Forgot your password?
typodupeerror

Comment: Re:Do I need to be concerned about this? (Score 3, Interesting) 204

by Penguinisto (#47575417) Attached to: "BadUSB" Exploit Makes Devices Turn "Evil"

Depends.

I once worked for a company that wrote web banking software. The laptops/desktops/etc of certain employees had a 'driver' that continually monitored the USB ports. If anything plugged into it that had storage on it but not the proper corporate auth key to connect as an approved storage device? It would automatically send an email to the IT department, immediately shut off the entire USB subsystem in the OS, and it stayed that way until the device was re-imaged (in many cases making the device completely useless). It also got you immediately perp-walked out of the building and freshly unemployed, unless you could immediately give them a reasonable (and provable) explanation as to why it happened.

Now in this case, I suspect that if the bad stick presented itself to the OS as a keyboard/mouse/whatever, it may circumvent that (I say "may" because I don't know if it would be able to dump any non-keyboard/mouse-related data onto the machine w/o presenting itself as storage.)

Either way, if you're that worried about it, then epoxy the USB ports shut (well, except on the phone for obvious reasons...)

Comment: Re:Send a robot (Score 1) 84

by Penguinisto (#47546395) Attached to: Off the Florida Coast, Astronauts Train For Asteroid Mission

When it's time for an asteroid mission, it will probably be robotic.

Sadly, you're right. The same fuckers that make that decision are probably the same ones who think that artificial insemination is vastly superior to sex. Objectively they'd be right for the purpose of reproduction, but they're still a bunch of heartless assholes for basing public policy on it.

It's amazing how much money NASA can spend not going into space.

Agreed again - open the damn thing to commercial exploitation and see how fast NASA catches up.

Comment: Re:Depends on the tasks (Score 1) 92

The only gain in either situation from replacing them is theoretically increasing longevity. Neither case lends itself to a virtual machine unless the thing running that VM has a sparc processor, in which case there's no point for a VM.

Well, not entirely "no point"... (and I didn't even have to bring up zones ;) )

Comment: Re:"to not look inside the box" (Score 3, Insightful) 260

by Penguinisto (#47511031) Attached to: Google Offers a Million Bucks For a Better Inverter

An awesome way to smuggle a wifi sniffer - or something naughtier - into the googleplex!

...more like an awesome way for Google to grab a profitable patent in exchange for the prize money.

Seriously - if you can pop those kind of specifications, you can make a hell of a lot more than a million bucks from the patent alone.

Comment: Re:Duh (Score 3, Interesting) 92

A cheapie SunFire v200/210 will run like a tank, but you'll be crippled by the server's top speed, and they do put out the heat if you push up the load average (and HVAC costs should always be factored in, yo.)

You'll also need to buy a lot of those pizza boxes to make up for the processing power that you can find in a box half its age, let alone the newer iron.

Sometimes you have to run the old stuff (I work in an environment where we have testbed boxes, and SunFires are a part of that, along with ancient RS/6000 gear, PA-RISC HPUX gear, etc. I can tell you right now that the old stuff cranks out a lot more heat (and in many cases eats a lot more rackspace) than the equivalent horsepower found in just a handful of new HP DL-360's.

Comment: Re:Curious (Score 3, Interesting) 132

by Penguinisto (#47508443) Attached to: Exodus Intelligence Details Zero-Day Vulnerabilities In Tails OS

What could allow remote code execution in Tails but not affect Firefox or any of the other software us non-terrorists use. A bug in tor itself?

Given that they likely had to add a few custom bits to insure anonymity, and likely modified or ripped out a few other bits, odds are good that the customizations are where the issue lies.

(...then again, perhaps the bug(s) can be found in the std. packages, but the researchers wanted to scare a smaller organization into becoming a customer first?)

Comment: Wait, wait... (Score 5, Insightful) 132

by Penguinisto (#47508417) Attached to: Exodus Intelligence Details Zero-Day Vulnerabilities In Tails OS

The company plans to tell the Tails team about the issues "in due time"

I'm 100% certain "in due time" would come a lot sooner if the Tails OS maintainers coughed up the right fee, which means that this is most definitely NOT responsible disclosure.

I get that security researchers have to eat too, but damn - this sort of reeks of extortion. Maybe I'm wrong, but I know if I had a code project and some company said they knew I had holes but refused to tell me upon asking, extortion would be the first effing thought that would come to mind.

What this country needs is a good five cent microcomputer.

Working...