Follow Slashdot blog updates by subscribing to our blog RSS feed

 


Forgot your password?
Close
typodupeerror
×

Comment Re:No Good Solution. (Score 1) 188

by sl149q (#46793569) Attached to: Heartbleed Sparks 'Responsible' Disclosure Debate

The answer is actually simple. Once you have determined that there is an (to quote Bruce Schneier) 11 out of 10 security problem you need to get the servers turned off. Everywhere.

If the FBI or Interpol or Bruce Schneier basically said "There is a serious exploit in OpenSSL, you (as in every organization running it) need to shut down every server now, we will provide the details and fix in 48 hours."

Yes, the bad guys will now know that OpenSSL has an exploit. But they won't exactly know where to start looking. And you now have a tilted the foot race for exploitation back towards the good guys. They do need to move fast and get the servers disabled. And perhaps redeploy using alternate non-involved servers (in this case non openSSL.) But that will be better than letting the black hats jump in and know immediately what the exploit is and start using it.

In any case sounds like we need an RFC and strict protocol for this.

Comment Re:Why do people listen to her? (Score 1) 588

by sl149q (#46751119) Attached to: Jenny McCarthy: "I Am Not Anti-Vaccine'"

Science Friday did an excellent interview back in 2008 with a Paul Offet and a concerned parent type.

She went down the list of objections, he kept giving reasonable replies.

She asked at one point "how many studies by the pharmaceutical industry or CDC have been done on vaccine loading". The reply "high hundreds to low thousands".

Her response "I don't believe that."

Basically NOTHING you can say will convince these people. In the end they simply do not want to believe and will continue to put forth their own arguments.

http://www.sciencefriday.com/s...

The whole interview is fascinating, but above exchange is towards the end starting about 15:00.

Comment Re:umm no (Score 1) 267

by sl149q (#46311095) Attached to: We Can Avoid a Surveillance State Dystopia

And the bigger problem is NOT whether we will be tracked and watched but WHICH level of government and to what purpose.

Most people will allow that extensive tracking of their activities is OK WRT to making sure that terrorists can't do a repeat of 9/11.

But once the data is collected will it be put to use by other parts of the government for more mundane purposes.

Should the data be available to other police forces investigating more mundane things like the war on drugs? Money laundering. Remember the data is collected, wouldn't it be easy to use it to help here? Drugs are really bad and the people that sell them are really bad and we need more tools.

What about chasing down murders and rapists? Again, data may help and those are pretty bad people...

What about tracking down people charge with any felony (or your local equivalent)? The data is there. These people are bad. We want them in jail! And we don't want to increase LE budgets.

How about misdemeanours? These people are not as bad, but law enforcement is SO expensive and there are so many of them, and the data is there... please can we have it too!

How about getting tax cheats to pay up? The feds own the data, and they want to use it. Then the states get involved because they have a need to know. And do we really want our local municipal government using this stuff to chase after us to collect bylaw infraction fines and parking tickets? Lest you think this is not going to happen remember that these guys can ALREADY through you in jail if you don't pay all of the above.

At every level the powers to be will say that the data is there, and they should have access to make THEIR particular problem less expensive and more efficient. And they will be correct access WILL make their problem less expensive and more efficient.

And that is what we call a very slippery slope.

Comment Re:False premisis (Score 1) 301

The part that is currently waiting for permits will also carry Brakken oil south.

If KXL is denied you'll see a --KXL applied for. Basically up to the middle of North Dakota and stop. No State Department approval needed.

Then just build a rail depot at the head end and shunt the oil across the border in unit trains until some bright light in Washington realizes that the dangers of rail outweigh any possible benefits from NOT building the last 100 miles or so across the border.

And yes, us Canadians will be building multiple pipelines in multiple directions. There are two in planning stages across BC (one new and twinning an existing one) and a reversal of an existing one to take oil east through Ontario and Quebec.

Comment Re:Current PCs are good enough. (Score 3, Interesting) 564

by sl149q (#45922247) Attached to: PC Shipments In 2013 See the Worst Yearly Decline In History

They did bring back the "Start Button" for 8.1.

Unfortunately not the actual Start Menu inside it thought :-(

The current rumours say we'll see the actual Start Menu in 8.2. That plus auto start to desktop and you are almost back to Win 7!

Will it be too little too late? Under the hood Win 8 is really not that much different from Win 7. Probably better. If you can keep corporate desktop users from having to screw around with Metro ever and make it look like Win 7 corporate use may pickup.

I was in Home Depot last weekend and noticed that the Service Desk computers where still running WinXP Professional.

Slashdot Top Deals

UNIX is hot. It's more than hot. It's steaming. It's quicksilver lightning with a laserbeam kicker. -- Michael Jay Tucker

Close