Forgot your password?
typodupeerror

Comment: Re:and this is news why? (Score 1) 205

by Canth7 (#47575877) Attached to: "BadUSB" Exploit Makes Devices Turn "Evil"

I thought it was common sense not to plug in untrusted devices to your computer. Especially unknown thumb drives, unless you can use them in a read only device.

The problem is that a trusted device becomes untrusted as soon as you plug it into a computer not 100% in your control. Bring a USB storage device with you to work? To a friend's house? To *shudder* your parent's computer? What prevents a USB storage device, especially a common model, from having it's firmware overwritten? It's all too easy to have malicious code that moves around as firmware, something that it seems isn't checked by typical AV software.

Comment: Re:Not really that scary (Score 1) 205

by Canth7 (#47575817) Attached to: "BadUSB" Exploit Makes Devices Turn "Evil"
I will ignore the "proper OS" taunt - it shows a lack of perspective, given that Windows is the most popular OS in use today. Every OS has keyboard shortcuts. Could you disable them? Perhaps but that's besides the point - most people won't. Ubuntu - CTRL+ALT+T = terminal OSX - COMMAND+S+terminal = terminal Windows - windowskey+r+cmd = terminal Those commands only cover around 97-99% of the desktop/laptop market share. Think that's not juicy target?

Comment: Re:and this is news why? (Score 5, Insightful) 205

by Canth7 (#47574489) Attached to: "BadUSB" Exploit Makes Devices Turn "Evil"

I thought it was common sense not to plug in untrusted devices to your computer. Especially unknown thumb drives, unless you can use them in a read only device.

The problem at hand is that you can take a trustworthy device, plug it into an infected computer and then your trustworthy device becomes compromised and not easily detectably so, infecting your formerly clean PC. So far, no comments on mitigating procedures or OS specific circumstances. Most OSes will automatically load USB devices so in theory this could affect just about every OS whereby a compromised phone decides to become a keyboard and starts typing keystrokes and sending data to a 3rd party. Scary, at least in theory.

Comment: Re:Fire(wall) and forget (Score 1) 348

This. PCI DSS has a tone of requirements, not the least of which is having a basic firewall. Unfortunately it's all too common having vendors who choose the path of least resistance such as requiring domain administrator credentials to run a service or disabling any firewall services simply because they haven't taken the time to learn a proper security mindset. Just because many vendors are clowns doesn't give this particular vendor any excuse. A perfect example - a large financial information provider that will go unnamed installed a service in our data center for pricing. They delivered 3 PCs, 2 switches and 1 router. None of the equipment was redundant and any single component failure took down the entire system. When asked why they didn't offer 2 routers, 2 switches and use failover - they admitted that they just didn't do it that way. Incompetent comes in all sizes - always object when you can.

Comment: Re:Great, now I just need 6 cablecards (Score 1) 178

by Canth7 (#44038731) Attached to: TiVo Series 5 Coming This Fall
I imagine that cable companies have no intention of making CableCards easier to obtain or use. The profits they make on an (HD) DVR + Remote rental every month far exceed the much lower fees for the CableCards. If I were the cable company, I'd make sure it was a PITA to obtain one vs renting a cable box. The best way that TIVO becomes easier for most end users to select is for cable/satellite providers to include it as a DVR rental option - I've heard that some companies do this. Unfortunately, Cablevision (my provider) does not.

Comment: Re:Risk (Score 1) 108

by Canth7 (#36829578) Attached to: Space Shuttle Atlantis Last Night In Space Orbit
While I'm not certain that the risk of death is the cause of the manned space program's demise, this is certainly the reason we haven't planned any manned missions to Mars. There are other branches of the military where the risk of death and the consequences are well accepted. For example, mining, offshore fishing and armed conflict all accept a certain level of risk due to the nature of the job. If politicians and the public accepted the risks then we could easily organize a 1 way trip to Mars with a remote possibility of getting a team back to earth within 10 years, presuming advances in technology and supplies sent via unmanned capsules.

Comment: Fallout (Score 5, Insightful) 645

by Canth7 (#35953128) Attached to: 77 Million Accounts Stolen From Playstation Network
More interesting to me than how the intrusion occurred or how lax Sony's security practices are will be what the public backlash level is like. IT security departments tend to whip up a frenzy with the potential for "end of the company" concerns for data breaches on a regular basis. However, reality is that data loss doesn't always seem to have a particularly negative effect for the company that loses the information. Point in example would be the TJX data loss - http://it.slashdot.org/story/07/03/29/1618239/TJX-Is-Biggest-Data-Breach-Ever. Somehow this hardly seems to have put a dent in corporate profits. TJX's stock is up 100% since 2006 when the breach occurred. http://www.google.com/finance?q=tjx Point being is, if nothing seriously negative happens to Sony then it's no wonder that firms continue to have poor security practices. After all, why bother spending the effort and money to secure data when there is no return on the investment?
First Person Shooters (Games)

Combat Vets On CoD: Black Ops, Medal of Honor Taliban 93

Posted by Soulskill
from the not-as-messy-as-the-real-deal dept.
An anonymous reader writes "Thom 'SSGTRAN' Tran, seen in the Call of Duty: Black Ops live action trailer and in the game as the NVA multiplayer character, gets interviewed and talks about Medal of Honor's Taliban drama. '... to me, it's a non-issue. This is Hollywood. This is entertainment. There has to be a bad guy if there's going to be a good guy. It's that simple. Regardless of whether you call them — "Taliban" or "Op For" — you're looking at the same thing. They're the bad guys.'" Gamasutra published a related story about military simulation games from the perspective of black ops veteran and awesome-name-contest winner Wolfgang Hammersmith. "In his view, all gunfights are a series of ordered and logical decisions; when he explains it to me, I can sense him performing mental math, brain exercise, the kind that appeals to gamers and game designers. Precise skill, calculated reaction. Combat operations and pistolcraft are the man's life's work."

Prediction is very difficult, especially of the future. - Niels Bohr

Working...