Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror

Comment: Re:MITM legalized at last (Score 1) 291

by Barny (#48663829) Attached to: BT, Sky, and Virgin Enforce UK Porn Blocks By Hijacking Browsers

Except they aren't in the middle

Man in the middle means to dupe both ends of the transaction that they are talking to each other correctly while injecting your own data into it.

What they are doing is a redirect to another page that asks you if you would please answer this question so that, when the deadline arrives, they don't have to restrict/disconnect your service.

Comment: Re:Nice (Score 1) 291

by Barny (#48663777) Attached to: BT, Sky, and Virgin Enforce UK Porn Blocks By Hijacking Browsers

Typically, when doing such things, you check the user-agent.

Their aim is to ask people a simple question. If the people had already replied to it they wouldn't get the page. If they select an answer they wont get the page in future. At worst it would be considered using a morally ambiguous technology to accomplish a neutral end.

Comment: Re:uh - by design? (Score 1) 163

by Barny (#48663673) Attached to: Thunderbolt Rootkit Vector

The whole point of Thunderbolt (and Firewire before it) was that they didn't put any load on the CPU at all, they would communicate directly to ram, reading and writing data without any load on the very limited resource that is the processor. Of course, there really should have been a boot-time restriction of what memory the bridge has access to, but I guess that would have been too much for the programmers.

Comment: Re:Short sighted (Score 1) 230

by Barny (#48595809) Attached to: Forbes Blasts Latests Windows 7 Patch as Malware

That is the issue. Windows on a laptop should specifically ask you if you want to install updates, because when you need to grab your laptop and run, you don't want to wait for twenty minutes of updates first.

I would suggest using Hibernate instead since it powers down the machine, when you see the "I am going to delay you" indicator on the shutdown icon.

Comment: Re:Could be solved be VISA, etc. immediately (Score 1) 307

by Barny (#48417471) Attached to: UK Hotel Adds Hefty Charge For Bad Reviews Online

Australia. Basically, if you ever bounce a cheque or make any kind of fee appear as a result of cashing one, they wont approve it.

Reason we started using them was a guy came into one of the other stores (who our owner owned) and had a bank cheque from his own, named, account. Buys a laptop and other stuff with it. Then goes to the bank and cancels the bank cheque. Used to be once issued they were practically legal tender.

Comment: Re:Could be solved be VISA, etc. immediately (Score 1) 307

by Barny (#48416239) Attached to: UK Hotel Adds Hefty Charge For Bad Reviews Online

Where I used to work we had a cheque underwriter. Basically, when we got a cheque we would need to call up and feed all the details off it into the phone-service, they would give us an auth number to write on it. If the cheque bounces or is otherwise bad, we still got our money and THEY would undertake the hunting of the person.

Downsides:
3% processing fee
Takes about 10 mins
Customers who pay regularly by cheque are usually arseholes and will complain bitterly about the above two downsides, while holding up other people.

Comment: Re:Or just practicing for an actual job (Score 1) 320

by Barny (#48368151) Attached to: Duke: No Mercy For CS 201 Cheaters Who Don't Turn Selves In By Wednesday

Right, but if you were in school, and given the task of writing a program that accepts, stores and evaluates passwords, grabbing such a piece of code would be considered a 'bad thing'.

Saying in your comments that you found a 'method for neatly measuring password strength and reimplemented it' would, however, demonstrate that not only can you find code that you would need but CAN code and implement the solution.

Comment: Re:In highly secure facilities... (Score 1) 80

by Barny (#48284011) Attached to: Breaching Air-Gap Security With Radio

First option is out. Not only do the USB ports get disabled on such machines, but you can't take a USB stick anywhere near them, any more than you could a phone.

Second option suffers the same "can't get a phone within 10 meters of the machine" that the parent mentioned.

Third, if you can pay a person with security clearance to do this then it isn't a computer problem.

Fourth, people who do this work are not as rigorously checked as their workers/software people, but you will note that all the secure places I know of run custom bios firmware that have checksums to stop this.

Yes, I know people who work at these places, both with clearance (operators and such) and techies that support them, getting to their secure networks/air-gapped networks is not trivial and certainly cannot be done with a USB stick anywhere on your person.

"Life sucks, but it's better than the alternative." -- Peter da Silva

Working...