Catch up on stories from the past week (and beyond) at the Slashdot story archive

 


Forgot your password?
Close
typodupeerror
×

Comment Re:Waste of money, invasion of privacy (Score 2) 75

by jaymemaurice (#56419343) Attached to: Dubai To Launch Digital Vehicle Number Plates

You've never lived in the UAE, have you?

There is auto plate number recognition everywhere.
Almost every vehicle in all 7 emirates has a RFID tag on the windshield because there is one toll road in Dubai. Abu Dhabi has cameras above the road every few feet.
There is CCTV in every mall / parking lot / almost every intersection.
All cell phones are from one of two carriers, with major government influence. The entire country has coverage. Many buildings have femtocells or carrier approved repeater solutions installed. They employ Cell-On-Wheels solutions to augment their network during local events. Owning a cell phone to receive inbound calls (on the cell network) does not cost anything. You can even place all your calls collect.

The UAE doesn't need this. It doesn't change anything. If they need to find you, they know where you are and where you've been. TBH I'm surprised these smart plates don't do APNR/facial recognition of all the things around it.

That said, it's the only place I've been and felt safe to leave my mostly empty wallet on a crowded beach.
They have some of the lowest crime rates while being a country with a huge wealth disparity.
They have a huge public infrastructure investment including roads to nowhere and super cheap useful public services (still no income tax)
You can drive pretty much anywhere - there is not really "private property" land in the American sense. If you look lost while driving near a palace or military installation late at night, expect to be followed (or even stopped) an innocuous looking Nissan Sunny with security.
You see the Sheikh walking about in public like "just another guy" because he doesn't seem to have enemies in the country. You could probably meet him if you had something useful/helpful to say to him.

It's a different world there. I suggest you visit with an open mind.

Comment Evolution prediction of mac hardware by use case (Score 1) 183

by jaymemaurice (#56388033) Attached to: Apple's Redesigned Mac Pro is Coming in 2019

If the remaining good older/affordable apple hardware dies, this is my prediction

"Server"
xserve -> mac pro -> mac mini -> linux pc

Photo/Video content creators
mac pro -> mac pro -> imac/pc

"home users"
imac -> imac -> mac book air -> ipad

students
macbook air -> ipad/chrome book

programmers/mobile content creators
mackbook pro -> macbook pro -> macbook air like macbook

Iphone users
iphone -> iphone -> iphone

iPod touch users
ipod -> iphone

Apple used to have software manufacturers pushing/backing their platform. When it comes to general purpose computing, who's still doing that? Adobe? nah.. Microsoft? please... Avid? you're better off on HP. Autodesk? no. What do mac users do now that needs compute power? Dual boot windows and write on Slashdot blogs...

IMHO Apple needs to step up their game in the PC market, become cost competitive to bring up their user base, or abandon it.

Comment Re:just run the 2nd OS in a VM and call it a day (Score 1) 378

You guys need thicker tin-foil. Having a VM does not prevent the host from becoming vulnerable connecting to an un-trusted network. Since the host controls all the resources of the guest, neither the guest or host operating system is safe from being tracked/hacked etc. on an un-trusted network. if you don't trust the underlying software (or backing hardware), don't connect it to an un-trusted network!

Would a separate OS hooked up to the same keyboard/display and having a separate controller manage the keyboard and display connections make things more secure?? Or would this just another piece of hardware to hide a key logger? I think it's more hardware redundant useless hardware to keep secure. A piece of limited purpose hardware that would go obsolete before the rest of the more expensive hardware attached to it.

I don't think you can do better on the same device than using dual secure boot w/ firmware verification and encrypted drives for each OS. Unfortunately, I don't think x86 computing has ever properly cared about security so you're SOL for truly secure computing on un-trusted networks... too many independent micro-controllers in an x86 system where you can't verify the firmware. Too many legacy holes.

Comment Re:You can view the strings.. (Score 2) 321

by jaymemaurice (#56293423) Attached to: Child Abuse Imagery Found Within Bitcoin's Blockchain

Old news... From the actual block chain itself:

"http://cointelegraph.com/news/113806/warning-kaspersky-alerts-users-of-malware-and-blockchain-abuse

Warning! Kaspersky Alerts Users of Malware and 'Blockchain Abuse'

Kaspersky Labs warns users of a possible exploit in cryptocurrency blockchains
that would allow malicious actors to distribute malware or even images
depicting child abuse.

The warning is the result of research of INTERPOL Cyber threat experts, a group
that includes a Kaspersky employee.

They warn that the extra space provided in each transaction, intended for
notes, messages and as a space to allow additional functions to be built on top
of the blockchain, could in fact be used to spread malicious code or worse.

Kaspersky's report states:

        "The design of the blockchain means there is the possibility of malware
        being injected and permanently hosted with no methods currently available
        to wipe this data. This could affect 'cyber hygiene' as well as the sharing
        of child sexual abuse images where the blockchain could become a safe haven
        for hosting such data."

The blockchain, as CoinTelegraph readers are assuredly aware, is the virtually
unmodifiable public ledger that acts as the backbone for the Bitcoin network.
Once someone commits data to the blockchain, it is there forever unless more
than 51 % of bitcoin miners decide to mine on a modified blockchain that
doesn't include that data. That would be what is called a "hardfork" and would
be extremely difficult if not impossible to pull off, with the current number
of bitcoin users.

Despite Kaspersky's recent warnings, storing illegal data in a compressed
manner has been a concern for the Bitcoin community for a while. In fact, links
to sites containing child abuse images have already been found in early
blockchain blocks and storing an image in a hashed form has also been
accomplished.

Blockchain transactions don't provide enough room to store illegal images in an
uncompressed form effectively. What INTERPOL and Kaspersky seem to be concerned
about is either compressed, hashed, images on the Bitcoin blockchain or
uncompressed images on alternative coin blockchains that allow for more space.

Encrypted and compressed data needs to be uncompressed and decrypted with an
algorithm. Theoretically, since an algorithm is just a set of rules to
interpret data, any code can be turned into any other kind of code. Even the
words of this text could, in theory, be "decrypted" into an image of the
algorithm creator's choosing. It seems extremely unlikely that Bitcoin users
would be subject to prosecution for possession or distribution of child
pornography, when those images don't "exist" without proper decrypting
software.

A more realistic concern would be a small script embedded into the blockchain
that either forces the download and install of more powerful code or somehow
manages to run a damaging script in the few kilobytes of space provided. It
seems it would be difficult to get those scripts to run without user
interaction. Nevertheless, Kaspersky implies that even our private keys could
be at risk.

        "[Blockchain malware] could also enable crime scenarios in the future such
        as the deployment of modular malware, a reshaping of the distribution of
        zero-day attacks, as well as the creation of illegal underground
        marketplaces dealing in private keys which would allow access to this
        data."

Kaspersky stressed that they are believers in decentralized technology like the
blockchain, but pointed out that their role is to identify threats before they
become reality. At press time, there is no known instance of users storing and
executing malware through the Bitcoin blockchain; it is just a possibility that
concerns Kaspersky. They do not, at this time, offer any advice on how users
can keep themselves safe. However, leaving updated anti-virus software running
while blockchains are downloading is probably a good move, even though some
software often finds false positives.

Comments
========

Norton identifies every single cryptocurrency wallet as malware and
automatically deletes it. I'm pretty sure about that as I've tried to run
dozens - and not from small alt coins that might be dodgy, from coins with big
market caps, lots of users, and open source code. You have to restore it after
the fact and tell Norton to let it through.

Personally I suspect that this is the part of the industry making excuses
because they know their products can't deal with cryptocurrency software very
well and they would prefer you to think they are protecting you from these
imaginary threats than to think that they just can't be bothered to update the
way they recognise malware so that it doesn't automatically presume all
blockchain technology is bad.

-Dean Scott Walsh

Kaspersky usually makes a lot of sense, and maybe he's been misquoted, but this
articles makes zero sense to me. How does a few bytes per transactions of
irreversible distributed ledger create a virus risk? Huh? You might want to
focus on say web sites, that have active readers (browsers) that run code. Or
phishing mail with attachments, or operating sytems and virus scanning systems
that blacklist and hence fail open; rather than capability based things like
Qubes that whitelist and fail closed. There is no javascript analog in
op_return data, and no user client software interpreting it as code, so the
articles claim doesnt make sense.

-Adam Back
"

Slashdot Top Deals

All power corrupts, but we need electricity.

Close