Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Take advantage of Black Friday with 15% off sitewide with coupon code "BLACKFRIDAY" on Slashdot Deals (some exclusions apply)". ×

Comment Re:Is that a secret? (Score 1) 46

" This is more about the services offered to show a VPN providers IP vs an ISP rather than a traditional "two distant offices" secure networking."

So what? The expectation is exactly the same: what happens on a node working as ending point for a VPN with regards other networks that node has access to is up to the node, not the VPN.

So if a VPN ends in my computer I'll give for granted all other networks on my computer are visible to the other end unless I'm taking positive steps for that not being the case.

Comment Re: Important to note (Score 1) 351

"you see everything in HDR, hear everything from miles away and just see solutions after solutions to almost every problem."

You *think* you see everything in HDR, you *think* you hear everything from miles away, you *think* you see solutions to almost every problem.

One of my funniest experiences involving LSD is a friend of me taking a dose and telling me -about five hundred times, not an exageration, the real number, he couldn't feel any effect.

Comment Re:If you write SQL injections (Score 1) 57

"As the CIO, I would ask the source code to be extracted from SVN/GIT, and then everyone who touched the last version of ANY file that has dynamic (SQL injection vulnerable) SQL in it be immediately fired."

That's once thing (among alot others) explaining why you'll never be a CIO so, don't worry, you won't have the chance to fire anybody.

Comment Re:Is that a secret? (Score 1) 46

"The "anonymizing" part is that the VPN becomes your IP for that session. "

That's a side effect at most.

"Your entire OS, all apps, web use can only connect via the VPN, no leaking an ISP IP out"

Sorry, but seemingly you don't understand what you are talking about. Once stablished, your Virtual Private Network is a Network just like any other else: you can route it, bridge it, masquerade it... In fact, that's the very goal of a VPN: making two topologically disconnected networks look like connected through a topologically local network (single hop).

"The idea that anyone looking back from the VPN IP can see the users ISP is not the best news."

Well, it isn't even news: that's the exact feature that allows, for instance, to connect two distant offices' networks as if they were one hop away.

Comment Re:Bigger problems (Score 1) 46

"Masking one's origin is often the entire purpose of a VPN, at least from a consumer standpoint."

Uhhh... nope, why should that be the case?

The purpose of a Virtual Private Network is to, well, Virtually making a Private Network, as if it was Local (LAN is another interesting acronim here) over other non-local networks.

And then, the article states " The technique involves a port-forwarding tactic whereby a hacker using the same VPN as its victim can forward traffic through a certain port, which exposes the unsuspecting user's IP address."

The same VPN! Why talking about "unsuspecting users"? The very purpose of a VPN is that those using it can get in touch to begin with!

Comment I realize I'm not answering the question... (Score 1) 69

but I stopped managing my bookmarks when Firefox & chrome started searching them and the text they contained. That plus google pretty much made bookmark management a waste of my time. Kinda like organizing my email. I just don't do it anymore. Use the search feature in your browser bar and give the bookmark a name with some useful keywords and blam, no more managing. If it's something you use a lot drop it in your bookmark bar. Come to think of it, that's one of the key things that keeps me on Firefox: I can drag and drop a tab directly onto my bookmark bar.

Submission + - France using emergency powers to prevent climate change protests (theguardian.com)

Bruce66423 writes: Following the Paris massacre, the French government declared a state of emergency. One of the regulations this introduced was control of large scale gatherings, and one of the events that is being caught up in this is planned protests to do with Climate Change conference in Paris next month. This has resulted in some activists being put under house arrest — yet other gathering, such as commercial street markets — are being allowed to go ahead. Funny that; anyone would think that the government is using the opportunity to suppress dissent.

Comment Re:Duh (Score 1) 711

Actually, the degraded option does NOT work for BTRFS or at least hasn't when I've tried it. I still ended up in the shell. I checked the changelog for systemd from present back to the date of that report and there is no mention of it at all. Once in the shell, mount -odegraded / will work just fine. If systemd' wasn't too mind-bogglingly stupid to just try the mount command nobody would have to get out of bed at 3AM just to type that. But if I just rip systemd out and use the supposedly old and broken down sysV init, it works every time. If systemd had a sane configuration, I'd just poke that mount commend in as an explicit action and it would just work, but in all of that tangled spaghetti just below the surface, there appears to be no way to do that.

For md devices, they get around the problem by having a regular old script in the initrd go ahead and assemble the RAID before systemd gets a chance to get the vapors and refuse.

Mainframes certainly DO cost 100x more than (for example), a supermicro server.

Sure, networks do go down, but in those cases, you're either dual homed or no amount of non-stop can help you. Again, take the 90% solution or be prepared to start paying a lot more. I did say it should be in a good datecenter with backup power. If that fails, again, no amount of non-stop can help you.

Submission + - Pwned Barbies Spying on Children? Toytalk CEO downplays hacking reports (bt.com)

McGruber writes: Earlier this year Mattel unveiled "Hello Barbie" (http://shop.mattel.com/product/index.jsp?productId=71355596), a $74.99 wi-fi equipped interactive doll. Users press a button on Barbie's belt to start a conversation and the recorded audio is processed over the internet so that the doll can respond appropriately. The doll also remembers the user’s likes and dislikes.

Now Security Researcher Matt Jakubowski claims that he has managed to hack the Hello Barbie system to extract wi-fi network names, account IDs and MP3 files, which could be used to track down someone’s home. “You can take that information and find out a person’s house or business. It’s just a matter of time until we are able to replace their servers with ours and have her say anything we want,” Jakubowski warned.

Mattel partnered with ToyTalk to develop "Hello Barbie". ToyTalk CEO Oren Jacob said: “An enthusiastic researcher has reported finding some device data and called that a hack. While the path that the researcher used to find that data is not obvious and not user-friendly, it is important to note that all that information was already directly available to Hello Barbie customers through the Hello Barbie Companion App. No user data, no Barbie content, and no major security or privacy protections have been compromised to our knowledge.”

A petition by the Campaign for a Commercial-Free Childhood asking Mattel to drop the doll has already been signed by over 6,000 people.

NOTE: The original reporting of this hack appears to have been this NBC-Chicago newscast: http://www.nbcchicago.com/inve...

Comment There haven't been very many studies (Score 1) 351

of the effects of most other recreational drugs. Congresses banned them ages ago to stifle debate on our drug policy.

If you want a good example of an "evil" drug that isn't look at Sly Stalone's Steroid use. Sure, it needs to be done under a doctor's supervision, but he's living the life of a man in his 30s while in his 60s. Meanwhile the rest of us pleebs can't get that because baseball and football have vilified the drug.

I was playing poker the other night... with Tarot cards. I got a full house and 4 people died. -- Steven Wright