Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Comments

top

Samsung TVs Can Be Hacked Into Endless Restart Loop

Lord Juan Re:On The Up Side ... (187 comments)

What is the difference?, they are endless anyway.

more than 2 years ago
top

US Unhappy With Australians Storing Data On Australian Shores

Lord Juan Re:ERROR (386 comments)

It isn't just that, the whole security theater is really affecting it.

Me and my girlfriend were recently looking at plane prices to travel to the UK, and then came the realization that we were actually looking for options that did not make a scale in the US, leaving out pretty much any plane from any airline in the US.

I found it sad =/ (and I have to avoid them)

more than 2 years ago
top

School District Sued By ACLU Over Student's Free Speech Rights

Lord Juan What about the parents? (466 comments)

I mean, what in the world are the school administrators thinking? That parents are not going to care if they force their daughter to give them their log in information to their personal accounts?

more than 2 years ago
top

Ask Slashdot: Dividing Digital Assets In Divorce?

Lord Juan Re:Blegh (458 comments)

Oh, and I just used my mod points =/
Seriously, why in the world would someone combine all that with a partner?

more than 2 years ago
top

"Learn To Code, Get a Job" According To CNN

Lord Juan Re:Whats the big deal? (688 comments)

I am going to try this about right now O.o

more than 2 years ago
top

Russian Official Implies Foul Play In Mars Probe Failure

Lord Juan Re:Failure... (451 comments)

They should have use duct tape.

more than 2 years ago
top

Russian Official Implies Foul Play In Mars Probe Failure

Lord Juan Re:Simple solution...no more Russian taxis to ISS (451 comments)

Most of the world doesn't buy the story. As for me, I find physically impossible for a plane to completely pulverize a building.

more than 2 years ago
top

Chile Forbids Carriers From Selling Network-Locked Phones

Lord Juan Re:An outbreak of common sense (291 comments)

The government of Hong Kong is independent of the government of China, find that information in a .ch domain and you will have a point.

more than 2 years ago
top

Ask Slashdot: Writing Hardened Web Applications?

Lord Juan Don't trust anything, don't trust anyone. (333 comments)

That is about the best advice that I can give you, treat every single piece of data that comes from the outside world as malicious input, if you can validate against expected values or patterns, do just that, and discard anything that you aren't expecting.
Once an user is logged in, do not trust them, at all, be very careful with privilege escalation.
Use prepared statements for every single data that interacts with the database if this data leaves your control even for one operation, it doesn't matter if it comes from direct input, from a session variable, from a cookie, you check the data and use prepared statements ALWAYS.
Keep your software updated, if you need this to be secure, you can't just make one installation and feel good, you will have to be prepared to constantly update the software in the server, and there will be no end to this as long as you want a secure platform.
Protect the passwords in the database in case they are stolen, a hash+salt per password is an option to do this.
Security is not about preventing a hack, it is about reducing the chances that a hack occurs. If you have valuable information, you will get experience attacks, and you have very valuable information, you will eventually get hacked, you have to find every single hole in the software, the attacker only needs to find one.

more than 2 years ago
top

I am, at present, from the place of my birth ...

Lord Juan Not the best timing... (332 comments)

Oh, that is rather unfair, I just came back from the other side of the world.

more than 2 years ago
top

Rob "CmdrTaco" Malda Resigns From Slashdot

Lord Juan Best of luck and thank you. (1521 comments)

I just added you in G+, so I am guessing this is not the last that I hear from you, but it is going to be strange to not see your name in many articles in the future. Good look in your future endeavors.

about 3 years ago
top

New Mexico Spaceport Nearly Ready For Business

Lord Juan Not a new spaceport in Mexico (96 comments)

Aww, for a moment I thought that my country was getting a new spaceport =(

about 3 years ago
top

Digital Tech and the Re-Birth of Product Placement

Lord Juan When I think of product placement... (228 comments)

"When you think of product placement on television you tend to think of cumbersome 1950s examples where the actor would cheesily turn to camera and hold up, say, a bar of soap—where do you think the sobriquet soap opera came from—to deliver his line."

Say what? When I think of product placement on television I think in any current television show coming from the US.

about 3 years ago
top

ISPs Will Now Be Copyright Cops

Lord Juan Re:One thing is clear (338 comments)

FFS, find out who she is before you call for her execution.

about 3 years ago
top

Black Hat Talk Demonstrates New Document Exploits

Lord Juan Re:At least I'm safe (60 comments)

Now that is the definition of a self-defeating post.

about 3 years ago
top

Earth May Once Have Had Two Moons

Lord Juan Re:2 moons? (139 comments)

Oh wait, yeah it's just a dwarf moon.

FTFY

about 3 years ago

Submissions

top

Computer health certificates to surf the Internet

Lord Juan Lord Juan writes  |  more than 3 years ago

Lord Juan (1280214) writes "Scott Charney, Corporate Vice President of Trustworthy Computing is proposing that computers should obtain a "heal certificate" in order to access the Internet, and that people who refuse to get their computers certificated are throttled or forbidden access. While it is true that botnets and malware are a huge problem this days, I fail to see why people who takes care of their own computers and specially people who is not using Microsoft products at all should be subject to this health checks upon the menace of end with their connections affected. The BBC just ran an article about this proposals, from the BBC article:

His proposal, presented at the International Security Solutions Europe (ISSE) Conference in Berlin, Germany, is for all computers to have a "health certificate" to prove that it is uninfected before it connects to the net.

"Although the conditions to be checked may change over time, current experience suggests that such health checks should ensure that software patches are applied, a firewall is installed and configured correctly, an antivirus program with current signatures is running, and the machine is not currently infected with known malware," he wrote in the accompanying paper.

The BBC article: http://www.bbc.co.uk/news/technology-11483008
The paper: http://www.microsoft.com/mscorp/twc/endtoendtrust/vision/"

Link to Original Source
top

Managing editor of linuxtoday: Copying is Stealing

Lord Juan Lord Juan writes  |  more than 4 years ago

Lord Juan (1280214) writes "My eyes could not believe when I read the same old tired argument of "Copying is Stealing" we are all used to hear coming from the entertainment industry, coming from the Managing Editor of the Linux Today website. Linux and the entire Free Software ecosystem is based on the idea of Copy and Share. I wouldn't have expected that a Linux related website would take a position regarding the legality or illegality of the entertainment content, but to plainly say that "Copying is Stealing" and use the argument that "Linux and Free/Open Source software are entirely dependent on copyrights, and some FOSS fans get pretty righteous on the subject, especially for GPL violations. And yet when it comes to music, movies, and books some think the same respect for copyrights doesn't apply, and it's OK to collect copies of works without paying for them. We can hardly criticize the RIAA, MPAA, ASCAP, Sony BMG, and all the other hostile, clueless over-reaching forces of darkness without having clean hands ourselves." thus missing the point that the GPL is intended to allow the copying and sharing of the source code by using copyright law against itself, it just something that is beyond my comprehension."
Link to Original Source

Journals

Lord Juan has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>