Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Comments

top

By Latest Count, 95% of Email Is Spam

jarocho What? But Bill Gates predicted end to spam by 2006 (198 comments)

Bill Gates called it, way back in 2004. And Bill Gates is never wrong about ANYTHING. So it's pretty obvious that whatever we've all been receiving in our inboxes since 2006 that looks like spam isn't. Probably, we're all just overwhelmed by all of the legitimate emails we're getting from our many, many friends nowadays, who really are just trying to tell us about some aweS0me dea1z on r0lexxes, and we just can't decide which of the incredible bargains to choose from. And it's actually Google and Yahoo's fault for not having deprecated their spam filters, even though spam now is a thing of the past (trying to make MS look bad, of course). So they keep catching your friends' emails as spam. But it can't be spam, because it's 2010 already. And Bill Gates said.

more than 4 years ago
top

What's Holding Back Encryption?

jarocho Re:encryption alone (660 comments)

And as long as you've got users who'll click on random executables and use their kid's name as a password and share their credentials with someone else, encryption isn't really going to get you very far.

You went from the above in your original post, to whistleblower employees playing Spy vs. Spy in your latest. I humored your first reply by pointing out ways that you can actually layer your security to prevent most data protection breaches, instead of resigning yourself to the fact that users prefer to make their passwords "password", and it's not like there's anything you can do about that... But come on, you're kind of changing the subject here... I specifically said that nothing is 100% effective. I realize that cognitive marvels can memorize things. Or write them down on a notepad. I wasn't talking about that, but then neither were you initially.

Whether you want to acknowledge it or not, in many, many cases and environments, the weakest link is absolutely the sysadmin, who throws up his hands in the midst of his end-users, and does nothing. Rather than the end-users themselves, the vast majority of whom are more likely to click on a random executable than to want to sell the secret formula of New Coke to the highest bidder.

And implementing all sorts of high-tech security isn't going to make it any harder to exploit that weakest link.

I couldn't disagree with you more. Most of the point of IT security is to make it harder for anyone to exploit the user, that user included... so hard that it isn't worth the effort.

If the sysadmin fails to implement counter-measures, it's he who is the weakest link. Because whatever its true effectiveness is, there's ALWAYS a counter-measure. I can think of an industry-standard counter to every single scenario you and others have alluded to here; you had to downshift into a pretty specific hypothetical about someone who willfully chooses to leak data, in order to support your original assertion. It doesn't make it any less misguided to let the sysadmin asleep in the corner off the hook.

Feel free to give yourself the last word here.

more than 4 years ago
top

What's Holding Back Encryption?

jarocho Re:encryption alone (660 comments)

No measure or countermeasure is ever 100%, but in your disgruntled employee scenario, if you know what the confidential information is, you could use some mix of Rights Management Software... as well as the blocking of file types (say, .png, .jpg, .gif screenshots) from exiting the internal network... as well as preventing USB drive access, etc... and a lock on the computer case. So now the disgruntled employee would have to walk out the door with the computer in order to realistically take the confidential info with him/her. Again, it might not be 100%, but depending on how many 9's you need to put next to your certainty that no confidential data can leave the network, and how much the business is willing to pay to implement it, you can have a fair amount of data protection. You're definitely not helpless to the whims and malice of your users.

more than 4 years ago
top

What's Holding Back Encryption?

jarocho Re:encryption alone (660 comments)

In a sense, though, the weakest link is actually the sysadmin, who isn't enforcing appropriate password complexity, length, age, etc... As well as, in a corporate context, not locking-down the network and machine and user profile, so that keylogging executables aren't so much of a problem. Even if the business and/or customers complain about "impact", there's always a way to win the argument for establishing and enforcing IT policies that make sense. You have to be willing to save users from themselves.

more than 4 years ago
top

RIAA Wants Limits On Net Neutrality So ISPs Can Police File Sharing

jarocho Likely without precedent (173 comments)

Quoting: "Internet service providers should have authority to block subscribers from sharing music and other files without permission of the copyright owner, the RIAA said."

I don't think highway operators in this country have ever been compelled or encouraged to stop grand theft auto, or interstate smuggling of stolen goods... Or that phone companies have been expected to prevent con artists from swindling people out of their money to buy "beach-side" Florida swamp land. Et cetera. This would appear to be unprecedented.

more than 4 years ago
top

AT&T Glitch Connects Users To Wrong Accounts

jarocho How half of all customer support calls begin (138 comments)

Quote from the article:

"I thought it was the phone -- 'Maybe this phone is just weird and does magical, horrible things and I have to get rid of it...'"

more than 4 years ago
top

Does Your PC Really Need a SysRq Button Anymore?

jarocho Um, I use a Macbook Pro... (806 comments)

...Anybody know where I can find the sysrq key on it? :)

more than 4 years ago
top

You Won't Recognize the Internet in 2020

jarocho Re:Installed Base (421 comments)

What exactly would need to be ripped out and replaced? Certainly not the physical layer, which deals in 1s and 0s. Nor the routers, which can route, for instance, IP and IPX. Nor hosts, which can have both an IPv4 and IPv6 address, and which also resolve, for example, DNS and WINS names. Protocols are deprecated as they outlive their usefulness. Hardly anything ever has to be ripped out to be replaced by something else.

more than 4 years ago
top

Why Do So Many Terrorists Have Engineering Degrees

jarocho Re:Fact check perhaps? (736 comments)

I did not know that... Reading slashdot without the scores is like looking at a whole new world. Thanks for the tip. :)

more than 4 years ago
top

Why Do So Many Terrorists Have Engineering Degrees

jarocho Re:Fact check perhaps? (736 comments)

And I don't like quoting numbers to several figures accurately...

Feel free not to quote numbers then, and just declare to everyone your "feelings" about things instead. And leave the numbers to people who are actually interested in facts and accuracy, not just in overstating those numbers to win arguments or make vague points about "oil-rich" countries, or Google, or whatever. I, for one, am definitely more interested in looking at the actual data than someone's exaggerated estimations of it. And I think I'm probably in good company on /. with such a disposition. But by all means, continue replying to posts with the hope of getting modded up as "interesting". As opposed to "informative". Which is different. As they say, it takes all kinds, the Datas, the Kirks, all welcome. :)

more than 4 years ago
top

Why Do So Many Terrorists Have Engineering Degrees

jarocho Fact check perhaps? (736 comments)

In the United States, almost 30% of the population has at a Bachelors degree or higher, and again that many have attended university but only have an associates degree or nothing...

Nowhere in the links provided is "almost 30%" a number. From the above wikipedia source, "The 2006 American Community Survey conducted by the United States Census Bureau found that 19.5 percent of the population had attended college but had no degree, 7.4 percent held an associate's degree, 17.1 percent held a bachelor's degree, and 9.9 percent held a graduate or professional degree." Even if you decide to sum bachelor's degrees and graduate or professional degrees (since it's entirely feasible that the Census Bureau considers the latter to be a subset of the former), you still come away with 27%. If the country had 300 million people as of 2006, you just overestimated by 9 million residents. And 23% (Arab states) versus 27% (US?) is a mere 4% difference.

I'm not entirely sure what the poster's point was in comparing somewhat inflated/rounded-up numbers of US college graduates with other global regions, and how that makes them dime-a-dozen or whatever, but the actual percentages sourced appear to be closer than they were editorialized to be, in any event.

more than 4 years ago
top

Ginkgo Doesn't Improve Memory Or Cognitive Skills

jarocho Actually works to their advantage (403 comments)

I bet the herbal supplements industry is hoping its customers will forget all about this report eventually... :)

more than 4 years ago
top

Why Movies Are Not Exactly Like Music

jarocho Music and movies likely headed for the same fate (378 comments)

In five or ten years, a fair guess is that virtually all music and movies will be purchased in various on-demand subscription models. It's what consumers want. The companies which understand this are going to thrive. The declines mentioned in the article only seem like industry-wide problems because some of the players still haven't figured it out, and would rather prosecute their customers than adapt to a permanently-changed economic landscape. These latter companies are not long for this world.

Yes, there will probably always be physical and "owned" media revenues of some kind (collector's editions, etc.). But I think the tech is very close to being able to deliver subscriber streams to the the home on a ubiquitous scale, with mobile devices not far behind. The price points are the only things somewhat remaining to be determined.

more than 4 years ago
top

Cable Exec Suggests Changing Consumer Behavior, Not Business Model

jarocho Re:Perspective (675 comments)

I offer an important caveat to an otherwise spot-on perspective: You must offer what the customer wants... at a price they ARE WILLING TO PAY.

more than 4 years ago
top

The Machine SID Duplication Myth

jarocho Re:It is no myth (201 comments)

And what do you think the SUSClientID is based on, which causes it to be a duplicate in the WSUS database in the first place? It's the SID. The SUSClientID registry value doesn't exist until a computer is pointed at WSUS and made a WSUS client. WSUS bases the uniqueness of clients on the SID, because what else could it use, and why else would you ever have duplicate SUSClientID's if it weren't basing the initial database entry on the SID? Ipso facto, duplicate SIDs are the root cause of clients not appearing uniquely in WSUS.

But yes... for anyone who's taking their IT advice from /. posts... in a scenario in which two or more computers have identical SID's, even after you change those SIDs, if you've already introduced those computers to WSUS, you will still need to delete the SUSClientID and then run wuauclt.exe /resetauthorization /detectnow, and all will be well. Also, if you are one of these sysadmins who follows or has already followed the above steps, I applaud you for seeking to address the root cause of the problem, rather than just working around it. You will likely go far in your career with this approach. In fact, you're probably working a lot harder than some of your co-workers, and should talk to your boss about a raise. :)

more than 4 years ago
top

The Machine SID Duplication Myth

jarocho Re:It is no myth (201 comments)

Sysprep and NewSID are very different tools, which ultimately lead to very different conclusions for the machine(s) either are applied to. I've never used sysprep when NewSID would suffice.

I think retiring NewSID is shortsighted. As folks here have already indicated, WSUS is the prime example I can immediately point to. I'm sure there are others. Perhaps Russinovich has never worked with load-balanced servers built from the same clone/image/template, which end up in different WSUS groups (Night A versus Night B, and so on). But in the absence of NewSID or a replacement, the task of separating one from the other becomes a lot more of a challenge than it has to be. What a shame.

more than 4 years ago
top

Cracking Open the SharePoint Fortress

jarocho Re:This is great news if (275 comments)

In future posts, I will work on my sarcasm, which can apparently be so sarcastic as to appear not to be sarcastic at all. :)

more than 4 years ago
top

Cracking Open the SharePoint Fortress

jarocho Re:This is great news if (275 comments)

Google will solve all your problems. Anything Microsoft can get you to pay for, Google does better, and for free. Don't believe me? Try to pay Google for gmail. You can't, huh? They won't take your money! It's no good here!! Imagine that!!!

more than 4 years ago
top

According to Linus, Linux Is "Bloated"

jarocho Linux is bloated... (639 comments)

However, Minix continues to maintain its girlish figure.

more than 4 years ago

Submissions

top

It's Alive! Scientists claim that artificial life

jarocho jarocho writes  |  about 5 years ago

jarocho (1617799) writes "Like a group of 21st century Doctors Frankenstein, and with bacteria filling in for the monster, the Daily Mail reports that "Scientists are only months away from creating artificial life... Dr Craig Venter — one of the world's most famous and controversial biologists — said his U.S. researchers have overcome one of the last big hurdles to making a synthetic organism."

'Assuming we don't make any errors, I think it should work and we should have the first synthetic species by the end of the year,' Dr. Venter is quoted as saying.

Absent from the article is any mention of planning to harness a lightning bolt to animate the first bacterium."

Journals

jarocho has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>