Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
Trust the World's Fastest VPN with Your Internet Security & Freedom - A Lifetime Subscription of PureVPN at 88% off. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. ×

Comment Re: liar (Score 1) 564

If he takes a ride in a diplomatic car, local cops can't touch him.

However, they can touch him before he is even able to reach that diplomatic car. Indeed, the Ecuadorian embassy is in a multi-tenant building, and the staircase leading from the embassy to the parking garage is not extraterritorial. And British cops do indeed hang around in that staircase, exactly to prevent this from happening.

There would still be the possibility of valise diplomatique but that one is only protected as long as there are no obvious signs that it contains something else than documents (and a huge trunk giving off infrared radiation due to body heat obviously does not contain only documents...)

Leaked documents reveal Ecuadorian Embassy's 'disguise' escape plan

Comment Re:Not sure what to think.... (Score 1) 798

You don't need to be convicted or even charged with any crime or act to be pardoned. A pardon is essentially the head of the executive branch saying the executive branch will not execute laws in regards to a specific person, situation, etc.

How would that work if you're only in charge for 2 more days for that executive branch? No, a pardon is much more, it actually reduces/negates the sentence.

Moreover, even the head of an executive branch cannot "pardon" everybody in his jurisdiction in all circumstances. Here's a case where the governor of Florida tried just that, and was stopped by court.

Comment Re: Linux router (Score 1) 137

The trouble is that more and more sites are now not allowing you to access them without turning off your ad-blocker.

Indeed, there is the German tabloid "Bild Zeitung" which does this (no big loss...). Which other site does this?

And, if you are so inclined, Bild's block is easy to subvert: just do View->PageStyle->NoStyle. Yeah, "No Style", quite fitting for that rag.

Comment Re:If you can touch it, you can own it (Score 1) 89

Which is of course not true if "own it" means "access data encrypted with a strong key and a non-trivial-to-brute-force password".

Not true. The kernel and initramfs itself need to be stored in cleartext (or else, how would the machine boot?). So, the exploiter would proceed as follows:
1. Use the vulnerability to get a root shell
2. Doctor a couple of scripts to log encryption password, or to inject a script into the root once encryption password has been entered.
3. Use cpio and bzip to build a new initramfs from the image in memory
4. Write that image to the appropriate part of the (cleartext) boot partition.
5. Log off, go away, and wait for a legitimate admin to log in, triggering the booby trap.

Comment Re:Known this for some time: with proof. (Score 1) 115

Blocking that /12 will unfortunately block hundreds of thousands of "perfectly legitimate" sites... essentially anyone deigning to use AWS. Kontera just happens to be one of the users.

Well, it's not as if this was any surprise. The WOT issue has been in the news for several days already, and apparently Amazon has not "deigned" to to do anything about it yet. Indeed both still reverse resolve to kontera.com... or did Amazon actually kick Kontera, but just forgot to update their name server?

When choosing a cloud provider, smart users also consider the provider's reactivity, and his willingness to protect his legitimate customers' reputation and Amazon indeed seems to be lacking in this area...

Comment Re:Known this for some time: with proof. (Score 1) 115

Just out of curiosity, I checked the web server logs for this user agent on 3 servers that I administer, and indeed I found a number of accesses using this user agent on all 3 of them (but in our case unfortunately none that are obviously not public knowledge). The most frequent IP (91 accesses) using this user agent was 52.71.155.178 and this is indeed nat-service.aws.kontera.com. This was followed ex aequo by 54.209.60.63 (also nat.aws.kontera.com) and 99.63.100.174 (99-63-100-174.lightspeed.bcvloh.sbcglobal.net)

All accesses were suspicious, as they are obvious bots (it only accesses isolated URLs, but never any pictures nor other dependent content such as CSS), yet they masquerade as a interactive user agent (Mozilla on Macintosh).

I promptly lodged a complaint at abuse@amazonaws.com.

I recommend other webmasters do the same (i.e. check your logs, and if you find any similar occurrences, complain loudly to Amazon)

Whois tells that the IP range is 52.64.0.0/12, in case anybody wants to firewall this.

Comment Re:Issue with batteries or with phone design? (Score 1) 110

Batteries have a higher energy density than explosives.

So does pizza.

... and the funny this is that according to Wikipedia it's actually true about pizza, but not about explosives...

Lithium batteries are just behind explosives (TNT, Gunpowder), but far behind foodstuffs (Carbohydrates, Protein, Fat). Look it up!

Slashdot Top Deals

Any sufficiently advanced bug is indistinguishable from a feature. -- Rich Kulawiec

Working...