Slashdot: News for Nerds


Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!



Intel Launches Self-Encrypting SSD

hacker But but... haven't we learned anything? (91 comments)

Can I set my own key? Set and maintain my own hash? No?

Not interested.

We want true, user-controlled security, not vendor provided.

We've learned our lessons already. The trust is gone.

about a week ago

Verizon's Offer: Let Us Track You, Get Free Stuff

hacker They were probably doing it anyay (75 comments)

(posting from my uber-low ID)

They were probably doing it anyway, and now want everyone to opt-in, so they can cover their arses before they got caught for tracking everyone without their consent.

about a week ago

Avast Buys 20 Used Phones, Recovers 40,000 Deleted Photos

hacker Re:Obvious! (231 comments)

So you screwed around with peoples accounts, huh? Aren't you proud of yourself.

...not to mention, doing so is a Felony. No wonder they posted as AC.

about three weeks ago

Avast Buys 20 Used Phones, Recovers 40,000 Deleted Photos

hacker Re:Where the fault lies? (231 comments)

There's one phone that just throws away the encryption keys, which are never stored anywhere than on two locations on the hard drive (in encrypted form), so
only these two locations need to be wiped.

Yay for BlackBerry!

about three weeks ago

Avast Buys 20 Used Phones, Recovers 40,000 Deleted Photos

hacker Re:Garbage In (231 comments)

Unfortunately, not supported by AT&T, Verizon or T-Mobile here in the US.

Sorry, is only supported by select mobile carriers and is not available from your mobile carrier.
If you are contacting your mobile carrier, mention that your IP address is not supported.
Go to (Standard data charges may apply) Report a Problem.

about three weeks ago

Avast Buys 20 Used Phones, Recovers 40,000 Deleted Photos

hacker Re:Garbage In (231 comments)

You may have uninstalled the app, but did you also freeze the in-ROM Facebook SNS service? Not likely, and it will bridge (eg: phone home) to other apps that integrate with and talk to Facebook.

Get Titanium Backup and freeze SNS, or use Root App Delete (for rooted Android phones) and get rid of that bugger. It eats data, leaks your location every 60s, and does all sorts of things you don't need or want it doing.

about three weeks ago

TSA Prohibits Taking Discharged Electronic Devices Onto Planes

hacker Re:TSA logic (702 comments)

And what if that outlet, with the "TSA-approved Cable(tm)" is doing more than just powering on your device?

This is why USB Condoms exist (no, this is not a joke)

"Have you ever plugged your phone into a strange USB port because you really needed a charge and thought: "Gee who could be stealing my data?". We all have needs and sometimes you just need to charge your phone. "Any port in a storm." as the saying goes. Well now you can be a bit safer. "USB Condoms" prevent accidental data exchange when your device is plugged in to another device with a USB cable. USB Condoms achieve this by cutting off the data pins in the USB cable and allowing only the power pins to connect through.Thus, these "USB Condoms" prevent attacks like "juice jacking".

about three weeks ago

Apple Kills Aperture, Says New Photos App Will Replace It

hacker Migration AWAY from the iCloud (214 comments)

Despite Apple and other corporate plans to move everything and everyone to "The Cloud", the masses are doing quite the opposite, moving everything away from the cloud and hosted resources.

There's already a growing exodus to use personally-controlled storage, cloud and other environments, or heavily encrypted storage platforms to hold their data, making apps that expect "iCloud(tm)" and other in-the-clear, branded solutions from being all but useless.

So as long as these "replacement" versions work primarily, and with full functionality without feature-reduction 100% locally and by default, then they'll be fine. If they require the iCloud/cloud to function, they're going to suffer from diminished adoption.

The same is happening with digital currency v. analog/paper currency, resulting from increased eroding confidence in the system (eg: Target failures, identity theft, and hundreds of other examples in the news, nearly weekly).

If these features aren't being demanded by users (and there's plenty of evidence they're not), then why the big push to store everything you have and own, off-premises?

about a month ago

EFF To Unveil Open Wireless Router For Open Wireless Movement

hacker Re:Mostly Illegal (184 comments)

On my side, every single packet across the wireless side of the router, goes through a local Squid instance. Not only can I inspect the logs, but I have Squid filtering out tens of thousands of sites, domains, ad spamming pages and other things, so if there were any abuses coming, I could just block those too, or turn on other block index files and filter off even more.

Easey peasey.

about a month ago

EFF To Unveil Open Wireless Router For Open Wireless Movement

hacker Re:Who pays for my bandwidth? (184 comments)

My ISP charges $0.50 per gig overage

Now THAT is impressive. Here in the Northeast US, where we have AT&T for phone and DSL, each GB over your cap, costs $15.00. It used to be $10.00, but they jumped it 50% without warning a few months ago.

about a month ago

Google and Microsoft Plan Kill Switches On Smartphones

hacker Does it just kill the CELL portion? Or brick it? (137 comments)

Here's the real Occum's Razor here:

Does the "kill switch" remotely disable the mobile/cellular capabilities of the phone? Or does it completely disable the device, thus bricking it?

These are smartphones, and they're used by many people for more than just a phone. I'd even argue that the function used the least on these devices, is the actual phone itself.

I rarely see someone having an actual voice conversation on a phone these, days, but people spend hours and hours doing everything else with them.

So if there's a civil uprising, martial law, and the .gov decides to shunt an entire city (Boston Bombers anyone? Greece? Turkey last year?, we've seen this many times already), then they also render these devices inert for much more than just communications devices.

- My ex-wife can no longer monitor her blood sugar (Type 1 diabetic, 100% digitally monitored via iPhone)
- Digital locks on your home no longer are able to be unlocked (keyless entry with NFS, etc.)
- Credit card information, details, photos, videos, other data is now unavailable

The chilling effect of this alone, should cause hundreds of thousands of people to step up and march on their congressperson's front door.

The potential abuses of this are so far reaching, far superseding the cost of replacing a phone handset that happens to get stolen.

I'd rather see the funding go into a user-driven device locating capability, with remote wipe/reporting on the other end instead of a remote kill switch controlled by corporations and the .gov.

Very scary stuff happening here. Verrrrry scary.

about a month and a half ago

Registry Hack Enables Continued Updates For Windows XP

hacker Re:This act is highly illegal (322 comments)

Question: How is this any different from typing in a pirated key to a licensed copy of software you have installed in 'demo' mode today?

Answer: It isn't. You're not licensed to use the service, and enabling it on your machine, is a violation of the terms of that license.

about 2 months ago

Gigabyte Brix Projector Combines Mini PC With DLP Projector In a 4.5-Inch Cube

hacker Re:World's worst projector? (44 comments)

Ahm... no.

Most of us who attend meetings, use computers. We don't sit back and watch movies or videos. We do actual work.

See all that horizontal scrolling while just viewing webpages? Magnify that tenfold for apps that don't support horizontal scrolling (eg: PowerPoint, Office apps, many editors, mail, etc.)

This is utterly useless in any sort of business settings, if it can't even handle the lowest-common-denominator laptop screen resolution.

I own a Gigabyte GB-BXi7-4770R BRIX Pro, so I do love and respect their products, it's just that THIS ONE is a poorly-executed implementation, of what could have been an amazing product.

It's got a ways to go before it's useful to the masses, beyond bachelor party photos-on-the-wall and starting gamers.

about 2 months ago

Gigabyte Brix Projector Combines Mini PC With DLP Projector In a 4.5-Inch Cube

hacker Resolutions are still stuck in the 1990's (44 comments)

Why-o-why are we even looking at projectors that don't start with a MINIMUM resolution of 1600x900 or greater?

864x480? In 2014? Are you joking?

That's not even going to project a laptop, tablet or even smartphone screen on the projector screen or wall without clipping and overlapping, so forget trying to use this anywhere except to replace your personal vacation slide projector for family gatherings.

Movies? At 864x480? Just... no.

Moving on...

about 2 months ago

Government To Require Vehicle-to-vehicle Communication

hacker Re:If they can... (390 comments)

"So you are turning off and removing the battery from your Cell Phone? No?"

Pretty soon, that won't matter either, with MIT developing wireless radios that rely on nothing other than power from the wireless signals floating all around us. That's why I use a Faraday Bag to put my devices in when I am not actively using them.

"And you are worried about your CAR?"

There, FTFY.

It's still my car. If I want my car's exact speed, location, route and destination being sent to anonymous, random strangers sharing the public roadway with me, I'll be the one who authorizes that data being sent outbound, thank you very much.

"They ALREADY can track you, even with out a warrant. It's called a stakeout and tailing somebody. They can watch you in public, any time they wish, no warrant required."

The major difference here, is that we can track them as well, and they aren't allowed to continue to track you, follow you onto private property without a warrant. They're also not allowed to illegally attach GPS devices to your vehicle, but they're doing that anyway too.

See the problem here?

about 6 months ago

Government To Require Vehicle-to-vehicle Communication

hacker Re:Correlative prediction (390 comments)

"Conspiracy is when you invent an implausible explanation for something."

If we've learned anything over the last 4-5 years, it's that those pesky conspiracy-theorist friends we have that we never acknowledge to others, were much closer to "Right" than we had ever dreamed of.

I agree with you. There's absolutely no way this is going to go unabused.

about 6 months ago

Government To Require Vehicle-to-vehicle Communication

hacker Re:When did slashdot become a conspiracy site? (390 comments)

"It's all short range communication, so application is limited."

Really? How "short" is the range of GPS these days? Looks like about 12,551.7 miles.

Galactically, that's probably "short", but there is nothing about this that is "short range" at all. GPS capability + what essentially amounts to a huge, roadway-phased mesh network, and you're talking about miles to dozens of miles of coverage between "endpoints".

about 6 months ago

Government To Require Vehicle-to-vehicle Communication

hacker Re:"dystopia" (390 comments)

"We can build systems that react more quickly and consistently than any human. Every year's technological advances expand the domains in which we can do this. If we can use such systems to prevent unnecessary death and suffering, LET'S GET ON WITH IT."

Show me the data.

There is absolutely no way in this universe, that this will not be abused.

There's too much hand-wringing possible with this technology. Couple this with the recent "Remote Stop Device" that the EU is mulling over, and you've essentially got real-time tracking of every single car in the participating countries, mapping and plotting movements and vehicles, and auto-citations being sent out to offenders.

Do something you're not supposed to do, or out past curfew? Your vehicle is remotely stopped. "Please stay where you are, while we send an officer to violate your rights further, with an illegal stop, search and invasive roadside interrogation."

No, there's no way this is happening in a benign, olive-branch fashion. I'm not that naive. There's far too much evidence backing me up here, that similar technologies proposed as saving humanity weren't immediately abused when they hit the market/street/public.

about 6 months ago

Government To Require Vehicle-to-vehicle Communication

hacker Re:V2V Developer (390 comments)

"None of this takes control of your car in any way. It would just be used to provide information to built in indicators in the cars. Perhaps a HUD that would show the locations of other cars with relation to yours, especially in your blind spot."

Are you sure about that?

about 6 months ago

Government To Require Vehicle-to-vehicle Communication

hacker Re:V2V Developer (390 comments)

"Finally, we get to the issue of government spying. Since every vehicle is transmitting its location, doesn't this mean that the government could track everybody, or gather other information about them? This is actually very unlikely. The development of V2V tech has been fairly hands-off on the government's part. Their primary contribution has been to lay down certain standards and requirements for the tech, and then let the commercial companies implement it."

Don't be ridiculous.

Within a hour of this being made a requirement, there will be installations on bridges, public roadways, intersections that will be capturing, gathering, storing, aggregating and mapping every single vehicle movement within city and rural limits.


This is an over-bearing, invasive government's wet dream. To know where everyone is at any one time, at all times, day or night? Absolutely this will be abused. They're already doing it now without our consent using our phones and surreptitiously installed GPS devices in our vehicles.

If you think for a nano-second that this is truly being developed to reduce the number of traffic accidents, you're being quite naive. You may be working on the technology, but that doesn't mean you understand the full implications of how it's targeted for use, or how it will ultimately be used when it becomes a reality.

There is absolutely no way this isn't going to get abused at the highest levels of Government.

about 6 months ago



Prevent my hosting provider from rooting my server

hacker hacker writes  |  more than 4 years ago

hacker writes "I have a heavily-hit public server (web, mail, cvs/svn/git, dns, etc.) that runs a few dozen OSS project websites, as well as my own personal sites (gallery, blog, etc.). From time to time, the server has "unexpected" outages, which I've determined to be the result of hardware, network and other issues on behalf of the provider. I run a lot of monitoring and logging on the server-side, so I see and graph every single bit and byte in and out of the server and applications, so I know it's not the OS itself.

When I file "WTF?" style support tickets to the provider through their web-based ticketing system, I often get the response of "Please provide us with the root password to your server so we can analyze your logs for the cause of the outage." Moments ago, there were 3 simultaneous outages, while I was logged into the server working on some projects. Server-side, everything was fine. They asked me for the root password, which I flatly denied (as I always do), and then they rooted the server anyway, bringing it down and poking around through my logs anyway. This is at least the third time they've done this without my approval or consent.

Is it possible to create a minimal Linux boot that will allow me to reboot the server remotely, come back up with basic networking and ssh, and then from there, allow me to log in and mount the other application and data partitions under dm-crypt/loop-aes and friends?

With sufficient memory and CPU, I could install VMware and run my entire system within a VM, and encrypt that. I could also use UML, and try to bury my data in there, but that's not encrypted. Ultimately, I'd like to have an encrypted system end-to-end, but if I do that, I can't reboot it remotely without entering the password at boot time. Since I'll be remote, that's a blocker for me.

What does the Slashdot community have for ideas in this regard? What other technologies and options are at my disposal to try here (beyond litigation and jumping providers, both of which are on the short horizon ahead)."

Link to Original Source


hacker has no journal entries.

Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account