Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Comments

top

Ask Slashdot: How Do I Convince Management To Hire More IT Staff?

andrea.sartori Re:In short: (383 comments)

Was it intended as a reply to #45593367? :P

about a year ago
top

Ask Slashdot: How Do I Convince Management To Hire More IT Staff?

andrea.sartori In short: (383 comments)

Q. How Do I Convince Management To Hire More IT Staff?
A. you don't.

about a year ago
top

Ask Slashdot: Are We Witnessing the Decline of Ubuntu?

andrea.sartori Time to move (631 comments)

Ubuntu ceased being relevant sometime around 2011. The walled garden approach does not work with the open source crowd.

1 year,27 days
top

Kobo CEO Says Not Selling Washing Machines Key To Overtaking Amazon

andrea.sartori Re:No search in kobo (207 comments)

Yes you can. Perhaps you own(ed) an old one?

about a year and a half ago
top

Kobo CEO Says Not Selling Washing Machines Key To Overtaking Amazon

andrea.sartori Re:Slashvertisment (207 comments)

Nope. They sell in other countries, too. Just bought one, and I don't live in the US or UK...

about a year and a half ago
top

Most IT Admins Have Considered Quitting Due To Stress

andrea.sartori Re:Most X have considered quitting due to stress (397 comments)

I would have put it differently. Bad management is not unique to IT. Neither is the stress directly due to the nature of the job (social work, or anything else that puts you in touch with disadvantaged people... medicine... just name it. Which by the way gets to the same conclusion: most X have considered quitting due to stress. I know several (non-IT) people who did quit due to stress.

about a year and a half ago
top

IBM Plays SimCity With Portland, Oregon

andrea.sartori Re:Government Waste (220 comments)

The first part, where "More walking and biking would lead to lower obesity rates for Portlanders", I think only requires a couple working neurons, so I do too sincerely hope they didn't need the model to find out that.
The second part, where less obese people would find walking and biking more appealing, well I sincerely hope they didn't use the model for it either, as they could have as well pulled it straight out of their asses. People from Portland are posting here they find it useful to walk and use bikes, and it desn't look like they are counting "fitness" among the reasons. I don't know in Portland, but where I live, if people could use their cars to go to the bogs they'd just do, irregardless of their obesity or slimness.

more than 3 years ago
top

I get most of my books...

andrea.sartori Re:Real books (283 comments)

There are more things in heaven and earth, Horatio, Than are dreamt of in your Amazon.

more than 2 years ago
top

US Congress To Use Skype For Video Teleconference

andrea.sartori Re:Bunch of smarties, those guys. (96 comments)

Exactly.
But hey, if you look at Microsoft's LIS draft, you'll see that there is nothing to worry about, and/or nothing a Congress member will worry about, or understand.
(And just to quote TFA from yesterday: "A request for clarification we sent to Microsoft has remained unanswered so far.")

more than 3 years ago
top

Anti-Porn Facebook Page is Deleted, Then Restored

andrea.sartori TL; (145 comments)

DR

more than 3 years ago
top

Developing the Future of Investigative Journalism Online

andrea.sartori Most people are getting it wrong... (34 comments)

...it' s just a rather convoluted way to promote voyeurtools.

more than 3 years ago
top

Bing Adds 'Like' Button

andrea.sartori Re:I am a curmudgeon (119 comments)

Oh noes you mentioned the hosts file... countdown running...

more than 3 years ago
top

Sony Running Unpatched Servers With No Firewall

andrea.sartori Re:Welp (306 comments)

I'm afraid stupidity is not a "suitable" (sorry...) offense. Maybe based on criminal negligence...

more than 3 years ago
top

Sony Officially Blames Anonymous For PSN Hack

andrea.sartori Re:Interesting timing... (575 comments)

Well, whoever is behind the PSN facts, it looks like they weren't dumb enough to leave their names around, so technically they are anonymous :P
We have to admit this trend of giving things general labels is really relaxing. Somebody blows something up, it's Al Qaeda. Somebody "hacks" something, it's Anon. If it wasn't like this, imagine the amount of time journalists (or professional investigators!) should spend doing, OMG, research and even investigation to find the actual causes of things. The stress. The fatigue. (The chance of being laid off if your work doesn't bring results.) So much easier like that: something happens, you have somebody to blame in a matter of minutes.
And this way, it is much easier to hide your own responsibility as well, at least to the general public... only a few will know (or care) about the "hack" being bad password policies and/or overconfidence (I'm looking at you HBGary), poor security, and you know, the usual reasons for "Anonymous's" "hacks".
Side Note: not talking about terrorist attacks here... but the Al Qaeda reference is really appropriate.

more than 3 years ago
top

Sophos Slams Facebook Security In Open Letter

andrea.sartori In related news... (96 comments)

...90% of Sophos "news" feed from the last months consists in highlights of Facebook scams, warnings about "specially engineered" posts, and the likes. Maybe they are just trying to con FB into hiring them as their "Security Provider"?

more than 3 years ago

Submissions

top

HBGary CEO Speaks Out On Anonymous Hack

andrea.sartori andrea.sartori writes  |  more than 3 years ago

andrea.sartori (1603543) writes "EN US Navigation Bar

        * Home
        * Topics
        * Blogs
        * Multimedia
        * Resources
        * About

Home Data Breaches
March 23, 2011, 4:54PM
HBGary CEO Speaks Out On Anonymous Hack

        * Share/Save Share
        *
            Recommend
            (1)
        * 9 Comments

Twitter Facebook LinkedIn Readdit
by Brian Donohue

Greg Hoglund, CEO of HBGary, admits that lackluster security at his company played a central role in the breach that led to the release of some 50,000 company emails, but also disputes common understanding and reported details of the hack and the group behind it, going so far as to say there was actually no hack at all."

Link to Original Source
top

Password service locks out IPs

andrea.sartori andrea.sartori writes  |  more than 3 years ago

andrea.sartori (1603543) writes "According to The H, Lastpass, a central storage facility for passwords (lastpass.com), simply blocks the IP addresses of users who test the site's security measures in a move which may cause collateral damage, such as blocking entire networks if multiple persons use the same NAT firewall or a joint proxy to access the internet, and one of them does something "suspicious", like testing their website for XSS or SQL injection problems.
This could be exploited as a rather curious attack system, if somebody embed code in web pages which will call Lastpass URLs with strings that are typical for XSS code; simply viewing a seemingly harmless page could, without any further input by the user, make a browser load these strings and trigger an alarm at Lastpass.
Lastpass replies that risk is small because blocks are triggered manually rather than automatically, and that extensions and apps remain unaffected, which means that users continue to have access to their stored passwords."

Link to Original Source
top

Linux distributor security list compromised

andrea.sartori andrea.sartori writes  |  more than 3 years ago

andrea.sartori (1603543) writes "ZDNet reports that "Hackers have compromised a private e-mail list used by Linux and BSD distributors to share information on embargoed security vulnerabilities and used a backdoor to sniff e-mail traffic, according to the moderator of the list. In a note to Vendor-Sec's members, moderator Marcus Meissner said he noticed the break-in on January 20 but warned that it might have existed for much longer.
Immediately after Meissner's warning e-mail, the attacker re-entered the compromised machine and destroyed the installation."
Meissner has since killed the list: So everyone please consider vendor-sec@....de is dead and gone at this point, successors (or not) will hopefully result out of this discussion.
The H Security notes (link to the H's article) that this isn't the first compromise of the Vendor-Sec list. In 2005, black hat hackers reportedly hijacked a kernel exploit for root access from the list."

Link to Original Source
top

Punk Rock Programming Languages

andrea.sartori andrea.sartori writes  |  more than 3 years ago

andrea.sartori (1603543) writes "Chris Adamson posted a very interesting article on pragprog.com, defining C a "punk rock language". The musical analogy is developed and used to compare different types of programming languages. Pickup line: 'One of the defining traits of punk is the do-it-yourself (DIY) ethic, a rejection of the need to buy products or use existing systems, and instead to attend to your own needs. This attitude clearly suits C programming as well.' And: 'Any idiot with a Slashdot handle can talk crap about anything. It’s when you piss off the smart developers that you know you’re working with something interesting.'"
Link to Original Source
top

Devious New Phishing Tactic Targets Tabs

andrea.sartori andrea.sartori writes  |  more than 4 years ago

andrea.sartori (1603543) writes "An alarming new phishing technique, likely to fool even security-conscious Web surfers, has been described by Brian Krebs yesterday: Devious New Phishing Tactic Targets Tabs [krebsonsecurity.com] A malicious script basically replaces a browser tab's content while the user is not watching and relies on the users' "trust in browser tabs".
Aza Raskin described the method in detail and published a proof-of-concept: A New Type of Phishing Attack [www.azarask.in] and also suggests rather creepy ways this technique may be made more efficient."
top

Why Apple Changed Section 3.3.1

andrea.sartori andrea.sartori writes  |  more than 4 years ago

andrea.sartori (1603543) writes "John Gruber gives an insightful analysis of Apple's API policy change (and its reasons) at http://daringfireball.net/2010/04/why_apple_changed_section_331 .

So from Apple's perspective, changing the iPhone Developer Program License Agreement to prohibit the use of things like Flash CS5 and MonoTouch to create iPhone apps makes complete sense. I'm not saying you have to like this. I'm not arguing that it's anything other than ruthless competitiveness. I'm not arguing (up to this point) that it benefits anyone other than Apple itself. I'm just arguing that it makes sense from Apple's perspective — and it was Apple's decision to make.

"

Link to Original Source
top

Ransomware On The Rise

andrea.sartori andrea.sartori writes  |  more than 4 years ago

andrea.sartori (1603543) writes "According to net-security.org, "Ransomware is the dominating threat with nine of the detections in the malware top ten list resulting in either scareware or ransomware infesting the victim's PC. Fortinet observed the primary drivers behind these threats to be two of the most notorious botnet "loaders" — Bredolab and Pushdo. Another important finding is the aggressive entrance of a new zero-day threat in FortiGuard's top ten attack list, MS.IE.Userdata.Behavior.Code.Execution, which accounted for 25 percent of the detected activity last month."
Link to original source"

Journals

top

MS invented time travel?

andrea.sartori andrea.sartori writes  |  more than 5 years ago The Conficker worm may be an old story, but maybe it's still worth a look. According to the New York Times (http://www.nytimes.com/2009/08/27/technology/27compute.html?_r=1&hp), Conficker is still defying the efforts to eradicate it. John Markoff's article contains a few links, and I just followed them.
The interesting thing here is Redmond, where the infected systems' OS comes from.

From http://www.microsoft.com/security/worms/conficker.aspx: "Is my computer infected with the Conficker worm? Probably not. Microsoft released a security update in October 2008 (MS08-067) to protect against Conficker." [snip] "To date, security researchers have discovered the following variants of the worm in the wild. * Win32/Conficker.A was reported to Microsoft on November 21, 2008."

Curiously, the NYT states that the first infections were dated November 20.

So they release an anti-Conficker security update before ever knowing of its existence. No, wait: one month before the very first appearance of the worm in the wild.

Have they invented time travel and didn't tell us? (And, will it be included in Windows 7 as a feature? That's one thing I would pay for.)

By the way, the NYT article says as many as 5 million computers are infected now, in more than 200 countries. MS's concept of "probably not" seems a bit vague to me.

Slashdot Login

Need an Account?

Forgot your password?