Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror

Comment: Re:Short sighted (Score 1) 228

by Barny (#48595809) Attached to: Forbes Blasts Latests Windows 7 Patch as Malware

That is the issue. Windows on a laptop should specifically ask you if you want to install updates, because when you need to grab your laptop and run, you don't want to wait for twenty minutes of updates first.

I would suggest using Hibernate instead since it powers down the machine, when you see the "I am going to delay you" indicator on the shutdown icon.

Comment: Re:Could be solved be VISA, etc. immediately (Score 1) 307

by Barny (#48417471) Attached to: UK Hotel Adds Hefty Charge For Bad Reviews Online

Australia. Basically, if you ever bounce a cheque or make any kind of fee appear as a result of cashing one, they wont approve it.

Reason we started using them was a guy came into one of the other stores (who our owner owned) and had a bank cheque from his own, named, account. Buys a laptop and other stuff with it. Then goes to the bank and cancels the bank cheque. Used to be once issued they were practically legal tender.

Comment: Re:Could be solved be VISA, etc. immediately (Score 1) 307

by Barny (#48416239) Attached to: UK Hotel Adds Hefty Charge For Bad Reviews Online

Where I used to work we had a cheque underwriter. Basically, when we got a cheque we would need to call up and feed all the details off it into the phone-service, they would give us an auth number to write on it. If the cheque bounces or is otherwise bad, we still got our money and THEY would undertake the hunting of the person.

Downsides:
3% processing fee
Takes about 10 mins
Customers who pay regularly by cheque are usually arseholes and will complain bitterly about the above two downsides, while holding up other people.

Comment: Re:Or just practicing for an actual job (Score 1) 320

by Barny (#48368151) Attached to: Duke: No Mercy For CS 201 Cheaters Who Don't Turn Selves In By Wednesday

Right, but if you were in school, and given the task of writing a program that accepts, stores and evaluates passwords, grabbing such a piece of code would be considered a 'bad thing'.

Saying in your comments that you found a 'method for neatly measuring password strength and reimplemented it' would, however, demonstrate that not only can you find code that you would need but CAN code and implement the solution.

Comment: Re:In highly secure facilities... (Score 1) 80

by Barny (#48284011) Attached to: Breaching Air-Gap Security With Radio

First option is out. Not only do the USB ports get disabled on such machines, but you can't take a USB stick anywhere near them, any more than you could a phone.

Second option suffers the same "can't get a phone within 10 meters of the machine" that the parent mentioned.

Third, if you can pay a person with security clearance to do this then it isn't a computer problem.

Fourth, people who do this work are not as rigorously checked as their workers/software people, but you will note that all the secure places I know of run custom bios firmware that have checksums to stop this.

Yes, I know people who work at these places, both with clearance (operators and such) and techies that support them, getting to their secure networks/air-gapped networks is not trivial and certainly cannot be done with a USB stick anywhere on your person.

Comment: Re:symbols, caps, numbers (Score 2) 549

by Barny (#48136823) Attached to: Password Security: Why the Horse Battery Staple Is Not Correct

And yet this exact 'verification' was a way to steal control of accounts a while back.

Basically, apple asked for the first four digits of your CC for secure verification, Amazon asked for the last four. Each were happy to give the four digits at the opposite end of your account and, worse, Amazon would let you add a new CC to your account, verify yourself with that credit card, then provide the other four digits of your other card. This was used, successfully, to attack a person's Icloud account. I am not sure about now, but I really hope both companies have changed their policies, particularly in regards to phone support and scripted replied to requests for control of accounts.

http://www.wired.com/2012/08/a...

Comment: Re:Decoding their excuse (Score 1) 94

by Barny (#48111997) Attached to: Accessing One's Own Metadata

Well, the thing is, the reporter is more than happy to pay the same fee as other companies (or the government) would pay to access it. The real kicker is, a similar request was made for a major public official and it was denied because it was 'personal information' which, if that is the case, then they MUST make this data available to the owner of it.

The trick is, of course, for them to have to make requests of every other telco in the country to check if numbers on the list are private. Although the thought that they give such data out to non-government businesses is a little disturbing.

Are you having fun yet?

Working...