The Security Industry Is Failing Miserably At Fixing Underlying Dangers
The "Security Industry" makes money for the shareholders selling "stuff". Any time they see a problem, they will treat it as an opportunity to sell more stuff, since that is how they make money. If the problem is because the customer has already bought too much stuff, they will still try to sell the customer more stuff since THAT IS WHAT THEY DO.
This requires real effort on the part of the company paying for all this: They need to recognize that the "Security Industry" and their shiny, happy sales droids are just parasites ripping off the public with the "latest and greatest security stuff that will really protect you this time I promise not like all the other times, I really really mean it THIS time!".
They really need to understand that the RIGHT way to GET Security is to design it in, have the right people building and managing it and proper oversight over all of it. To do that you have to treat it as a profession and a core part of what the company does, not as a "service" or "product" that can be "bought in" or "outsourced" to a low bidder.
Security needs to be treated as a profession in any company with a significant cyber presence, just like the accounting them, the legal team and the core business functions. Pretending it's "just something that we can buy from a vendor" is short sighted and ignorant.
Harley-Davidson Unveils Their First Electric Motorcycle
Wrong! Wrong! Wrong!
90% of motorcyclists are perfectly reasonable people who ride motorcycles with the original quiet mufflers, or a reasonable muffler that is not a lot louder. The 10% of cretins who ride with earsplitting open pipes are the MINORITY. Don't think that because they make 90% of the noise that we're ALL like that.
I've ridden 40,000 miles on motorcycles in Canada and the USA and I always had a reasonably quiet muffler. So please don't keep spreading the lie that "90%" of us are lowlifes: There's probably a MUCH higher percentage of politicians and bankers who deserve culling than motorcycle riders!
US Supreme Court Invalidates Patent For Being Software Patent
I think everyone else was paralyzed with the shock of seeing such "blinding common sense" come from a government institution. You were the first person to recover from the shock, so you get first post.
HUGO Winning Author Daniel Keyes Has Died
Very well said indeed. Please allow me to say "Me too!".
German Scientists Successfully Test Brain-Controlled Flight Simulator
Call me when this helps get my LUGGAGE to the same airport as me.
One-a-Day-Compiles: Good Enough For Government Work In 1983
You got your compiles back the NEXT day? Bloody luxury!!
At my high school, we had to write our own programs, punch them ourselves and submit. We then had to wait 2 days to see if they compiled!
You young whippersnappers with your fancy "gcc" have it so much better! And get off my lawn!!!
Ask Slashdot: the State of Open CS, IT, and DBA Courseware in 2014?
2. Why is life a living hell?
3. What did I do to deserve this?
2. Why is life a living hell?
3. What did I do to deserve this?
4. What evil b*st*rd wrote this g*d*mn*d compiler?
Ask Slashdot: Moving From Tech Support To Development?
If you find "problem solving" to be your passion then follow it, but try to make sure you don't follow something that will limit you later on: If you think Java is interesting then go ahead and learn it BUT make sure you learn the general skills in programming over the particular skills. Learn how to program then learn the language. That way if opportunities around Java go away, then you are set for what's next.
You may find that "problem solving" leads to programming now, but as you grow and develop new skills and interests it may lead to something else, then something else after that. If you can keep your passion then you will be motivated to keep going and learning new things.
Full-Disclosure Security List Suspended Indefinitely
There's a meme going around that "Fact is, you cannot make a secure product," is somehow a "Truth" that we all just have to accept.
This is just BS. Of course you can make a secure product. You just have to commit the time and resources to make security your top priority.
If you want to securely control your HVAC systems in your data centre, don't connect it to the Internet: Hire a person to operate it. If you want to securely control your nuclear reactor, don't connect it to the Internet but hire a staff to operate it using air-gapped systems.
If you want to save money on salaries by connecting your critical systems to the Internet using commodity CPUs that don't separate writable RAM from executable RAM, and operating systems designed for single user with poor security built in, and software written by the lowest bidder using languages that encourage lazy programmers to write buffer overruns, then you will save money but there's no way you can make a secure product. But don't pretend it's a universal fact that security is not possible: Recognize it's your own penny-pinching that is causing the problem.
Is Analog the Fix For Cyber Terrorism?
"obvious: that 'every digital system has a vulnerability,' "
So far, this has been demonstrated (NOT proven) only in the current environment where hardware and software architects, developers and businesses can get away from product liability requirements by crafting toxic EULAs that dump all the responsibility for their crappy designs and code on the end user. If the people who create our digital systems had to face liability as a consequence of their failure to design a secure system, we may find they get off their a**es and do the job properly. Where's Ralph Nader when you need him?
And as the original poster noted, you CAN isolate the control systems from the Internet! Cut the wire and fire anyone who tries to fix it.
"analog protection systems have one big advantage over their digital successors: they are immune"
Nonsense! There were PLENTY of breakins by thieves into banks, runaway trains, industrial accidents and sabotage BEFORE the digital age. There was no "golden age" of analog before digital: That's just bullsh*t.
Atlanta Gambled With Winter Storm and Lost
REAL northerners are NOT making fun of the grief and hassle that the good people of Atlanta are facing. We've all seen what happens when the weather gets bad, and we're having problems right now ourselves so we can all relate. See: http://cnews.canoe.ca/CNEWS/Ca...
So I wish you the best of luck and hope you get sorted out soon!
HP Brings Back Windows 7 'By Popular Demand' As Buyers Shun Windows 8
OK, so now that HP has pulled their head out of their *ss and realized that NO-ONE likes Win 8, are they going to release any drivers for those of us who bought their "Envy" systems and need the drivers for Win 7 so we can make those "Envy" systems work properly?
Or, since they already have our money, are we SOL?
Hmph. SOL it is, then.
Canadian Music Industry Calls For Internet Regulation, Website Blocking
At least have the decency to mention the important thing the Harper government got RIGHT: Limiting the scope of how hard the CRIA can screw the individual downloader. We see HUGE penalties in the USA for poor people getting nailed for "copyright infringement" but at least in Canada Harper has limited that to $5,000CDN for "all infringements involved" so no-one has to lose their house over downloading a few songs to listen to at home. That is a HUGE benefit and protection to the average person here in Canada who just wants to listen to music. It also forces the music labels to leave the music lovers alone and go after the commercial infringers, since they can't exploit individuals as a "cash cow".
Also note that these copyright changes are all REQUIRED under international agreements that Canada is party to, so you can blame Harper all you want but no-one else could have done any different. IMHO, I think he got the best deal possible out of a crappy situation!
(b) in a sum of not less than $100 and not more than $5,000 that the court considers just, with respect to all infringements involved in the proceedings for all works or other subject-matter, if the infringements are for non-commercial purposes.
The Spamming Refrigerator
If you give someone the opportunity to make money without holding them to account for the consequences of their actions, don't be surprised when they create, market and sell crappy insecure products to the public.
THIS is what Ralph Nader was talking about in his book "Unsafe At Any Speed". The car makers were putting unsafe, crappy cars (like the early Chevy Corsair) on the road to make money and deliberately rejecting any moral or legal responsibility to make the cars safe. It's happening again: Now we have software makers all over the world from the largest to the smallest that are making crappy insecure software and getting out of any responsibilities through EULAs that let them off the hook. And the software is insecure garbage that allows malicious attackers to screw with the gadget or computer you just bought, so they can rip you off or steal your identity or whatever they like.
And they are going to keep on doing this until there is legislative or other pressure put on them to take responsibility for their actions. You decide how likely that is.
Out-of-the-Box, Ubuntu 14.04 LTS To Support TRIM On SSDs
What he said!!
Ask Slashdot: How Would You Secure Your Parents' PC?
The last time my 82 year old father-in-law visited, he wanted to check some web news sites so I handed him my netbook running Ubuntu. Half an hour later, I told him he was using a Linux system and he was happily surprised since he was used to Win7.
What I learned at that moment is that IF you provide a good system running Linux and presenting the apps a user needs in a usable way, THEN the user doesn't really care whether it's Linux or whatever. Firefox and Thunderbird and Libre Office really are good enough (or better) for any "normal" user doing "normal" things.
I haven't converted his home system yet, only because he has a son who does support for him, so it's Not My Problem. :)
D-Link Patches Critical Vulnerability In Older Routers
Good guy D-Link!!!!
It's nice to see a manufacturer actually helping out their customers instead of just making them buy a new router.
Speed Test 2: Comparing C++ Compilers On WIndows
According to the fine article,
"The Intel compiler occasionally âoecalls homeâ to an Intel-owned Website to check licensing information. When it does so, it prints out a message about when the current license expires. I didnâ(TM)t use the results when that happens, since it would add time and skew the timing results. "
WRONG. The tester should not have excluded these results where time was wasted with this nonsense: If WE the users have to put up with it, it SHOULD be included in the benchmarks.
Ask Slashdot: Best Open Source Project For a Router/Wi-Fi Access Point?
This is probably not what the OP wants to hear (surprise! It's Slashdot after all) but I agree that a VERY good option is a Buffalo router. I bought a Buffalo WZR-600DHP running DD-WRT and it has been completely reliable in my SOHO environment. The feature set, tunability and capabilities of DD-WRT on this device are extensive and impressive.
I have tried DD-WRT on some older routers (Linksys) in the past and although the features were there the reliability and dependability were just not there. I had to reset every few weeks and reconfigure. So when I saw Buffalo was using DD-WRT I decided to try it and I have been very happy.
Ask Slashdot: What To Do When Another Dev Steals Your Work and Adds Their Name?
Would the wayback machine or something similar be able to retrieve the originals? Or, could you get a signed letter from the original client that this was your work? Then you could talk to a lawyer about copyright infringement.
If the original client won't cooperate, perhaps you could send a DMCA takedown notice asserting your ownership of the copyright for the original digital content.
johnnys hasn't submitted any stories.
johnnys has no journal entries.