×

Announcing: Slashdot Deals - Explore geek apps, games, gadgets and more. (what is this?)

Thank you!

We are sorry to see you leave - Beta is different and we value the time you took to try it out. Before you decide to go, please take a look at some value-adds for Beta and learn more about it. Thank you for reading Slashdot, and for making the site better!

Comments

top

Sony Pictures Computer Sytems Shut Down After Ransomware Hack

vlueboy How do WE fight this? (147 comments)

Ransomware sometimes uses TOR to avoid detection and serious encryption that no techie can undo. I am starting to get really worried that ransomware will become as common as IE-hijacking browser toolbars. It is easy money. This will be a huge problem. I'm even went through the trouble of logging in to ask how we can fight to nullify ransomware.

1 employee inside our company saw some form of ransomware a year ago. I'm sure he lost all the business data. We are not the NSA and therefore can't decrypt it after purging the "virus" exe without the private key on their servers... period. Most random people online do not realize this, from the desperate forum posts I find.

When ransomware has all your local documents for work encrypted, you will have enough motive to pay the 500 Euros to Cryptolocker and Cryptowall 2.0. Backups are rarely if ever applied on homes and laptops. Laptops are a huge business driver, and the above employee was using one. I hear from forums that sometimes ransomware snags your *shared* network drives, so you lose gigs of crucial data.

Now, most of us still haven't been affected, thankfully. Let's speak from a point of view of "how do I keep this from ever becoming a reality?" What's best?
- Backups? We will get hit. Same as spyware hits the most conscientious of users. Does anyone know of an OSS backup where you can "hide" the target USB drive or partition from the user (so the ransomware won't just up and pave it over along with the My Documents, Desktop, D:, Local network drive targets)
- Prevention: Do we double up on freeware options despite the performance penalty? (malwarebytes, Windows defender or whatever it's called today)
- "Shadow files" apparently get saved automatically on Windows 7 (don't know if you need to have paid for Ultimate like I did). This is great because you can revert an encrypted document, but Windows' GUI isn't equipped to fix files en-masse and utilities are required. The one I saw still gave you some cumbersome folder GUI that wasn't as easy as "revert all in this folder". Are there any savvy things out there to make this easier? I haven't explored Time Machine for MacOS. And this is windows

This is my Scientific Linux box. Much ransoming won't be happening here, but one of my neighbors got hit a few weeks ago on Windows, despite running some form of protection. I heard of one other person who apparently lost files, but I haven't personally confirmed what hit them.

-vlueboy

10 hours ago
top

Japanese Maglev Train Hits 500kph

vlueboy Re:510kph is airliner speed? (418 comments)

Nice. It's neat that this was uploaded just a few days ago.

about two weeks ago
top

Apple Pay Competitor CurrentC Breached

vlueboy Re: It's Ironic... (265 comments)

A credit card isn't cash, credit cards emit a very long paper trail. Imagine how easy the police's job would be if criminals actually used credit cards in the manner you describe.

Who says they *don't*? They just use someone else's credit card.
Fraud paper trails are useless when your shadow is working from a different country outside jurisdiction. And even from within the US --most fraudsters take years before they leave enough bodies of evidence for the cops to care to track and stop them.
At most you will be offered a new CC number, and the criminal will pick on someone else... but there's no certainty that
1) the pseudonymous perp has gone to jail because of messing up
2) that he won't find you again.
Scary stuff.

about a month ago
top

Cell Transplant Allows Paralyzed Man To Walk

vlueboy Re:God is a douchebag (161 comments)

All of that means nothing to me. Quoting scriptures to a non believer is useless.

I'm not penguinoid, but am the (now GP) poster you've replied to. I feel sorry that the sorry state of the world makes so many of us feel that way about God.
Quoting scriptures is valuable because "All Scripture is inspired by God and profitable for teaching, for reproof, for correction, for training in righteousness; so that the man of God may be adequate, equipped for every good work." (2 Timothy 3:16)

Some non-believers start to believe, even when you personally may not yet do so:
"Now there was a man named Simon, who formerly was practicing magic in the city and astonishing the people of Samaria, claiming to be someone great; and they all, from smallest to greatest, were giving attention to him, saying, “This man is what is called the Great Power of God.” And they were giving him attention because he had for a long time astonished them with his magic arts. But when they believed Philip preaching the good news about the kingdom of God and the name of Jesus Christ, they were being baptized, men and women alike. Even Simon himself believed; and after being baptized, he continued on with Philip, and as he observed signs and great miracles taking place, he was constantly amazed."
(Acts 8:9-13) The parable of the seeds and the different types of metaphorical soil also comes to mind, about the ways the message is received differently due to pressures of daily life.

If you're right and I'm wrong, then your god is an asshole who doesn't deserve my worship.

It's common to talk about human law enforcement in a similar way, and it is a normal reaction to curse the persons of authority who aren't stopping our suffering immediately. The scriptures show that we're in the wake of the problems a select few allowed to enter into the picture. Man's willing disobedience started all this, not without a caring God's warning against it. Adam and Eve know death was the result of choosing the road of rebellion even knowing that we'd all be nonexistent today if the God had simply executed them on page one of our book of humanity. (Gen. 3:1-6) But his plan is to deliver results to those who want to follow. This will also prove that all other choices away from God will fail as man tried to direct his step for thousands of years without conquering suffering and death. (Jeremiah 10:23)

God isn't at fault. My last scripture in the GP post shows a small part of what He'll do. The same God was willing to go through a ransom to pay Adam's bail despite man's original betrayal:
"For God so loved the world, that He gave His only begotten Son, that whoever believes in Him shall not perish, but have eternal life. For God did not send the Son into the world to judge the world, but that the world might be saved through Him." (John 3:16)

This highlights we each have a choice, with future blessings that won't end or permanent death in sight. As Morpheus said, the freedom to take the steps comes from us, who are being shown the door via the bible's message. It is much easier to "believe" once we the "signs" of the last days get to the point of the war of Armageddon, but it may be late to reassess what steps to take flat-footed. I hope that this can help see why some Christians will continue to be eager to share the message even going as far as following Jesus's directions to go house to house to people despite the dangers lurking behind each new house that is dissatisfied with false followers' actions. Many are already glad of what they have found and what God will bring after death and suffering are out of the picture again.
Cheers.

about a month ago
top

XP Systems Getting Emergency IE Zero Day Patch

vlueboy Re:just kill them already (179 comments)

Use Chrome or Firefox when browsing, and if possible remove Flash and Java (I actually removed Flash about half a year ago for security reasons, and found that, for the most part, I don't really need it anymore). Note that this exploit was performed with the help of Flash as well - nothing to do with XP.

For those whose flash lockin is Youtube content (Let's Play videos), I finally found an answer to questions I'd explored months ago. We are forced to allow flash before seeing some monetized content. It's annoying how Google refuses to give you flash-less webm and mp4 streams and even lies that Flash is a must --until you force the right browser identification strings.
The Video without flash extension for firefox is a welcome solution for Youtube and some other mainstream sites known to have HTML5 video content.

The extension gets around the problem and you can use content such as mid-quality Webm. Though there are a few bad videos still, it's 100 times more effective than the rigged HTML5 "trial" youtube offers. I enjoy longer battery life. I also enjoy skipping like in olden times *without* a crippled default flash player that insists on DISCARDING the full video's past and future on *every* click.

about 7 months ago
top

U.S. Aims To Give Up Control Over Internet Administration

vlueboy Re:Oh just feking wonderful... (279 comments)

This is exactly why international phone calls are impossible and the telephony system is so broken... oh, wait.

The ITU is controlled by the UN and the phone system works just fine

Now that you mention it, how are those non-deterministic 011-xx-mmm calling codes AND uneven international phonecall rates* working out for your definition of "just fine"?

Thanks to your comment I now see this is a great opportunity for organizations to troll for unanimous approval of distance-based (or at least tld-based) dns resolution "fees", as well as... off-peak rates, "roaming" away from favorite areas, and the like of today's US telco non-sense.

You may restrict yourself from browsing certain domains, but you still can't prevent emails from reaching you from un-protected domains. And given how little control we have over today's incoming email, spammers in cohoots with the new overlords will love to generate revenue-generating spam. We never stopped SMS spam, or even charges for receiving phonecalls.

The NSA has contingency plans after all, and this is a Snowden-based fake-out against only non-technical people that looks good on paper for US-based e-commerce and cloud tech. It's a symbolic gesture to wash their hands when people come looking, while they still have their hands in the regional DNS with plausible deniability. It allows for backroom deals between a few governments (which may or may not still be making deals with the USA) so pricing is not so far-fetched since the US can no longer overtly enforce the one-mind nature of its dictatorship over dns. Grass is always greener on the other side, so we'll need to see where this still leads. But there'll never be a turning back.

* Last I checked, a call from the the New York to CUBA cost about 3 times as much as a call to Mexico, which is a few more thousand miles away.

about 8 months ago
top

The Spy In Our Living Room

vlueboy Who said steganography only works one way? (148 comments)

I guarantee you that the Kinect does not transfer that kind of information to Microsoft since it will be caught and there will be outrage.

Obviously, if they were planning on using the device to spy on people, it'd be for extremely targeted operations, activating monitoring mode only for certain people, and therefore not likely to be discovered.

Why not send the previously collected bursts while you're playing games? Remember the big stink about the last generation of games needing to be online originally? well, we're already all doing online games and services (netflix, Facebook, twitter) on the TV anyway. The XBOX data can go wherever it is the online data servers are, and distributed man-in-the-middle-style from there to MS, and thus, the NSA. Just sneak a bit at a time into the game / video / DLC bursts and encryption will hide the rest.

about 9 months ago
top

US Carriers Said To Have Rejected Kill Switch Technology Last Year

vlueboy Re:Android already has this... (197 comments)

I don't know what you're talking about with Exchange.... Activesync doesn't allow your Exchange Administrator to wipe your phone. He can only wipe the emails on your mail server, and THAT'S IT!

Must be a troll, given the bait-y capitalizations.

I'll just leave this right here Control + F , type remote wipe.
If "they" let YOU administer it from your own webmail interface, why WOULDN'T the server administrator with a vested interest in their company-attached device be mightier than the BYOD peons?
I turned it off and killed the permissions when I realized that vengeance, incompetence, or a virus might trigger this stuff.

They don't even implement this on laptops, which are more likely to have your work files than cellphones. So why so aggressive on the security hole of their preference anyway?
It's not access to data they're safeguarding, since they don't enforce even half of the wipe privs if you just browse your email on the smartphone.

about 9 months ago
top

Google Apps License Forbids Forking, Promotes Google Services

vlueboy Take a break from Slashdot Fantasy World (163 comments)

Why'd you buy a phone that couldn't be rooted?

  • In the real world, people walk into a store with no research whatsoever and blow money for what's got fame and good marketing, even if it sucks. Or did we forget that there ARE Zune, windows 8 and Windows Phone lovers on this site?
  • In the real world, alternatives do not exist for everything. See the HD-killed-high-res-screens debacle. See the hardware-keyboards-smartphones-are-scarce standard
  • In the real world, you buy devices that cannot be rooted or unlocked because it's a pain to leave your carrier, (we're not Europe), there's network effect (aka peer pressures ... how did Facebook become so big?), and premiums aren't everyone's cup of tea.

That you stop to interrogate this one user as if he'd violated some law shows just how blinding self-selection becomes... you've forgotten that we don't sign a contract to follow all these tenets you hold unthinkable to ignore. Just because we are slashdotters does not mean we're ALL zealots.

about 9 months ago
top

Nokia Turns To Android To Regain Share In Emerging Markets

vlueboy Sadly, no (146 comments)

If someone would make a proper Android keyboard phone I would buy it.

Being a different presentation medium killed that chance right off the bat, sadly. Touchscreen input, specifically, makes it so you can change software keyboards at will. Apple, never offered hard keyboard support on their "hip" tablets and phones. The clickwheels on the moderately ancient iPod design should have been a hint that input tech trends would never be the same.

This is a losing battle for us everywhere. HPs and other low-end desktops opted for full size keyboards w/laptop-like blunders --for no sane reason, so even desktops are slowly losing the freedom we used to enjoy, and no good choices are being offered.

Today, ALL mobile manufacturers ignored Blackberry's coveted keyboard layout (probably due to patent issues?) and bypassed the Windows keyboard, altogether. Even a $650 high-end Samsung smartphone lacks hard keys. If even laptops are losing, and Mobile is even more bleeding edge than them, where can we go? Bluetooth keyboard layouts suck, and desktop-sized BT keyboards do not sell at brick stores even in large cities, no matter what price tier.

about 9 months ago
top

Chrome Bugs Lets Sites Listen To Your Private Conversations

vlueboy Re:Small steps to Total Surveillance (109 comments)

Even if you signed into a website without ticking "remember me" or "log me in automatically", Chrome would happily keep those session cookies so that on restart you find yourself still logged into those websites.

Again in response to the uproar, Google said this was the behaviour they wanted for Chrome and user should manually sign out of each and every website each and every time before closing Chrome.

Google's "behavior" yet again shows their twisted anti-privacy slant. I don't wanna know just how much Chrome has contributed to
1) loved ones spying us
2) lost passwords due to complacent workers who never hit log out

Just today I got yet another user who made me wonder just HOW people never learn their passwords and manage to keep logging in for 2 years, till their laptops are lost or refreshed. Between site-controlled "remember me" boxes and lazy browser culling, I think this solves the mystery. Thanks for opening my eyes to another frog boiling attempt.

about 10 months ago
top

Chrome Bugs Lets Sites Listen To Your Private Conversations

vlueboy Re:2014 (109 comments)

The alt browser with the restriction options I mentioned was either iCab or Opera, btw.
-vlueboy

about 10 months ago
top

Chrome Bugs Lets Sites Listen To Your Private Conversations

vlueboy Re:2014 (109 comments)

They do something. They click on the page.

Popups are allowed from a valid onclick event so the ads put a onclick event on the entire page.

Not the whole story. Internet Explorer, that ol' browser none of us use when idle, is pretty aggressive blocking even onclick.
It makes little sense that it's a default setting, and I can't recall.
My first sense that browsers were in bed with the bad guys was 10+ years ago. I found some alt browser that expressly allowed me to block annoying behaviors:
* scripted window movement and resizing
* status bar text changes (crudely obfuscating hover text when you want to see where you'll land)
* hide the menu bar, navigation bar and url so as to give a small HTML window popup (so you can't tell what url it loaded, how to turn back without keyboard [obscure to Joe Sixpack], and what domains to ban)

All three of those may have had true uses before web 2.0 during your banking or e-commerce session. But today, css and floating divs can be used to blur the window selectively as to highlight the necessary context. They are vestiges that are not needed by legit sites, and yet are overused by sneaky sites. Browsers phased out blink tags, http + https iframe mix, urlbar javascript execution and other stuff, but don't get rid of pop unders, even as an option somewhere? intentional

about 10 months ago
top

Stop Trying To 'Innovate' Keyboards, You're Just Making Them Worse

vlueboy Re:Isn't just the keyboards (459 comments)

Agreed!!!!

With the number pad, it feels like I'm typing with my whole body slightly twisted to the left - to the point that I much prefer to use my laptop in the docking station.

Kind of pointless...

Love the industry's hubris to standardize a number pad on 15 inch laptops...redundant!
and STILL managed to crunch the arrow keys and mess with the Home / End placement. PC gamers have really complicated setups that need the keys to be in specific places. The home row is sometimes used as a secondary WASD control area where you can rest your right hand to issue commands. An N64 emulators I used years ago suffered when I used a laptop because the four c keys to play Link's ocarina were out of order with respect to the fullsize desktop keyboards.

Why don't they sell fullsize bluetooth keyboards at small stores for the purpose of controlling android phones? no, apparently all cheap keyboards target some sort of tablets-mount standard that was silently pushed out to the world. Even fullsize keyboards are increasingly pushing forced innovation.

about 10 months ago
top

Driver Privacy Act Introduced In US Senate

vlueboy Re:I'm not for driver's "rights" (69 comments)

Walking is also a privilege, not a right. You will comply when gov't requires you to wear a GPS device around your neck at all times to track your location. It is for a safe and efficient society.

You mean a cellphone? ;)
Pardon my 2 year old stats...
http://arstechnica.com/business/2012/06/prepaid-mobile-phone-users-in-america-hit-record-high/ says most US phones are run by contract (75% users as of that article posting)
IIRC, contracts normally come with carrot-stick: you actually want those hmmm-tasty subsidies to knock half off that phone's MSRP, so you must pass a credit check. But that credit check is tied to your social security number, which gives the government your identity. And my retort isn't off: http://arstechnica.com/business/2012/06/prepaid-mobile-phone-users-in-america-hit-record-high/ 80+% of Americans owned a cellphone back 2 years ago.

about 10 months ago
top

Driver Privacy Act Introduced In US Senate

vlueboy Re:All for votes! (69 comments)

Eye witnesses are far less of a concern than everything else you listed. People won't remember you in the least, and there isn't a central recording for all (or a select few thugs) to see.

There will be an app for that.

All brought to you by a nice Google Glass collection front-end

about 10 months ago
top

SCOTUS To Weigh Smartphone Searches By Police

vlueboy Re:Lock code.. (201 comments)

the world has changed in the last 12 years that you've had your head buried in the sand... nowadays police don't need warrants for anything

I thought GP was going to cite what I was thinking about in that quote.

They do indeed still need a warrant. It's the law. If you keep everything encrypted you are protected from any law officer under the delusion that they don't need a warrant.

Let's face it, law officers aren't the brightest people. In fact you are automatically disqualified from being in law enforecement if your IQ is high enough.

tldr; use encryption, protect yourself from dumbfucks.

You didn't either. What I was looking for is what I've heard about forensic tools that are now available to any cop, if I recall correctly, where they just plug in your phone and sluuuuurp! Done!
So you don't even need to unlock it, regardless of whether it's iOS or Android based. Since the US government has agreements with all those companies and there are backdoors in everything, the war is lost if the device leaves your hands, being it the good guys, or the bad guys.

http://www.androidauthority.com/xry-software-crack-ios-android-70132/ (plus some irony in the comment section given those were made in pre-Snowden days of 2012)
http://www.hotforsecurity.com/blog/us-police-forensic-tools-can-collect-suspects-smartphone-data-without-warrant-aclu-says-5574.html

Because given misunderstandings, the only good guy when it comes to your personal data is your own self. Nothing will stop "parallel construction" from creating a probable cause to view your data in some new light.

about 10 months ago
top

Ask Slashdot: Are AdBlock's Days Numbered?

vlueboy Re:NoScript (731 comments)

Works for me.

No, really, it does - for the websites that I absolutely have to access no matter what, I've already whitelisted them. For everything else, I couldn't care less.

One of the only problems is when you have to lend someone your seat. Don't get me wrong --I use NoScript and maintain my lists on-demand too, and page loads are awesome with JS off by default... but here are some examples of what this does to others:

I can't hear the music on this streaming site!
My flash games aren't showing!
I can't see xyz button on the page, or clicking does nothing!
I can't see the videos on Youtube! your PC is broken!
FB is broken!

You can do "temporarily allow" for a few domains that day, but every new site they visit will probably not be in our geeky pre-processed list, requiring you to step in to fiddle with their mouse several times. AND they'll open you up to cookies that will remain long after you deny all the JS.

about 10 months ago
top

Ask Slashdot: Are AdBlock's Days Numbered?

vlueboy Re:NoScript (731 comments)

...and suddenly the pages stop working altogether. It is trivial to make a page that is empty and use JavaScript to load the contents of the page. If these guys resort to AdBlock-detectors, why do you think they would allow NoScript to circumvent that?

The web stopped working long ago because HyperText was not intended to use dynamic modules and plugins (flash, vrml, quicktime, realplayer --we've been dancing around presentation pretty badly because apparently only academia likes text and static jpgs). When you come from google to visit a forum to grab info or files, it may want you to register, or says the thread is 404-long-gone. Worse yet, the web has also added paywalls, interstitial ads, captchas and download counters.
Here's a recent example: Do you like fanfics? Go to http://icybrian.com/ and click on "Fanfic Library" on the left.
Go, I'll wait...
.
.
.
Thanks, PHP and Mysql!
Look at the site edit dates. That content is probably lost forever unless archive.org and simple url slugs were slurped. None of this is sign of a "healthy web".

Dynamic content introduces slowdowns and more points of failures. It is barely progress --to get back to the topic at hand, it was precisely javascript that brought us slowly to this point...
Noscript is just forcibly removing the veil that AJAX donned on every one of us under the gospel of web 2.0. Any public content that cannot reliably slurped for posterity without masquerading and running extra code, does not deserve to be there temporarily either.

about 10 months ago

Submissions

vlueboy hasn't submitted any stories.

Journals

vlueboy has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?