Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Comments

top

AirMagnet Wi-Fi Security Tool Takes Aim At Drones

plover Re:Battery lasts for only 12 minutes (49 comments)

You don't have to be flying in order to serve as a rogue access point. Just land the drone near the target and hack from there. Besides, you'll attract a lot less attention if you're hiding the machine on the victim's roof.

8 hours ago
top

AirMagnet Wi-Fi Security Tool Takes Aim At Drones

plover Re:Makes Perfect Sense (49 comments)

I think this is almost entirely a publicity stunt. It's easy to detect the manufacturer's OUI, and they're already selling a device that examines WiFi traffic, so why not add a signature for the Parrot? It costs them almost nothing, and it's kind of attractive in a faux-nerdy marketing person way. The salesman can use it to joke with the CIO when he's trying to sell them. The engineers will roll their eyes. but the executives will think they're doing something useful.

The real question is if detecting R/C signals is worthwhile. Parrot's WiFi control is only one of many possible protocols they could use on the 2.4 spectrum, and there are many other bands available to R/C owners. If R/C is a real threat, they need to detect them all. Otherwise, their existing software to detect rogue access points is probably more important than identifying specific toys.

Regardless of the technical merit, I think the marketing value is probably more than valuable enough to keep the rule around.

8 hours ago
top

A New Form of Online Tracking: Canvas Fingerprinting

plover Re:So (169 comments)

NoScript or Ghostery already block AddThis. It's just JavaScript.

13 hours ago
top

A New Form of Online Tracking: Canvas Fingerprinting

plover Re: So (169 comments)

Noooo! Don't mention /etc/hosts, lest you summon ... him.

13 hours ago
top

Why My LG Optimus Cellphone Is Worse Than It's Supposed To Be

plover Re:Isn't this Apple's entire shtick ? (285 comments)

All components have a cost, including the software. Let's say LG can include CrapKeyboard 1.0 for free, and GoodKeyboard 3.7 for $0.05/unit. Guess which one they're going to include?

Yes, phone pricing is broken down to that level. The cost of the supported software is a lot higher than the cost of the no-longer-supported software, because they're still paying the developers to support it. As long as CrapKeyboard used to work at least halfway decently (and it must have, because it was in the old production line), throw it in there.

It's a pretty simple explanation, actually.

yesterday
top

Why My LG Optimus Cellphone Is Worse Than It's Supposed To Be

plover Re:Don't buy cheap android (285 comments)

Be cautious in what you claim. Dropping it in the toilet isn't a maneuver most of us would consider "smart".

yesterday
top

Why My LG Optimus Cellphone Is Worse Than It's Supposed To Be

plover Re:...The hell? (285 comments)

No, but receiving a "free" phone and complaining that the free-market isn't forcing the vendor to fix its shortcomings is kind of disingenuous.

In the olden days, we'd have said he's "looking a gift horse in the mouth."

yesterday
top

Microsoft's Missed Opportunities: Memo From 1997

plover Re:Hindsight's twenty-twenty (161 comments)

Of course they were failing. They were failing in 2011, and they knew it, and in case they didn't know it, their CEO told them so. Go re-read their CEO's Burning Platform memo in case you had forgotten how badly they were doing.

In 2007, Apple stepped in and not only did they define a new high-end smartphone market, they owned it, and shared it with nobody. Nokia went from sharing the top-of-the-line smartphone market with Blackberry to a middle-of-the-road smartphone company, and they did it without moving a step. About a year later Google delivered Android, which redefined and then completely dominated the low-end smartphone market. Meanwhile, Nokia delivered nothing new. Nothing. They feebly tried to do something with Maemo (and later MeeGo), but couldn't even ship it. This was about 2009. And Android makers didn't stop there, either. The Galaxy S (as you mentioned) came out in 2010, pushing the out of the low-end smartphone market into Apple's market, and that was the herald for Nokia's decline. In 2010.

Meanwhile, MediaTek had shipped a reference design for low-end phones in 2008. Any plant in Shenzhen could now produce a cheap handset for about $10, so they did, filling shipping containers with the cheap phones that have become ubiquitous in the developing world. Nokia couldn't ship a cheap phone for twice that price. When you're buying cheap phones, you're going to pay the lowest price - so the cost-conscious consumers immediately abandoned Nokia's low end.

All this happened from 2007 through about 2010. Elop's memo came out in 2011, just after Android sales had exceeded theirs for the first time, signalling the end of Nokia's relevance in the marketplace. Nokia's marketshare continued to decline, as they shipped nothing noteworthy. By last year, Nokia was barely remembered as that company that used to make phones before iPhones came out.

Microsoft drove them into the ground at high speed.

That is completely wrong. Microsoft bought them in September of 2013. According to my calendar, that was last year. "Failing" is a polite word for the dire straits Nokia was in at that time. Microsoft didn't drive them any place they hadn't already gone themselves. Perhaps you're confusing the sale of Nokia with the agreement Nokia made to adopt Windows 8 for the cash they needed to keep the lights on. Nokia had already failed to deliver Maemo, which had been in the works since before the introduction of the iPhone. Nokia was incapable of delivering a smartphone OS. They had four years and couldn't do it. MeeGo might have eventually done something for them, but it would have been an even smaller market than Microsoft could deliver.

Let me repeat: Nokia needed Microsoft's cash just to stay in business, back in 2011. That is not the sign of a healthy company.

All that and I still have to say the Microsoft phone is not a terrible device. Nokia put a really nice camera in there, the battery life is good, the screen is clear, and the device is really well made. But the Windows app store is sadly lacking, and Cortana is certainly not yet at the caliber of Siri. It's still just an also-ran in the phone market.

Microsoft had nothing to do with Nokia's decline. Nokia did that to themselves by standing perfectly still, while the entire market passed them by on both sides. Microsoft just picked them up for the scrap value.

4 days ago
top

Microsoft's Missed Opportunities: Memo From 1997

plover Re:Hindsight's twenty-twenty (161 comments)

Microsoft has done some really brilliant things as of late. They've wholeheartedly adopted automated testing for everything. I don't know if they have any product teams that aren't Agile, or aren't doing test driven development. I recently asked a product manager about his product's defect backlog, and he shot me with a cold stare: "We don't have any known defects in our product. As soon as a bug report arrives, the entire team drops what they're doing, and within 15 minutes a developer is working on repro'ing it, and it's fixed within a day. These are very rare occurrences." This was for a million line shrink-wrapped product.

Although it's taking them a long time to turn their teams around, Microsoft finally knows how to engineer code right, and they are quite willing to share with anyone willing to listen. But too many of their clients don't listen, too many of their vendors and suppliers don't listen (driver bugs, etc), too many of their own internal teams are still dragging legacy code bases forward, and they still have a long history of bugs that we all remember. Another problem they have is economic: their primary competition is their old products, like Office 2007, which are good enough for most businesses and students. They really want to get everyone on their Azure cloud, using Office365, live, OneCloud, and to rent computing resources from them, and that's driving a lot of their products in an unnatural direction for their consumers.

Their marketing people haven't helped. Windows RT? Really, they had to emulate Apple's walled garden? The closed iOS ecosystem is about the worst thing Apple ever did to their customers, The Apple tax sucks 30% from every dollar spent on the platform, and there's virtually no escape. And because we all know it sucks, we won't willingly jump into it again - so Microsoft loses even more.

Their forays into other platforms have been abysmal: Ford's SYNC is a crime against drivers. They bought a failing phone company for their hardware, turned out walled garden phones, and nobody showed up. Their previous attempts at embedded systems make people WinCE. And because they start everything out as closed source, and try to contain their own stuff, they see every product as a battle entering competition to the death, instead of an opportunity to cooperate. That got them a long way, and made them a lot of money, but now there are good alternatives, and nobody gives a damn anymore. The stuff they're producing now will all be too much, but way too late.

5 days ago
top

Want To Ensure Your Personal Android Data Is Truly Wiped? Turn On Encryption

plover Re:And then throw it in a fire (91 comments)

I don't think you considered the depth of the question: what is the risk? Could your device contain credit card information? Could it have your social security numbers? Could it have a way to access your bank account? Your retirement accounts? Your brokerage accounts? A lot of your personal finances could be at risk. Are you wealthy enough to be worth kidnapping, and if so, could the device provide access to your family's panic room, or to your alarm system? What about medical information? Assign dollar values to those (it's certainly nebulous, but you want to end up with some kind of estimate) and add up your overall potential for loss. Now, divide by the likelihood your device will be compromised - you might estimate that tens of millions of devices are recycled each year, and you might figure a hundred thousand are handled by people who would like to steal from them, giving you roughly a 1 in 100 chance of having your device compromised. Would you bet the information above on those odds for $300?

Maybe you don't think you have very much worth stealing. Perhaps you're young, and don't have a retirement account, and not much in the bank, so your financial risk is only $1,000. Maybe you don't see any risk at leaking your health data. And maybe you're supremely confident in your abilities to wipe the flash RAM. Good for you, take the $300 and spend it. For you, it's a solid bet. For those of us with more at risk, it's not such a sure thing; even if I am confident in my skills at wiping these devices, what if I make a mistake?

about a week ago
top

Want To Ensure Your Personal Android Data Is Truly Wiped? Turn On Encryption

plover Re:srm -v -z (91 comments)

Well, it confounds it at any rate. But completely filling the device's memory 33 times in a row is pretty likely to overwrite everything at least once or twice - even the hidden "failure reserve" space if it's included in the wear leveling (and if it's not, then it doesn't yet hold any sensitive data, so there's no problem). Guttmann's values may be irrelevant to today's storage media, but that many repeated rewrites of anything still mostly does the job.

If you were an engineer in charge of destroying data printed on paper, and you decided on shred then burn then stir the ashes in water, how many times would you repeat the cycle in order to be sure the data was destroyed? Hint: if your recommendation is greater than one (in order to be pretty sure), check your job title, because you're probably Dilbert's pointy-haired boss.

Drives today work almost nothing like the drives of 20 years ago. They don't paint bit-bit-bit in a stripe, they encode a set of bits in every pulse of the write head. Alter it a tiny fraction, and it becomes a completely different set of bits, one that error correction won't be able to overcome.

Old disks were recoverable because the mechanisms weren't precise, and the data was written with big chunky magnets to assure it was readable. All that slop has been engineered out on order to achieve today's remarkable areal densities. One overwrite is all it takes - as long as you're overwriting it all.

about two weeks ago
top

Want To Ensure Your Personal Android Data Is Truly Wiped? Turn On Encryption

plover Re:And then throw it in a fire (91 comments)

This.

What is the value of a used device? Compare that to the risk of the data on that device going to a malevolent third party.

I've had people saying "oh, look at all these hard drives, you should totally sell them on ebay and I bet you could get $10 apiece for them!" Adding up the time I would waste running DBAN or sdelete or whatever, and keeping track of which ones have been wiped, and double checking to make sure everything is really gone, it's not worth the time.

A big hammer and a punch, driven deeply through the thin aluminum cover and down the platter area, takes about a second and leaves nothing anybody would bother trying to recover. You can quickly look at a drive and say "yes, this drive has been taken care of", or "hey, there's no jagged hole here, this drive isn't destroyed." The aluminum cover contains the shards if the platters are glass. I don't care who handles them after destruction. There's no worries about toxic smoke. And if you have to inventory them before shipping them to a recycler, the serial numbers are still readable.

Smashing a phone wouldn't destroy the data on the chips, so a fire is a somewhat safer option.

about two weeks ago
top

Chinese Hackers Infiltrate Firms Using Malware-Laden Handheld Scanners

plover Re:Problem traced (93 comments)

The "scanner" portion of these devices is typically an embedded system that drives a hardware sensor, and speaks USB out the back side. You could probably open one up, solder a cable to the right points on the scanner board, and you'd have exactly the simple and transparent scanner you requested.

But because the business wants a truckload (no pun intended) of functionality out of these scanners, they need it to have more capabilities. First, it needs to be on the network, or it won't give them any benefit. Next, it needs to be multi-tasking so it can display alerts, etc. Its primary task may be to inventory the stuff coming off a truck, its other tasks may include assigning work items to line employees, displaying alerts on the supervisors' screens, punching the timeclock for breaks, and possibly even employee email. To a lot of businesses, a browser based interface lets them run whatever kind of functions they want, without the expense of continually pushing a bunch of apps out to a bunch of random machines. So taking all that together, embedded XP is one (bloated) way of meeting all that.

So while the scanner itself is simple, it's the rest of the hardware in the device that was infested with XP and other malware.

about two weeks ago
top

Ode To Sound Blaster: Are Discrete Audio Cards Still Worth the Investment?

plover Re:They have a great fab process (499 comments)

Don't forget the RF shielded optical fiber interconnects, for true fidelity at high frequencies, and a mellow bass.

about two weeks ago
top

Normal Humans Effectively Excluded From Developing Software

plover Re:Cry Me A River (608 comments)

What I think a lot of the utopian visions miss, as well as a lot of the posters here, is that the problems with programming are not problems with the tools, but with the code that these amateurs produce. Writing clean, clear, correct, modular, maintainable, tested, and reusable code is still a skill that takes time to learn.

Generally, most people understand following a sequence of steps to achieve a goal. They can follow a recipe's steps to bake a cake. Some can even write down the steps they took to accomplish a task, which is the beginning of automating it; but recording and playing back steps is certainly not all there is to programming. Almost anyone who can write steps down can then learn enough of a language to string together a dozen or even a hundred individual steps to then achieve a goal: StepA(foo); bar = StepB(foo); StepC(foo,bar); ... another 97 steps here...; return(). The problem is that because writing down all those steps is possible, people who manage to do it once think they're programming. But all they're really doing is scripting.

Once someone tries to add logic to their scripts, the resultant code is generally buggy, slow, difficult to maintain, impossible to test, and probably should not be put into production, let alone reused. What a professional software developer does is recognizes the difference. He or she uses his or her experience, skills, and knowledge to organize those instructions into small groups of functionality, and wraps them into readable, testable, reusable, methods. He or she recognizes dependencies in the code, follows design principles to ensure they are properly organized, groups related methods into classes or modules, knows when to follow design patterns and when to break from them, groups related areas of modules into architectural layers, and wraps the layers with clean, testable, usable interfaces. He or she knows how to secure the code against various types of attack or misuse, and to properly protect the data it's been entrusted with. He or she understands validation, authorization, authentication, roles, sanitization, whitelisting, and blacklisting. And he or she understands the many forms of testing needed, including unit testing, system testing, integration testing, fuzz testing, pen testing, performance testing, as well as tools to evaluate the code, such as static code analysis and metrics.

On the other end of the developer's life are the inputs to the processes: requirements, stories, use cases, usability, scalability, performance. They know that following certain development methodologies can make a great deal of difference to the software's quality. And then there are the realities of all the non software development issues: equipment, firewall rules, IDPs, networking, vendor contracts, software licensing, hosting, distribution, installation, support, bug tracking, and even sales.

Tools can help with all of these steps, but as you pointed out, having a word processor does not make one a poet.

about two weeks ago
top

Thousands of Leaked KGB Files Are Now Open To the Public

plover Re:seems like snowden did the exact same thing. (95 comments)

Really? Because I don't seem to remember the purges that took place when Reagan took office, or Bush, or Clinton, or Obama. I don't remember when they arrested the political dissenters from the opposition parties, hauled them out of Washington and trucked them up to camps in North Dakota where the majority froze to death, or shot them in the basement of the Lubyanka after pronouncing them guilty in a secret "trial". Perhaps that all took place when the Ministry for Information took razor blades and cut out the encyclopedia pages for Jimmy Carter, and extended the entry for the Bering Sea to compensate, because we can't really trust our history books.

Go read Mitrokhin's books. Read the KGB's own history, stolen from their own archives. Compare it to what the USA claimed actually happened, and to what the USA claimed was Soviet propaganda. Mitrokhin's papers serve as independent corroboration that essentially everything the USA said about the Soviet Union's "active measures" was true.

about two weeks ago
top

Thousands of Leaked KGB Files Are Now Open To the Public

plover Re:seems like snowden did the exact same thing. (95 comments)

Wow, such hate and bile. The country Mitrokhin "betrayed" no longer existed. He turned over documents from the Soviet Union, not from "Russia". Yes, there is a distinction.

You completely failed to read what was written, which was a comparison of Mitrokhin to Snowden.

Apparently, that's what the fuck I don't get.

about two weeks ago
top

Australian Police Use Telcos For Cell "Tower Dump" of All Connected Users' Data

plover Re:And Chicago is relevant to Australia? (60 comments)

TFA tries to compare the legal aspects of one country's police using a legitimate cell tower's data (a "tower dump") with a court request for a copy of the purchase order of a surreptitious TriggerFish by a police force located in a different country. Different countries, different laws, different technologic approach to collecting the data, different accusations. The primary thing they share in common seems to be the outrage they spark.

about two weeks ago
top

Thousands of Leaked KGB Files Are Now Open To the Public

plover Re:And in 20 years (95 comments)

The declassification rules in the US are such that all documents are to be publicly released 50 years after the end of their active life. That's why they were compelled to release ULTRA and VENONA information in the 1990s, 50 years after the end of WWII. The declassification process is not automatic, in that someone still redacts the names of involved people who are still alive, and they make sure that the release won't endanger any current activities, but for the most part they are compelled to release it all.

If you are at all interested in the history of our intelligence services, and you find yourself in the D.C. area, I strongly recommend visiting the NSA's Cryptologic Museum. http://www.nsa.gov/about/crypt...

about two weeks ago

Submissions

top

Smithsonian Releasing 3D Models of Artifacts

plover plover writes  |  about 8 months ago

plover (150551) writes "The Seattle Times reports "the Smithsonian Institution is launching a new 3D scanning and printing initiative to make more of its massive collection accessible to schools, researchers and the public worldwide. A small team has begun creating 3D models of some key objects representing the breadth of the collection at the world's largest museum complex. Some of the first 3D scans include the Wright brothers' first airplane, Amelia Earhart's flight suit, casts of President Abraham Lincoln's face during the Civil War and a Revolutionary War gunboat. Less familiar objects include a former slave's horn, a missionary's gun from the 1800s and a woolly mammoth fossil from the Ice Age. They are pieces of history some people may hear about but rarely see or touch."

So far they have posted 20 models on the site, with the promise of much more to come."
top

Why iFingerprinting Makes You Legally Unsafe

plover plover writes  |  about 10 months ago

plover (150551) writes "Mark Rasch, an attorney specializing in privacy and security law, has taken a look at using the iPhone's fingerprint access to protect your privacy. He believes that you can sometimes be compelled by a court to provide your password to unlock an encrypted file, depending on the circumstances. But you can always be compelled to provide your fingerprints, and that the Supreme Court has repeatedly affirmed there is no Fifth Amendment protection against it. That means if you lock your phone with only a fingerprint, the government will almost certainly be able to compel you to unlock it. If you lock it with a passcode, there's a chance you can refuse to provide it under the Fifth Amendment.

The new iPhone 5s’s biometric fingerprint scanner can actually put consumers (or merchants, for that matter) in a worse position legally than the previous four-digit PIN. In fact, the biometric can open the contents of a consumer’s phone and any linked payment systems, accounts or systems—including contacts, email and documents—less legally protected than the simple passcode. This is because the law may treat the biometric (something you are) differently from a password (something you know).

"

Link to Original Source
top

FinSpy Commercial Spyware Abused By Governments

plover plover writes  |  about 2 years ago

plover (150551) writes "The NY Times has this story about FinSpy, a commercial spyware package sold "only for law enforcement purposes" being used by governments to spy on dissidents, journalists, and others, and how two U.S. computer experts, Morgan Marquis-Boire from Google, and Bill Marczak, a PhD student in Computer Science, have been tracking it down around the world."
top

Iran Admits Stuxnet Impacted Their Nuclear Program

plover plover writes  |  more than 3 years ago

plover (150551) writes "According to this article in the Guardian,

Ahmadinejad admitted the worm had affected Iran's uranium enrichment. "They succeeded in creating problems for a limited number of our centrifuges with the software they had installed in electronic parts," the president said. "They did a bad thing. Fortunately our experts discovered that, and today they are not able [to do that] anymore."

"

Link to Original Source
top

Jury awards $1.5 million to Capitol Records

plover plover writes  |  more than 3 years ago

plover (150551) writes "In the Jammie Thomas-Rasset case that never ends, a Minneapolis jury has awarded Capitol Records $1.5 million dollars.

Thomas-Rasset is expected to appeal and it the case could wind its way to the Supreme Court."

Link to Original Source
top

Ars Technica Forums Abused by Phishers

plover plover writes  |  more than 4 years ago

plover (150551) writes "Some Ars Technica members received phishing attempts purporting to be from SunTrust this morning. Here's the posting on the Ars forum explaining what happened.

It seems that many users received phishing attempts to Ars only email addresses this morning. We're working on it and will update this post when we find something out.

We believe that our previous forum provider has some exploit that allows people to send messages to private email addresses through their servers. Every report we've seen has originated at one of their web front ends. If we are correct, your email addresses have not been compromised. It's obviously pretty bad to be getting phishing attempts forwarded through someone else, but not quite as bad as if an email DB had been jacked or something.

We have emails out to them. There's a chance we won't hear back for a couple of hours since they're on pacific time, but we're doing what we can.

That's got to be one stupid phisherman to try phishing from the members of Ars Technica."

top

US Admits Most Piracy Estimates Are Bogus

plover plover writes  |  more than 4 years ago

plover (150551) writes "According to this article on Ars Technica, the GAO admitted that the estimates of the impact of piracy have no basis in fact.

After examining all the data and consulting with numerous experts inside and outside of government, the Government Accountability Office concluded that it is "difficult, if not impossible, to quantify the economy-wide impacts."

"
top

Senate Votes to Replace Aviation Radar With GPS

plover plover writes  |  more than 3 years ago

plover (150551) writes "The U.S. Senate today passed by a 93-0 margin a bill that would implement the FAA's NextGen plan to replace aviation radar with GPS units. It will help pay for the upgrade by increasing aviation fuel taxes on private aircraft. It will require two inspections per year on foreign repair stations that work on U.S. planes. And it will ban pilots from using personal electronics in the cockpit. This just needs to be reconciled with the House version and is expected to soon become law. This was discussed on Slashdot a few years ago."
Link to Original Source
top

Do your developers have local admin rights?

plover plover writes  |  more than 4 years ago

plover (150551) writes "I work as a developer for a Very Large American Corporation. We are not an IT company, but have a large IT organization that does a lot of internal development. In my area, we do Windows development, which includes writing and maintaining code for various services and executables. A few years ago the Info Security group removed local administrator rights from most accounts and machines, but our area was granted exceptions for developers. My question is: do other developers in other large companies have local admin rights to their development environment? If not, how do you handle tasks like debugging, testing installations, or installing updated development tools that aren't a part of the standard corporate workstation?"
top

Wal-mart Hacked in 2006, Details in Wired

plover plover writes  |  more than 4 years ago

plover (150551) writes "Kim Zetter of Wired documents an extensive hack of Wal-Mart that took place in 2005-2006. She goes into great detail about the investigation and what the investigators found, including that the hackers made copies of their point-of-sale source code, and that they ran l0phtCrack on a Wal-Mart server.

Wal-Mart uncovered the breach in November 2006, after a fortuitous server crash led administrators to a password-cracking tool that had been surreptitiously installed on one of its servers. Wal-Mart’s initial probe traced the intrusion to a compromised VPN account, and from there to a computer in Minsk, Belarus.

Wal-mart has long since fixed the flaws that allowed the compromise, and confirmed that no customer data was lost in the hack."

top

Ex-CIO Blames Microsoft For Security Breach

plover plover writes  |  about 6 years ago

plover (150551) writes "Hannaford is a grocery store chain who lost 4.2 million credit card numbers earlier this year as a result of a security breach. Their former CIO is directly blaming their use of Microsoft as the reason they were breached.

"None of the breach was anything related to Linux. All of it was Microsoft."

Asked whether he believed that Microsoft is less secure because it's truly less secure software or whether its overwhelming marketshare makes it a cyber thief target, Homa said it was the other way around. Microsoft's marketshare is not what attracts so many attackers. "Microsoft is so full of holes. That's why it's still a target," he said.

"
top

Hannaford's CIO Blames Data Breach on Microsoft

plover plover writes  |  about 6 years ago

plover (150551) writes "Hannaford is a grocery store chain who lost 4.5 million credit card numbers as a result of a security breach. Their former CIO is directly blaming their use of Microsoft as the reason they were breached.

Homa has become a fan of simplification in battling security. "We used a lot of Linux," Homa said. "None of the breach was anything related to Linux. All of it was Microsoft."

Asked whether he believed that Microsoft is less secure because it's truly less secure software or whether its overwhelming marketshare makes it a cyber thief target, Homa said it was the other way around. Microsoft's marketshare is not what attracts so many attackers. "Microsoft is so full of holes. That's why it's still a target," he said.

Would he counsel other CIOs to avoid Microsoft like the plague? "That's what I'd do. If you limit your exposure to Microsoft, you're going to be in a more secure environment," he said, adding that Microsoft's philosophy is decentralized, forcing IT to manage more points. That means more license fees for Microsoft and more potential security gotchas for the CIO. "Hence, you see my aversion to Microsoft."

"

Link to Original Source
top

plover plover writes  |  more than 7 years ago

plover (150551) writes "According to this Star Tribune story, police, with the court's permission, attached a GPS tracking device to a suspect's motorcycle and tracked his activity to the site of a theft. On Monday the thief pled guilty and was sentenced to five years."
top

plover plover writes  |  more than 7 years ago

plover (150551) writes "
Wearing a blue suit and a tight smile, the fed faced his audience.
And this wasn't just any audience. It consisted of 300 potential offenders, rounded up on Tuesday so Jon Dudas could lay down the law to them.
In this Star Tribune story, Jon Dudas, the director of the USPTO was speaking to an elementary school assembly of second through fifth graders. So instead of "students" or "kids", it's now acceptable for reporters to refer to them as "potential offenders"? This is plus ungood."

Journals

top

PC Invader Costs Ky. County $415,000

plover plover writes  |  about 5 years ago The Washington Post is reporting a complex hack and con job resulting in the theft of $415,000 from Bullitt County, Kentucky. The story is fascinating, and is filled with detailed information regarding the theft.

top

Warner Music about to sing a new tune?

plover plover writes  |  more than 6 years ago Warner Music Group's CEO Edgar Bronfman sounds like he's publicly acknowledging what we've known all along: consumers like the iPod, the music business has changed, and that the music industry was wrong to attack their own customers. Might this speech mark the start of the end of the insanity?

top

Game time!

plover plover writes  |  more than 7 years ago Thanks to this posting, Rupert and I are now playing a game: Find the highest Google maps route distance to great circle distance ratio.

Rupert started it with this:

Fairbanks to St. Petersburg.
Great circle distance: 3,840 miles
Google directions distance: 9,631 miles
My score: 2.508

I answered by stretching his route slightly: Kantishna Station, Alaska to Skarsvag, Norway. It's a pretty long journey no matter how you look at it.

Google's route: 10,411 miles
Great circle distance: 3,141 miles
It has a score of only 3.315, but it'll take 34 days to make the journey!

This one seemed like a good North American entry:
Google's route
gets a score of 3.7.

But North America is tricky. Just about every goat and Jeep trail is mapped, and we Americans cannot abide straight lines that aren't paved. Rupert's still managed to find some good ones: Route to distance gives a very respectable 5.6.

I've headed over to the Balkans, where the maps are usefully short on detail. Here's my latest entry. Lecce, Italy to Tirane, Albania: Route to great circle.

1267 km by Google, 216 km straight arc. Score is 5.866.

It's kind of a pain because you have to snarf the lat/lon from Google's URL and adapt it to the great circle calculator, but it's fun to exploit holes in Google's map coverage.

top

YASS - Yet Another Story Submission

plover plover writes  |  more than 7 years ago

Wearing a blue suit and a tight smile, the fed faced his audience.
And this wasn't just any audience. It consisted of 300 potential offenders, rounded up on Tuesday so Jon Dudas could lay down the law to them.

In this Star Tribune story, Jon Dudas, the director of the USPTO was speaking to an elementary school assembly of second through fifth graders. So instead of "students" or "kids", it's now acceptable for reporters to refer to them as "potential offenders"? This is plus ungood.

top

On the date of my birth:

plover plover writes  |  more than 8 years ago helicobacter has launched a /. meme. Go to wikipedia and type in the month and day (no year) of your birth. Pick out three interesting events, two births and a death, and post them in your journal.

EVENTS:

  • 1986 - Halley's Comet is visible in the night sky as it passes in its 76-year orbit around the sun.
  • 1962 - Ranger 3 is launched to study the moon. The space probe later missed the moon by 22,000 miles (35,400 km).
  • 1802 - The U.S. Congress passes an act calling for a library to be established within the U.S. Capitol; eventually this becomes the Library of Congress. It's a geek thing.

BIRTHS:

  • 1961 - Wayne Gretzky, Canadian hockey player, coach, and team owner.
  • 1918 - Nicolae Ceausescu, Romanian dictator (d. 1989.) I only picked Ceausescu because I remember how much the Romanians enjoyed executing him.

DEATHS:

  • 1997 - Jeane Dixon, American astrologer (b. 1904.) And she never saw it coming!

top

Merry [Christmas|Hannukah|Kwanzaa|Yule|.*] to you!

plover plover writes  |  more than 7 years ago

I just wanted to wish all of you well this holiday season. I know some of you aren't religious folk (neither am I), but that won't stop me from hoping for happiness for you now and in the coming year.

And money, too. Yeah, I may as well wish for something practical for you all while I'm at it.

So have a happy new year and I hope you get money! :-)

top

Another submission: this year's Ig Nobles have been awarded

plover plover writes  |  more than 8 years ago Here's the text I submitted. It's probably already been submitted, but hey, they're likely to publish at least one of them (and if Zonk has anything to do with it, they're likely to publish ALL of them! :-)

The BBC is reporting on this years winners of the Ig Noble awards, honoring science achievements that "cannot, or should not, be reproduced". For example, this years winner for Medicine was the inventor of Neuticles, rubber replacement testicles for neutered dogs.

top

Submitted an interesting story

plover plover writes  |  more than 9 years ago Here's my submission:

In the story Hacker Hunters, BusinessWeek Online documents how the Secret Service turned a member of the ShadowCrew and was able to arrest dozens of the members of the phishing ring.

From the article: "Law enforcement officials are often loath to reveal details of their operations, but the Secret Service and Justice Dept. wanted to publicize a still-rare victory. So they agreed to reveal the inner dynamics of their cat-and-mouse chase to BusinessWeek. The case provides a window into the arcane culture of cybercriminals and the methods of their pursuers."

I thought it was a fascinating read, anyway.

top

Another submission, and it's not a dupe!

plover plover writes  |  more than 9 years ago This is the text I submitted under the heading "Vex, a New Robot Kit available at Radio Shack Soon"

While Lego Mindstorms are fine for creating autonomous toy robots, there's still a lack of kits for constructing larger, sturdier do-it-yourself remote controlled robots. Enter Vex, an Erector/Meccano-style robotics construction kit. According to PCMagazine, (beware, popunder ads) Radio Shack is set to roll these out to consumers beginning in May. No computer control (yet) but they sure look fun!

So, if the story gets rejected, you still might want to check them out. I can't wait!

top

Another midnight, another submission

plover plover writes  |  more than 9 years ago Best Buy to Eliminate Rebates

According to the Minneapolis Star Tribune (free registration required,) "In response to customer complaints, Best Buy, the world's largest electronics retailer, promised today to eliminate mail-in rebates within two years."

Can it be that we're finally nearing the end of one of the most hated marketing ploys of all? What is the world coming to?

top

I'm hopeful about this submission!

plover plover writes  |  more than 9 years ago This one is actually news.

plover writes: Because of Congressional legislation passed quietly in 2003, the Air Force Space Command will no longer distribute space surveillance data via NASA. There was supposed a three year transitional period where the data was to be made available via a NASA web site, but earlier this month their transitional server went down hard, and NASA has decided to not rebuild it. (It was scheduled to be shut down on 31 March 2005 anyway.)

The only way to obtain satellite data now is by signing up with the official Space-Track website. Part of the agreement to obtaining data from their site is that you agree to not redistribute their data.

Of course, amateurs are still free to redistribute their observations, including those of classified satellites.

top

Another rejected story prepared

plover plover writes  |  more than 9 years ago Well, I keep trying. Here's the latest scoop.

According to Reuters, the chairman of Apex was arrested in China. Chinese officials have confirmed the arrest, but have not made the charges known yet. A supplier recently came forward revealing Apex owed them $4.3 million, and fraud charges are suspected. Apex is a maker of inexpensive DVD players that are widely known for the ablility to turn off their region codes.

top

New submission prepared for rejection

plover plover writes  |  more than 9 years ago This one was titled "SCO sales tanking?"

The SCO Group reported their fourth quarter income on Tuesday, and according to The Register, this quarter's earnings are down to $10.08 million, compared to $24 million last year. Their licensing revenue is virtually non-existant, at only $120,000 compared to $10 million to Q4 in 2003. Darl's statement to stockholders began by reporting 'Fourth Quarter achievements demonstrate continued progress at SCO.' I guess progress doesn't imply direction...

top

Quick, a story that hasn't been rejected yet

plover plover writes  |  more than 9 years ago I submitted this story this afternoon.

'Researchers are saying that caffeine withdrawal should now be classified as a psychiatric disorder' states Sid Kirchheimer at WebMD. In this article he examines a new study that shows caffeine withdrawal produces symptoms that render a person so dysfunctional that it should be classified as a psychiatric disorder. (The article also takes great pains to say "don't panic.") Caffeine withdrawal is nothing new to me, but having it ranked as a "disorder" does trouble me a bit.

Lets see if they can set a new land-speed record in story rejection...

top

Another story submission (quick before it's rejected)

plover plover writes  |  more than 9 years ago NewScientist.com is running a story that NASA is going to use two helicopter stunt pilots to catch a sample capsule that will be ejected by the Genesis spacecraft. Genesis has been collecting solar gases for the last couple of years, and the scientists need to retrieve it quickly to preserve the samples.

top

Story submission (not rejected yet)

plover plover writes  |  more than 10 years ago Here's the scoop I submitted:

The New York Times is running this story (privacy violations required) discussing the new trend towards global movie premieres, and how this model leads to less piracy. Finally, the movie studios are trying something intelligent to combat piracy, rather than lawsuits.

top

plover plover writes  |  more than 10 years ago The new sig,
John
Karma: Fair and Balanced (mostly affected by a Fox News lawsuit)

is in honor of Fair and Balanced Day on the Internet (August 15th.) which I found from this link from BoingBoing.

The story is Fox News is suing Al Franken over the title of his new book, "Lies and the Lying Liars Who Tell Them: A Fair and Balanced Look at the Right." As if anybody who watches Fox News would a) read Al Franken ANYTHING; and b) be literate enough to actually read at all. None of those people have enough neurons to connect the two anyway.

I think the whole thing is a Fox marketing ploy just to get their slogan out. It's certainly the first time I've ever even heard that they have one.

top

Obituary column

plover plover writes  |  more than 11 years ago JADNT, AT&T Globalyst S40, 1995 - 2002.

We are saddened to announce the passing of JADNT, whose electrons were returned to a lower energy state on Friday, October 25, 2002.

JADNT was a workhorse server. It began life as an evaluation candidate for an enterprise server, but was replaced early on as it was recognized as too small to perform the required duties. It was moved to its home in JADs cubicle where its dual Pentium Pro horsepower was quickly put to use in reducing compile times. As the software it supported was obsoleted, it took on other tasks where it quietly but efficiently monitored the status of other machines, provided a historical development platform, and constantly served up a variety of utility tools and command scripts.

JADNT fought bravely in its last few remaining hours, the spindle of drive 4 noisily attempting to cooperate with the SCSI controller's pleas to spin, while drive 1 was attempting to recover from a massive bit hemorrhage induced by a power failure on Monday evening at 5:30.

Tuesday morning, technicians attempted to perform an organ transplant. The donor S40 had been removed from life support and kept in storage for over a year, but by the time the drives had been removed and brought to the fourth floor it was too late to save the ailing JADNT. Both weakened drives had lost motor control leaving JADNT in a BIOS coma, gasping for a boot sector. On Friday morning, accompanied by faithful friends, the decision to pull the plug was made.

We will all fondly remember JADNT's famous lizards, and are saddened at the senseless loss of such data as troops.mov, the immensely useful and popular swiper and even its network attached Handspring cradle.

JADNT is survived by CDGU5, D2094REG2010 and JAD2K. It was preceded in death by CAMELOT, JOHN0S2 and 4680JAD. An open case viewing will be held throughout the weekend. Interment will be next week in a closet on third floor, where it is hoped that its RAID cage may some day help restore health to other Globalyst S40s.

top

I now have a better sig

plover plover writes  |  more than 11 years ago It won't get our company's IP address banned, either, Rupert.

John
Karma: Excellent (mostly affected by bribing CowboyNeal)

Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...