Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror

Comment Re:Reasons I'm not a judge. (Score 1) 331 331

If the Swat team response to an unverified phone call is to put people's lives at such severe risk as you describe, the problem is with the police, not the teenage idiot who placed the fake calls.

The issue is two-fold:

1) 99.9+% of all calls that result in a 'SWAT' response are legit. The swat response might be overkill, but the call itself is honest and legitimate. Expecting police to prove that a call is real when the vast majority are real is going to be a far greater threat to peoples' lives and safety than taking such calls at face value.

2) Police responses can be overkill. In some cases, police have been known to open fire before even asking people to drop their weapon.

To blame police for the results of a swatting call is like pushing someone randomly into the street and then claiming that it's all the fault of the driver for not stopping in time. Although some blame may be assigned to the driver for not keenly watching for people darting onto the roadway, it was the push which caused the initial peril, and the impact was the completely foreseeable result of the push.

Comment Motorola flip phone with a REAL battery (Score 1) 210 210

For those of you who remember the original Motorola 'Flip Phone', those things were a godsend in the day, but their battery life left much do be desired. Even with an 'extended' battery pack you couldn't get more than 8 hours of standby time -- and god forbid you actually got a call.

I had gotten a couple of small 6-volt jell cells from work (a UPS that had been in a plane crash), then I got a dead cell phone battery from the repair shop. I ripped the battery pack apart and put in a small voltage controller then ran the voltage controller to the jell cells. The whole contraption fit quite nicely into a fluke multimeter case.

Now I had a portable cell phone with 3days of standby PLUS 8 hours of talk time ... couldn't be beat until they came out with digital cell phones.

Telus at the time had 'unlimited talk time' contracts, knowing that battery life would be the limiting factor -- but not for me! I regularly went over 1500 minutes, and Telus eventually changed 'unlimited' to '1000 minutes' after I taught my hack to a couple of other hardware types.

Comment Re:Unlikely (Score 1) 307 307

You can NAT ip6, if you want to, and use private IP6 addresses internally. The advantage with IP6 is that you have a MUCH larger pool of non-routable addresses to choose from which means that It'll be that much harder for an attacker to guess at your internal network layout and machine addresses.

The original reason for IP4 NAT was necessity, not security. It was (and is) quite common for a house or business to get a single IP4 address for however-many machines. IP6, on the other hand, defaults to giving a normal end-user an address pool bigger than what IP4 provides to the whole planet. This means that it's WAY harder for an external hacker to guess at the address of a random machine. I got a /64 prefix for my home network. That means that I have trillions of potential address for dozens of machines. Even with thousands of machines, if I pick a set of random addresses for my machines (which is what auto-config does), it should take a well-provisioned attacker a couple of centuries to get his first hit.

If you add NAT on top of all that, then you've got a pretty good security regime.

However -- all of that being said, the main excuse given for NAT being 'secure' is that people can't get to a NATed machine from the outside world. However, between machines getting 48bit (or more) randomized addresses that change from day to day, and a simple stateful firewall, you would have the same security and then some if you moved to ipv6. -- before you even throw NAT into the configuration.,

Comment using quints (Score 1) 307 307

The reason why the dotted quad format was used is that it translated into 32 bits -- which fit quite nicely into normal (long) INTs back in the '80s.

The IETF knew that this was to small for the longer term, but the efficiency argument won out. (this was back at a time when a 1Mz mainfraim with 16Megabytes of ram could be timeshared to over 100 users). They figured that by the time the 32 bit address space was saturated, that the replacement protocol with a REAL address space (IP6) would be easier on the computers of the day and there would be lots of time to get it up and running (turns out to have been over 30 years).

What they didn't plan for was that the 'Net would be effectively in the control of business majors and bean counters and that IP6 adoption would be at the whim of financial considerations and a 'you first' attitude. Now IP6 adoption is waiting for a 'killer app' that is on an IP6-only server ... or for Google to announce that they'll give preferential listing to sites that are IP6 capable.

Comment Re: Not pointless... (Score 1) 461 461

Parked cars are usually unattended. Most people outside of the 1% can't afford to pay somebody to stand beside their car and explain to passing cops how the backpack in their back seat does not contain C4. ... and 98%of cars on the road have a tank full of gasoline (or diesel fuel).

So what you have is a car, parked legally with a cooking utensil inside. INSIDE the car. Now paint me stupid if I'm wrong, but if I was gonna plant a pressure cooker bomb somewhere, I'd be most likely to put it OUTSIDE of a car because the walls and windows of the car would be likely to absorb most of the sideways explosive force ... meaning that the only people likely to be killed by an exploding pressure cooker inside of the car would be somebody crazy enough to be walking on top of the car.

Consider that the Boston bombing pressure cookers were placed in backpack in the middle of a crowd. if those pressure cookers had been in a car you would have been looking at little more than a handful of glass shard injuries.

Correct! A car parked in that location, unattended, with a pressure cooker inside and a smell of gasoline warrants further action. No problem whatsoever with this. Anyone who thinks otherwise is a fool.

Comment Re:Votes mean nothing (Score 2) 121 121

Leaders picked by birth are basically 50/50 wether they are power hungry despots or benevolent dictators...

.....

That depends on the society. Your description fits European hereditary systems (oldest surviving son of the current ruler).

In West Coast native society, heredity chose which families the next chief came from, but matrons of the community chose which child from the candidate families would be the next chief. Needless to say, a more thoughtful and caring child was more likely to be chosen under that system.

Comment Re: Deniers (Score 1) 525 525

We're in preliminary stages... It's like a fever. Running a 105F fever for 15 minutes is simply annoying. Running it for a day or two can be fatal.

Right now, what we're seeing is the exhaustion of the earth's thermal buffer systems. Most Glaciers in North America are scheduled to disappear in the next couple of decades --- as is the permanent ice in the Northern Ice cap. Once that happens, we will start seeing stage 2 effects.

One counter-intuitive result is that Europe is likely to freeze over .. When the North Pole finishes melting, the Gulf Stream (which keeps Europe warm in winter) will stop being deflected to Europe by the freshwater melt. As a result, Greenland will get warmer, and Europe will actually get noticeably colder (i.e. Mediterranean climate will no longer be "Mediterranean")

Comment Re: Deniers (Score 1) 525 525

Potentially both. The first stage of global warming is more extreme weather generally (both hotter and cooler, depending on time and place, but (overall) warmer). This can also mean stronger storms (heat easily converts to kinetic energy).

What experts are really worried about, however, is the possibility of rnaway global warming. If global warming does enough damage to the earth's climatic buffering system, we could end up going to a different metastable system (partway to Venus' 400C climate). That could be very bad for life as we know it on Earth.

It matters even more what kind of scale we're talking about. Is this the kind of warmth that means a slightly warmer summer occasionally or the kind that boils the oceans and turns the Earth into baked desert wasteland?

Timescale is generally in decades / centuries, rather than millennia.

Comment Re: Is it as secure as OpenBSD's kernel? (Score 1) 172 172

Actually, Linux does have marketshare. It's got huge marketshare of the server market, and servers can be high-value targets for a large variety of reasons. There are people who want to target Linux. They've just had a much harder time doing so than they have with MS-Windows.

Comment Re: Is it as secure as OpenBSD's kernel? (Score 1) 172 172

The question was about kernels (read the subject line). Bash is heavily used in the Linux world, but it's not part of the kernel. You do not need to use the Linux kernel to use bash, and you do not need to use bash to use the Linux kernel.

Bash is older than Linux and has been available for just about every version of **IX for a couple of decades, and even Windows (via cygwin).

Comment Re:Good. +1 for Google. (Score 1) 176 176

self signed certs simply ensure that your communication is secure between yourself and .. well whomever has the cert (be it your intended recipient or a malicious third party). They have no intrinsic proof that you're talking to who you're trying to talk to. You need to be able to do the work to ensure the identity of the other end. Onlyabout 5% of the general population has the knowledge to do that, and about 1% of that group is willing to do the work on a regular basis.

3rd party certification of certs is a 'best we can do' thing for the 99.95% who aren't in that last group... and it depends on the fourth parties like google being willing to defend the integrity of the process, and give you warnings when it's broken.

If you want to blindly trust self signed certs, or you're willing to do the work of verifying them, you're free to do the two clicks to ignore them. For the rest of us, they serve a real purpose.

Comment Crowd Source Cabin Security (Score 1) 385 385

Have a sequence where you input a secret code, and there is an auto-announcement on the intercom:

"Attention: Cockpit Intrusion alert! Cockpit intrusion alert! . . ."

Then let the passenger deal with it. They will.

After 2 minutes of the announcement, pop the door.

9-11 happened because, previously, Passengers were trained to leave air security to "The professional authorities". Stewardess assaults were on the rise and the most that passengers could be expected to do, in the case of a crew assault, was start a pool on how many visible bruises she would have at the end of the assault.

Post 9-11 someone who assaults a stewardess has a small (but non-zero) probability of being thrown out of the plane mid-flight. Passengers know that we are the last line of defence for our aircraft. Arnie isn't gonna climb into the wheel-well from the wings of a fighter, and those F-18s on "security escort" have terms of engagement that include Shoot-down Authorizations.

Since 9-11, passenger actions have probably saved more lives (and aircraft) than just about any security theatre that the FAA has done to inconvenience passengers...

Any program which runs right is obsolete.

Working...