Forgot your password?
typodupeerror
The Military

Top Secret America 502

Posted by CmdrTaco
from the i-have-a-secret dept.
mahiskali writes "The Washington Post published an immense interactive website today, detailing the companies and government agencies currently doing top secret work in the United States. Everything from counter-IED operations to human intelligence is touched upon. Citing various interviews with 'super users' and through exhaustive analysis of public records for over two years, this interactive site allows users to peer into the guarded world of top secret intelligence. With more than 854,000 people currently holding a TS clearance, has the defense and intelligence world grown too big, too fast? Or has this large growth served us well, exemplified by no successful terrorist acts on US soil since 9/11? How can we judge the success of these programs, when much of it will never be known by the general public?"

Comment: Is this new? (Score 1) 353

by Matz0r (#30898848) Attached to: Researchers Claim "Effectively Perfect" Spam Blocking Discovery

I did this years ago. By planting bogus email addresses from my mail domain on the web and feeding these addresses directly to a statistical spam filter I would get instantly updated on the changes in spam templates. Because the spammers were feeding the filter themselves I get a very low FP-ratio and extremely tight spam blocking.

Businesses

SAS Named Best Company To Work For In 2010 183

Posted by kdawson
from the must-like-north-carolina dept.
theodp writes "If you're in the market for a new job, Fortune has just published its list of 100 Best Companies to Work For in 2010. Topping the list this year is SAS (SAS jobs), the largest privately held software company, which Fortune notes is populated with more statisticians than engineers or MBAs, and led by a Ph.D. founder whose first love is programming. Google (jobs), which once viewed SAS as model for employee perks, took the #4 spot, and Microsoft (jobs) checked in at #51."

Comment: Re:Issues I've had. (Score 2, Informative) 410

by Matz0r (#30343092) Attached to: Multiple-Display Power Tools For Linux?

I'm still using fvwm and have been doing it for 10+ years. Over the years I've tried switching to gnome or KDE several times but found them too be too slow and lacking features and ended up back in fvwm again. I even tried gnome + sawfish for a while but the constant lisp hacking got the best of me. Fvwm has for a long time and still handle multiple monitors perfectly well and I'm still very happy with it.

Comment: Re:Ok, so I got the popcorn ready.... (Score 3, Interesting) 254

by Matz0r (#29404105) Attached to: First Botnet of Linux Web Servers Discovered

Manually compromising servers and installing a tool that causes all those servers to rendezvous with or receive commands from a central control point to execute instructions would make them a botnet.

The key question would be: do the compromised servers also run a program that periodically polls a control station for commands, or does the script kiddie manually command individual compromised servers?

I actually encountered this a few years ago, a Red Hat box had been carelessly placed on the internet with a poor dba username password combo. The attacker had not gained root access. But he did manage to install zombie software on the computer in /var/tmp, which consisted of a small web-server serving malicious code and a custom ssl-irc client configured to connect to the botnet owners irc server.

Curious, I took a copy of the software he had installed before I wiped the server. I then proceeded to connect to his irc server using the credentials found in the zombie software. I ended up in an irc channel with the actual owner of the botnet sitting there. Because I kept my servers original irc-name he started prodding me with dcc-commands to find out the status of his returning zombie. After a while I responded and told him he had been discovered, we had a brief chat before he banned me from the irc-server. Seemed like a script kiddie, he used "LOL" in every sentence and lots of numbers, the net seemed to be run manually with some 30 "clients" in it. I gave his client IP to his ISP in Romania together with the logs, doubt anything came out of it though.

Encryption

Resisting the PGP Whole Disk Encryption Craze 480

Posted by samzenpus
from the what-do-you-think dept.
alaederach writes "I run a lab in a non-profit academic life sciences research institute. Our IT recently decided it would be a good idea to use PGP whole disk encryption on all of our computers, laptops and servers and picked PGP's suite of software. The main reason is that a small subset of our researchers work with patient information which we obviously are mandated to keep confidential. My lab does a lot of high-performance computational work (on genes from Tetrahymena, no humans here) and I am concerned that the overhead of complying with our ITs new security policy will be quite detrimental to my research program. For example, dynamically reallocating a partition on a PGP encrypted disk is apparently not possible. Furthermore, there is some evidence that certain forms of compression are also incompatible with PGP whole disk encryption. Interestingly, it is hard to find any negative articles on PGP, probably because most of them are written by IT pros who are only focused on the security, and not usability. I therefore ask the Slashdot community, what are the disadvantages of PGP in terms of performance, Linux, and high-performance computational research?"

Comment: Probably this one then (Score 1) 644

by Matz0r (#20443331) Attached to: Vista Bug Costs Users In Swedish Town Their Internet
From dhdpd.conf(5) (version 3):

always-broadcast flag;

The DHCP and BOOTP protocols both require DHCP and BOOTP clients to set the broadcast bit in the flags field of the BOOTP message header. Unfortunately, some DHCP and BOOTP clients do not do this, and therefore may not receive responses from the DHCP server. The DHCP server can be made to always broadcast its responses to clients by setting this flag to 'on' for the relevant scope; relevant scopes would be inside a conditional statement, as a parameter for a class, or as a parameter for a host declaration. To avoid creating excess broadcast traffic on your network, we recommend that you restrict the use of this option to as few clients as possible. For example, the Microsoft DHCP client is known not to have this problem, as are the OpenTransport and ISC DHCP clients.

The two most common things in the Universe are hydrogen and stupidity. -- Harlan Ellison

Working...