×

Announcing: Slashdot Deals - Explore geek apps, games, gadgets and more. (what is this?)

Thank you!

We are sorry to see you leave - Beta is different and we value the time you took to try it out. Before you decide to go, please take a look at some value-adds for Beta and learn more about it. Thank you for reading Slashdot, and for making the site better!

Comments

top

Congress Passes Bill Allowing Warrantless Forfeiture of Private Communications

Matt.Battey Re:PRIVATE encryption of everything just became... (378 comments)

The question is not breaking the key but determining the message underneath. The blocks are still only 128 bits in length, deducing these can be trivial, and that is how the HTTPS/SSL/TLS attach are accomplished, via known plain text attacks.

about a week ago
top

Congress Passes Bill Allowing Warrantless Forfeiture of Private Communications

Matt.Battey Re:PRIVATE encryption of everything just became... (378 comments)

Today on CNN, the commentators after the Brennan press conference said that the CIA was correct in saying that no non-bad-guys were killed by drone strikes. That's because the CIA redefined bad-guys to be any human of fighting age (13-60). So, that means that Grandma and your kid brother are free to use encryption, because they definitely aren't terrorists. They get to keep their shoes on at the airport, so there you go!

about a week ago
top

Congress Passes Bill Allowing Warrantless Forfeiture of Private Communications

Matt.Battey Re:PRIVATE encryption of everything just became... (378 comments)

Thanks TechyImmigrant! Lost track of the block size for a moment. Over the last three years, I've been developing a block cypher. I was surprised to see that AES sole security is XORing the key with mono-substitution translations of the plain text. The 128 bit version can be broken on my laptop...

about a week ago
top

Congress Passes Bill Allowing Warrantless Forfeiture of Private Communications

Matt.Battey Re:PRIVATE encryption of everything just became... (378 comments)

Don't forget it is the NSA who approves what type of encryption are legal for citizens to own. In the case of AES relies solely that combining 256 random bits with 256 non random bits, sufficiently, is too difficult to decipher except for the most powerful computer systems.

about a week ago
top

Ask Slashdot: Is Non-USB Flash Direct From China Safe?

Matt.Battey Re:Should be Easy to Check (178 comments)

There was a case where Best Buy (long time ago when 100MB Zip disk were the rage) re-sold Zip-disks containing someone's pr0n stash. So the source of the media doesn't really matter.

Any media, no matter what it's packaging can be a vector for viruses. USB is the most heinous because a device could be the size of a micro BlueTooth tranciever, report it self as a keyboard, and install gigabytes of virus code on a computer system. There's no bigger risk to security than physical contact.

about a month ago
top

Ask Slashdot: Is Non-USB Flash Direct From China Safe?

Matt.Battey Re:"From China"?!? (178 comments)

Or for that matter "made in China" and sold by a US brand. Are there any consumer electronics that are not?

By the way, would a "Made in Russia" tag be a worse or better?

about a month ago
top

US Remains Top Country For Global Workers

Matt.Battey Re:Diversity vs monoculture (123 comments)

Mexico really got the short end of the stick, but it happened for a couple of reasons. First off was the nationalization of oil production. US oil and gas companies had explored and drilled for oil and were reaping the benefits of harvesting it. Then the government declared these oil operations were owned by the government (part of a socialist movement, still alive in Mexico today).

Although Mexico was one of the most stable Latin American countries from 1920-1970, the oil crisis of the 1970's (caused by Nixion's decision to take the US of the gold standard and cause US currency to be 100% fiat) caused major inflation during that time period. This causes Mexico to default on its external debt, in 1982. Through out the '80s, the result was inflation and devaluation, causing major harm to many Mexicans who did not have inflation protection based on debt obligations (i.e. the common man).

http://en.wikipedia.org/wiki/M...

http://en.wikipedia.org/wiki/M...

about 2 months ago
top

US Remains Top Country For Global Workers

Matt.Battey Re:Diversity vs monoculture (123 comments)

Sub-living wage is pushing it. I think the goal is to keep programers at a wage similar to other "office workers." But in reality programers are more like engineers, who like accountants and actuaries receiver a higher pay scale than your average human-resources wonk.

about 2 months ago
top

US Remains Top Country For Global Workers

Matt.Battey Re:Diversity vs monoculture (123 comments)

As a US citizen, I can't agree with you more. We have perceived immigration issues, because millions of people have entered on foot or otherwise across the southern boarder without stopping at an immigration station to register. All because there is so much money to be had from performing manual labor compared to any type of employment in many so called Latin American countries. This, of course, is illegal, because laws were enacted to keep undesirables out of the country.

So at the same time, a law that is ineffective in discouraging people from entering without legal documentation, discourages many who would normally immigrate with complete authorization because the process is too cumbersome and limited. I personally don't know what a better process would be, but contribution the non-black-market economy is good for everyone, in the end.

about 2 months ago
top

Complain About Comcast, Get Fired From Your Job

Matt.Battey Re:So, it has come to this. (742 comments)

I live in Nebraska and a lawyer friend of mine told me that non-compete clauses have little weight because there has to be parity between the contracted parties. So, unless you have a golden parachute that will pay you for your time during your non-compete duration, the company can sue your new employer, but will loose. This doesn't mean that you won't get socially blackballed for taking your client list with you to your next job.

about 2 months ago
top

Complain About Comcast, Get Fired From Your Job

Matt.Battey Re:So, it has come to this. (742 comments)

Which is the opposite of states such as California and New York. My sister occasionally worked as an extra on a daytime-drama filmed in Manhattan (New York). Upon her sixth engagement, she was met by the union steward and told that if she were to return again she would have to present her Screen Actors Guild card or he would shutdown production for the day. Yearly membership cost approximately 6 days of pay. When the director invited her back, they agreed to pay her membership dues so that she could return as an extra again. Guild membership gave here nothing more than the privilege of a couple more days of uncredited extra work. If you got to another occupation that has union involvement, you have to join that union too.

This is what it means when a state does not have Right-To-Work legislation.

about 2 months ago
top

Genes Don't Just Predict Intelligence, But Also How Well You Do In School

Matt.Battey Re:Genes don't just (154 comments)

Aldus Huxley Brave New World ought to be required reading. Of course, leaving genetics to the chance of birth seems so bourgeoisie and no where near the egalitarian needs of the populace of the twenty-first century.

about 2 months ago
top

How Scientific Consensus Has Gotten a Bad Reputation

Matt.Battey Re:Science creates understanding of a real world. (770 comments)

Most non-scientists are not in a position to evaluate the claims of any given scientist.

I'm pretty sure that was the argument the Church had against releasing full, translated copies of its data, a.k.a. the contents of the Christian Bible.

This argument doesn't pass the sniff test. It is the job of a "scientist" to present claim and data that supports said claim in such a way that it may be consumed by anyone and still stand on its own, only then is there "consensus."

about 3 months ago
top

IRS Recycled Lerner Hard Drive

Matt.Battey Re: Fox News? (682 comments)

Right on. The reason for the 90 day policy is that it sounds very familiar with warranty and other consumer policy language. When in fact, most discovery will occur well past that timeframe, thus the policy sounds genuine when it is really libelous.

about 6 months ago
top

IRS Recycled Lerner Hard Drive

Matt.Battey Re: Fox News? (682 comments)

Come on, you're telling that releasing 5-10 nonessential employees wouldn't free enough budget to be compliant with the law? There's noncompliance and them there's willful non compliance.

about 6 months ago
top

IRS Recycled Lerner Hard Drive

Matt.Battey Re: Fox News? (682 comments)

This is exactly why there needs to be lifetime term limits to members of Congress.

about 6 months ago
top

Can the ObamaCare Enrollment Numbers Be Believed?

Matt.Battey Re:i pledge to you... (723 comments)

Ya! He'd actually punch one in the melon, because dolphins actually have one of those. (And it's not just a euphemism for noggin).

about 8 months ago
top

NASA-Funded Study Investigates Collapse of Industrial Civilization

Matt.Battey Re:What the hell (401 comments)

My thoughts exactly. This "new" study with a paper written in November 2012, is by two political scientists and a numerologist. Something smells a bit fishy, as in the current administration offering grants with a mission statement like: "Here have some money, but you have to publish a paper on Global Warming, showing how the 1% are ruining everything."

So we get a renowned meterologist: Kalnay, an applied mathemetician/public policy PhD candidate (read climatologist): Motesharrei, and Rivas who U of MN barely claims as part of the Polisci department, who put a paper together based on funding from NASA with no mention of any of the following words: transportation, flight, shipping, freight, weather or climate, but instead focuses on increasing stability by increasing the number of non-workers to workers in society. Further showing that "Elites" may consume no more than 10x the fungible resources than "Commoners."

Man, Karl M. would be pleased.

about 9 months ago
top

Ask Slashdot: Does Your Employer Perform HTTPS MITM Attacks On Employees?

Matt.Battey Re:Not MITM (572 comments)

Only this isn't a proxy in the traditional sense where configuration occurred in the OSI layer 6/7 (Presentation/Application), but in layer 4 (Transport). There was no indication that data was intercepted and re-encrypted other than the certificate being reported in the browser was signed by the client's IT department instead of a public CA.

about 9 months ago
top

How Big Data Is Destroying the US Healthcare System

Matt.Battey Re:Sounds like a problem... (507 comments)

That's a good point. I think taxes in Australia are a little higher than in the US, but overall the net cost to an individual seems lower.

So to your point, my wife works as a radiologic technologist, and I've been able to get some details about how many procedures can be done in a day, etc.

The average insured family spends $10,000 to $15,000 on health insurance a year. Say the family has no health emergencies, except dad slips and falls on some ice, and needs to have his knee imaged via magnetic resonance (MRI). The cost of the MRI, $8,000 to $10,000, with ~$500 going to the doctor who inspects (reads) the images. The family typically has to pay the lesser of $500 per incident or 10% of the cost. So they have to cough up $500 in addition to the $10,000 they already paid. But they paid the $10,000 out over 12 months so while the $500 seems like a lot, the $833 per month didn't.

But... With a single MRI system, a knee can be scanned in approximately 30 minutes. Radiology departments typically offer this service from 7:00 AM to 7:00 PM. Then they can perform some where between 12 and 24 procedures a day. At $8,000 per knee, an MRI scanning knees all day would have a gross revenue of $192,000 per day!

High-end MRI machines cost between $500,000 and $1,200,000 each. The operator is paid about $25/hour, and the cost in electricity and servicing is probably less than $5000 per month.

So if you owned and operated a high-end MRI machine in one years time you could have the net revenue of:

$49,920,000 (gross) = $192,000/day x 52 weeks x 5 days/week
($138,000) (COB service/employment) = $5,000/month x 12 months + $25/hour x 12hrs x 52 weeks x 5 days/week
($50,000) = Real Estate
=================
$49,856,200

That's a lot of revenue. Now, I know I've left out benefits for the MRI technologist, cost of supplies like MRI dye, house keeping, and medical supplies. The estimate for the cost of real estate may be low too. There may even be more cost in operating the machine itself.

Even if it cost an additional $2,000,000 a year to operate an MRI machine, the system is net revenue generation for the operator whether that be a clinic or hospital.

about a year ago

Submissions

top

Backup of Lois Lerner's emails may exist bare are "too hard to restore"

Matt.Battey Matt.Battey writes  |  about 4 months ago

Matt.Battey (1741550) writes "Tom Fitten, president of Judicial Watch, told Fox News today that lawyers from the USDOJ have been in contact with Judicial Watch and reported that all records from the Federal Government are backed-up, "in case something terrible happens in Washington." However it would be too difficult to retrieve the Lois Lerner's emails from the backup system, even though they have been subpenaed. Full interview here: https://www.youtube.com/watch?..."
Link to Original Source
top

Ask Slashdot: Does your employer perform HTTPS MITM attacks on employees?

Matt.Battey Matt.Battey writes  |  about 9 months ago

Matt.Battey (1741550) writes "I was recently on-site with a client and in the execution of my duties there, I needed to access web sites like Google Maps and my company's VPN. The VPN connection was rejected (which tends to be common, even though it's an HTTPS based VPN service). However, when I went to Google Maps I received a certificate error. It turns out that the client is intercepting all HTTPS traffic on the way out the door and re-issuing an internally generated certificate for the site. My client's employees don't notice because their computers all have the internal CA pushed out via Windows Group Policy & log-on scripts.

In essence, my client performs a Man-In-The-Middle attack on all of their employees, interrupting HTTPS communications via a network coordinated reverse-proxy with false certificate generation. My assumption is that the client logs all HTTPS traffic this way, capturing banking records, passwords, and similar data on their employees.

My question: How common is it for employers to perform MITM attacks on their own employees?"

Journals

Matt.Battey has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?