badger.foo - Slashdot User

Submission + - The UK "Porn" Filter Blocks Kids' Access To Tech, Civil Liberties Websites (blogspot.ca)

Submitted by badger.foo on Sunday December 22, 2013 @03:13PM

badger.foo writes: It fell to the UK Tories to actually implement the Nanny State. Too bad Nanny Tory does not want kinds to read up on tech web sites such as slashdot.org, or civil liberties ones such as the EFF or Amnesty International. Read on for a small sample of what the filter blocks, from a blocked-by-default tech writer.

Comment Just another password that's impossible to change (Score 1) 107

by badger.foo on Saturday November 30, 2013 @11:49AM (#45561297) Attached to: New Fujitsu Laptop Reads Your Palm, For Security

I completely fail to see why this is supposed to be a good idea.

Whether it's port knocking, fingerprint reading or palm reading as in this case, can anybody point out why this is a more 'secure' authentication method than anything else?

I tend to think that a fingerprint or similar may possibly serve as a substitute for a user name, but would you want to let people sign in using usernames only, no password, ssh key or a generated one time pad? Other than that it was probably fun to make, I don't see any advantage at all to using a known constant as a substitute for the familiar user name plus password and/or other changeable secret.

Submission + - Modern Microsoft Word Does Not Reliably Read Earlier Formats: A 1989 Print Test (blogspot.ca)

Submitted by badger.foo on Sunday November 10, 2013 @07:56PM

badger.foo writes: Prompted by a fabulous rant by Charlie Stross named Why Microsoft Word must Die, Peter Hansteen dug out from his archives the simplest possible 1989-vintage Microsoft Word .DOC document, and has the data to prove that newer versions or Microsoft Word do in fact not reliably read files from earlier versions. Case in point: An ASCII table print test generated and saved as .DOC in 1989.

Comment OpenBSD - compact base + up to date PF! (Score 1) 193

by badger.foo on Saturday October 05, 2013 @02:15PM (#45045791) Attached to: Ask Slashdot: Best Open Source Project For a Router/Wi-Fi Access Point?

My money is on OpenBSD for projects like this. You get very compact base system that still has all the stuff you need in there for a project like this. And even my old PF tutorial has enough info to get you up and running.

But with the man pages and the OpenBSD FAQ you really have all the information you need at your fingertips.

Submission + - The Hail Mary Cloud And The Lessons Learned (blogspot.ca)

Submitted by badger.foo on Saturday October 05, 2013 @10:25AM

badger.foo writes: Against ridiculous odds and even after gaining some media focus, the botnet dubbed The Hail Mary Cloud apparently succeeded in staying under the radar and kept compromising Linux machines for several years. This article sums up the known facts about the botnet and suggests some practical measures to keep your servers safe.

Submission + - The Term Hackathon Has Been Trademarked In Germany (blogspot.ca)

Submitted by badger.foo on Tuesday May 07, 2013 @04:40PM

badger.foo writes: Trademarking somebody else's idea is behind their back is both a bad idea and highly immoral. If it wasn't your idea, you don't trademark and you don't patent. It really is that simple, people.

The news that the term hackathon had been trademarked in Germany reached me late last week, via this thread on openbsd-misc. The ideas sounded pretty ludicrous ... (see the rest at http://bsdly.blogspot.ca/2013/05/the-term-hackathon-has-been-trademarked.html)

Submission + - Keep smiling, waste spammers' time with OpenBSD tools (blogspot.ca)

Submitted by badger.foo on Saturday May 04, 2013 @01:36PM

badger.foo writes: When you're in the business of building the networks people need and the services they need to run on them, you may also be running a mail service. If you do, you will sooner or later need to deal with spam. This article is about how to waste spammers' time and have a good time while doing it, using the free tools OpenBSD offers to do your greylisting and greytrapping before any content filtering. It's fun and easy.

Submission + - You've Just Installed OpenBSD. Now What? Packages! (blogspot.ca)

Submitted by badger.foo on Friday April 19, 2013 @05:25PM

badger.foo writes: Installing OpenBSD is easy, and takes you maybe 20 minutes. Once you've installed your OpenBSD system, packages are there to make your life easier. A works for me/life is good guide for your weekend reading.

Submission + - Maintaining A Publicly Available Blacklist - Mechanisms And Principles (blogspot.ca)

Submitted by badger.foo on Sunday April 14, 2013 @02:33PM

badger.foo writes: When you publicly assert that somebody sent spam, you need to ensure that your data is accurate. Your process needs to be simple and verifiable, and to compensate for any errors, you want your process to be transparent to the public with clear points of contact and line of responsibility. Here are some pointers from the operator of the bsdly.net greytrap-based blacklist.

Submission + - BXR.SU, OpenGrok service for BSDs in publicly private beta (freebsd.org)

Submitted by ConstantineM on Monday April 01, 2013 @03:19PM

ConstantineM writes: Publicly private beta? Instead of devising a new scheme on handing out invitations for a private beta of a new and improved OpenGrok service for the BSDs, why not require IPv6 for the beta test? Welcome BXR.SU — Super User's BSD Cross Reference, which is launched today as an IPv6-only OpenGrok service for FreeBSD, OpenBSD, NetBSD and DragonFly. The service is IPv6-only during the beta (ask your ISP for an token to participate); but a full release schedule is already known: an A record for BXR.SU will be temporarily published on 2013-04-04, an IPv4 day, to test out the water, and ensure misconfigurations of the NAT don't break out access to the site. IPv4 glue records are also withheld — the authors are afraid that some nameservers are misconfigured, and are giving ISPs until 2013-04-24 prior to publishing IPv4 glue. BXR.SU is claimed to be 200× faster than the nearest competitor, code.metager.de.

Submission + - SSH Password Gropers Are Now Trying High Ports (blogspot.ca)

Submitted by

badger.foo

on Saturday February 16, 2013 @04:41PM

badger.foo writes: "You thought you had successfully avoided the tiresome password guessing bots groping at your SSH service by moving the service to a non-standard port? It seems security by obscurity has lost the game once more. We're now seeing ssh bruteforce attempts hitting other ports too, Peter Hansteen writes in his latest column."

Comment Could be this applies to fiction authors only (Score 1) 248

by badger.foo on Wednesday December 26, 2012 @04:49PM (#42397819) Attached to: Amazon: Authors Can't Review Books

There's a slight hope that they either did not include tech authors in the ban or just didn't get around to us techies just yet. When I checked just now my review of Michael W. Lucas' SSH Mastery was still available.

Submission + - You're Being DDOSed - What Do You Do? Name And Shame? (blogspot.ca)

Submitted by

badger.foo

on Tuesday December 25, 2012 @02:14PM

badger.foo writes: "When you're hit with a DDOS, what do you do? In his most recent column, Peter Hansteen narrates a recent incident that involved a DNS based DDOS against his infrastructure and that of some old friends of his. He ends up asking, should we actively publish or 'name and shame' DDOS participants (or at least their IP addresses)? How about scans that may or may not be preparations for DDOSes to come?"

Comment Why stop there? Why not go for public review? (Score 2) 255

by badger.foo on Wednesday October 24, 2012 @05:41PM (#41757771) Attached to: Huawei Offers 'Complete and Unrestricted' Source Code Access

Much like I assume a lot of other /. readers, my trust in the equipment I use to do what it's supposed to do comes from my access and ability to read the source code. There have been minor dust-ups in the open source world about allegations that other governments than China inserted back doors in widely used software, and we still see those allegations surfacing from time to time, but never with anything solid to back them up. I believe searches on the obvious keywords will turn up stories linked from here, as well as links to source code repositories of very high quality indeed. So my advice for Huwaei is, let the world see your source code, and please set up a mechanism for reviewing your own code and patches.

Submission + - Petition For Pardon Of PirateBay's Peter Sunde (avaaz.org)

Submitted by

badger.foo

on Monday July 09, 2012 @05:39PM

badger.foo writes: "Remember the PirateBay affair, that included a criminal copyright infringement trial that railroaded four Swedish techs into jail terms and multiple million fines and damages? Now there's an avaaz.org petition for Peter Sunde, one of the defendants' pardon. Read up on the backrground in English or the original Swedish, then if you agree that the process did not deliver justice, please go to the petition page and add your signature."

Slashdot Top Deals