×

Announcing: Slashdot Deals - Explore geek apps, games, gadgets and more. (what is this?)

Thank you!

We are sorry to see you leave - Beta is different and we value the time you took to try it out. Before you decide to go, please take a look at some value-adds for Beta and learn more about it. Thank you for reading Slashdot, and for making the site better!

Comments

top

Ask Slashdot: Best Anti-Virus Software In 2015? Free Or Paid?

bouldin Re:HAHAHAHAHAHAHA (knew it) (467 comments)

So you're admitting you don't actually have a job, and nobody likes or respects you?

5 days ago
top

Ask Slashdot: Best Anti-Virus Software In 2015? Free Or Paid?

bouldin Re:Ok, boy: Tell you what (467 comments)

I'm not contacting Eric or telling you where I work, idiot.

Look back through the comments in this Slashdot post and see if there is a single person who likes you or has any respect for you.

5 days ago
top

Ask Slashdot: Best Anti-Virus Software In 2015? Free Or Paid?

bouldin Re:KNOW what "fastflux" is? (467 comments)

NO, by the time those blogs post a domain name, it is not being used anymore. The malware will generate another domain name based on the date/time, and you will not have that domain name in your blacklist.

See subject: I'm protected if an entry's blocked in hosts, period. Yes, I have any DGA generated hostnames. I get them from my sources in the security community I noted.

Do you understand what words mean? I've walked you through it, but you still don't understand the difference between DGAs and Fast Flux. I even gave you a link to an opendns blog that explains what DGAs are. I guess you will never get it.

LMAO - listen you little ARROGANT NOBODY: Has your work EVER been a FINALIST @ Microsoft TechEd, 2 yrs. in a ROW, in its HARDEST CATEGORY? Mine has. It also went into commercially sold ware to this day because of it. * How about you? You pick on my shareware here, where's YOURS that does a BETTER JOB?? It's not. APK P.S.=> Unbelievable - I've been writing code professionally AND SECURING PC's before you were out of diapers I'd strongly wager!

Uh, no, you have never written any commercially sold code.

I've developed security products for actual security companies, and work as a security engineer. Where do you "work," your mom's basement?

Arrogant and stupid are a bad combination.

5 days ago
top

Ask Slashdot: Best Anti-Virus Software In 2015? Free Or Paid?

bouldin Re:I still get them added as blocked (467 comments)

* See Gar Warner's blog (has many DGA botnets' C&C + payload servers listed). Thus - I don't *HAVE* to predict them in hosts: I simply block them as they are added. If they last longer than 1 second, I get them added as blocked by 12 reputable sources in the security community OR from security blog articles (like Mr. Warner I mentioned). It works simply because DGA uses hostnames.

NO, by the time those blogs post a domain name, it is not being used anymore. The malware will generate another domain name based on the date/time, and you will not have that domain name in your blacklist.

You still don't get it, so I guess I'm giving up. This is like explaining Calculus to a housecat.

P.S.=> No matter what you say, as long as I get entries for ANY KIND of threat online as blocked entered in hosts (and I do by the truckloads every hour here due to my program being automated to pickup that data), they cannot harm me

This is not true! Malware has so many ways it can circumvent a hosts file. A hosts file is great for blocking ad domains, but it does NOT provide strong security.

Here are just some of the ways malware can completely bypass your hosts file:

  • It can hardcode a C&C IP address, like the Sony Pictures malware did
  • It can hardcode IP addresses for a peer-to-peer network, like the new Zeus variants do
  • It can just send the UDP port 53 packets to resolve DNS itself, bypassing the system calls that would check the hosts file
  • It can disable checking of the hosts file
  • I could keep going. There are a LOT of ways to bypass the OS hosts file.

about a week ago
top

Ask Slashdot: Best Anti-Virus Software In 2015? Free Or Paid?

bouldin Re:You fail again... apk (467 comments)

The odds of me hitting a domain that lasts 1 second? Near zero.

Nobody said DGAs use domains that last 1 second. I said 1 hour. Some malware might use domains that last 24 hours. But, the point is that the domain name calculated by the malware changes faster than you can update your blacklist.

Again, clue: Hosts block a domain name, no matter what, I can't be harmed by it

I say again, by the time you know the domain name, it is no longer being used. Your hosts file program does not magically predict domain names.

about a week ago
top

Ask Slashdot: Best Anti-Virus Software In 2015? Free Or Paid?

bouldin Re:Keyword = domain (you fail)... apk (467 comments)

You still don't understand. The botherder registers a new domain, has it resolve to the C&C server for an hour, then throws the domain away.

By the time it makes it to your list, it's too late.

As I said, that is the point of DGAs.

about a week ago
top

Ask Slashdot: Best Anti-Virus Software In 2015? Free Or Paid?

bouldin Re:Bouldin: "Eat your words"... apk (467 comments)

Do you understand how DGAs work?

The malware hits an ephemeral domain and then the bot herders throw that domain away. The domain may only exist for an hour.

That is the whole point of domain-generating algorithms. They defeat blacklists. That is the whole point.

Also, you dodged my point about hardcoded IPs, which is just one technique malware can use to circumvent host files.

about a week ago
top

Ask Slashdot: Best Anti-Virus Software In 2015? Free Or Paid?

bouldin Re:Too many words? Come on, lol! (467 comments)

That article doesn't even mention hosts files or your program.

Don't try to bullshit me. You and I both know you have never had any commercial success. You are a pest who spams your crap "hosts file manager" all over the forums here.

Your hosts file approach doesn't even address hardcoded IPs or domain-generating algorithms. Start working on another approach or shut the fuck up.

about a week ago
top

Ask Slashdot: Best Anti-Virus Software In 2015? Free Or Paid?

bouldin Re:Posting ac restricts me (467 comments)

I think part of FuturePower's point is that you have too many words, so it isn't clear what you are trying to communicate. Your whole paragraph about Howard Stark is confusing and irrelevant.

Not trying to criticize - trying to help

I find it's best to pick maybe 3 points and stick to those. One key point should be WHAT you are offering. Is it a hosts file for whitelisting? A hosts file for blacklisting? A software program that intercepts DNS requests? How do you choose good domain names? I honestly can't tell.

about a week ago
top

By the Numbers: The Highest-Paying States For Tech Professionals

bouldin Re:Flash? (136 comments)

Really? A typical person making $140k base gets $100k/year in stock?

about a week ago
top

Apple Agrees To Chinese Security Audits of Its Products

bouldin Re:Absolutely fair.. (114 comments)

Here in America, we don't even audit our damn voting machines.

Unmodified, general purpose COTS non-voting software (e.g., operating systems, programming language compilers, data base management systems, and Web browsers) is not subject to the detailed examinations specified in this section. However, the accredited test lab shall examine such software to confirm the specific version of software being used against the design specification to confirm that the software has not been modified. Portions of COTS software that have been modified by the vendor in any manner are subject to review.

The parts of the standard that actually cover auditing the voting code aren't exactly thorough, either. After all, democracy, schmemocracy!

about a week ago
top

FBI: North Korean Hackers "Got Sloppy", Leaked IP Addresses

bouldin Re:Actually yes; NK has 1024 IPs assigned (219 comments)

He never said it came from North Korean IPs; he said it came from IPs known to be used by North Korea.

At best, this means some IPs in China that have been tied to attacks on South Korea.

At worst, it's completely meaningless.

about three weeks ago
top

Report: DHS Failing On Cybersecurity

bouldin Re:What does Coburn know about infosec? (68 comments)

I read the infosec part. The report criticizes DHS for concentrating on vulnerability management and using signature-based detection, which it suggests is not worthwhile because of zero-day vulnerabilities. It criticized the DHS for not following best practices itself.

That criticism is fair, but also applies to almost all infosec efforts, both in the public and private sector.

The only suggestion offered by the report was to cite a "cybersecurity expert" who says we should focus on deterrence. The report did not explain what deterrence means in this context. What are they suggesting? We hang malware to death to set an example? We sanction North Korea every time we think maybe they sponsored an attack that we traced back to China? The metaphor to warfare does not hold, and that failure is lost on the author[s] of the report. They don't get it.

about three weeks ago
top

Report: DHS Failing On Cybersecurity

bouldin What does Coburn know about infosec? (68 comments)

Why does anybody care what a 66-year-old doctor from Wyoming thinks about information security?

The report criticizes the DHS as ineffective at "cybersecurity" because of.. zero days or something.

It's clear that neither Coburn, nor the author of the report, understands infosec or how it is different from kinetic war. You can't amass troops or use force. It's very difficult to even know who attacked you.

You can do something like building defensive lines, but that's exactly what the report criticizes.

about three weeks ago
top

After Outage, Sony Makes Peace Offering To Users of PlayStation Network

bouldin Re:Yeah keep it... (95 comments)

Be careful, your ignorance is showing. The network going down had absolutely nothing to do with security issues.

What?

Security = Confidentiality + Integrity + Availability

Resistance to a D-DoS attack is absolutely security.

about a month ago
top

After Outage, Sony Makes Peace Offering To Users of PlayStation Network

bouldin Re: Lame (95 comments)

It is lame and despite the fact that I generally feel complaining about "free" things is a dickbag move here is why this is insulting.

Complain away.. this is NOT a free service.

They lock you out of hosting your own server so you have to subscribe to PSN.

about a month ago
top

After Outage, Sony Makes Peace Offering To Users of PlayStation Network

bouldin Re:Lame (95 comments)

I remember the days of Quake, when anybody could host their own server. If your server was popular, it became a virtual hangout.

Sony moved all the servers to their poorly built "PS Network" so they could control your experience and make you pay.

about a month ago
top

The Missing Piece of the Smart Home Revolution: The Operating System

bouldin Re:I'm at a loss. And I RTFA (252 comments)

There has been a lot of this lately.. CEOs of companies with cutesy names like "SmartThings" and "Eyeotee" pitching their bullshit visions to posture as "thought leaders."

We have had internet-enabled devices for some time.

The only revolution here is that big business is trying to monetize your entire life, daily routines and all. They want you to trade all of your security and privacy for a crumb of convenience.

about a month ago
top

Lizard Squad: Xbox Live, PSN Attacks Were a 'Marketing Scheme' For DDoS Service

bouldin Re:But what laws are they breaking? (139 comments)

You are correct, if the DDoS relies on raw bandwidth.

Some DDoS attacks work closer to layer 7. E.g. ask the webserver to do something complicated and slow, maybe something that requires a bunch of database queries.

That kind of DDoS relies on asymmetry. .. The response is much more expensive than the request.

AFAIK nobody has said how the Christmas DDoS attacks worked.

about 1 month ago
top

Lizard Squad: Xbox Live, PSN Attacks Were a 'Marketing Scheme' For DDoS Service

bouldin not if they dont have a botnet (139 comments)

1. The IPs they used for the DDoS are almost certainly known now.
2. There are several groups (Sony, FBI, probably Microsoft, some infosec companies) who want to see the botnet dismantled.
3. As each host is remediated or blocked (ISP walled garden), said botnet shrinks.

Unless these guys have some zero-days and malware kits up their sleeves, their DDoS capabilities will not be around for long.

about 1 month ago

Submissions

top

Google settles Buzz privacy suit

bouldin bouldin writes  |  more than 4 years ago

bouldin (828821) writes "This evening, Google e-mailed Gmail users who had been invited to Google Buzz to advise of settlement on a class-action privacy suit. The class action suit alleged privacy breaches due to the default privacy settings when Google rolled out the service. Terms of the settlement include $8 million to cover lawyer fees and fund privacy policy education on the Internet, but do not include cash payouts to Gmail users.

With several outstanding class action privacy suits against Facebook and Zynga, it is interesting to see Google set this precedent. How will Facebook and Zynga respond to their suits?"

Link to Original Source

Journals

bouldin has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?