Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Slashdot Deals: Deal of the Day - Pay What You Want for the Learn to Code Bundle, includes AngularJS, Python, HTML5, Ruby, and more. ×

Comment Re:dem haxx0rz (Score 2) 96

Probably not. Any hacker with two brain cells to rub together would quietly infiltrate systems in company A, from there infiltrate Company B, C & D, rinse/repeat until sufficient layers of abstraction sit between them & their target, and then use them to attack the real target. If the response of victim X is to nuke the IPs from which the attack came, they are a) hitting the wrong entity, b) potentially destroying evidence left by the real perps, and c) probably initiating a re-retaliation from the victim of their attack.

The use of jumpboxes is common when attacking targets, which is exactly what you have described. However, the idea that you just "hack back" via a DDOS isn't how it is done. Companies know that blind DDOS retaliation will only land them in hot water, so they use other methods.

A common method is a honeypot - a network segment with machines in it designed to be infected for observation purposes. Then, when activity is noticed in this network, things like trojaned PDF documents can be placed in the honey pot with titles like "All customers credit cards do not share". The attacker downloads this "great" data, opens it, and gets hacked in return.

This way, the payload is deployed against the target hosts only through the direct action of the attacker themselves.

Other methods that are similar are used, but this should give you the gist.

Comment Re:Why dashcams? (Score 2) 93

Dash cams don't always stay on. In many departments around Seattle they are only on when the lights are on.

You always need to redact video.

Police interview people who might not cooperate if they know that they will be shown snitching on YouTube. Oh, how about when an officer shows up to a scene of domestic abuse, shoud that just go up on YouTube?

Police often see the public in bad situations. And we don't need to put that stuff up on the we for everyone to see.

That is why they are working on redaction, not because of some grand conspiracy.

Comment Re: There we go again (Score 1) 383

Funny, not a single mention of a grabbed hash and I can find many such more definitions and explanations that also contain no such prerequisite.

Maybe you should read the book I mentioned.

You keep trying to defend a point beyond exhaustion. Lay off on the aspergers.

Comment Re: There we go again (Score 1) 383

You started a whole chain of argument here after this comment and enter into a debate with AC-x.

I am going to have to side with AC-x, here, you don't have a fundamental understanding of what he is putting forth in this discussion. You seem to be defending your points without fully understanding them.

Dictionary attacks are not used on things that are rate limited - they are used on grabbed hashes.

Read "The Cookoo's Egg" by Cliff Stoll for a very old tale of this exact scenario. It still occurs today.

Comment Re:huh (Score 2) 264

I like the part where you assume you know what his argument is.

As a passenger coming into Seatac, I got hit in the face with a green laser pointer, we were probably well below 3000 feet. It was bright enough to completely mess up the vision in my left eye for about 30 seconds. Such a lovely neighborhood.

So, you can argue on the internet all you want about what the divergence of the laser should be, having personally witnessed a green laser in my face during final approach, I can assure you it is capable of messing up your vision.

Comment Re:Added benefit (Score 2) 104

"Consumption" was an old name for tuberculosis. TB is normally transferred through the air, not food contamination.

Raw milk is not generally available to poor urban people today, because farms are no longer near cities. It's mostly consumed in rural or suburban areas, near the source farms. There is no need to ban raw milk with the incredibly small risks associated, compared to the carcinogens in city water, for example. So banning raw milk is essentially an attack on poor and middle class rural people, which is fashionable today.

You only named one risk to raw milk, not the many that exist. Remember, it takes only one sick cow out of a hundred to pass on harmful bacteria. Grass fed cows do not have some magical quality that works as an antibiotic in milk. City water is in fact safer because it is subjected to a similar treatment as pasteurization (Chlorination, Ozone etc). I am not aware of any "carcinogens in city water" or their relative rate of harm compared to unpasteurized milk, so I suspect that is just conjecture.

An example of the bacteria that can be found in cows milk: Brucella, Camplyobacter, Listeria, Mycobacterium bovis, Salmonella and shiga toxin producing E. coli., parasites such as Giardia and viruses such as the norovirus.

For more reading:

Comment Re:Best quote I read about this (Score 1) 87

âoeâ¦â"FireEye spotted them. Bangalore got an alert and flagged the security team in Minneapolis. And then â¦Nothing happened.âoe

What is missing from quote this is not that Bangalore sent them a flagged alert, but how many alerts had Bangalore sent in the past, and how high of a priority were they? How much did Bangalore cry wolf in the past?

I am with teams from Bangalore that sent me reams and reams of "alerts". Most of these high-priority alerts were garbage. I spent 4 hours the other day tracing down a "critical" alert because a router on the other side of the world from me had not sent logs in the last 8 hours. Turns out that this router is on a section of dark fiber, and it is not supposed to log unless it comes online during a system failover.

Bangalore has repeatedly created critical alerts on this for the past 3 days like clockwork.

Most of the stuff they send us is noise. What we need to be sent is real actionable data, not a billion "alerts" that are actually systems-normal.

Comment Re:Keepass (Score 3, Informative) 445

The keyfile is in my dropbox folder, I have dropbox installed on all my devices. On the iphone or ipad I just need to select the keepass file and it will open in the keepass app.

Then my passphrase is required to open the encrypted file that contains the list of my passwords.

This step is only required on my iphone/ipad if the keystore is out of sync with the dropbox folder. Otherwise the file remains cached on my portable device.

Comment Keepass (Score 5, Informative) 445

I use Keepass.

I store my keepass database on dropbox, this way it is accessible from my iphone, ipad and all my laptops and desktops. Any changes I make are synchronized between devices automatically.

Keepass will auto fill in websites with plugins like KeeFox for Firefox, or launch Putty.

I don't even know what my Slashdot, eBay or Amazon passwords are, as they are all about 64 random characters each.

If you choose to go this route, it makes sense to have a very strong passphrase, as such, my passphrase exceeds 128 bits. A key file is also an excellent option.

Comment Re:Possible! (Score 1) 63

Of course, the section of the bible you quoted originally refers to the battle between Tiamat and Marduk: http://www.gly.uga.edu/railsback/CS/CSMarduk.html

That passage was pulled into the bible by the Jews who were living in Babylon at the time - hence the Babylonian gods.

And not to be contradictory, but the story restarts at Genesis 2.4, with a different retelling of the creation.

Comment Re:GMOs feed over a billion people (Score 5, Insightful) 419

Have you actually looked into the actual court cases surrounding Monsanto?

You would be surprised. The examples that people trot out of "Farmer Brown" as you say, had the farmers lose in court as they were deliberately and knowingly taking GMO seeds.

Monsanto will in fact, pay farmers for any crops contaminated via cross pollination for farms that do not have an agreement.

The truth of the matter in agriculture is much more complex than all the IT people here on Slashdot would have you believe.

Comment Re:GMOs feed over a billion people (Score 4, Insightful) 419

If you actually study the green revolution and agriculture, it is indeed an accurate figure.

The only difference between modern GMO food and previous versions, is that radiation mutation was used to create the variants. Now, with targeted gene sequencing and replacing there is no need to use messy, time consuming and partially random radiation mutation methods.

Comment Re:Now we know why there's no electronics in NK (Score 1) 191

I suggest you look at flux compression generators. They've been around since the 1950s, fairly low tech and inexpensive to construct, the one that I've seen a plan for was supposed to have a nominal range of half a mile and would fit into a minivan.

Are you sure you have not been watching Ocean's 11?

Comment Re:Bill is doing the right things (Score 5, Interesting) 247

Imagine having a library in your village that could show you how to build water condensers, new farming techniques, basic chemistry that could improve your quality of life, really ANY piece of information you could conceive of as well as the ability to communicate remotely with other vilalges trying to overcome similar problems at the touch of your hands.

But no, better to hand out fish then give access to fishing instructions.

Knowledge is power.

You know, this sounds like a great idea in practice.

In reality it is quite different. I agree with Calibax. Having seen the poverty first hand and having worked to help build a medical clinic in Kenya, as well as my Ex, who runs a charity in Tanzania.

We got them some of these books, and some of this knowledge. They have access to a lot of it believe it or not. The problem is not that they don't know how to do it, but the same infrastructure problems that bother us in the modern world. We might "know" that building a good rail network in a city area will improve infrastructure - but politics and other factors get in the way.

In the same way, gaining access to clean water sounds like it should make a difference, just give the people the knowledge of how to build that dam and water pipe, as well as a sand filter system, and it will all be fixed right?

Not in my experience. People in poor countries are just like us, but with fewer "toys". They procrastinate, they like to have fun. They would love to own an ipod or iphone. They are more concerned with getting the next meal and next "fun" thing than they are with building infrastructure. When is the last time you went out and built yourself a water line by hand? They just don't see it as a priority. I know this because when we worked on one trying to bring cleaner water to the clinic, all the locals wondered why we would bother when you could just get water from the stream like they always have. And yes, they know that the stream water would make them sick, but it is rather like dealing with a smoker - they have got along just fine this far with stream or swamp water, why should they change if things are working fine? There are other things to worry about.

So, in my experience, they have the material to teach them how to change, but are so focused on living day to day that they don't have the mental bandwidth to build infrastructure projects like you would expect. In my experience, Bill Gates approach is the right one - fix the basic needs first, then they will have the mental bandwidth to devote to projects.

Make it right before you make it faster.