Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror

Comment Re:What benefit to announcing it? (Score 1) 184 184

Because if one person can find an exploit so can someone else. At some point you have to go public because other ways Hacking Team like business can just keep selling it as a zero day to all manor of bad actors and end users are left exposed.

At lease if you let the cat out of the bag individuals can decide to stop using their phone if they believe the liberty or safety may be threatened as result. At that point you may be exchanging some activist keeping his head attached to his neck for price of script kiddies embarrassing some celebrities by publishing their nudes. It might just be the best of bad options.

Comment Re:Two birds with one stone (Score 1) 527 527

Here are the things about the Hillary E-mail scandal that should given everyone pause.

1) Basic technical understanding. Hillary keeps talking about the future and continuing to lead America into the 21st century but does not herself see that conducting business with sensitive materials from an outside e-mail domain is problem. Not only does she not understand this she hasn't got anyone around her to tell her or won't listen to them. yet we are supposed to accept that she makes informed intelligent decisions.

2) Hillary as per her history "no controlling legal authority" type pattern is being evasive rather than turning that server over to the government immediately like any of us little people would have done once congress started asking about it ( to save our own skin ) she redacted and turned over copies of the documents. Okay minimally compliant, in the mean time though the chain of custody has been ruined. So whatever does surface in terms of classified docs etc will be harder to prove. She is working to construct a legal defense of herself based on various technicalities.

2a) While we might forgive 2 as simply being prudent, if we accept her vast right wing conspiracy assertions she is basically making her case in the court of public opinion on technicality as well. "Oh those things were classified after the fact", well fine but they were still sensitive and the Secretary of state of all people should have been able to recognize that. Maybe no crime was committed but its still was comically bad judgement and given you want our vote for president why can't you answer for that?

3) How does her negligent handling of sensitive materials square with her harsh condemnations of Snowden and Manning's deliberate leaks? Given those events were taking place partially under her watch did that trigger any introspection about her only procedures around operation security? If not why not? Do the rules not apply to Hillary?

Comment Re:She is better then jeb bush (Score 2) 527 527

My check from the government is my earned entitlement. Your check from the government is an amoral welfare. Paul Ryan hates Social Security, but when he drew Social Security to get to college, it was somehow fine. Even Ayn Rand drew government checks.

Because as an individual its not a moral act. You leave nothing on the frigging table. Rand and Ryan I am sure never voted to support those programs, they also never voted for the taxes and regulations they labored under before or after utilizing them.

If there were an option to opt out of society and only opt back in when the time to collect comes that would be wrong. The way I figure it even though I totally support dismantling most of what the federal government does until someone tells me I don't have to file a 1040 form and sends me a check re-reimbursing me with interest for all the various activities my tax dollars have paid for along the way that I did not support you better believe I feel entitled to collect from and utilize programs I qualify for. I did not vote for them, I did not get my way. My fellow citizens did however.

Its a democratic republic. We take the consequences of elections good or bad. There is nothing wrong with voting to end programs, distributions, etc and still taking advantage of them if you loose. That is inherit in the rules of our society.

Comment Re:Or let us keep our hard-earned money (Score 4, Insightful) 527 527

Better idea: Use environmental and workplace safety laws to enforce and minimize those health costs, instead of using the concept as a cudgel to push cronyism.

Except in 240 years of American government both under the Constitution and the Articles before it that has NEVER been successful. Cronyism has basically been the character of our government from the outset.

The only thing that has ever worked is to tie the hands of government and the framers knew it. Power corrupts!

A far better idea would be to eliminate liability protections, weaken the corporate veil, and stop government backed lending. Make industry responsible for the harm it can do. The tail pound from your mine leaked and now my farm land is useless. I should be able to sue the coal company for the economic value of my land and income it could have generated for my family for the next 10 generations and if the coal company goes bankrupt I should be able to collect from the share holders in proportion to the remaining liability and stock they own.

Oil spill same deal. Heavy metal toxicity from the shit your solar panel plant releases ditto. You want people and industry to behave responsibly the solution is unlimited liability.

Comment Re:Drones (Score 5, Interesting) 269 269

Admittedly have never been an infantry man, pilot or any other sort of military man myself I still suspect its much easy for a guy sitting safely in chair to make a moral decision about a target, than it is for a guy in a life threatening situation to do so.

A drone operator can loiter around a target for a long time until he or she is confident said target is properly identified. A jock in a fighter-bomber does not have that luxury and also exists in constant fear someone is going to pop up with an anti air craft device, that will end his life. The drone operator has to worry an anti air craft device will ruin his afternoon with extra paper work. I known which one I'd rather imagine hovering over me deciding if I an enemy combatant or just a guy going out to milk the goats.

The separate question is does done warfare lower the barrier to entry such that conduct operations in theaters that would forgo if it meant having the infrastructure and associated costs of supporting large numbers of manned air craft in the area. This is over great concern. If we make warfare to easy we might find ourselves doing more of it. I am not buying the argument though that drones are equivalent to mindless kill bots or worse than the existing maned alternatives in any given situation all else being equal.

 

Comment Re:Free speech isn't the only right in play here (Score 1, Interesting) 284 284

If I were sitting on the SCOUTS I would have to question even those restrictions. The first amendment provides for the right of peaceful assembly, not the right of peaceful assembly when adequate sanitation as defined by a government agency happens to be in place.

I find it hard to accept the government can make a credible claim that an anti-violence fundraiser isn't a peaceful assembly, until there is probably cause to expect its anything else the government should have NO RIGHT to interfere irrespective of the number of porta-cans present.

Comment Re: Under what authority? (Score 2) 284 284

So let me understand this argument of yours? If you are standing gutter along a public street you can shout whatever you like and the government can't stop you because of the first amendment. On the other hand if you rent a venue and charge administration suddenly the government is allowed to censor you content? That makes no sense.

Comment Re:Customers Let Them (Score 1) 115 115

I'll agree with you about most of the products, but music is BS. Music is art. You don't need it and there are plenty of artists out there who don't act like total shit heads and are just trying to make a living. Go discover one and patronize them. Stop giving money to artists that treat their patrons like garbage.

Comment Death of flash (Score 2) 56 56

Its funny I was just saying the other day to someone who said now that flash is being mostly canned security should improve.

I said I don't know about that. The massive and rapid expansion of browser features and moving target that is HTML five support where everyone and their brother rushes out extensions is worrisome. I'll be surprised if there are not major exploits in some of that new browser code, especially sandbox escapes via the hardware stuff like webgl and what not. Only now there won't be any simple mitigation like just removing a plugin. You'll have to switch browsers.

Comment Re:I love the attitude (Score 3, Interesting) 55 55

Generally I agree but if you are going to brute force knowing the user names are half the battle. root is one you know will be there and its a valuable one if you could get it.

I never try and brute force passwords on pentests. I usually brute force user names with a handful of bad passwords. That is once I work out how user names are constructed fist letter first name last name or whatever is being used. I'll dictionary like this:

asmith:password1
asmith:P@$$w0rd
asmith:Summer2015!
bsmith:password1
bsmith:P@$$w0rd
bsmith:Summer2015!

If the organization is big enough someone has used one of the top 100 worst passwords. Hopefully its not a sysadmin.

Then it comes the issue of the root account being shared. No nobody should ever be allowed to logon as root directly. Why because than you have no accountability. Was it Jim, Bob, Ted, or Sally who did that? I don't know. On the other hand if you have some kind of secure logging in place and you make people logon with their own account you at least have the log entry of who did sudo or su. Attribution is important!

Finally if Bob leaves the company yes the root password needs to be changed. Sometimes though there are reasons you can't immediately do that. Usually these are problems in and of themselves but that is neither here nor there. It should be safe to disable or delete Bobs account the moment he walks out the door. If root logins are not allowed you will be 'mostly' even if it takes Sally a few days to change the root password everywhere.

Comment Re:What bothers me (Score 1) 423 423

Right, They have her on contempt of Congress for certain and possibly purgery, if they want to push it. But politically speaking that won't necessarily keep her out of the race and would look FUCKING TERRIBLE if the GOP tried to pull that stunt.

I don't know if they could get her on obstruction of justice at this point because I don't know if a congressional investigation counts.

Comment Re:Nonsense law still can't be ignored (Score 1) 157 157

Right everyone blames the intelligence agencies and sure they could have been more conservative and and skeptical but they and the administration chose to err on the side of a false positive rather than a false negative. Which actually seems somewhat reasonable in the context of "does this known lunatic have a nuclear or biological weapon?"

Saddam could easily have suddenly cooperated with inspectors. He could said wait wait stop while those conversations were happening at the UN. "No seriously guys I have just been posturing keep certain domestic threats and other regional actors at bay" go wherever you want, there will be no locked doors and not delays" and it would derailed the run up to the Iraq war.

Saddam gambled we would not really invade and he bet wrongly. Brinksmanship sometimes has consequences. Occasionally bluffs get called.

Comment Re:It's the Money, Stupid (Score 1) 90 90

selling to men frame the message in terms of what women will think

That isn't new. Advertisers discovered pretty early on men want sex, and that if you can convince men the product will in even the most obscure weakly connected way possibly lead to sex they will buy it.

That is like the oldest and most basic rule in all of marketing.

Comment Re:Makes sense to me (Score 1) 157 157

For an internet service provider to raise the issue is just wrong-headed.

Without getting into the fairness of allowing warrants to issue to a third part that is not implicated in any crime, I can't agree with the no standing assessment.

The execution of the warrant creates a real and tangible burden on the business either in the form of employee time to assist in gathering the data or in disruptions to their business in terms of potentially being required to remove or take equipment offline for forensic quality duplication.

I think the concepts of standing are being widely abused by courts to protect shitty LEO behavior and crappy legislation from legal challenge. An entity that is compelled to action or surrender property in the pursuit of a warrant really ought to have standing to challenge said warrant at least after the fact.

Comment Re:A story of how women were (Score 1) 191 191

No the parent is right. This was a moderate sized fish, and one of many in a then very tiny pond. IBM and to a lessor extent Apple made the market. This company was just one of many PC vendors, few people out side the valley and various hobby communities could have ever named.

The technology they had was largely stuff from elsewhere. In fact that is what in many ways hobbled them. The few places where they might have been leading edge were being independently replicated else by designs that were as good or better.

So I think you over state its importance. Its a bit like arguing The Bell Motor Car Company help shape the American auto industry. I suppose you might think that if you happened to be in Central Pennsylvania in the mid 20s but the rest of the world would have said Bell who? They put together a nice car for its day but mostly using concepts and technology that were widely available and did not do anything revolutionary, nor were they a major player. Same here Vector built a fine personal computer for the 1970s but so did everyone else and their brother.

A slow pup is a lazy dog. -- Willard Espy, "An Almanac of Words at Play"

Working...