Comment Re:gpg-authentication? (Score 1) 277
That's fine, until someone wants to log in from a different computer where they don't have their private key available..
Comment Re:It can be a blurry line (Score 1) 129
First things first. Is "company data" - email, contacts, files - accessible from your phone? If so, they have a vested interest in making sure that data is not compromised when your phone is lost or stolen. As a result, PIN/password requirements, encryption, antivirus, and remote wipe capabilities are generally required. In some cases where devices have a tunnel to the corporate network (Blackberry), they will possibly want to control what apps you install to prevent malicious ones from accessing the corporate network via your BES server.
Most laypeople don't have any clue about protecting company data on a regular basis, they just want their data instantly and aren't concerned with what happens in a worst-case scenario. "Oops, it got stolen. Guess I need to get the latest model now!"
Comment Re:Another Reason to Love My Employer (Score 0) 129
Hey Blockbuster - want to know what Netflix is up to?
1) Steal this guy's phone.
2) Gain competitive intelligence
3) Profit!
Comment Re:SFC Find It? (Score 2, Informative) 323
Generally, rootkits will modify function pointers in the kernel so that typical detection activities are trapped and handled so that the system appears unaltered. In the case of file access, the original file (in an alternate location, data stream, etc.) can be accessed in place of the trojaned one that was loaded on boot, thus preserving original the file size and contents.
Comment Sysadmins have good growth opportunity (Score 5, Insightful) 141
While entry-level programmers may make a slightly higher salary than a similar systems administrator, over time there's a lot more upward opportunity for the sysadmin. Systems Engineering and Systems Architecture - being the guy that ties the network, the server, and the apps together, is a very in-demand skill and is something programmers will never have the opportunity to become. Programmers only make the big bucks when they have other specialized knowledge that's specific to the apps they are developing, i.e. finance, GIS, physics, etc..
I'm personally glad I made the decision 12 years ago to move into systems after earning my Comp. Sci. degree. I went from web app development for an ISP to Linux/Solaris/HPUX sysadmin, to Systems Architecure, to Info Security.
Comment Re:Heh, simple. Don't update. (Score 1) 351
yeah, cause, you know, there aren't any client-side vulnerabilities for any Windows apps. All Windows attacks only target 135/139/445.
Stacking of New Space Vehicle Begins At KSC 121
Matt_dk writes "For the first time in more than a quarter-century, a new space vehicle will begin stacking on a mobile launch platform (MLP) at Kennedy Space Center. The Ares I-X aft skirt, which was mated to a solid fuel segment in the Rotation, Processing and Surge Facility at KSC, rolled over to the 528-foot-tall Vehicle Assembly Building today, where it will be lifted and placed on the MLP in High Bay 3. On that platform, workers will secure the aft booster and continue adding segments of the first stage rocket, the upper stage simulators, the crew module mockup and the launch abort system simulator, taking the vehicle to a height of 327 feet."
Kaminsky On DNS Bugs a Year Later and DNSSEC 127
L3sPau1 writes "Network security researcher Dan Kaminsky has had a year to reflect on the impact of the cache poisoning vulnerability he discovered in the Domain Name System. In the time since, Kaminsky has become an advocate for improving security in DNS, and ultimately, trust on the Internet. One way to do this is with the widespread use of DNSSEC (DNS Security Extensions), which essentially brings PKI to website requests. In this interview, Kaminsky talks about how the implementation of DNSSEC would enable greater security and trust on the Net and provide a platform for the development of new security products and services."
Is China Creating the World's Largest Botnet Army? 195
david_a_eaves writes "The Chinese government is mandating that all computers sold in China come with Internet blocking software. Rob Cottingham writes an excellent piece noting how the censorship application of this software should be the least of our concerns. This new software may create an opportunity for the Chinese Government to appropriate these computers and use them to create the worlds largest botnet army."
Update: 06/11 21:26 GMT by T : J. Alex Halderman writes "My students and I have been examining the Green Dam censorware software. We've found serious vulnerabilities that can be exploited by any web site a user visits with the software installed. We also found that some of the blacklists seems to have been taken from the American-made filtering program CyberSitter. We've posted a report and demo."
Comment Re:in other news (Score 3, Insightful) 1065
Is this a troll? Self-righteous prick? You be the judge.
If you're not passing someone (and you're not, if you're going 64) then don't drive in the leftmost lane. Period.
