Announcing: Slashdot Deals - Explore geek apps, games, gadgets and more. (what is this?)

Thank you!

We are sorry to see you leave - Beta is different and we value the time you took to try it out. Before you decide to go, please take a look at some value-adds for Beta and learn more about it. Thank you for reading Slashdot, and for making the site better!



Ebola Nose Spray Vaccine Protects Monkeys

thoriumbr What could possibly go wrong? (198 comments)

A very mutable virus paired with a lethal one. Used in a spray. Ok, go ahead.

about three weeks ago

DNA sequencing of coffee's best use:

thoriumbr Re:Make round-up ready beans (228 comments)

Sorry, I meant "every one voting for Roundup Ready"...

about 2 months ago

DNA sequencing of coffee's best use:

thoriumbr Re:Make round-up ready beans (228 comments)

Round-up ready? Are you serious?

Every one voting on this never ever saw a coffee plant on his whole life!

I once worked on a coffee plantation, and we used Round-up to kill weed, and the coffee plants never noticed anything...

about 3 months ago

Linus Torvalds: 'I Still Want the Desktop'

thoriumbr Re:Am I Missing Something? (727 comments)

What, then, am I missing? What is this "Linux desktop" that everyone claims is not yet here?

Yes, you are missing something...

I am a Linux desktop user since 2001. Things now are way better than then, when ./configure && make && sudo make install where required to almost anything. When drivers where a problem, and other quirks.

But the Year of Linux on Destop will happen when Linux marketshare hits double digits. When you see hardware with stickers featuring a small penguin and "Linux compatible" bellow it. Before that, there's no Linux on mainstream desktop.

When Linux ceases to being "nerd's operational system", we would be there. But not yet.

But with Microsoft messing up with every OS release, tablets and phones dominating even the console area, web apps doing almost everything, and the PC market disappearing, I think we will be there soon. As soon as we realize that the desktop market is not that important anymore...

about 3 months ago

Microsoft Black Tuesday Patches Bring Blue Screens of Death

thoriumbr Re:I have a solution for impacted users (179 comments)

This is a quick and dirty procedure and leaves the update itself in an indeterminate state.

Quick if you live in an area with lots of cloned Windows around.

Not that quick if you have to call a few friends, ask they Windows' versions, get a match, grab a pendrive, drop by the friend's house, copy the files, use the friend's computer to download and burn a rescue disk, drive home, and proceed to step 2.

about 3 months ago

Exodus Intelligence Details Zero-Day Vulnerabilities In Tails OS

thoriumbr Re:FUD? (132 comments)

I don't think this is FUD.

If any government gets to know that you have an exploit for a very secure system they are targeting, you will surely be contacted and will earn a lot of money. Disclosing the vulnerability to the mantainers will destroy a great part of the value.

I would tell it's FUD if the vulns were advertised by some competing Linux distro.

about 4 months ago

Wireless Contraception

thoriumbr Re:Downsides (302 comments)

EMP pulse? What dystopian Matrix-like world do you live in?

No, it's not paranoia. It would be accidental, not some nasty action from any government. EMP can arise from some special situations.

Several years (decades) ago, a design error on a computer power source created an EMP every time you turned it on. If you left any storage media around, it would corrupt data.

Where I live, there are some devices used to demagnetize smart tags on supermarkets, they create a small EMP too, and could cause problems to the chip.

about 5 months ago

Wireless Contraception

thoriumbr Downsides (302 comments)

I have read the same news from another source, and was discussing it with my coworkers. I can see at least four downsides:
1 - We still have to transpose a barrier on implanted chips. People don't like this idea.
2 - It can and will be interfered with, and make women pregnant when they don't want to. Even they trying to make the chip hard to interfere with, everybody working with tech knows that is not always possible. And a small chip on the hands of thousands of people will be a valuable target.
3 - It can malfunction. Like the above, things go wrong, and a recently implanted chip going crazy and releasing all its hormones on the body of a midterm pregnant woman will be nasty. It is made to not be removed even in the event of a pregnancy, so it's possible to happen.
4 - It can be damaged by an EMP pulse. If it's implanted on the arm, the body will get in contact with a lot of sources of electromagnetic radiation, like microwave ovens, cell phones and other transmitters, car ignition systems, and so on. Those sources can interfere with the chip.

about 5 months ago

The lightbulb I've most recently acquired ...

thoriumbr Re:Oddball (196 comments)

Bulbs in refrigerators, on the other hand...

If you keep your refrigerator open for long enough to the incandescent bulb heat the inside, you kept the refrigerator open long enough to heat the entire room...

about 5 months ago

Banking Fraud Campaign Steals 500k Euros In a Week

thoriumbr Re:What OS does this targeted banking fraud run on (35 comments)

Ok, let's elaborate...

Usually, the C&C server is a rented virtual server, hosted on a "cloud provider" with little regard to identity verification. Those servers are always paid for with money from an untraceable source (like Webmoney or Western Union). This makes very difficult to track identities from the server to the money, and from the money to the owners of it.
VPS providers running Linux are plenty out there. And a remote Linux server is easier to manage than a remote Windows server [citation needed]. Deploying the C&C server infrastructure on Linux, using stolen SSH passwords with bots is way easier than do the same using rdesktop to deploy the infrastructure on hacked Windows servers.
So, probably the server is a virtual Linux server sitting on a datacenter, and the owners of the datacenter may not be aware of the fact that they host a C&C Server.

On the client side, they are surely running Windows. Compromising a Windows user is easier than a Linux user. Linux users generally does not run SSH, Apache, MySQL et al. Linux servers do. On the other side, there's a massive amount of pirated versions of Windows XP vulnerable to a wide range of local and remote exploits. Sending a threatening email with a link is a very easy way to get a user hit a site hosting an exploit pack and get infected. From there, the computer is owned and the user is owned as well.

It can be a directed phishing. If someone had access to the bank's client list, they can send a very convincing email with real data, and get a lot of customers infected. If they send a generic email to a lot of unrelated people, someone will notice and probably inform the bank of the attack.

about 5 months ago

Fifty Years Ago IBM 'Bet the Company' On the 360 Series Mainframe

thoriumbr Re:software (169 comments)

Looks like you know nothing about mainframes and "aged technology". I work with mainframes. zVM, DASD, DirMAINT, RACF and other buzzwords are in my resume, along with Linux, Java, PHP, XML, jQuery, MariaDB, HTM5, Eclipse and others.
Mainframes are not aged technology. They are perceived as such by small companies and people. Big companies with big bucks know a lot about mainframes. They know mainframes are the most reliable hardware platform on the market today, and I guess it will continue as so for a couple of years, because mainframes were made from the start to be reliable. Other platforms got they reliability implanted on them. Mainframes were designed reliable and resilient.
Mainframes today runs Linux too, not only the "aged mainframe operational systems." And here we have mainframes running hundreds of Linuxes with jBoss. They are about to be orchestrated by OpenStack, so managing all this "aged technology" will be done in brand new Android and iOS tablets.

Job prospects in my area, at least for the next decade, are very good. Half the openings in my area are still open, paying for a intermediate zVM administrator almost twice what a senior Java programmer or MCSE will receive. And there's no people applying!
But if the mainframe job market have a problem, is lack of people. Mainframes are not user friendly, and youngsters are not likely to devote two or three years learning something from the grannies, on a very harsh learning environment, with a step learning curve, when all their peers are talking about creating a new app and selling to Google for a gazillion dollars.
Peer pressure is a greater force than job prospects. I faced this pressure when I talked to my peers that I was learning mainframe and everybody laughed at me. Now I earn 3 times what they do, and I am training some of them to work with me.

about 8 months ago

Twister: The Fully Decentralized P2P Microblogging Platform

thoriumbr Re:well... (169 comments)

Not only that, it says "can be compiled for Linux, Mac, and Android". What about Windows?

The front-end is HTML5/Javascript. The daemon is written in C++, using a few open source libraries. It would only require a good C++ developer to port it to Windows.

And the entire protocol is opensource, the core technologies are opensource, so anyone with a good knowledge in C++ and any other language can port it to anything...

about a year ago

BlackBerry Sues iPhone Keyboard Maker Typo

thoriumbr Re:Typo? (226 comments)

Yes, and you can use it as an excuse when you "mustype" something:
-It was the keyboard! It's a typo!

about a year ago

Mexican Village Creates Its Own Mobile Phone Service

thoriumbr Re:Max 5min on calls (110 comments)

They have a small, experimental tower, and users can saturate it quickly. Limiting each call to 5 minutes means that even on a saturated situation, everybody can use the system. You get dropped and enter the queue, and you can be sure that you can get access again later. If there's no such rule, some users could talk 4 hours straight and deny access to every other user. Here in Brazil we have dropped calls every few minutes and almost everybody accepts this as normal, so I guess the Mexican folks can handle that fine.

about a year ago

Security Researchers Submit Brief For Andrew "Weev" Auernheimer

thoriumbr Re:Sorry (161 comments)

Let's pretend you have a million bucks on some bank (do you have, don't you?). The bank says it will protect your money with their lives, and everything is secure. Someday you hear that one researcher (or troll, or terrorist) went to the parking next to the bank, started a sniffer, and discovered that your bank uses unencrypted WIFI networks, so he added a private IP address to its network card and could access all bank servers and read data from any account.
Who would you blame? The bank or the guy?

I still think that Weev is not a saint, but AT&T is to be blamed here. AT&T had to get a hefty fine for gross negligence, putting hundreds of thousands of customers in danger. Weev must be fined too, but serving 41 months of jail time is too much, IMHO.

about a year ago

Security Researchers Submit Brief For Andrew "Weev" Auernheimer

thoriumbr Re:LOL (161 comments)

No, Weev is not an independent security researcher, he is a troll. BUT he used the same tools the researchers uses. It's like passing a law outlawing the use of lockpicks. Surely all thieves would be affected, but it would affect locksmiths too.
If Weev loses the appeal, the traffic on full-disclosure mailing list will drop a lot. If I discover a bug on Paypal website that allows anyone to access a third party's account, and I inform Paypal, I would be guilty.
Even Weev being a troll and thinking on making profits over the AT&T mistake, the problem is shifting the blame for exposing the innocent victims from AT&T to Weev. The way this is going, looks like AT&T did everything right, responsible, blameless, and a evil hacker with super-human powers hacked their NSA-grade secured servers and stole the data, when what really happened was that AT&T didn't even bothered to protect the data in any way.

about a year ago

Are You Sure This Is the Source Code?

thoriumbr Re:more difficult in practice (311 comments)

Nothing that the might checkinstall package cannot solve. Install it on your compiling machine, ./configure && make && checkinstall make install

It will create a shinny native package, compatible with your distro, ready to be installed with dpkg, yum, or whatever package manager you happen to have...

Or go full source and get a Gentoo distro...

about a year and a half ago



Sophos detects itself as malware, deletes himself

thoriumbr thoriumbr writes  |  more than 2 years ago

thoriumbr writes "False positives are common on signature-based detection engines. But what can go wrong when the engine detects itself as malware? In the Sophos AntiMalware case, vital binaries got deleted. In some cases, the Update function got deleted too."
Link to Original Source


thoriumbr has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?