rajats - Slashdot User

Comment They have a point! (Score 1) 487

by rajats on Thursday June 06, 2013 @04:27AM (#43922499) Attached to: BBC Clock Inaccurate - 100 Days To Fix?

By the time they fix the clock, it'd be 100 days and the clock would be slower by 100 days! Then they'll try to fix again and the clock would be slower by 100 days again! ....ad infinitum... Better to break that cycle by not embarking on this journey!

Misconfigured Open DNS Resolvers Key To Massive DDoS Attacks 179

Posted by Unknown Lamer on Thursday March 28, 2013 @04:29PM from the check-your-sources dept.

msm1267 writes with an excerpt From Threat Post: "While the big traffic numbers and the spat between Spamhaus and illicit webhost Cyberbunker are grabbing big headlines, the underlying and percolating issue at play here has to do with the open DNS resolvers being used to DDoS the spam-fighters from Switzerland. Open resolvers do not authenticate a packet-sender's IP address before a DNS reply is sent back. Therefore, an attacker that is able to spoof a victim's IP address can have a DNS request bombard the victim with a 100-to-1 ratio of traffic coming back to them versus what was requested. DNS amplification attacks such as these have been used lately by hacktivists, extortionists and blacklisted webhosts to great success." Running an open DNS resolver isn't itself always a problem, but it looks like people are enabling neither source address verification nor rate limiting.

Comment Game theory (Score 3, Informative) 152

by rajats on Tuesday September 27, 2011 @10:33AM (#37526350) Attached to: Ask Slashdot: Best Way To Learn About Game Theory and AI?

Read Avinash Dixit's Thinking Strategically to get started. It's a great book which does not use much math and can make for light reading and a great start.

Comment Windows Security issues for this exercise (Score 1) 164

by rajats on Saturday October 16, 2010 @04:17AM (#33916022) Attached to: How Cornell Plans To Purge Campus Computers of Personal Data

If they use some kind of domain administrator passwords for this software to run guess what, the domain administrator credentials could be cached in every single computer. If a local administrator was on the machine and wanted to compromise, he/she could run hash stealing software when this "process" runs and compromise the domain. The least possible privileges for a process that does this data searching will be difficult to determine. A trade-off will have to be done between accessibility of files and a lesser privileged account to be used for an exercise like this on Windows.

Comment Chris Gates did some research on this (Score 1) 84

by rajats on Saturday August 21, 2010 @12:18PM (#33325116) Attached to: Gaming Foursquare With 9 Lines of Perl

http://carnal0wnage.blogspot.com/2010/03/fking-with-foursquare-goes-msf-style.html

Comment Shifting the risk (Score 2, Insightful) 225

by rajats on Friday April 09, 2010 @10:19AM (#31789060) Attached to: Why Lenders Overlook Warning Signs of ID Theft

The credit card companies and banks are wanting to shift the residual risk to the customers. That's why they want you to pay for "SafeProtect" etc. for which you have to pay in advance so they monitor any ID thefts. My question is shouldn't they already be doing that? If yes, then why do they want you to pay for it? Cost reduction in my humble opinion.

Comment dd disk images (Score 1) 362

by rajats on Saturday January 16, 2010 @01:40AM (#30788100) Attached to: The Largest File On My Personal Computer Is:

I have some dd images (raw images) of some of my old computers that are about 350 GB large. Of course, the largest /dev/sda on my PCs is 320GB big.

Comment Dilbert (Score 1) 736

by rajats on Sunday November 29, 2009 @10:44AM (#30261314) Attached to: Do You Hate Being Called an "IT Guy?"

Better than being called Dilbert.

Comment Apple vs Security (Score 1) 177

by rajats on Tuesday June 16, 2009 @12:19AM (#28344257) Attached to: Apple Finally Patches Java Vulnerability

I think apple should launch another ad campaign with the "Cool" mac guy on one side and a security guy on the other! The "Cool" guy could put his head in the sand and shout "Don't make me do stuff!".

Comment Fairness? (Score 1) 152

by rajats on Sunday February 17, 2008 @11:23AM (#22453380) Attached to: Hacker Could Keep Money from Insider Trading

Well...he got the money from a by-product of a fringe benefit of the hack (Hack->useful information (insider info)->steal). Would a similar argument be applicable if he was able to siphon money from individuals' accounts had he gained some passwords (Hack ->useful information(passez) -> steal). I wouldn't think so.
Agreed, that he was not an insider so he can't be convicted for insider trading...but there should have been at least one more lawsuit going against him!

MySQL Hits $50 Million Revenue, Plans IPO 124

Posted by samzenpus on Wednesday April 25, 2007 @11:26PM from the they-grow-up-so-fast dept.

An anonymous coward writes "MySQL, purveyor of the open-source database of the same name, is on the road to becoming a publicly traded company, bolstered by $50 million in revenue in 2006. "It's still in the pipeline," Chief Executive Marten Mickos said of the plan to hold an initial public offering of his company's stock. He declined to discuss when the company planned to go public, but said, "We're making good progress, doing all the things we need to get done.""

Slashdot Top Deals