Slashdot: News for Nerds


Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!



Microsoft Releases Super-Secure XP to US Air Force

secPM_MS Re:Obviously this can't work (507 comments)

I don't know. I am not involved with this. Clearly, the Air Force, or other customer can define what security policy they want to apply and have their systems configured to it.

more than 5 years ago

Microsoft Releases Super-Secure XP to US Air Force

secPM_MS Re:Obviously this can't work (507 comments)

I am a security program manager at Microsoft. The article gets much of it wrong. The Air Force wanted the machines preconfigured to a secure configuration so that they did not have to do this configuration. Such configurations are not distributed to the general public because of the impact on generalized consumer useability. Microsoft always publishes a security guide which provides guidance on configuring systems for different threat environments. For example in the Windows Vista Security Guide, Chapter 5 is titled "Specialized Security - Limited Functionality". Such security guides exist for NT on.

Users are free to configure their systems for higher security. Note that doing so may limit functionality you are used to. For example, you can configure your system so that all users run as normal users (no administrative functionality). Running users as normal users is part of all security guidance. Not all XP software will run if you do this. You can set IE to high security mode by default and disable Flash, etc. Doing so breaks much of the web but is more secure. You can get security, but it will impact your user experience.

It is easier to secure Vista and 2K8 server systems.

more than 5 years ago

Offshore Windpower To Potentially Exceed US Demand

secPM_MS off-shore power (679 comments)

While the near-shore environment is reasonably suited to cables, the cost of long distance power transmission in the deep ocean environment may be problematic. This suggests that the power be stored into some transmissible fuel that can be picked up intermittently. One possibility would be Ammonia, NH3, which could be made by electrolysis of water to get the Hydrogen and nitrogen from the atmosphere. The heat of formation of NH3 is ~ 10% of the available energy in the Hydrogen (liquefying Hydrogen requires ~ 30%). Anhydrous ammonia is easily handled at moderate pressures in steel vessels, has a higher volumetric density than liquid Hydrogen, could be easily handled by tankers, and the Hydrogen can be easily released at moderate temperatures by catalytic reforming. Spills of NH3 are limited by its high solubility in water and lack of persistence - plants metabolize it rapidly.

more than 5 years ago

Black Holes From the LHC Could Last For Minutes

secPM_MS Re:cosmic rays (672 comments)

The theory is quite strong in this case. As for the virtual electron and positron meeting and anhilating each other, that is what they do all the time all over the universe - look up a good introduction to quantum field theory, which is very well supported by experimental tests.

We have no evidence for black holes of less than multiples of the sun's mass and to the best of my knowledge, no evidence of black holes of masses on the order of many billions of solar masses. The rest is speculation, but not unreasonable.

There was a very interesting paper at the LANL archives last year on the energy release from small black holes on planetary bodies due to eddington-limited accretion. The impact would be correspondingly greater and more observable in white dwarfs and neutron stars.

more than 5 years ago

Black Holes From the LHC Could Last For Minutes

secPM_MS Re:cosmic rays (672 comments)

Small black holes are far less dangerous than made out to be. I wouldn't like to be very near one due to its Hawking radiation (virtual photon creation near the event horizon where one of the virtual photons is absorbed and the other turns real as it escapes), but the fear mongers of black holes forget the limiting factor. Matter falling into a black hole is compressed and gets hot. The hot matter radiates light / gamma rays. While in some cases this radiation might be captured as well, it is far more likely that the radiation pressure will limit the rate of matter absorption by the black hole. The radiation pressure effect is known as the Eddinton effect and is a major factor in stellar stability. In the case of a small black hole, the size of the black hole is far smaller than the absorption length of gamma rays, preventing advection of the gammas. Since a non-rotating black hole is likely to convert on the order of 1% of the absorbed mass into gamma radiation, such a source would be more than capable of creating a near vacuum of hot matter about itself.

If such stable black holes were creatable / existed, we should see rather remarkable things with old white dwarfs and neutron stars, which would be greatly affected by such energy sources.

more than 5 years ago

GPUs Used To Crack WiFi Passwords Faster

secPM_MS Re:Brute-force password guessing not a problem (189 comments)

Strong passwords / keys for WPA is not much of a burden. You only have to enter the damm things once. I use a random 32 character hex string as my key. I wrote it down and stored it in a known location. I also have it stored in an old USB drive in a text file. I have to enter it far more than most people, as I dogfood WIndows releases, flattening my notebook each time. Thus I have to reinitialize it for my home WPA network each time I rebuild it. I am not worrying about brute force attacks against 128 bit key values.

more than 5 years ago

Microsoft to Issue Emergency Patch For File-Sharing Hole

secPM_MS Re:Pretty serious (348 comments)

Actually, it is rather more like the Zotob vuln than the Blaster vuln. It is a crit on earlier systems, but requires authenticated privledges on Vista and 2K8 server due to the implementation of the integrity level defenses in Vista and 2K8. That said, the potential for damage with this vulnerability is high and there were reports of attacks in the wild. Thus, Microsoft released out of the standard release cycle.

more than 5 years ago


secPM_MS hasn't submitted any stories.


secPM_MS has no journal entries.

Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account