Forgot your password?
typodupeerror

Comment: Who uses MS-CHAPv2? (Score 5, Interesting) 71

by D3 (#40820277) Attached to: New Moxie Marlinspike Tool Cracks Crypto Passwords
I was there and he answered this in his talk. There were hundreds of VPN services that still supported using it. He pointed out that iPredator (VPN service for the Pirate Bay) ONLY supports MS-CHAPv2. The ubiquity of use and support has created a loop where people keep using it (another point of his talk).

Comment: Cyber-cold war (Score 1) 140

by D3 (#37920558) Attached to: China's Cyber-Warfare Capabilities Overstated
We have been in a "cyber" cold war with the Chinese (and others) for years. The recent theft of IP at RSA and many other companies is due to reasonably sophisticated persistent malware (advanced persistent threat in marketing terms) that can take a medium size business months to eradicate with outside professional help. Basically, there is a lot of information gathering going on and a lot of theft of things the US tries to restrict the Chinese from acquiring. To underestimate their abilities, goals, and motivation is foolish. To think we are being any nicer to them is absurd.

Comment: Re:grocery list on the fridge (Score 1) 241

by D3 (#37572334) Attached to: How often do you put pen to paper?
I use an iPhone app for my grocery list. The list is created on a web site for the app and then synched to the phone. It sorts everything by aisle so I don't have to wander around looking for things or backtrack because I put them out of order. It took maybe an hour or so to create the initial list of items based on a store listing provided at the front door. It cut my time to do my weekly shopping from 1 hour down to 30 minutes.

Comment: It has already started (Score 1) 132

by D3 (#35958058) Attached to: Does China's Cyber Offense Obscure Woeful Defense?
There is not a cyber 'cold war' brewing. It is already happening. I've seen it at the company I work for first hand. The Chinese are infiltrating and stealing everything they can copy the bits of from US corporate infrastructure. Most companies don't even have the awareness to know they are infected. They believe having a firewall and Anti-Virus is protecting them. Anyone who thinks the US isn't doing the same things to China is just being willfully ignorant.

Comment: Wife's iPhone (Score 1) 266

by D3 (#35760182) Attached to: I back up personal files...
I went to update my wife's iPhone to 4.3.1 from 4.1 the other day. It locked up into 'recovery mode' and she had not backed up pictures/videos since October. Thankfully I was able to find a tool, iRecovery which allowed me to get it to boot the old firmware again and mount the USB partition to pull all the pictures of the kids from Christmas, etc. Backing up is now more important to her.

Comment: Re:Would you rather (Score 1) 217

by D3 (#35072850) Attached to: Firewalls Make DDoS Attacks Worse
So how do you manage said web server if port 22 or 23 are not open? How do you do your backups or network storage connections? There will always be other services available on the server. The firewall stops the outside world getting to port 22 while you on the inside still can. Typical firewalls these days can sling packets at speeds of over 1Gbps. But the DDOS is running at 100Gbps. A DS3 only gives you 45Mbps. But they want to blame the firewall as being a bottleneck? How many businesses have pipes to the internet capable of 100Gbps, firewall or not?

Comment: Would you rather (Score 5, Insightful) 217

by D3 (#35070314) Attached to: Firewalls Make DDoS Attacks Worse
be taken offline by a DDOS or have your web server compromised by an exploit that has unfettered access to it? A DDOS will only cost me revenue while I'm not available. Having my server hacked will cost me downtime AND recovery costs. A real security person would take a risk based approach. In this case, the risk to other damages (i.e. server compromise, theft of credit cards, loss of customer confidence) is much higher than the risk of being down due to DDOS. I think Arbor are now making it onto my list of companies to avoid.

Comment: Re:BAD idea (Score 1) 206

by D3 (#33912212) Attached to: The Spread of Do-It-Yourself Biotech
There is a huge difference between creating something that will blow up your lab if you make a mistake and something that will live and grow outside of your control if you make a mistake. Also, with most Chemistry sets you can't get enough materials to do really dangerous stuff. Most of the bad chemicals are all under strict control or oversight. But the tools to make dangerous biologics don't have the same controls over them right now.

Comment: BAD idea (Score 1) 206

by D3 (#33908696) Attached to: The Spread of Do-It-Yourself Biotech
Having worked as a research assistant in a mol bio lab, this scares the hell out of me. I don't want people creating the next super bug in their garage. Responsible research labs follow protocols about dealing with the bio-hazardous waste they generate. What happens when your neighbor releases his new organism by accident? And do we really need 'home brew' for this? If you want to study this stuff, go to school for it!

Of course you can't flap your arms and fly to the moon. After a while you'd run out of air to push against.

Working...