Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Comments

top

NSA To Scientists: We Won't Tell You What We've Told You; That's Classified

phayes Re:Screw "American's Faith" (106 comments)

No, i have first hand knowlege of cloud clients and am not afraid to take the karma hit by posting the truth using my account, unlike you, basement dweller.

about a week ago
top

Ex-NSA Director Keith Alexander's Investments In Tech Firms: "No Conflict"

phayes Re:it's the age of IP investment (59 comments)

The problem is that Timothy is a link baiting /. editor intent on turning it into reddit.

about two weeks ago
top

NSA To Scientists: We Won't Tell You What We've Told You; That's Classified

phayes Re:Screw "American's Faith" (106 comments)

Apparently you think that the NSA can be blamed for increased competition in cloud services & nationalism pushing companies to use local solutions once alternatives were available.

about two weeks ago
top

Flurry of Scans Hint That Bash Vulnerability Could Already Be In the Wild

phayes Re:Briefing for management - reuse with attributio (318 comments)

there is no web server in a normal recent OSX installation.

I think you might be wrong. I'm looking at a Mavericks install in front of me. Only thing installed other than the base OS is ARD. /usr/sbin/httpd is there, and when run it attaches to port 80.

Delivering the binary on a default OSX installation doesn't make shellshock exploitable on OSX systems, it needs to be running, which it isn't on the vast majority of OSX systems. I've bolded the part of your own post where you admit that this isn't the case. Yeah, I had a brain fart and forgot to type "running" in "there is no web server", it doesn't change my point: No running web server on the vast majority of OSX devices means that shellshock isn't as severe for Macs as some have been saying.

about three weeks ago
top

Flurry of Scans Hint That Bash Vulnerability Could Already Be In the Wild

phayes Re:Briefing for management - reuse with attributio (318 comments)

No. In recent versions of IOS, Macs do not run local web servers. People have to add in a web server by themselves & very few do so. In your little corner of the world (assuming you do web development or some such), people may add a web server (through macPorts or the Server Application) but there is no web server in a normal recent OSX installation. Yeah, there is the niche of MacMinis that people use as servers where this is not true, but they are the tiny minority. Most Macs sold today are either Airs or MacBooks & very few people want to have a local web server or "other advanced unix services"* on them.

As for your comment on their being "rarely updated", that's rich given the antiquated, nay archaic RHEL servers often I see in datacenters on things like Cisco VOIP gear.

The people geeky enough to be aware of the attack so far are also probably aware of how to update bash all by themselves. Everyone else will be able to get the update shortly when Apple publishes a fix.

* As labeled by an Apple spokesperson.

about three weeks ago
top

Apple Locks iPhone 6/6+ NFC To Apple Pay Only

phayes Re:NFC isn't used for just payment (336 comments)

No, all you said was "These are the guys who think Bluetooth is just for syncing with your computer.".

Still wrong, still ignorant.

about three weeks ago
top

Flurry of Scans Hint That Bash Vulnerability Could Already Be In the Wild

phayes Re:Briefing for management - reuse with attributio (318 comments)

Yeah, but that's not a remote exploit.

However, Ars was a little more informative: CUPS is apparently vulnerable and gives a remote exploit on OSX too...

about three weeks ago
top

Flurry of Scans Hint That Bash Vulnerability Could Already Be In the Wild

phayes Re:Briefing for management - reuse with attributio (318 comments)

For web servers that allow cgi scripting, yeah I see that it could be bad. I also noted the dhclient-script problem on Linux clients. However, I don't see this as being a major exploit for Macs (which run Web servers very rarely) & do not use the same dhcp-client mechanism as Linux & don't seem to be vulnerable.

If it's not remotely exploitable on OSX, even if the bug is present in the system bash, it's not as critical as some are trying to make it look.

Please correct me if I'm wrong with a remote exploit that works on Macs.

about three weeks ago
top

Flurry of Scans Hint That Bash Vulnerability Could Already Be In the Wild

phayes Re:USER-AGENT (318 comments)

As far as I can see, the vulnerability is a remote exec for the following cases:
- Use of web server on the platform using CGI scripts
- For Linux devices that are configured to use DHCP, dhclient-script, a rogue DHCP server can pass in exploit code.

This is supposed to be worse than heartbleed which leaked the contents of system memory? OK for web servers I see the danger, but this doesn't seem to be a major exploit for people not running web servers & using fixed IPs.

Macs in particular rarely have web servers running on them & their DHCP client mechanism is different.

about three weeks ago
top

Apple Locks iPhone 6/6+ NFC To Apple Pay Only

phayes Re:NFC isn't used for just payment (336 comments)

I'll "climb off my high horse" (stop pointing out that you are a blathering idiot making false statements) when you stop saying stupid shit.

I have no problem with criticism of Apple, Microsoft, Google, etc, when it is factual. Learn how Bluetooth works or STFU. Snort, uppity... Happens to you a lot doesn't it. You publicly jump to a false conclusion on a subject you know very little about and those around you start beating you with a clue stick. All those "uppity" people who actually take the time to learn about the subjects they talk about, pointing out again and again where & why you are wrong...

about a month ago
top

Apple Locks iPhone 6/6+ NFC To Apple Pay Only

phayes Re:NFC isn't used for just payment (336 comments)

If your only incompatible BT devices are iDevices than you've visibly been exposed to very little BT kit.
Who was it that ignorantly & falsely stated "they are the guys who think Bluetooth is just for syncing with your computer.". You did.
Did this statement come from a wealth of experience? No, quite the opposite.
Did any research whatsoever go into it? No, you never even took the time to look up BT on Wikipedia.
Do you have any idea how BT works? No, that's much too much work. You expect things to just blindly work. If you were a doctor, you'd transfer blood to & from patients without typing & then blame those that died for some imaginary reason.

You think bluetooth profiles and chip design and different storage and ram types and battery technology and the plethora of other things that go into everyday devices are all the same, which only true in that they all have one thing in common: You understand none of it.

You are a fool. every post confirms it more & more.

about a month ago
top

Apple Locks iPhone 6/6+ NFC To Apple Pay Only

phayes Re:NFC isn't used for just payment (336 comments)

Ahhhh, all becomes clear. You clearly have no idea what Bluetooth profiles are, are unaware that different telephone manufacturers use different profiles & ignorantly blame Apple for not implementing the BT profiles on some other non/PC/Mac device that you use.

The problem isn't with Apple but with the BT forum for allowing the plethora of incompatible BT profiles. As mobile devices are ressource constrained, each manufacturer chooses the BT profiles they support. PCs & Macs not having this problem, support pretty much all of them. Thus it is possible to transfer from BT devices to/from a PC/Mac as I have been doing for years, while being impossible to transfer between two different BT devices. Use of two devices from the same manufacturer will work (because they use the same BT profiles) but use of devices from different manufacturers often will not (different profiles).

The BT profile morass is what, in large part has made the use of BT devices a PITA as it is difficult to determine what profiles are are used in 2 devices spending hours debugging them & often discovering that they are incompatible. Each & every one of the devices is BT compliant, yet they cannot work together. It is no more Apple's fault for choosing profile X Y & Z than it is Motorola's for choosing A B & C & Lenovo's for choosing D E & F. Next time learn a little more about the subject before ignorantly criticizing Apple (or Motorola, or ...).

about a month ago
top

Apple Locks iPhone 6/6+ NFC To Apple Pay Only

phayes Re:NFC isn't used for just payment (336 comments)

Contrary to to the ignorant tripe you were spewing, general BT file transfers has been available on iOS since at least the 3GS but don't let that stop you from exposing your ignorance. I suppose we should judge your sanitary habits from back when you regularly dumped into your nappies, because like the iPhone it's not as if anything has changed in the meantime, right?

about a month ago
top

Apple Locks iPhone 6/6+ NFC To Apple Pay Only

phayes Re:NFC isn't used for just payment (336 comments)

Oh, puhlease. Abraham Lincoln's must have been presciently thinking of you when he said: "Better to remain silent and be thought a fool than to speak out and remove all doubt."
http://support.apple.com/kb/PH...
http://support.apple.com/kb/HT...

I share my iPhone's 4G to my rMBP daily over bluetooth. Yet another use of bluetooth on iOS which directly contradicts your ignorant statements...

about a month ago
top

Apple Locks iPhone 6/6+ NFC To Apple Pay Only

phayes Re:NFC isn't used for just payment (336 comments)

Given how many bluetooth accessories you can buy directly from Apple, claiming that Apple "are the guys who think Bluetooth is just for syncing with your computer", is wilfully ignorant.

about a month ago
top

Apple Locks iPhone 6/6+ NFC To Apple Pay Only

phayes Re:Too Late for Aus (336 comments)

Australia & Europe NFC seems to be SoftCard based from what I understand. Apple Pay will be compatible with Softcard (with additions like needing the fingerprint reader to authorise sales instead of just accepting all requested payments blindly).

Look here for more info.

about a month ago
top

Apple Locks iPhone 6/6+ NFC To Apple Pay Only

phayes Re:So much for mobile payments in Japan (336 comments)

Good job in exposing your ignorance. Apple Pay uses the contactless specification of the EMV standard to provide "industry-standard EMV-level security” -- essentially the existing SoftCard EMV standard. There will be no wait, Apple Pay can be used wherever Softcard is deployed.

Here. Read this and the associated documents.

Apple Pay's adds onto the SoftCard a level of security in using the secure fingerprint reader & in not being able to see user transactions (whereas Google Wallet leaves itself in the loop so that they CAN see each transaction).

about a month ago
top

Logitech Aims To Control the Smart Home

phayes Re:Hopefully not like their TV remotes... (115 comments)

Thanks for the link to concordance, I might start using the harmony again.

My problem with a system that I might use to program household devices like lights, temperature etc, is that if the programmation is not private, it could be used to determine whether or not anyone is home. I do NOT trust Logitech with that level of information...

about a month ago
top

iOS 8 Review

phayes Re:No good for older iPhones (216 comments)

Awww, poor guy, he got 3-4 years of use & upgrades out of his old iDevices. It's soo much better on Android where most devices are sold with outdated firmware & never updated. Not just abandoned but orphaned at birth.

about a month ago
top

Logitech Aims To Control the Smart Home

phayes Re:Tech people like their privacy (115 comments)

Adding to your insightful commentary, I do NOT want anyone to access the programming I have setup on my devices because I do not want anyone with possibly malevolent intentions being able to guess when I am home/on vacation.

about a month ago

Submissions

phayes hasn't submitted any stories.

Journals

phayes has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?