Others

Aryeh Goretsky Re:Read here for a more detailed perspective (97 comments)

Hello,

The first public analysis of the malware campaign (called BlackEnergy by most researchers) was done by Arbor Networks back in October 2007, and Dell SecureWorks did a comprehensive write-up on its second generation in 2010. Additional information on this malware campaign:

Hope this is information is useful to anyone who might be concerned they have compromised hosts on their network.

Regards,

Aryeh Goretsky

about a week ago
top

Will Windows 10 Finally Address OS Decay?

Aryeh Goretsky Sad... this was largely addressed in Windows 8 (577 comments)

Hello,

What NetworkWorld freelancer Andy Patrizio complains about, cruft or OS decay, in the RTFA was largely addressed by Microsoft in Windows 8.

Microsoft worked in depth with silicon developers (i.e., the folks who make chips/chipsets for various things that require drivers like motherboards, videocards, network adapters and so forth) as well as software developers that used drivers (anti-malware, encryption, backup and so forth) to ensure not just that installation and removal went smoothly, but that performance was within acceptable levels, which in particular had been a problem for some of the bloatier anti-malware programs often seen pre-loaded onto consumer-targeted PCs, not just during startup and shutdown, but also during common day-to-day activities.

Since Mr. Patrizio didn't bother to use Windows 8 for any length of time, though, he didn't find out about the performance improvements, which, I suppose, is why we are commenting on his rather sad polemic.

Regards

Aryeh Goretsky

about three weeks ago
top

What To Expect With Windows 9

Aryeh Goretsky Re:I know! (545 comments)

Hello,

Driver support, which was mature under XP because of its longevity, took a hit when Microsoft released new models for Vista and was late in delivering its DDK. On the other hand, driver support in Windows 7 and up have been pretty mature. In the case of Windows 8 to 8.1, my employer was able to get away with little to minimal updates of our software, which uses filter drivers, for compatibility with the new version of the operating system. The level of compatibility had previously been rare in Windows for us.

As far as hardware goes, the difference between specifications for Windows Vista, 7, 8 and 8.1 has been pretty small. A 1 GHz CPU, 1GB RAM and some disk space were the basic minimum requirements for each, if memory serves. Don't expect it to run great on that kind of systems for all uses, though, but it will run.

And, yes, a new version of Windows usually means new features, both in terms of hardware and software. So, it's not a bad idea to try and time your hardware upgrade cycles to coincide with Windows releases if you want the latest shiny bits, which, as you noted, third-party devs are developing for.

Regards,

Aryeh Goretsky

about a month ago
top

What To Expect With Windows 9

Aryeh Goretsky Re: What To Expect With Windows 9 (545 comments)

Hello,

Did you mean Windows 95 or 98? Or perhaps were you thinking of Office 97?

Regards,

Aryeh Goretsky

about a month ago
top

Verizon Pays $7.4 Million To Settle FCC Privacy Investigation

Aryeh Goretsky Re:That'll teach them (50 comments)

Hello,

It's such a slight slap on the wrist that I doubt Verizon even felt it.

According to Wikipedia, Verizon made $120.55B in profits last year. That's a little over $330M a day.

Or about, $13.8M an hour.

So, a $7.4M fine means they paid the equivalent of 32.4 minutes of profit.

Regards,

Aryeh Goretsky

about a month and a half ago
top

Dell's New Alienware Case Goes to Extremes To Prevent Overheating

Aryeh Goretsky Re:How much? (149 comments)

Hello,

Dell didn't pay anything for it, as far as I can tell.

This is a post by MojoKid, who operates the HotHardware.Com site. I'm guessing he submitted the article to Slashdot in order to get some ad revenue from people visiting his site as a result.

I'm guessing that blocking

googletagservices.com
googleusercontent.com
tru.am

before visiting his site will make that a little more difficult.

I do not know if he is a Slashdot or a Dice Holdings, Inc., employee, but it would be nice if there was some sort of transparency statement, if that's the case.

Regards,

Aryeh Goretsky

about 2 months ago
top

US Government Fights To Not Explain No-Fly List Selection Process

Aryeh Goretsky The real reason for the secret... (248 comments)

Hello,

While I suspect the original reason for secrecy surrounding the No Fly List was to protect government sources and methods, my suspicion is that these days there simply is no criteria at all. Information is simply added from a variety of sources with varying degrees of quality (from high-quality covert intelligence feeds to TSA agents who simply think a person "looks like" a terrorist) and that by keeping information about the lack of controls on what goes in secret, the government uses the list as a deterrent factor to would-be terrorists.

A secondary function would be to reassure the public that air-travel is still safe, but like the much-criticized and ineffectual TSA screeners, it serves as "security theater" and not a bona-fide barrier to terroristic activity.

Regards,

Aryeh Goretsky

about 2 months ago
top

New Windows Coming In Late September -- But Which One?

Aryeh Goretsky A = B = C (251 comments)

Hello,

I am really unsure of what confusion there is.

Windows 'Threshold' appears to be the codename for 'Windows 9.'

About the only thing those speculative articles seem good for is generating page views for advertisements.

Regards,

Aryeh Goretsky

about 2 months ago
top

Microsoft Black Tuesday Patches Bring Blue Screens of Death

Aryeh Goretsky Patch Tuesday is not Black Tuesday (179 comments)

Hello,

I know that Slashdot loves to bash Microsoft, but calling it's monthly patching cycle "Black Tuesday" is pushing it. Black Tuesday was the name for the stock market crash that preceded the Great Depression, and for all the negativism about Microsoft, I have yet to hear of someone committing suicide over a Microsoft patch.

Frankly, using Woody "I'm a Windows victim" Leonhard as a source of information about Microsoft patches isn't a good idea, at least until he stops grinding whatever axe it is he has against Microsoft. Go read Microsoft's Security TechCenter if you want to know the patches are for, or at least blogs like ComputerWorld o ZDNet's r>Ed Bott, both of whom are more likely to put facts ahead of opinions. Even Paul Thurrott provides some good coverage, although I think he often is the opposite of Woody Leonhard, e.g.doesn't critical enough coverage.
Regards,

Aryeh Goretsky

about 2 months ago
top

John McAfee Airs His Beefs About Privacy In Def Con Surprise Talk

Aryeh Goretsky Pretty impressive, actually⦠(124 comments)

Hello,

Most people would likely get thrown off the stage at DEF CON for using it to promote their business in such a fashion. Instead, Mr. McAfee gets applause and people lining up to take photos with him.

Aside from that, the whole concept of simultaneously railing against the erosion of privacy while creating a web site that encourages people to share private information (without much information about how it will be safely secured) that is possibly libelous and may even be criminal at times is, well, going to be interesting. Especially with a FAQ which states things like " Yes, any entity can respond to a complaint. However, if the entity is not a subscriber, the response will not be featured in the official response section." and " It must not be possible for information on the site to be altered for any purpose."

It is going to be very interesting to see how this latest business venture of Mr. McAfee's turns out.

Regards,

Aryeh Goretsky

about 2 months ago
top

Two South African Cancer Patients Receive 3D Printed Titanium Jaw Implants

Aryeh Goretsky Re:I wonder if that would work for my small jaw. (71 comments)

Hello,

It might help. You could probably start by contacting the reporter who wrote the article, or the hospitals at which the surgeries were performed to ask for more information.

Regards,

Aryeh Goretsky

about 3 months ago
top

Apple and IBM Announce Partnership To Bring iOS + Cloud Services To Enterprises

Aryeh Goretsky Et tu, Lenovo? (126 comments)

Hello,

The question going through my mind, is what does this mean for Lenovo? Lenovo acquired IBM's Personal Computing Division in 2004, and announced at the beginning of 2014 that they had reached an agreement to acquire IBM's x86 server business.

The fact that IBM chose not to partner with Lenovo for developing all these apps and services for Lenovo's Windows and Android tablets and smartphones is downright bizarre.

Regards,

Aryeh Goretsky

about 3 months ago
top

Comcast Customer Service Rep Just Won't Take No For an Answer

Aryeh Goretsky Comcast billed me for imaginary hardware, twice (401 comments)

Hello,

Completely unsurprising. Comcast billed me for imaginary hardware, twice.

I set up cable Internet service with Comcast at a vacation home with no TVs in it about two years ago, just to be able to surf the web, etc., while there. Sometime around December, 2013, Comcast apparently decided that we needed TV service and shipped a set top box to the address, where it apparently sat, covered with a light dusting of snow for months (it's a vacation home). And, of course, they billed us for TV service and a rental fee for the box for months. I got that straightened out, and a credit issued.

A couple of weeks ago, I looked at my bill from them, and, lo and behold, they have been charging me an $8.00/month modem rental fee. I bought my cable modem from Fry's for less than the $96/year that would have ended up costing me.

As far as I can tell, when they removed my non-existent TV service and took back their set top box for the imaginary TVs, they stuck on a modem lease fee.

I have finally gotten that straightened out, and, no doubt, will have some new billing failure from them in a few months for hardware or services I did not request, own or otherwise purchase from them.

Regards,

Aryeh Goretsky

about 3 months ago
top

IEEE Launches Anti-malware Services To Improve Security

Aryeh Goretsky Re:slashvertized service is commercial (51 comments)

Hello,

Software vendors are not charged for submitting to the CMX, and the Taggant System is free for packer authors, as well.

It is the developers of anti-malware software who are paying for access to the CMX and Taggant System metadata, since they get the most value out of using that information. They are essentially underwriting the costs for everyone else in order to help provide a mechanism that helps clean up the ecosystem.

While there are probably some anti-malware software developers for whom this would be a big investment, there are probably a lot for whom it is not, and since this is being done under the auspices of the IEEE, I wouldn't be surprised if there wasn't some provision for academia, too.

Regards,

Aryeh Goretsky

about 4 months ago
top

IEEE Launches Anti-malware Services To Improve Security

Aryeh Goretsky Re:Officially* (51 comments)

Hello,

Oops. Thanks for catching this!

Regards,

Aryeh Goretsky

about 4 months ago
top

IEEE Launches Anti-malware Services To Improve Security

Aryeh Goretsky Re:Taggant (51 comments)

Hello,

I believe the idea is to allow legitimate developers of packers, cryptors, etc. a means of identifying their software. I would not expect those folks on the malware side of things to take any action as a result of this activity under the IEEE's auspices as it does not apply to them.

Regards,

Aryeh Goretsky

about 4 months ago
top

IEEE Launches Anti-malware Services To Improve Security

Aryeh Goretsky Re:Taggant (51 comments)

Hello,

It probably won't help much, if at all, but the number of legitimate applications which are self-modifying is comparatively very rare compared to those which done.

Regards,

Aryeh Goretsky

In reply to "Anonymous Coward" at Wednesday July 02, 2014 @12:34AM:

how will this help against self rewriting applications

about 4 months ago
top

IEEE Launches Anti-malware Services To Improve Security

Aryeh Goretsky Re:Taggant (51 comments)

Hello,

No problems viewing either PDF file via Sumatra PDF Reader. Perhaps you could try that.

Regards,

Aryeh Goretsky

about 4 months ago
top

Saudi Government Targeting Dissidents With Mobile Malware

Aryeh Goretsky detection (41 comments)

Hello,

The SHA-256 hash for the file is 8e64c38789c1bae752e7b4d0d58078399feb7cd3339712590cf727dfd90d254d.

According to VirusTotal, at the time the report was released, it was being detected by by the following anti-malware programs:

  • Avira AntiVir - Android/FakeInst.ES.4
  • Baidu-International - Trojan.Android.FakeInst.bES
  • ESET - a variant of Android/Morcut.A
  • Kaspersky - HEUR:Trojan-Spy.AndroidOS.Mekir.a
  • ThreatTrack VIPRE - Trojan.AndroidOS.Generic.A

Five out of fifty-three program, or a little under 10%. Currently, detection is at 13/53, according to this report.

Regards,

Aryeh Goretsky

about 4 months ago

Submissions

top

IEEE launches anti-malware services to improve security

Aryeh Goretsky Aryeh Goretsky writes  |  about 4 months ago

Aryeh Goretsky (129230) writes "The IEEE Standards Assocation has launched an Anti-Malware Support Service (AMSS) to help the computer security industry respond more quickly to malware.

The first two services available are a Clean file Metadata Exchange [PDF], to help prevent false positives in anti-malware software, and a Taggant System [PDF] to help prevent software packers from being abused.

Official announcement is here."

Journals

Aryeh Goretsky has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?