×

Announcing: Slashdot Deals - Explore geek apps, games, gadgets and more. (what is this?)

Thank you!

We are sorry to see you leave - Beta is different and we value the time you took to try it out. Before you decide to go, please take a look at some value-adds for Beta and learn more about it. Thank you for reading Slashdot, and for making the site better!

Comments

top

Schneier Explains How To Protect Yourself From Sony-Style Attacks (You Can't)

dbIII Re:Sure... (315 comments)

Your ire is aimed at something that was well established when Thatcher spoke about it. It used to be supported by the conservative side of politics until it became politically expedient to pretend that an evidence based approach was inferior to gut feeling.

Once again, pretending that experts in a very long established field, well over one century in this case, in some way have nothing that they can assert is real calls into question the idea of expertise in general. That's the road to mediocrity that we are following. First it was denouncing educated clergy versus anyone that could pick up a bible, be loud, charismatic and declare the San Francisco earthquake to be the judgement of God, then it was geologists for suggesting the earth has changed since creation, then biologists for daring to suggest life has changed since creation, now climate scientists for daring to suggest that it hasn't been dry in Texas forever and that changes have been observed. Such loonies made up the numbers and were grafted onto conservative politics and suddenly it wasn't conservative any more. I get that you want to cheer for your team and that all team dogma must be accepted without question, but it does make otherwise intelligent people pushing their politics into other people's science look bad in a variety of ways.
It's become a mindless proxy for politics just like gun control and abortion. The issues are not considered at all, once you've chosen a side the dogma is defined. If voting in the USA was compulsory you'd have more choices, they'd be less polarisation and less need to stick with party dogma on key issues. If that happens less of the posters on this site would look like hopelessly naive idiots with no idea about the issues they say they are discussing.

yesterday
top

Schneier Explains How To Protect Yourself From Sony-Style Attacks (You Can't)

dbIII Re:BS (315 comments)

Sony basically had no protection or planning at all. Which is what I think this was... Sony being completely irresponsible

Along with a disturbingly large number of others. We're a million quick fixes down to the point where anybody who had the faintest clue about computer networks in the 1990s would laugh at such houses of cards as the work of newbies. Some mistakes are comparable to taking a group of high school girls on a prison tour without any guards in the prison, all the cell doors open, half the lights out and no roll call at the end to see if some girls are missing.

yesterday
top

Schneier Explains How To Protect Yourself From Sony-Style Attacks (You Can't)

dbIII Re:Blameless employees? (315 comments)

This is why large corporations perform security auditing to see if their own admins are granting themselves access to restricted data.

Do a bare metal recovery drill and you've got all that access. No problem you say, your admins don't do such things and are not prepared for the loss of a server, so you'll be fine.

If you can't trust the people with physical access to the equipment with the data on it then you have the wrong people.

yesterday
top

Schneier Explains How To Protect Yourself From Sony-Style Attacks (You Can't)

dbIII Re:Blameless employees? (315 comments)

If you were using your company's Exchange server for gossiping and thought it was safe (i.e. the IT department would never have access to this, oh no) then you're stupid and deserve whatever fate you get.

You've just written off a huge portion of the population. Since it also applies to mobile phones etc you've probably included yourself in that portion.

yesterday
top

Schneier Explains How To Protect Yourself From Sony-Style Attacks (You Can't)

dbIII Re:You can stop those type of attacks (315 comments)

If the attack surface is very small those motivated, targeted, skilled hackers have very little to work with.

yesterday
top

Schneier Explains How To Protect Yourself From Sony-Style Attacks (You Can't)

dbIII Re:Sony security: strong or weak? (315 comments)

If we were talking about a coal mining company or something and terabytes of data going out the door would be pretty unusual

Business as usual for decades, but on tape and USB disks mostly. Seismic data sets can be large.
I get your point though and there's enough paranoia that some day a rival may get the information by mistake that any large transfers to somewhere new are likely to be noticed.

yesterday
top

Schneier Explains How To Protect Yourself From Sony-Style Attacks (You Can't)

dbIII Re:Sony security: strong or weak? (315 comments)

If there's a way in and not enough to identify intruders it doesn't have to be a former employee.

yesterday
top

Schneier Explains How To Protect Yourself From Sony-Style Attacks (You Can't)

dbIII Your ideas don't stop the link click malware (315 comments)

But still, even with the best safeguards, where users just happily click on any old attachment, it doesn't exactly take a rare alignment of the stars to have malware planted in a network

The ones where there is only a URL and no payload astonish me - somehow just clicking on the link and letting IE loose on it is enough for the user to infect their machine with a virus. No "do you really want to run this thing as admin" box or anything - immediate infection with no other user interaction. Microsoft have been dealing with the internet for nearly two decades and such a thing can still happen with their software.

yesterday
top

Schneier Explains How To Protect Yourself From Sony-Style Attacks (You Can't)

dbIII You forgot about remote desktop etc (315 comments)

It's very easy these days to have all the accounting software on a separate machine to the one that downloads infected emails - consider remote desktop, citrix, VNC and X windows. If you had "understanding of modern IT" you would have considered them wouldn't you?

yesterday
top

Schneier Explains How To Protect Yourself From Sony-Style Attacks (You Can't)

dbIII Re:Sure... (315 comments)

The Bagel worm came close in that it resent old email - sort of amusing seeing people's reactions to that when something they had dealt with months ago appeared to resurface. It also sent empty print jobs to every printer it could find.
Walking in to a place with all the printers spewing out blank paper and several people arguing that they had already done something so why the nagging by email reinforced my view that MS were selling toys that people were mistakenly deploying in offices.

yesterday
top

Schneier Explains How To Protect Yourself From Sony-Style Attacks (You Can't)

dbIII Re:Sure... (315 comments)

How did the above get marked insightful?
Do we need a remake of the "Wargames" movie to illustrate that compartmentalism is a good idea?
It used to be standard practice. A steel mill I worked at in the 1990s did not skip a beat when a virus infected all the office PCs because the office PCs had read only access to the monitoring network. Think of it like static web pages that you can ask for but you cannot change. The office PCs could ask for anything on a list of reports but could not control anything or get anything that was not allowed information. To change anything you needed to get on the phone to someone who had spent years getting to know what they were doing and who knew how many thousands an hours downtime was going to cost.

yesterday
top

Schneier Explains How To Protect Yourself From Sony-Style Attacks (You Can't)

dbIII Re:Sure... (315 comments)

Yes, a consequence of a fucked up health system where your workplace is involved in medical insurance at all - that's why Sony etc shoot a lot of films in Australia, Canada etc where they don't have those expenses from having to worry about employees health other than if they can turn up or not.
However, there are also fucked up HR requirements that are creeping into workplaces. Drug testing of employees has extended from just people who handle explosives to anyone that HR think could be involved in some sort of accident or in some dysfunctional workplaces just about anyone. That's data that should not be anywhere where it could get out into the wild but it's treated casually, sadly like just about all HR data in most places. I've had to tell a HR person to stop using fucking Dropbox for such confidential information at one workplace. All their friends they shared mp3 files with could also get to the drug test results of the company employees.

yesterday
top

Schneier Explains How To Protect Yourself From Sony-Style Attacks (You Can't)

dbIII Re:Sure... (315 comments)

With respect, the phlogiston theory worked apart from the oxidation of iron. Noticing this shortcoming was one of the things that led to the discovery of oxygen.
However using it as a comparison to the current state of climate science, which more than a century ago got as far as identifying El Nino/La Nina, is a gross insult that I'm sure you wouldn't want applied to your field (or I to mine, which is not anything to do with climate just like yours is not). What's worse is it looks like you are just repeating second hand from a fucking economist that calls his field a science yet pretends that a long established geoscience is not.
We went to the poles a century ago to understand more about climate. That's a lot of resources to do something like that and a science needs to be taken seriously for that to happen, and it was. It's apparently all about refining models these days and not a stab in the dark like the political talking points suggest.

yesterday
top

The Personal Computer Revolution Behind the Iron Curtain

dbIII Not even immoral (115 comments)

Once again - the disconnection is that he didn't do the clone but just used a product that happened to be a clone. Are you responsible for the morality of Microsoft every time you use one of their products - are you ripping off Spyglass each time you use internet explorer because they were supposed to get royalties for what MS gave away as a free product? Similarly Pajitnov using a clone is not responsible for the morality of the people who cloned it.
I know being otherwise simplifies things and lets you find something to be critical of just about anyone, whether there are grounds or not. However remember looking at the world in such a way is dangerous, for if your focus falls on yourself you are similarly responsible in that view for things well beyond your control - it is not good for mental health. Of course you could apply exceptionalism where in some way you are exempt from the morality you apply to the rest of the world, it seems to be fashionable these days especially in politics.

yesterday
top

In Breakthrough, US and Cuba To Resume Diplomatic Relations

dbIII Re:Failed state policies (424 comments)

Point taken, although it's really what is being done in the US - scrapping an outdated policy that's causing damage on both sides and gave Castro a reason to blame the USA for many of his own mistakes.

yesterday
top

Skeptics Would Like Media To Stop Calling Science Deniers 'Skeptics'

dbIII Re:Oh boy, rewind to the Spanish Inquisition! (606 comments)

I imagine, however, that any activist or scientist advocating the use of 'denier/(heritic)' has substituted Gaia for God, and would be very happy to burn their opponents at the stake.

That would be a very dangerous thing for a strawman to do. They may catch fire!

Yes I get it, let's just ignore experts if it makes us feel better to do so. What a sad and patheticly cowardly "I'm not saying ..." post above. Yes, we get your cowardly dog whistle that climate scientists are useless - or is it that all scientists are useless these days? I'm losing track of the talking points for useful idiots.

yesterday
top

Skeptics Would Like Media To Stop Calling Science Deniers 'Skeptics'

dbIII Re:Sure (606 comments)

It makes things easier to keep track of because it's clear that the person using such a label knows little about either churches or science so can be written off as pointless noise.

yesterday
top

Review: The BlackBerry Classic Is One of the Best Phones of 2009

dbIII Re:What a gap... (124 comments)

I'm just as mystified as to why you hate it and how you killed the keyboard. I suppose different people use them in different ways and I still haven't seen anything I would swap my N900 for yet, but since I do use the thing as an ssh terminal from time to time I don't think anyone thinks there's enough people that use it like me to make a new product.

yesterday
top

Apparent Islamic Terrorism Strikes Sydney

dbIII Re:Tech angle? (874 comments)

The CA market was just a really dumb design

It was very clever for those that designed it, drafted the regulations and got their bought politicians to push it through. You are correct in that it's about as anti-capitalistic as things get in a nominally capitalistic system in that a serious loss of reputation did not mean a loss of customers.
I think there should be boundary conditions to prevent excessive predation on consumers in situations where choices are limited. The libertarian million dollar ticket for the last chopper seat out is akin to war profiteering, and society often turns upon people who exploit such situations.
An overly simplistic model with no cap has led to some people in Uber's new market hearing of them for the first time in a very negative context - that algorithm clearly sucks and has done damage.

yesterday
top

The Personal Computer Revolution Behind the Iron Curtain

dbIII Re:No irony - rusty argument that falls apart (115 comments)

You did not manage to tie the two dependant items together and show that Pajitnov is in some way responsible for a copyright violation against DEC or their heirs.

yesterday

Submissions

dbIII hasn't submitted any stories.

Journals

dbIII has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?