Beta

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Comments

top

Ask Slashdot: Is Running Mission-Critical Servers Without a Firewall Common?

Bert64 Re:It Depends (338 comments)

That's completely the wrong approach..
If your hosts aren't secure enough to be on the public internet, they shouldn't be on an internal network either. Many attacks come from the inside, and if you have a large number of insecure hosts hidden behind a border firewall then all it takes is one tiny hole and everything can come crashing down, as has happened many times in the past.

A firewall is not the ultimate answer, and nor should it be your only line of defense. If hosts are correctly configured, then a firewall won't actually improve security as the only services exposed on the host will be ones you intended to run and thus explicitly allowed through the firewall.

2 days ago
top

Ask Slashdot: Is Running Mission-Critical Servers Without a Firewall Common?

Bert64 Re:Fire(wall) and forget (338 comments)

If ports are unused, then the hosts themselves will reject any traffic sent to them without the need of a firewall...
If the hosts are running services you don't want, then you haven't configured your hosts correctly and hiding poorly configured hosts behind a firewall is not the answer.

2 days ago
top

Ask Slashdot: Is Running Mission-Critical Servers Without a Firewall Common?

Bert64 Necessary? (338 comments)

Assuming the servers are correctly configured and hardened, then a firewall is an additional layer - ie the ports allowed by the firewall will be those ports that you have explicitly opened on the server, nothing else should be present irrespective of what the firewall allows. Wether you then need one depends on your budget, your risk profile, wether you need to comply with any external requirements (like pci-dss) etc.

Personally i have many servers with no firewalls, because having a firewall would add additional hosting cost, additional point of failure, additional attack surface, additional latency, and the servers themselves don't run any services that aren't intended to be open to the internet (and thus everything thats running would be allowed by the firewall anyway).

The benefits of having a firewall in my case - an extra place for logs incase my host is compromised, and the ability to control outbound access if the host is compromised, are outweighed by the downsides. The chance of the host actually becoming compromised in the first place wouldn't be decreased by the addition of a firewall, but you'd have the additional risk that the firewall itself could be compromised.

2 days ago
top

UK Cabinet Office Adopts ODF As Exclusive Standard For Sharable Documents

Bert64 Re:This a wheeze to get Office 2013/ 365 cheaper (164 comments)

Short term it may cost more, long term it should save a lot... As someone who fully expects to still be paying taxes in 10 years time, i welcome long term savings.

As for interoperability, they are the government... You either want their business (eg suppliers), or you have no choice (eg taxpayers)... If they require that you submit documents in ODF then that's what you do, or they will find other suppliers who will.

about a week ago
top

Australian Electoral Commission Refuses To Release Vote Counting Source Code

Bert64 Re:Hmmm, (112 comments)

Security through obscurity is an accident waiting to happen... When you talk about a system that noone would bother trying to hack, consider the bitcoin exchange mtgox - it started off as a simple site for trading game cards, and initially bitcoins had very little value - there was very little interest in hacking it. Then pretty much over night bitcoin exploded in value, making it a very tempting target indeed.

Also when you talk about a power plant system, a one way link is the security, not the obscurity aspect.

A secure system is one where even those who know the system inside out cannot break into it.

about two weeks ago
top

Radar Changing the Face of Cycling

Bert64 Re:What we need... enforcement, not licensing (235 comments)

Well another part of the problem is that bikes are also not registered... Cars have license plates which allow people to easily identify the vehicle, bikes do not, which means bike riders feel far more anonymous and able to get away with illegal activities.

about three weeks ago
top

Ode To Sound Blaster: Are Discrete Audio Cards Still Worth the Investment?

Bert64 Re:Yes (502 comments)

The audio circuitry is the primary function of a phone, whereas on a desktop computer it may never get used at all. Priorities...

about three weeks ago
top

Tired of Playing Cyber Cop, Microsoft Looks For Partners In Crime Fighting

Bert64 Re:It's Microsoft's fault (113 comments)

If there was more diversity among the systems being used, then even social engineering attacks would be harder... Whats the point trying to trick someone into running a program, if the system theyre using isnt capable of running it?

about three weeks ago
top

Microsoft Kills Off MapPoint and Streets and Trips In Favor of Bing Maps

Bert64 Re: Problem with proprietary 'free' offerings (174 comments)

And if the activation servers are turned off, who's to say they will be willing or able to activate it over the phone?

about three weeks ago
top

Radar Changing the Face of Cycling

Bert64 Re:you are not an ally. (235 comments)

There's a lot to be said for consideration on the roads... And riding two abreast when doing so makes it hard for faster vehicles to pass is extremely inconsiderate, irrespective of legality.
If you're doing something which unnecessarily inconveniences others why should they show you any consideration in return? There are many instances where the slowness and instability of a bike could make certain manoeuvres impossible or extremely dangerous, and car drivers will often allow bikes to pass when they aren't legally obliged to. The more you do to unnecessarily piss drivers off, the less they will do to help you.

about a month ago
top

Radar Changing the Face of Cycling

Bert64 Re:What we need... (235 comments)

The problem is that there are no license requirements for bikes, so many riders are totally unaware of the actual laws, and often highly inexperienced..
Drivers at least have to pass a test, and while there are plenty of bad drivers they should at least have some experience and understanding of the rules.

On a daily basis i see bikes ignoring red lights, while to see a car go through on red is pretty rare. Just yesterday i saw a bike come off of a footpath, go directly across a 2 lane road without slowing or checking for vehicles (causing several cars to hit the brakes) and into the wrong end of a one way street.

And it's no better as a pedestrian, i was shouted at by a bike rider who took issue with the fact i was in her way by walking down the sidewalk causing her to hit the brakes. It's illegal to ride there, why should i be forced to get out of the way of a bike speeding down the hill ringing a bell and shouting?

Also when trying to cross a road, you get a group of vehicles which pass you, and then a long spaced out stream of bikes that fill in the gap before the next group of vehicles - giving you no time to cross.

about a month ago
top

Ask Slashdot: SIM-Card Solutions In North America?

Bert64 Prepaid sims... (146 comments)

The UK system of vending machines in the airport is extremely convenient (and the vending machines typically support a bunch of languages and different network sims too), i wish other countries did something similar...

You can buy prepaid sims in most countries but often not in the airport, and quite often the pricing will only be displayed in the local language etc so it can be hard to work out what you're actually getting for your money (and quite easy to get ripped off in the small phone shops).

I just want a cheap prepaid sim that the people i'm visiting can call me on, and with a decent data allowance so i can use google maps etc. It would also be extremely convenient if you could buy them before you travel and have them shipped to you.

about a month ago
top

Ask Slashdot: Is It Feasible To Revive an Old Linux PC Setup?

Bert64 Re:Old software... (176 comments)

Just find something with PCI... Then you can use a fairly modern motherboard with easily obtainable ram in useful quantities, and use PCI cards for everything else - video, sound, and find an old SCSI controller instead of IDE.
The board/cpu itself should be fully compatible with the older software, and using pci cards solves the problem with lack of drivers for the older hardware.

about a month ago
top

The Security Industry Is Failing Miserably At Fixing Underlying Dangers

Bert64 Re:How is that the security industry's fault? (205 comments)

Software is often more expensive than the hardware it runs on, and yet you still have a warranty which provides repair/replacement in the event of physical defects but nothing in the case of software defects.

about a month ago
top

The Security Industry Is Failing Miserably At Fixing Underlying Dangers

Bert64 Re:What's the solution? (205 comments)

And how would these rating agencies select the code they were going to audit?
They can't audit everything, so they would prioritise... Vendors would pay to have their code audited, and perhaps try to corrupt the process to get a better rating. OSS code would not be able to pay to get audited, and thus would never have a rating at all.

There are already various governments operating such schemes, they are extremely expensive and slow, with the final result being a small cartel of incumbent suppliers where the "approved" versions are horrendously out of date and often suffer from known vulnerabilities.

about a month ago
top

The Security Industry Is Failing Miserably At Fixing Underlying Dangers

Bert64 Re:What's the solution? (205 comments)

Not being able to figure anything out is a bad thing, the more complex your system is the greater chance of there being bugs, and if your system is important or widespread enough then *someone* will take the effort to figure it out and probably understand it a lot better than the people tasked with running it.

Having a complete understanding of how a system works should not allow that system to be compromised if it's well designed. Never rely on obscurity.

about a month ago
top

The Security Industry Is Failing Miserably At Fixing Underlying Dangers

Bert64 Re:What's the solution? (205 comments)

And what about a bug in the sandboxing?
Combined with the presence of the sandbox giving the user a false sense of security...

about a month ago
top

The Security Industry Is Failing Miserably At Fixing Underlying Dangers

Bert64 Re:What's the solution? (205 comments)

More importantly is the fact that aircraft are operated by trained pilots, and maintained by trained maintenance staff - both of whom have to undergo rigorous tests to ensure they are capable of doing the job and have a very good understanding of the aircraft they're working on.

about a month ago
top

The Security Industry Is Failing Miserably At Fixing Underlying Dangers

Bert64 Complexity... (205 comments)

Systems today are too complex for the users, and even the supposed administrators to understand... And all these added layers of extra "security product" just compound the problem. Many organisations are simply unaware of all the risks because they have no idea how most of these things actually work.

about a month ago
top

First Phone Out of Microsoft-Nokia -- and It's an Android

Bert64 Re:Seems like a 180 from their previous views (193 comments)

The iPhone 3G was released in 2008, if you've been using it for the past 2 years then it was 4 years old when you *started* using it...

While it's true that Apple obsolete the hardware fairly quickly, using microsoft as a counter example is ridiculous... Microsoft were pushing windows mobile 6.x when the iPhone 3g came out, the hardware this ran on is also obsolete and cannot run current windows versions, and unlike the iPhone old apps won't run at all on current versions. Windows phone 7 came out in 2010, and this os (as well as the hardware it ran on) has already been abandoned.

Apple are probably the least terrible when it comes to obsoleting the hardware.

As for trusting google, that's just as bad as trusting microsoft... But at least with android, you have the option of custom non-google rome.

about a month ago

Submissions

top

Bert64 Bert64 writes  |  more than 7 years ago

Bert64 writes "It seems that eBay allows you to say one thing about the location of an item in the auction description, but then if the item turns out to be defective to supply a completely different address, in another country, where the item can be returned at buyer's expense. No mention of this was in the original auction listing, in the hope of fooling those who would normally not buy from a foreign seller. Details on http://www.ev4.org/ of how i was stung by this, and how it can so easily be abused by anyone to profit by ripping off unsuspecting buyers while ebay sits back and does nothing about it. So anyone can ship defective items, and then make the returns process expensive enough that people won't bother."

Journals

Bert64 has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?
or Connect with...

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>