×

Announcing: Slashdot Deals - Explore geek apps, games, gadgets and more. (what is this?)

Thank you!

We are sorry to see you leave - Beta is different and we value the time you took to try it out. Before you decide to go, please take a look at some value-adds for Beta and learn more about it. Thank you for reading Slashdot, and for making the site better!

Comments

top

Schneier Explains How To Protect Yourself From Sony-Style Attacks (You Can't)

BUL2294 Re:Blameless Random Employees? (340 comments)

And who isn't to say that, as part of the hack, once they found someone high enough with the right credentials, they didn't create a couple of AD accounts? In mid-size organizations, identity management is dealing with thousands of accounts, having to create numerous exceptions for specific people and applications (oh, this Task Scheduler task can't allow for the account to change--and it needs super-duper-Admin rights to these particular servers; this Windows Service that runs on the production CRM server can't change password). So, a hacker could just hide some new accounts with fake descriptions for applications in-house (e.g. "SQL-Salesforce sync"), give them super rights even allowing for password changes, and presto... Or worse, pick such a valid account and start adding servers it has rights to. Security by Obscurity (ironically on the security platform).

about a week ago
top

Schneier Explains How To Protect Yourself From Sony-Style Attacks (You Can't)

BUL2294 No real need for updates, either... (340 comments)

The other advantage of the air-gapped network is that you no longer "need" to update the computers within the network with most of the security updates that come across Windows Update. Build them from DVDs & SPs with known hash values, never having connected them. Who cares if those PCs are still stuck on Win7-SP1 or Win8.1 RTM. Their primary attack vector (e.g. the big bad Internet) is unavailable. Even if these machines are built with malware, the worst that could happen is that they get erased, but the data still doesn't go out.

But what about e-mail? IM? Interwebs? Facebooking? Really??? Buy a 2nd, low end PC, wirelessly connect it to the corporate network, and volia! Hell, you could even use a KVM for this purpose, if you'd rather not spring for the expensive $400 laptops. Don't take the easy approach of connecting the networks in a way that only allows for RDP sessions--a determined hacker with unlimited funds (e.g. state sponsors) would figure that one out.

But what about Adobe Cloud or whatever program needs to connect to the Internet? Most such programs have alternative options for air-gapped networks (e.g. a license server), and a company like Adobe could be brow-beat by a company like Sony into disabling phone home. For high-risk applications where you can't talk your vendor out of phone-home, it's time to look for a new vendor...

about a week ago
top

US Treasury Dept: Banks Should Block Tor Nodes

BUL2294 Craigslist already does this... (84 comments)

I'm not sure why banks don't, but Craigslist already blocks almost all Tor nodes--despite its comparatively meager resources (vs. banks')...

about three weeks ago
top

Sony Employees Receive Email Threat From Hackers: 'Your Family Will Be In Danger'

BUL2294 Re:Something is dodgy here. (184 comments)

I wouldn't be surprised if someone at Sony were responsible for sending this email as a false-flag operation.

False-flag operation or not, that's a crime. If someone within Sony (or hired by Sony--e.g. their cybersecurity contractor) sent such an e-mail, that person is doing the equivalent of "screaming 'fire' in a crowded theater, when there is no fire". Not protected by free-speech and that person should be criminally charged with a felony.

about three weeks ago
top

The Sony Pictures Hack Was Even Worse Than Everyone Thought

BUL2294 Re:$1tr question--Why is all this Internet-facing? (528 comments)

Explain how airgapping doesn't make you immune to Windows Updates? If your PC can't talk to Microsoft, and unless you're going old-school sneakernet with flash drives, how is it going to get updates? Most Windows updates solve some sort of security hole, usually caused by the execution of malicious software or some sort of security hole that's exploitable from the Internet. Take away "the Internet" and lock down what people can execute on their PCs within "the island" and problem solved. Yes, you now have a known unpatched security hole--but one that can't be exploited without access to the Internet. No malicious links, attachments, unauthorized software, browser toolbars, etc. Just people using limited specific software & specific versions on (for example) Windows 7-SP1.

As has been proven by Stuxnet and this breach, unlimited state-sponsored funds ALWAYS beats "networks with layered protection". Big-name companies that spend shitloads of money on security still get breached. 15+ years of "breeding a culture of corporate security" also hasn't worked. But if you require the network to have a physical presence, then you've eliminated your primary attack vector.

about three weeks ago
top

The Sony Pictures Hack Was Even Worse Than Everyone Thought

BUL2294 Re:$1tr question--Why is all this Internet-facing? (528 comments)

So how did companies handle such networks 20+ years ago, where employees in "other offices" (cities, other locations in the same city, etc.) could access files, databases, etc., without any vector out to the Internet? Wouldn't be that hard to create a disconnected network island "war room" in each office--disconnect some ports & buy new routers. The real issue ultimately becomes that you now might want to consider multiple such air-gappped networks (e.g. R&D, HR, Finance, etc.)

I have to assume that data breaches are much worse cost... This one has lost sales, lost goodwill, lawsuits, potential government fines (e.g. HR data), network design changes, etc. Even a $10 million air-gapped network would have been a bargain compared to this mess...

I'm still waiting for a massive Salesforce data breach... That'll be interesting when it happens.

about three weeks ago
top

The Sony Pictures Hack Was Even Worse Than Everyone Thought

BUL2294 $1tr question--Why is all this Internet-facing??? (528 comments)

With all the state-sponsored corporate & military espionage caused by China & Russia, with the never-ending probes from government agencies like the NSA/DHS/GCHQ/etc., with malware & ransomware attacks that can encrypt data in (generally) unbreakable forms, with criminal hacking organizations making off with millions of credit card numbers from retailers, with apparently no network controls as to how much data leaves company firewalls & where it goes, and so on, why aren't there more internal air-gapped networks in companies???

This has hit the point of absurdity. If you are working on military plane designs, working on your next corporate acquisition, or even making movies or music worth tens of millions of $$$, why would you put your prized, unreleased digital files on computers that have Internet access? What kind of batshit stupidity is that? What, so your employees can browse Facebook & check Outlook e-mail at the same time? Such an air-gapped network would easily become an island--one that doesn't need Windows Updates, can stay on an old service pack, gets no software updates that solves 2 problems and but makes a new one (e.g. we know the bugs), and the like. And if those employees really need their Outlook e-mail, IM, or the Inter-Webs where they work, they can have a 2nd very low-end PC, connected to the main network, with a KVM between the two. Might even increase efficiency, given the mind's inability to multitask well. Or give them freaking iPads on a wireless network that's not connected to their "sensitive" work computer.

It boggles the mind that given all these problems, which are increasing in frequency & cost every day, we still have little more than software firewalls & hardware routers between a company's most highly-sensitive assets (files & computers) and the big-bad-Wild-West-no-holds-barred-Internet.

about three weeks ago
top

Security Experts Believe the Internet of Things Will Be Used To Kill Someone

BUL2294 Re:Ummm ... Duh? (165 comments)

And you know this, how??? We all know that it should happen this way, but we have no way of knowing for sure whether that's the case. If my IoT thermostat gets hacked & reprogrammed to burn my house down, which is connected to my IoT furnace, how do I know that the IoT furnace a) hasn't also been hacked, b) even has the requisite hardware you speak of?

Read up on the Therac-25 incidents of the 1980s... http://en.wikipedia.org/wiki/T...

about a month ago
top

The Great IT Hiring He-Said / She-Said

BUL2294 Re:I'm in the job market, and I'm dealing w/morons (574 comments)

But you've made your job that much harder... Think about it. Trying to save a few bucks by merging x-number of available jobs into one job post, where you don't make it obvious that you're hiring for multiple people where each needs SOME of the skills (which you probably can't do because of job site ToS--they probably require you to post each job as one post), you're confusing many of your applicants into thinking you're looking for a "batshit crazy" skillset. Look at the other replies above--most people think that a crazy list of skills under one post is for one insane & underpaid job.

Even the best candidates for a specific skillset wonder "what up with this role?", and you don't hear from them...

about 2 months ago
top

The Great IT Hiring He-Said / She-Said

BUL2294 I'm in the job market, and I'm dealing w/morons... (574 comments)

So, as I've been in the market for a few months, I'm finding that many of the jobs that glossed over me a few months ago are coming across again... Whether it be a recruiter contacting me (I remember applying for this a while back), a new posting on the company's job search portal of choice (they changed 5 words in the job description), or even a new approach (look, now they're recruiting from my MBA school for this position)... Needless to say, it's infuriating.

Sure, I recognize that I only have 85% of what you're looking for in terms of a skillset; or that you want to pay $5000/year less than my absolute salary floor... But if that job has been open for 3-6 months, the damage caused by it being open (presumably because someone left, and now there's a void that everyone else on the team is not really able to fill) has far exceeded whatever small training costs or whatever you would have to spend on me...

Another issue is that too many companies are still thinking it's the financial crisis, when new recruits were happy to accept 50% cuts in salary to avoid foreclosure or vehicle repossession. This was best described to me by one recruiter--"three asses, one seat". While I've seen some absolutely batshit JDs (where 2 people in the country might have all of these skills), I recently saw one that pissed me off... A company wanted someone who was a SQL Server DBA/BI stack/TSQL & reporting guru, an Oracle DBA/PL-SQL programmer, and a Linux server manager in downtown Chicago--for $95k/year. Good luck finding such a person, with competing technologies, for less than double that...

Another problem that I'm finding is that some jobs are sub-sub-contracted out. I recently saw one in Chicago that needed expert experience in Informatica MDM. Max pay was $46/hr W2. Turns out that MegaCorp contracted out to CompanyX who opened up to numerous companies, CompanyY contacted me with this max rate, asking me to be an employee of CompanyY. My convo w/recruiter: "So everybody has their hands in the cookie jar, and there's nothing left for the guy who's actually doing the work?--What do you mean?--Well, someone with that skillset should be in the $75-100/hr range, but since 2 levels above want to keep their 100% profit margin, $50 becomes $100 and $100 becomes $200, which MegaCorp is probably being billed somewhere around there..."

Finally, don't get me started on "the foreigners"... It seems the boiler-room stock antics of the '80s and '90s have moved offshore, where in some cases I get calls from multiple people about the same job from the same company... They're all in a feeding frenzy, just trying to be the first to pass along my authorization to represent--never mind that I may not be qualified for the role in question. (One conversation went like this... "Well, where in Chicagoland is the job?--Let me submit you and I'll tell you.--You mean you won't tell me where the job is until I agree to let you represent me? It could be an impossible commute...--I need to submit you first...--Fuck off...")

about 2 months ago
top

Speed Cameras In Chicago Earn $50M Less Than Expected

BUL2294 Re:Jesus Christ, READ TFA! (398 comments)

And just to add to it, the article's author fucked up, mixing up flashes from red light cams (usually people making a right turn on red without a complete stop), while speaking about the revenue from speed cams.

about 2 months ago
top

Speed Cameras In Chicago Earn $50M Less Than Expected

BUL2294 Jesus Christ, READ TFA! (398 comments)

I live in Chicago... Read TFA--not red light cams, but SPEED CAMERAS!

First off, because of state law, the speed cameras can only issue a ticket for going 6+ over the limit. So, 25 in a 20 school zone, or 35 in a 30 "near a park" zone is OK. Second, the 6-10 MPH over the limit is a $35 ticket. BFD. Only when you do 11+ over the limit (e.g. 41 in a 30), that's when it shoots up to $100. Finally, speed cameras are NOT allowed on Lake Shore Drive, Lower Wacker, and (obviously) Interstates.

On top of that, because of state law, the city had to paint "SAFETY ... ZONE" on the street in each lane, along with putting up extra speed limit signs with "PHOTO ENFORCED", by every camera installation, on that street and on all intersecting streets...

about 2 months ago
top

Safercar.gov Overwhelmed By Recall For Deadly Airbags

BUL2294 Re:Why a government site? (120 comments)

Pass a law saying car companies must have recall information easily accessible on the web.

Just looking up Toyota, Ford, and GM (all USA), each allows you to go to their respective websites and type in a VIN to let you know if there's a recall associated with your vehicle... So while there isn't a law to that effect, they already have this. If you're too lazy to go to the manufacturer's site to look up your vehicle by VIN for the 1 or 2 vehicles you may own, either from the government or the manufacturer, then I don't know what else can be done. This is on top of the paper mail and e-mails you are likely getting. And on top of any lawyer ads you might see on TV--"Are you injured? [Automaker] had many recalls... Sue them!"

about 2 months ago
top

Kmart Says Its Payment System Was Hacked

BUL2294 So this affects... (101 comments)

...nobody.

about 3 months ago
top

Ask Slashdot: What To Do After Digitizing VHS Tapes?

BUL2294 Re:Back up to optical media (268 comments)

Seriously, cloud based backup is not the panacea you want to believe that it is. Think about it... With "unlimited storage for $5/mo", how does a company like BackBlaze have any viability? Right now, if you were to store 10TB of data (which has been thrown around in some of the other posts), their ROI is insanely high. Even if they went cheap and bought SATA 3.5" drives, a 4TB drive (on Pricewatch) will run $118, or $28.3167/TB. Let's say they can buy drives in bulk at $25/TB, 10TB would cost them $250 worth of equipment. At $5/month, their break-even point is at 50+ months--and that's assuming NPV is not important...

Now, let's throw in Visa/MC charge fees, bandwidth costs, additional hardware for RAID, office overhead, other equipment, legal / NSA requests / DMCA takedowns, etc., and the simple ROI of 50+ months easily balloons to 100+ months--if not out to infinity. There's no way a company like that is viable at current media prices, especially since your data is available on-demand (e.g. no delays for their tape to transfer to HD media)...

Viability of your backup solution is just as important whether it's longevity of tape & a physical drive you actually buy or the business plan of a cloud-based option.

about 3 months ago
top

New HP Laptop Would Mean Windows at Chromebook Prices

BUL2294 2GB RAM is plenty for Win8.1 x86... (215 comments)

I can confirm that Windows 8.1 x86 on 2GB RAM runs great--even on a 5-year old netbook. I loaded Win 8.1 Pro on a 2009-era Dell Inspiron Mini 9 (it had a now-unsupported XP) with an x86-only hyperthreaded Atom processor & IDE SSD--and it flies. I even put a new Intel 802.11ac WiFi-Bluetooth miniPCI card in it. I can't use Metro apps (1024x600 screen doesn't meet Metro's 1024x768 requirement, darn it), but after loading Start8, I don't care. I have a very portable little desktop machine that flies with Office 2010, Firefox, etc.

My only complaints are that Chrome actually performs quite poorly on sites with heavy AJAX (specifically Yahoo Mail), and that Flash is better off left not installed (darn). But Firefox appears to be much better optimized for low-end hardware, so I just use Firefox with no Flash.

about 4 months ago
top

Windows 8.1 Update Crippling PCs With BSOD, Microsoft Suggests You Roll Back

BUL2294 Re:For Win9, MS should go back to Service Packs... (304 comments)

In addition, the "monthly updates" are generally security fixes that exists to solve a security hole--where proper interaction with the component shouldn't cause problems before or after the applied fix. They generally solve one security problem within the component (e.g. buffer overflow at xxxxxxxxxxxxxx when called by yyyyyyyyyyyyyyy). That's why they've generally been trouble-free. Microsoft has recently gone on-record stating that Patch Tuesday will now be getting more such non-security feature updates, and they won't be optional.

about 4 months ago
top

Windows 8.1 Update Crippling PCs With BSOD, Microsoft Suggests You Roll Back

BUL2294 Re:For Win9, MS should go back to Service Packs... (304 comments)

Generally speaking, old-school Service Packs were both the bundling of hotfixes and new kernel-level features (e.g. USB 3.0, 4K drive sectors, UEFI support, etc.). In the world of Win7 and lower, Patch Tuesday was generally limited to security fixes and parameter changes (e.g. daylight savings time changes). Microsoft would also make available optional updates to Windows components (Internet Explorer, Media Player, etc.) that you could apply as desired.

This model isn't true with Win8.x. They're putting out kernel/feature updates every few months, trying to appear more Agile. A few months back, there was a mini-furor over Update 1 in that you had 30 days to test & apply it to your systems, or get no new updates. There was no beta of the release code that administrators could test ahead of time, as was customary with Service Packs. Some users flipped--specifically companies. Microsoft backed down a teeny bit, but only offered to create a branch for those who wanted to hold off on Update 1--for one extra Patch Tuesday cycle (4-5 weeks).

about 4 months ago
top

Windows 8.1 Update Crippling PCs With BSOD, Microsoft Suggests You Roll Back

BUL2294 For Win9, MS should go back to Service Packs... (304 comments)

This is a perfect example of why Microsoft should go back to doing Service Packs and not these seemingly random "feature updates" that have become the norm with Windows 8.x and Office 2013 (non-MSI / "click to install"). There's no standard codebase anymore and feature updates are just being installed willy-nilly, with no real support window for delayed installations. (At least with a SP, you had a year to test & work around a problem before MS pulled the support plug). This is another reason why companies don't want Win8.x--kernel-level updates with only a few days warning. (Articles were still talking about "Windows 8.1 Update 2" as recently as 2 weeks prior to August's Patch Tuesday). I'd hate to be an NT administrator fretting over all my 2012R2 installations right now.

Instead of getting a SP for Windows 8, we now have 8.1. Instead of getting SPs for Windows 8.1, we now have 8.1 Update 1 and 8.1 August Update. We have updates that come through the "Store" app. This is one of the reasons (granted, not the primary one) why the uptake of Windows 8.x is now slower than Vista's uptake some ~2 years post-RTM, and why Windows 7 is gaining market share, at the expense of XP and Vista. Companies don't want this model and the headaches that go along with it.

So, for Win9, just go back to a Service Pack model and make everybody happy. Yes, SPs cost a lot of money to put out, and yes MS ends up looking old-school, but the rigor with testing is (presumed to be) significantly higher than some rushed, "little" update. Windows 8.x is broken, and Microsoft keeps pitching a newer, faster cycle of feature updates, but this just proves they are incapable of properly handling such a model... Microsoft: you are not Apple, and you don't have to try to emulate them.

As for myself, so far my two Win8.1 installations (one x86, one x64) and one of 2012R2 in a VM are not showing problems from these updates... But I have only myself to blame for not waiting a few extra days. Of course, now MS will have to come up with an out-of-band fix (with even less testing) within the next ~3 weeks or will have to have 2 sets of patches for September's Patch Tuesday--one for those who haven't uninstalled these updates and one for those who have. Pure stupidity...

about 4 months ago

Submissions

top

Win8.1 broken update redux - Severe problems with November Update

BUL2294 BUL2294 writes  |  about a month ago

BUL2294 (1081735) writes "Microsoft's latest update for Windows 8.1, KB3000850 / November Update has been causing a myriad of problems with certain programs. The difficulties are being discussed on Microsoft Community Support, Reddit, MSFN, Neowin, and ASKVG.

Looking over the forums, this update breaks Avast Antivirus (forum discussion) and Classic Shell (forum discussion). Problems with Avast are particularly acute and may impact System Restore. Other prevalent issues include the inability to sleep or shutdown, issues with Internet Explorer and Control Panel, and inability to boot into Safe Mode to roll back the update. Some users have indicated that they need to reinstall Windows 8.1 completely. At least Microsoft learned the error of their ways after the April & August updates, and has made KB3000850 optional (for now)..."
top

Wells Fargo refuses to honor 30-year old CD because they can't find it

BUL2294 BUL2294 writes  |  about a month ago

BUL2294 (1081735) writes "The Consumerist and KPHO-TV Phoenix are reporting the story of a widow who attempted to cash a Certificate of Deposit (CD) at Wells Fargo that had been issued to her late husband for just over $18,000 in 1984. She has been battling with them since 2009, after finding the CD among other paperwork, and a decision in the court case is expected in January. The CD was issued by First Interstate bank, which merged with Norwest, which was bought by Wells Fargo. Wells Fargo has no record of the CD, but the physical document itself mentions that it has to be surrendered to receive payment, or could have been paid out by signing an indemnity form--which they also do not have. In addition, there's a fight over whether the CD is worth $60,000 or $400,000, as the CD was self-renewing and was issued when interest rates were 10.9%.

Ultimately, this is a case of data getting lost within 30-years worth of mergers and system changes. Both the existence of this instrument and its terms are probably on some long-lost tape that may no longer be readable, or paper copies were shredded years ago. That being said, we entrust that our banks and regulators can dig up such historical information... So what happens when they can't? As was evidenced during the US mortgage crisis, banks are terrible at appropriate document retention, so how could they prove what was paid out and when? More importantly, how much of banks' historical / legacy accounts are complete guesses?"

Link to Original Source
top

Wells Fargo refuses to honor a 30-year old CD because they can't find it

BUL2294 BUL2294 writes  |  about a month ago

BUL2294 (1081735) writes "Consumerist and KPHO-TV Phoenix are reporting on a story where a widow attempted to cash at Wells Fargo a Certificate of Deposit (CD) that was issued in 1984. She has been battling with them since 2009 and the case has gone to court. The CD was issued by First Interstate bank, which was bought by Norwest, which was bought by Wells Fargo. Wells Fargo has no record of the CD, but the physical document itself mentions that it has to be surrendered to receive payment. In addition, there's a fight over whether the CD is worth $60,000 or $400,000, as the CD was self-renewing.

Ultimately, this is a case of data getting lost within 30-years worth of mergers and system changes. Both the existence of this instrument and its terms are probably on some long-lost tape that may no longer be readable, or were shredded decades ago. That being said, we entrust that our banks and regulators can dig up this information historically... So what happens when they can't? More importantly, how much of banks' historical accounts are complete guesses?"
top

Experian breach exposed 200 million Americans' personal data over a year ago

BUL2294 BUL2294 writes  |  about 5 months ago

BUL2294 (1081735) writes "CNN Money is reporting that, prior to the Target breach that exposed information on 110 million customers, and prior to Experian gaining Target's "identity theft protection" business from that breach, Experian was involved a serious breach, to which nobody admits the scope of. Their subsidiary, Court Ventures, unwittingly sold access to a database to a Vietnamese fraudster named Hieu Minh Ngo. This database contained information on some 200 million Americans, including names, addresses, Social Security numbers, birthdays, work history, driver's license numbers, email addresses, and banking information. "Criminals tapped that database 3.1 million times, investigators said. Surprised you haven't heard this? It's because Experian is staying quiet about it. It's been more than a year since Experian was notified of the leak. Yet the company still won't say how many Americans were affected. CNNMoney asked Experian to detail the scope of the breach. The company refused. "As we've said consistently, it is an unfortunate and isolated issue," Experian spokesman Gerry Tschopp said.""
top

Declining LG's new ad-friendly Privacy Policy removes features from Smart TVs

BUL2294 BUL2294 writes  |  about 7 months ago

BUL2294 (1081735) writes "Techdirt and Consumerist posted articles about a user in the UK who, after a firmware update to his 2-year old LG Smart TV, declined their new Privacy Policy, only to find that most Internet-connected features (e.g. BBC iPlayer, Skype) of the TV now no longer work. From the Techdirt article...

Does a manufacturer have the right to "brick" certain integral services just because the end user doesn't feel comfortable sharing a bunch of info with LG and other, unnamed third parties? LG certainly feels it has the right to do this. In fact, it makes no secret of this in its long Privacy Policy — a document that spends more time discussing the lack thereof, rather than privacy itself. The opening paragraph makes this perfectly clear.

To add, even declining the policy still results in non-specified information being sent to LG.

LG's policy of spying on the viewing habits of customers, along with sending filenames of videos stored on USB devices connected to TVs, was previously discussed on Slashdot."

top

Comcast turning Chicago homes into Xfinity hotspots...

BUL2294 BUL2294 writes  |  about 10 months ago

BUL2294 (1081735) writes "The Chicago Tribune is reporting that, over the next few months in Chicago, Comcast is turning on a feature that turns customer networks into public Wi-Fi hotspots. After a firmware upgrade is installed, "visitors will use their own Xfinity credentials to sign on, and will not need the homeowner's permission or password to tap into their Wi-Fi signal. The homegrown network will also be available to non-subscribers free for several hours each month, or on a pay-per-use basis. Any outside usage should not affect the speed or security of the home subscriber's private network. [...] Home internet subscribers will automatically participate in the network's growing infrastructure, although a small number have chosen to opt out in other test markets." The article specifically mentions that this capability is opt-out, so Comcast is relying on home users' property, electricity, and lack of tech-savvy to increase their network footprint..."
top

95% of ATMs worldwide are still using Windows XP...

BUL2294 BUL2294 writes  |  about a year ago

BUL2294 (1081735) writes "With the April lifecycle deadline looming for Windows XP, BusinessWeek has indicated that 95% of the world's ATM machines are still running Windows XP and banks are already purchasing extended support agreements from Microsoft as they will not meet the deadline. (The article indicates that some of the affected ATMs are running XP Embedded, which has a support lifecycle until January, 2016). 'Microsoft is selling custom tech support agreements that extend the life of Windows XP, although the cost can soar quickly—multiplying by a factor of five in the second year, says Korala. JPMorgan is buying a one-year extension and will start converting its machines to Windows 7 in July; about 3,000 of its 19,000 ATMs need enhancements before the process can begin...'"
top

Public Citizen sues KlearGear.com for $75,000 over $3500 fine...

BUL2294 BUL2294 writes  |  1 year,9 days

BUL2294 (1081735) writes "Public Citizen has followed through on their threat to sue KlearGear.com over their decision to "fine" Utah resident John Palmer $3500 over a negative review posted by his wife, Jennifer Palmer. The review, posted to RipoffReport.com in 2009 when the $20 order was not received & the couple had difficulties in getting a refund, was made 3 years before a "non-disparagement" clause was added to KlearGear's Terms of Sale and Use, to which all customers agree to before purchasing from them. In 2012, KlearGear informed credit reporting agencies of the $3500 "debt", sent a debt collection agency against the Palmers, and validated the "debt" to credit reporting agencies (adding a $50 dispute charge) when John Palmer attempted to dispute it. Since then, the Palmers have had difficulties obtaining credit, which included going 3 weeks without heat while trying to obtain a new furnace. KlearGear has publicly stated on KUTV and CNN that the fine was valid and would stand. Now, on behalf of the Palmers, Public Citizen is suing KlearGear 'after KlearGear.com ignored a Nov. 25 demand letter sent by Public Citizen on behalf of the Palmers requesting that KlearGear.com contact the relevant credit agencies immediately and inform them that the debt it had reported concerning John was in error. The letter also asked for compensation of $75,000 and permanent removal of the “non-disparagement clause” from its website’s terms of use. // Today’s complaint seeks punitive damages as well as damages for the economic, emotional and other harms that the Palmers suffered as a result of KlearGear.com’s actions.'"
top

AVG 8.0 Free thinks ZoneAlarm 7.0 is a trojan...

BUL2294 BUL2294 writes  |  more than 6 years ago

BUL2294 (1081735) writes "AVG Free 8.0's latest update sees ZoneAlarm 7.0 as trojan horse "Agent_r.CX". It's also being discussed here, here, here, and here (with less than stellar help from the AVG free forum moderators)... This destroyed my ZoneAlarm installation--I was unable to go out to the Internet until I uninstalled ZoneAlarm, so now I have to choose between running Windows without antivirus or a firewall...

Once this is resolved, if you are looking for an older version of ZoneAlarm (i.e. for Windows 2000, which is not supported by ZoneAlarm 8.0), the link to v7.0.483.000 can be found here..."
top

Court ruling allows remote DVRs...

BUL2294 BUL2294 writes  |  more than 6 years ago

BUL2294 (1081735) writes "USA Today is reporting that the 2nd U.S. Circuit Court of Appeals in Manhattan has overturned a lower court ruling, therefore allowing Cablevision to offer remote-storage DVRs. The motion picture industry was fighting this (no surprise), arguing that cable companies would be guilty of copyright infringement... As a result, most existing non-DVR cable boxes would be able to function as DVRs — probably as an extension of existing On-Demand capabilities.

This is huge since 1) recordings would be unaffected by cable or power outages; 2) recordings wouldn't be lost over a fried/replaced DVR box; 3) cable companies could offer customers the ability to login & adjust their recordings remotely over the Internet; 4) cable companies might even be able to offer Slingbox-like online viewing capabilities. Unfortunately, there's no indication of where the additional bandwidth to support this would come from..."
top

Y2K-like problem for old gas pumps...

BUL2294 BUL2294 writes  |  more than 6 years ago

BUL2294 (1081735) writes "The Chicago Tribune has an interesting low-tech article about how many older mechanical gasoline pumps are incapable of going above $3.999/gallon. A large number of these pumps are in rural areas and the owners cannot afford to refit or replace the pumps. To add insult to injury, companies that offer the replacement mechanics have backlogs approaching several months, while the $4/gallon threshold is imminent or has already been crossed. But leave it to state government bureaucracies to come up with creative solutions — North Dakota will allow the station owner to cut the per-gallon price in half then double the final price (quick, multiply $37.87 by 2!) and Minnesota will allow the station to hide the total price (yeah, that won't cause problems)..."
top

Windows XP SP3 is now RTM

BUL2294 BUL2294 writes  |  more than 6 years ago

BUL2294 (1081735) writes "Windows XP SP3 has been released to manufacturing, according to a post on Microsoft Technet. According to the post by Chris Keroack, Release Manager for Windows XP Service Pack 3, general availability will be made available on Windows Update to all on April 29th. Given that XP-SP2 is almost 4 years old, it's about freakin' time! Am I the only one who thinks that Microsoft is trying to save money by putting out fewer service packs? — XP will only go to SP3, Windows 2000 went to SP4, NT 4.0 went to SP6..."
top

UK Government to schools: No Vista or Office 2007

BUL2294 BUL2294 writes  |  more than 6 years ago

BUL2294 (1081735) writes "InfoWorld reports that the UK Government has recommended against upgrading software in schools to Vista and Office 2007, especially if it's done in a piecemeal fashion. Two-thirds of the cost of the upgrade (£175 million / $350 million), would go straight to Microsoft, while the rest would go towards deployment, testing, and hardware costs. They also recommended against going to Office 2007 and its OOXML format, and slammed M$ for their poor implementation of ODF in Office 2007. The recommendation can be found here."
top

Toshiba has Vista-specific BIOSes for some models

BUL2294 BUL2294 writes  |  more than 7 years ago

BUL2294 (1081735) writes "Toshiba has started providing Vista-specific BIOS firmware upgrades that cause problems with Windows XP. Frankly, I think this is very wrong because now a machine is tied to a specific operating system ONLY. According to the article, if you run the Vista v5.00 BIOS with XP, Fn+F1 thru Fn+F9 stop working... What, that couldn't be fixed with a keyboard driver???

For certain models, Toshiba has both XP and Vista BIOSes, but how long before PC manufacturers like Toshiba only put out Vista-specific BIOSes??? Frankly, I have no idea if M$ has a hand in this but would it really surprise anyone? This might explain some peoples' difficulties in getting XP to run on a PC bought with Vista (beyond the basic lack of drivers)...

And what about anyone wanting to run Linux? What about someone who needs to dual-boot between Vista and XP?

Anyway, Toshiba's support document ID# is 98082330. There's no direct link to this support article because the site uses session IDs, but you can get there by going to http://www.csd.toshiba.com/cgi-bin/tais/su/su_sc_h ome.jsp then click on the 4th article in the "support updates" section called "Fn key combinations may stop working with BIOS version 5.00 or higher, and Windows XP".

(I can also send you a PDF copy of the support article if Slashdot wants to host it... My real e-mail address is in my profile but please don't post it should you post the article...)"

Journals

BUL2294 has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?