Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror

Comment: Re:Malice? more like incompetence... (Score 5, Interesting) 495

by DarkHelmet433 (#47358019) Attached to: Microsoft Takes Down No-IP.com Domains

I also suspect they've managed to botch the technical aspect of it as well.

Presumably the plan was to put their caching name servers in front of the real no-ip servers, and gather the mappings for the malware suspect sites and then blackhole them after getting what they want. The problem was that Microsoft's side appears to have melted down, thus taking everything down. They won't be getting logs, behavior analysis or anything, because its all a pile of wreckage in a crater. Meanwhile, all the "bad guys(TM)" have now had hours head start to delete their C&C node registrations while microsoft's servers are down. And now they've ticked off the no-ip folks, so I wouldn't expect them to be in a cooperative mood to try and help.

Bone headed all round. There's no other way to put it.

Comment: Malice? more like incompetence... (Score 5, Informative) 495

by DarkHelmet433 (#47357903) Attached to: Microsoft Takes Down No-IP.com Domains

A quick skim of the motion for the court order gave me the "boilerplate" and "cut & paste" feeling. There is a lot of sloppy line blurring between actions and complaints directed at the Malware authors and the no-ip folks. Sometimes they refer to the "Malware Defendants" and other times the generic "Defendants" when they meant the former. Really sloppy legal work.

There are some real gems in there:

From section 7:
"There is good cause to believe that immediate and irreparable damage to this Court’s ability to grant effective final relief will result from the sale, transfer, or other disposition or concealment by Defendants of the Internet domains at issue"
Say what? How is that related anything? Its not like the TRO will actually prevent people from being able to hit 'delete' via the control panel. Given that everything's busted by their own doing, the bad guys got a huge head start.

From section 8:
"... and the interest of justice require that this Order be Granted without prior notice to Defendants ..."
Wow ...

The full motion text: http://www.noticeoflawsuit.com...

It seems to me that regardless of what good intentions that Microsoft may have had, they've really fouled up the execution. They'll be remembered more for taking out millions of legitimate users than the malware they *might* be able to take down.

Comment: TSA wants credit card number for Air travel.. (Score 1) 87

by DarkHelmet433 (#47243125) Attached to: Expedia To Accept Bitcoin

The TSA does a whole lot of pre-flight data mining on passenger lists. I recall some discussion a while back about how they included included things like the credit card numbers, billing addresses etc in the mix.

Paying with Bitcoin has the same problem as paying with straight-up cash - it sets of all sorts of red flags because there's no real way to see if you're "connected" to other "interesting" people or not. No data = guilty until proven innocent etc.

When you're on the clock for getting to your departing flight, you really don't want to be on the wrong side of the extra special friendly pat-downs reserved for special troublemakers.

People like Expedia won't be wanting to mess with this can of worms for now, so they'll keep their bitcoin experiments a nice safe distance from the US Federal Government universe.

Comment: Re:The scam unravels (Score 1) 92

by DarkHelmet433 (#46707787) Attached to: MtGox's "Transaction Malleability" Claim Dismissed By Researchers

Yes. This.

Most likely, they screwed up and lost their private keys. ie: Plain old incompetence.

The code that was leaked to pastebin made it look like they were storing these in something like instances on Amazon EC2. If it turned out they were storing it on ephemeral storage rather than EBS, I don't know if I'd laugh or cry. But it would be an explanation if it were true. Again tough, that would come back to incompetence.

Comment: Re:Irony not lost on me (Score 2) 191

by DarkHelmet433 (#45252757) Attached to: GCC 4.9 To See Significant Upgrades In 2014

No Apple is pushing CLANG for exactly the reason that they want to use BSD license in a take not give fashion...how hackable is it; Xcode(SDK) will only work on Mac OS X.

GPL didn't stop Xcode existing when it operated around gcc. Xcode will always be an OS X thing, it has nothing to do with the back end compiler license.

Yes, they get a lot of mileage out of tightly coupling Xcode with llvm - eg: they don't have to write the same level of context sensitive language support for editing when you can do constant incremental compiling and inspect the state of the compiler's trees.

BTW; Apple use LLVM for far more than just Xcode. They used it in the display subsystem to run-time optimize code to the actual machine's display configuration.

Being GPLv3 is a bonus for Apple, but it's about more than that. Competition is a good thing.

Comment: Mine is "NSA_PRISM" (Score 1) 458

by DarkHelmet433 (#44651617) Attached to: My SSID Is...

It had a captive "guest portal" thingy on its own vlan it with a NSA/DHS style logo and "PRISM Data collection and monitoring node" and no other comments. It was under an outside roof overhang with a high power Unifi UAP-LR. It has line of sight from the hillside to a lot of houses. Associating from a long way away seems to be problematic but you can hear the beacons.

I'm a bit worried that certain people won't find it particularly funny so I tend not to leave it operating for long.

My cell phone is called NSA_PRISM too so I can tether with it for a laugh.

Comment: Re:What's wrong with GCC? (Score 3, Interesting) 711

by DarkHelmet433 (#39987031) Attached to: FreeBSD 10 To Use Clang Compiler, Deprecate GCC

Well.. GPLv3 specifically. FreeBSD is stuck on GCC-4.2, the last GPLv2 gcc compiler. It's getting quite dated now. It's a switch from gcc-4.2.2+ hacks/patches to clang instead of a GPLv3'd gcc-4.6 or later.

"Stuck"? FreeBSD gets a foot in the door of companies where GPL (and GPLv3 in particular) is something they'd prefer not to deal with. Being able to use a modern GPL-free OS as a foundation of a product is a convenient option to have. And being GPLv3-free can be even more compelling.

"Why should we subsidize intellectual curiosity?" -Ronald Reagan

Working...