Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Comments

top

Australian Electoral Commission Refuses To Release Vote Counting Source Code

INT_QRK Re:Security (112 comments)

The confusing part of the conversation, I think, is the straw man idea of "releasing" the source code in order for it to be determined secure. What does "release" in that context even mean? If security is in question (which I assume to mean the constituent attributes of Confidentiality, Integrity and Availability), which security should always be for such a system, then one could use a trusted broker to examine and report on inspection and test of the architecture and code without "releasing" the code so that anyone could examine it, presumably to facilitate vulnerability discovery.

about two weeks ago
top

People Who Claim To Worry About Climate Change Don't Cut Energy Use

INT_QRK Because today's "Progressives"... (710 comments)

...are all about controlling OTHER peoples' behavior (and redistributing THEIR property).

about two weeks ago
top

India's National Informatics Centre Forged Google SSL Certificates

INT_QRK Re:Who do they think they are? (107 comments)

I was making an observation, not an apology. Notice that I never added, "...and this is always good thing." That said, neither is it always a bad thing.

about three weeks ago
top

India's National Informatics Centre Forged Google SSL Certificates

INT_QRK Re:All about trust (107 comments)

...and that's good. Loss of trust and confidence is the price one pays for getting caught breaching same.

about three weeks ago
top

India's National Informatics Centre Forged Google SSL Certificates

INT_QRK Re:Who do they think they are? (107 comments)

All countries conduct espionage to the extent that they prioritize their capabilities, and against targets where they perceive threats and/or opportunities.

about three weeks ago
top

India's National Informatics Centre Forged Google SSL Certificates

INT_QRK Re:Repercussions? (107 comments)

The bargain lies in the relatively low cost of relatively skilled labor. Other considerations, where there might be awareness, are secondary, or less.

about three weeks ago
top

India's National Informatics Centre Forged Google SSL Certificates

INT_QRK Re:Repercussions? (107 comments)

“Power attracts the corruptible. Suspect any who seek it.” Frank Herbert, Chapterhouse: Dune

about three weeks ago
top

Windows 9 To Win Over Windows 7 Users, Disables Start Screen For Desktop

INT_QRK Re:hmmmmm (681 comments)

A wise Buckaroo once observed that wherever you go, well, there you are. This describes exactly how I feel about a new Windows version: "okey-dokey." I'll politely wield it sans pause or undue drama when some employer supplies it and/or circumstances requires it. In the mean time, I'll continue to happily and productively employ OS X and Gnu/Linux on machines that I purchase and use. Ain't diversity grand?

about a month ago
top

Exploiting Wildcards On Linux/Unix

INT_QRK Re:Computers were conceived to execute user comman (215 comments)

Because, since the mainframe days, a new and unforeseen computer/user pairing had evolved. For emphasis, I'll say it again, evolved; never designed from the ground up. Smaller cheaper, but nonetheless ever more powerful, computers became available to a class of consumers spanning the general population, now networked to many other such computer/user pairs. These general-population consumers find themselves operating systems far beyond their ability (or time, inclination, etc.) to understand and safely control except as mediated by a deceptively enabling and presumed (to the user) protective interfaces. The problem is that computers are mechanisms designed to automate and execute instructions. That's what they are; and, networks are necessarily designed to facilitate communication. That's what they do. Yet, underlying system architectures and interfaces, though enabling, never evolved commensurately to the task of satisfactory trade-offs between function and security for ubiquitous employment in a general population. I have no idea what the solution is, but I suspect that we need to do some fundamental rethinking of secure architectures and user interfaces. Architectures need to more safely isolate data and logical functionality, and interfaces need to more safely mediate users interaction with devices. I confidently assert that the current architectures simply can't be secured, no matter how much junk is kludged to the task. Prove me wrong, please.

about a month ago
top

Exploiting Wildcards On Linux/Unix

INT_QRK Computers were conceived to execute user commands (215 comments)

...so wouldn't it be more accurate to to say that computers, like bull-dozers, can be dangerous in the hands of malicious, ill-informed, inattentive, or incompetent users? If you know of any of these archetypes, try to make them smarter, but don't allow them root privileges to anything taller than an ankle-high weed. Give them some locked-down version of Windows, without admin privileges, lots of monitoring tools and features. Consider helmets, knee-pads and child safety locks.

about a month ago
top

Humans Not Solely To Blame For Passenger Pigeon Extinction

INT_QRK Re:Here come the misanthropes (53 comments)

Agreed. Serves the little buggers right for being so tasty.

about a month and a half ago
top

Transforming the Web Into a Transparent 'HTTPA' Database

INT_QRK Really want to share a secret Bob? Alice? (69 comments)

Maintain a physically secure, access controlled, TEMPEST hardened room in a secret protected location. Verify through periodic repeated inspection and test that all production media in the room is physically isolated from all untrusted communications networks (ideally, all networks). When you absolutely must share secret information with Alice, invite Alice to your room. Verify her identity, physically hand her the the information to read, monitor her while she reads the information, then physically retrieve the information and escort Alice out of the room when she's done. Any and all discussions regarding the information remain in the room and allowed nowhere else. Alternately and less desirably, convey the information to Alice's corresponding secure room via trusted courier. In agreement with Alice, monitor her with proven effective investigation and surveillance techniques for the duration of your trusted relationship for any behavior or conditions in mitigation to continuing a relationship of trust. This is a proven system with high, but imperfect reliability. Nothing is perfect, but anything, IMI, anything on the Internet? Not as much.

about a month and a half ago
top

HP Unveils 'The Machine,' a New Computer Architecture

INT_QRK Re:Run a completely new OS? (257 comments)

If they're starting from scratch, I hope they will design for security rigor from the start. Recommend Multics as a case study. Not saying copy from architecture, but learn from intellectual approach. See http://www.multicians.org/hist...

about a month and a half ago
top

House Majority Leader Defeated In Primary

INT_QRK Re:Democrats voted (932 comments)

Really. The bottom line that I'm hearing locally is that Cantor was perceived to be arrogant and detached, uninterested in his voting constituents' viewpoints (hasn't had a Town-Hall meeting, for example, for several years). He was perceived as focused exclusively on his Leadership position, and not so much in his responsibilities as Representative of the people of his district. All this bovine excrement that you're hearing in the press about this or that red-meat issue is largely DC beltway perspective, which was Cantor's focus, and his problem anyway. It is important that Representatives are occasionally reminded who they are, and why they're in Congress, so I have no problem with what took place.

about a month and a half ago
top

China Bans Government Purchases of Windows 8

INT_QRK Re:considering what is known about the NSA (200 comments)

That "'sketchy definition of "national sovereignty' when it isn't their own," is so unlike the other Five Eyes, the EU, Russia, BRICS, and, oh, say, China. Might I point out that we're all in one big round (or slightly oval) glass house, eh?

about 2 months ago
top

China Bans Government Purchases of Windows 8

INT_QRK Re:Linux (200 comments)

So, isn't gcc one source? Just compile the compil...oh...

about 2 months ago
top

The Shrinking Giant Red Spot of Jupiter

INT_QRK That monolith the Chinese found? (160 comments)

This have anything to do with that monolith the Chinese rover found on the moon? (...just thought I'd start that roomer.)

about 2 months ago
top

Feds: Sailor Hacked Navy Network While Aboard Nuclear Aircraft Carrier

INT_QRK Re:Not in trouble for hacking... (43 comments)

True. But professionally, like, "Led or participated in X Blue Team and Y Red Team reviews, resulting in discovery and remediation of z exploitable weaknesses." That's not bragging. If you sound like you're bragging, your credibility is diminished.

about 3 months ago
top

Feds: Sailor Hacked Navy Network While Aboard Nuclear Aircraft Carrier

INT_QRK Re:Not in trouble for hacking... (43 comments)

If you're a real White Hat, you're a professional. Professionals work. You complete your work tasking, while abiding by all rules, regulations, SOPS, and agreements associated with your work. Kids and amateurs play...and perhaps brag. Huge difference.

about 3 months ago

Submissions

INT_QRK hasn't submitted any stories.

Journals

INT_QRK has no journal entries.

Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...