Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror

Comment Applies to All Non-EV Certificates (Score 5, Informative) 123

If they were able to create a subdomain, that means the attackers controlled all traffic to that subdomain.

Since most certificate authorities only verify via email to the domain for which the certificate is requested, the attackers would have gotten a certificate from virtually any CA.

There are additional verification steps required for EV certificates that should thwart this sort of attack, but singling out Let's Encrypt for issuing a certificate in this case is disingenuous.

The real problem lies with the DNS registrar that accepted an unauthorized subdomain registration request. (Or maybe the client's account was compromised, in which case the victim is to blame.)

Either way, the submission titles makes it seem this is a problem with Let's Encrypt when it most certainly is not.

Comment Re:Yeah yeah (Score 1) 562

People that were awakened one way or another in the movie:

(Non-specific to avoid spoilers)

Rey, in at least three different ways. During the interrogation, after receiving the gift from the bar owner, and when deciding her future.

Finn. After the battle, and then again when something he cares about is in jeopardy.

Kylo Ren. When he faces REAL resistance, when he meets someone from his past.

Leia and Han Solo. When their son makes an important decision.

Luke. Time to come out of retirement, big boy.

Comment Re:NASA? (Score 1) 373

I don't recall Congress or the President ever giving NASA the leeway to pursue its own plans unmolested for any length of time---at least not in my lifetime.
Their goals and priorities were reshuffled at least twice within the last decade due to political decisions originating outside the organization.

SpaceX was founded in 2002 IIRC, which gives them 13 years of a single vision. And they had the freedom along the way to adjust the means and the goal as the technology developed. They didn't need congressional approval to scrap or rework projects as they went along.

Bureaucrats may be able to shepherd innovation from time to time, but once politics comes into play you can forget about it. We managed the moon landings only because everyone on the political spectrum wanted to win that race.

Comment Re:Vista users need to switch to IE for final year (Score 1) 140

What if ISPs started blocking Internet service to computers running out of date OSes?

What if the greediest and laziest of American companies decided to turn down money from some of their customers? Are you really asking that question?

Short of a federal mandate, there is no way that's happening.

And the telecoms sued the FCC over being regulated as common carriers, which they fairly obviously are.

You think this could happen without a protracted court battle? No chance in Hell.

Let's not forget that a sizable group of Republicans tried to revoke the FCC's authority to designate ISPs as common carriers when Wheeler announced the net neutrality rules. So even the hope that there will be a mandate to fight over in court is laughably improbable.

It would take a minor miracle for anything useful to be done regarding residential network security. Maybe if the entire US gets turned into a botnet and the internet is down nationwide for days or weeks---but even then I doubt it.

Comment Re:Why a experimental launch carried 13 satellites (Score 1) 60

Experimental launches do not include actual payload.

They should (and probably did) include mass to simulate the presence of a payload, but there is no way they put multi-million dollar satellites into an experimental vehicle.

Look at the history of the most successful rocket programs, and you will see an enormous number of failed experiments. They know this stuff tends to go boom.

Comment Re:Use Sandboxie (Score 1) 125

Windows does not just provide 32-bit libraries for older applications. There is a larger compatibility framework, and some of it is black box and/or unconfigurable. E.g., it transparently redirects registry and folder access to several locations for all 32-bit processes.

Unlike multi-lib, this particular functionality is automatically included in all Windows installations, enabled by default for all executables, and configured to allow maximum backward compatibility. Microsoft's old 32-bit DLLs are there, applications can install their own 32-bit services/dependencies/prerequisites automagically, etc.

I am not aware of any means by which it can be permanently disabled. Even disabling the Application Experience Lookup Service does not prevent registry and folder redirection for 32-bit applications---but it may break them in other ways.

Comment Re:It is obvious that support most be provided... (Score 1) 125

I *still* got hit with something, no clue what, but my AV of course shows nothing.

So you admit you have no clue what the problem is, but you're *sure* it's a virus that came in thru a Microsoft vulnerability. I, for one, will totally take your word on that.

On top of this, the GWX shill-ware just wont stop.

And here is the proof that you don't know what you're talking about. You can google this shit. I ignored it for a month while I waited to see how Windows 10 looked.

When I decided to hold off on upgrading, I removed the updates that added it. It takes less than 10 minutes unless you have some kind of mental deficiency.

Comment Re:Open source & locked down... (Score 1) 173

Your examples are both high-output sources. A microwave operates on the order of a kW output; 420-450 MHz amateur radio is allowed up to 50W. Wifi is 200 mW. The idea that wifi is causing the same problem is fairly implausible, as least in comparison to the NRO situation.

Aside from shutting down extremely close repeaters (no distances given), a reduction to 5W output is all I can find for the radios near Beale AFB. And that is still 25X the power of wifi.

A microwave is roughly 5000x times the output of wifi, so the microwave would have to be at a distance cuberoot(5000) ~= 17 times greater distance to attenuate to comparable strength. "A few hundred feet" is vague, but rounding to 200 ft gives us roughly equivalent strength for the microwave radiation at 3400 ft.

If a microwave at 2/3 mile doesn't cause the radar to desense, then we would need a different effect from wifi in order for it to cause an issue even at 200 ft. It is not desensing the radar assuming even vaguely comparable sensitivity. (Granted, a significant assumption.)

In this case, reflections are routinely ruled out as ground clutter. Any wifi noise from near ground level is going to be severely attenuated by structures and other ground clutter around it; and if by chance it reflects to the receiver strongly off any fixed structure it will have no Doppler shift and be ignored.

At elevation, you are more likely to have a cleaner shot to the radar. That is the only situation where maybe it would matter to borderline compliant devices which maybe have manufacturing variations in performance that puts them somewhat above permissible levels.

The FCC investigations found most interference was caused by failing to use DFS or exceeding authorized power levels with a high gain antenna. A compliant device simply shouldn't be relevant unless there is some peculiarity to the circumstances.

Comment Re:easy fix (Score 1) 173

The radar signal needs to reflect well off the things you are trying to observe. It also needs to have a very long range. The bands typically used for Doppler radar stations were chosen for a reason.

Due to the Rayleigh effect, weather radar needs to operate in roughly the 3-30 GHz band. The upper half of that frequency range (on a logarithmic scale) doesn't transmit through the atmosphere very well and is thus incapable of functioning at any reasonable distance. The lower half of that range is compatible with telecom usage.

Now, that range where weather radar and telecom overlap is the only place that weather radar can possibly work. Telecom, on the other hand, can go all the way down to 30 MHz. That is a huge, huge area which is absolutely useless to weather radar.

It is far easier to either (a) require telecom devices to detect radar activity and auto-select channels not in use or (b) specify a frequency range for telecom devices that does not overlap with weather radar.

The FCC chose (a), which is the least restrictive approach that allows both radar and telecom to function.

Comment Re:Usual thing; "pre-crime" and bored bureaucrats (Score 1) 173

Two issues:

1. You are most likely correct for your individual scenario. The goings-on at your house will probably never matter. Your signal is going to be more noise on top of noise that is already ignored as ground clutter. You can have no impact unless you have a very, very tall house or are reflecting a strong signal off of something else. However, wifi is not limited to residential houses that are 12-40 feet tall and many miles from the airport.

2. Meteorological radars are extremely sensitive. They are looking for distant reflections of their own signals. So they basically get the cubic signal falloff twice---outbound on the broadcast and inbound from the reflection. Even a massive 500-kW radar transmission would pick up interference from wifi devices located within a relatively sizable central region---if those devices are at an elevation that matters.

The FCC has to write rules for devices that accommodate what any member of the public could legitimately, legally do with that device. Using a router or a cell phone on the top floor of a hotel or an office building is one of those things.

Comment Re:Open source & locked down... (Score 1) 173

Aside from the fact that Doppler radar operates in the 5 GHz band, sure.

Sorry, but there are real-world physics involved. You can't just blast 5-GHz noise in a radar's observation window. It basically creates a huge blind spot.

Granted, you have to be a hundred feet above ground level to be relevant, but there are tall buildings near some airports where Wi-fi equipment can be running. You can't have some schmuck turn on his tethering and knock a storm off the map.

All the software has to do is listen for a fraction of a second to see if there's radar transmission noise on any of the 5-GHz bands. If there is, choose a channel that won't interfere. It's the simplest technical issue to handle.

The FCC is going to introduce more bureaucracy that most people, myself included, will like. But the software does need to change.

Slashdot Top Deals

When a fellow says, "It ain't the money but the principle of the thing," it's the money. -- Kim Hubbard

Working...