Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×

Comment: Wireless Disabled (Score 1) 57

by DERoss (#49078225) Attached to: Flaw In Netgear Wi-Fi Routers Exposes Admin Password, WLAN Details

I have a Netgear N300 Wireless Router Model WNR2000v2. I have no WiFi devices.

In the router manager Web pages, I unchecked the checkboxes for "Enable Wireless Router Radio" and "Turn Remote Management On". I also unchecked all of the checkboxes under "Guest Network Settings", "Wireless Settings", and "Wireless Repeating Function". The wireless LED indicator on the router is not lighted.

Therefore, I expect this is not a problem for me.

Comment: Postal Letter to the CEO (Score 1) 141

by DERoss (#48687301) Attached to: Ask Slashdot: Dealing With Companies With Poor SSL Practices?

When I have a problem dealing with a U.S. company over the Internet, I go to http://finance.yahoo.com/looku.... This site will tell me the names of the top executives and the corporate postal address of a company whose stock is publicly traded, even on the most obscure exchanges. If the company's stock is not publicly traded, I then resort to Google. Sooner or later -- yes, with some effort -- I find out who is in charge and where to mail a letter.

I compose a non-threatening, literate letter to the CEO or president of the company. I explain in layman's terms what is wrong and why I won't do business with them until the problem is fixed. While the executive likely does not even see my letter, someone in his or her office will see it -- someone who has authority to correct the situation. Occasionally, the situation is indeed fixed.

After sending the letter via the U.S. Postal Service, I wait about a week. Then, I create a Web page re-creating my letter. Yes, I name names. The situation might not be fixed, but the problem and the company are now public. I carry a significant level of liability insurance.

Comment: Frankfurt Second Worst on My List (Score 1) 91

by DERoss (#48652811) Attached to: Major Security Vulnerabilities Uncovered At Frankfurt Airport

I have flown to and from or changed planes in 26 airports. Frankfurt Airport (Rhein-Main-Flughafen, FRA) was the second-worst next to the armpit of airports, which is Kona International (KOA) in Hawai'i. Flying from Los Angeles (LAX) to Budapest (BUD) my wife and I had to change planes in FRA. With 12 security stations, only four were open. It took us over 30 minutes in line to reach a security station. Some passengers booked on our plane to BUD missed the flight because they were still stuck in line at security. No, they did not arrive at the FRA airport late; they too were merely changing planes. If you already passed through security at a prior airport, you remain within the security "shell" when changing planes in a well-designed airport and are not subject to another security check.

See my "Avoid Kona and Frankfurt Airports" at http://www.rossde.com/editoria....

Comment: A Plan without a Plan (Score 5, Interesting) 229

by DERoss (#48511735) Attached to: FBI Seizes Los Angeles Schools' iPad Documents

The iPads were distributed without any planning about accountability. No one knew who would be responsible if an iPad were lost. (Without a parent's approval, the minor student could not be held legally responsible.) No one knew who paid for repairs. No one knew what was to happen to the iPad when the student moved to a different school district. No one even knew how the iPads would be used within the curricula.

For 8 years, I was an elected school board member in a quite small but high-performing school district. At the closest, we are about 1 mile from the Los Angeles Unified School District. Ours is a rather affluent community. We do not give our students personal electronics. We make PCs available in our high school library, which also serves as a public library where adults can also use PCs.

Comment: Broken Geolocation Is Good (Score 1) 100

by DERoss (#48382787) Attached to: Ask Slashdot: Getting Around Terrible Geolocation?

I use a browser extension called Secret Agent from https://www.dephormation.org.u.... This works with Gecko-based browsers (e.g., Firefox, SeaMonkey) on Windows, Mac, and Linux systems. It sends fake HTTP headers to confuse Web servers that are trying to track my browsing activities. This causes many geolocation routines to give wrong results. I have Secret Agent set to change its faked headers on every HTTP request sent from my browser.

While composing this comment, I tested a few sites. One had me on the coast of Argentina and then (same Web site) in eastern Michigan. GeoIP thinks I am in Indonesia. Although I am indeed in southern California, JustMyIP thinks I am two counties further south. Appspot thinks I am in Palo Alto, about 350 miles north of my home. IP Address Geolocation was the closest, thinking I am in Los Angeles. I am about a five-minute walk from the Los Angeles County line but about 8 miles from the Los Angeles City limits.

Between Secret Agent and setting my cookies file to "read only", I have some limited protection from tracking.

Comment: This Primise Is Already False (Score 5, Informative) 98

by DERoss (#48378307) Attached to: Carmakers Promise Not To Abuse Drivers' Privacy

Franchised car dealers already violate this promise; and many (most?, all?) independent service garages and body shops do, too. If you take your car to a dealer for servicing, your mileage is reported to CarFax, which then reports your mileage to your car insurance. If you have an accident and do not report it to your insurance, the accident is reported by the body shop that does the repairs. CarFax pays the dealers, garages, and shops for these data; and insurance companies pay CarFax.

What is worse is that erroneous data are difficult to correct. In advance of an insurance policy renewal, I received an E-mail message asking me to use the insurance company's Web site to report my mileage. When I reported 25,065 miles, the entry was rejected with a message indicating I could not report an odometer reading less than the prior reading. On the Web site, there was a link to view the mileage history for my car. The immediately prior entry was for 241,080 miles, reported by CarFax on the date of the last routine servicing of my car. I checked the invoice for that servicing; it indicated 24,108 miles. A zero had been added to the end of the mileage, either by the dealer's service department or by CarFax! Working with both the service manager at the dealer and the local agent for the automobile insurance company, it took several phone calls over a month to obtain a correction.

  See http://www.carfax.com/, which will charge you for a report on a specific car. See also http://www.mycarfax.com/, from which you can get a free report.

Comment: OpenPGP (Score 2, Interesting) 63

by DERoss (#48322957) Attached to: The Fight Over the EFF's Secure Messaging Scoreboard

The scorecard gives negative marks for both PGP for Mac and PGP for Windows, for both "Are past comms secure if your keys are stolen?" and "Has the code been audited?" Both negative marks are quite wrong!!

Using the OpenPGP definition, decryption requires both a private key and a passphrase. If the private key is compromised but the passphrase remains safe, a file or message encrypted via OpenPGP cannot be decrypted. This depends, of course, on a lengthy passphrase that exists only in the user's head. My passphrase is over 20 characters long and contains upper-case and lower-case letters, spaces, and punctuation.

Older versions of PGP (a commercial implementation of OpenPGP) have indeed been audited. The source codes were made public. They were thoroughly examined by outsiders. And they were compiled and compared with the distributed binary code. I do not know if this is true of the latest versions, but the older versions contained no security vulnerabilities and still work quite well.

Comment: Re:Get rid of time changes and time zones! (Score 1) 613

by DERoss (#48295207) Attached to: Ask Slashdot: Where Do You Stand on Daylight Saving Time?

When everybody's carrying around a smart phone -- effectively, a computer with a GPS -- then it should be easy to calculate the actual local time, solar time, any place on Earth.

Everybody is NOT carrying around a smart phone. My wife has a dumb phone that satisfies her needs. I do not even have a dumb phone because I enjoy getting away from the phone.

Comment: 18 "clocks" (Score 1) 613

by DERoss (#48295069) Attached to: Ask Slashdot: Where Do You Stand on Daylight Saving Time?

Counting not only obvious clocks but also the timers on our thermostat, garden irrigation system, blood glucose meter (I have type 2 diabetes), TV and DVD/VCR (which have separate "clocks"), the gas and microwave ovens, and controller for lights on front walkway, I had to reset 18 timing devices this morning.

But this is not merely a twice-a-year effort. Failing to do proper preventative maintenance on its system, Southern California Edison can have an electrical outage at any time of the year; weather is rarely a factor. Every time there is an outage, I have to reset 7 devices and check three more to make sure their internal battery backups did not fail. Then there is the tall-case clock (also known as a grandfather's clock); if I forget to wind it before it runs down, I must then reset it. And there are two battery-driven clocks that occasionally need new batteries.

Kiss your keyboard goodbye!

Working...