Slashdot is powered by your submissions, so send in your scoop


Forgot your password?
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Comment Companies keeping records... (Score 1, Insightful) 146

Since when is this NEW? All major telcos keeps records of activity by their own customers. How the hell do you think they even bill you in the first place? They just arbitrarily make up numbers!? (oh wait, we're not talking about Comcast here, are we)

For every single person I've had to help service and get into their phone information through their carrier, the carrier's web site for that account has a full detailed history of every single incoming call, outgoing call, time of call, duration of call, and other various tidbits of metadata.

Now, some want to scream "HOLYSHIT, MASS DATA TRACKING!!" - Now compare this to the DEFAULT configuration within Apache or Nginx, which literally logs every single web site request to itself, along with IP address of requester, time of day, URL of request, etc...

And also, about physical location information. How the hell do you think the cell phone network works in the first place? Your wireless phone isn't some magical device that works EVERYWHERE. It is highly regionalized for communication. It has to connect to a base station somewhere close by (sometimes smaller than a quarter mile within a big city, upwards of 10-20 miles out in the open country). Each of these stations has a unique ID to them, too. Why is that needed? So the damn phone company knows how to route a call to you when you receive it!

Comment Re:And... NO CONTRAST (Score 3, Interesting) 317

Sure, for an extremely exaggerated definition of "grey" - Just checked SublimeText's default theme: the text color is #F8F8F2, so just a hint of a shade off of absolute pure white leaning to yellow. The background, however, is indeed a "dark grey", but very well contrasted, as it is #272822. The default font is also a nice bold font which is easy to read. The other text editors on your list also follow a very similar style to this too.

Comment Re:Set up correct secondary DNS servers (Score 1) 341

This type of system has already been defeated in the simplest way possible. There was a cracking group that had a DDoS system similar to what has been described for HTTP requests to a page which had a captcha. What they did was accept the captcha, and then forward it onto a porn web site they controlled. For users who want all them naughty bits, those users had to fill out the forwarded captcha! Then that information was sent back into the botnet to "validate" their requests to the intended target.

As long as there is porn online, there will be an easy way to kill captcha! WON'T SOMEONE THINK OF THE CHILDREN AND BLOCK ALL THE PR0NZ OMGZ!?!?

Comment IT and CS need to be split up (Score 2) 527

Information Technology and Computer Science need to be entirely split up. This within itself will virtually entirely solve the problem. The problem right now is that they're treated as one in the same, with the same requirements for entirely different jobs. The programs in school focus specifically on short algorithm design for things like tree searching or solving various mathematical principals. In the real world, however, the primary focus is on finding solutions to either business logic problems or finding new ways for users to interact with their devices and the environment around them. The CS side focuses primarily on the mathematics of computing, while IT focus more on the logical side of computing. Developing a great and simple API doesn't require much of a math background, but needs quite a bit of logical thinking. But again, as stated initially, the schools are only focusing on the mathematical side, which correlates to an extremely small part of the actual tech sector, with the logical side being the majority of the jobs in the workplace. Schools need to finally get their shit together and teach the industry, rather than teach what some particular program is more or less forced upon them by a very few companies that dont fully represent the industry.

Comment Re:Thanks, *hats (Score 4, Insightful) 79

Ya'see, I'm getting sick and tired of hearing this goddamn argument over and over again. "Just make it secure in the first place", like technical security is just a magical flip of a switch. "Oh, Yeah, I downloaded and installed the SECURE library into my app, things are PERFECT now!"

Security is an ever evolving moving target. What is deemed secure today may very well become insecure tomorrow. This is true of both software and non-software technical systems. This is true of both open and closed source software. This research that happened is EXACTLY what we need to ensure security, having people willing to disclose vulnerabilities to the general masses, because similar exploits may exist in other implementations. The alternative is selling exploits on the black market. Which would you honestly prefer?

Comment WRONG (Score 5, Insightful) 181

From TFA: "Dormann said instead of hard-coding credentials or setting default usernames and passwords that many users will never change, hardware makers should require users to pick a strong password when setting up the device."

This advice is just plain wrong. It requires educating every single end user on security best practices. Lately I've seen a trend from ISPs for their router admin pages and wifi access points: they come pre-configured with a randomly generated password for each, which is then printed out on a sticker and stuck to the side of the device. Without physical access to the device, nobody would know the credentials for it. This keeps the burden of security within the realm of those who know what they are doing and making good decisions. The act of using a poor password would then end up on the end user, having to type in the secured password, and then change it to something less secure.

Comment Re:First lesson (Score 2) 135

How exactly would being on a /64 prevent such an attack against a publicly facing entity? These attacks are not address space scanning attacks at all, they are known and publicly published IP addresses (in this case, DNS servers). Flood the public facing IP (the DNS server) would be exactly the same if IPv4 or IPv6. The only thing this would temporarily mitigate is the fact there are far fewer devices/users on the IPv6 network, so less of a botnet to control currently.

Comment Re:Not a fair comparison (Score 1) 519

So much of this! And also, knowing people in helpdesk positions to do extensive tracking of trouble ticket issues in their offices (not IBM, but similar scale corporations), the top support tickets were either account password resets or printers not working or inability to access shared file resources. NONE of these issues had to deal with the local OS whatsoever, but instead had to deal with remote machines. This one particular office used the IBM AS400 server system, and printed reports through it, this would fall under your "legacy" software support definition for sure! The company switched client (Windows XP/7 to 10) and server (AS400 to some web-based system) at the same time, so the same "correlation" of the OS being the difference could just as easily been the same, when in reality it was better server architecture that solved their particular problems.

Comment Re:Can anyone please explain (Score 4, Interesting) 32

The big deal is about big transactions. This most likely isn't going to be used in the consumer credit card / debit card market, but more likely in the large purchase department. Buying a car/house? Waiting a few minutes vs hours/days for credit reports to return. Transferring millions/billions of dollars between accounts, who's auditing it? Blockchains significantly reduce the amount of work in this department while essentially eliminating fraud, since the dollars can be tracked from transaction to transaction.

Comment No more USB (Score 1) 307

Wait, no more USB ports!? Oh wait, no, there it is. It has USB-C. This isn't the "removal" of USB like almost all of the text is trying to portray, this is merely the change from one style of USB port to another. This is absolutely a non-issue. It has been known all along that USB-C was designed from the get-go to be a more universal port, offering charging for laptops too. AND, there is absolutely nothing stopping anyone from using a USB-C to USB-A/B/Mini/Micro/Male/Female cable to plug in literally every single existing USB device into this port. Need more ports? Just get a USB-C to "standard" USB 3.0 HUB.

Slashdot Top Deals

Real programmers don't write in BASIC. Actually, no programmers write in BASIC after reaching puberty.