Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?

Comment Re:What's a DLL? (Score 1) 152

> If an attacker can put a random binary on your local drive then they already own your machine

Pretty much no.

>If a miscreant cuts your brake line without your knowledge,

Terrible analogy. Because it's not what's occurring here. They don't have unrestricted access to critical systems on your car. It's more like they put a brake line cutting machine in your front seat. It's not until you get into the car and say "Are you sure you want to run the program START CAR with administrative access" that your line can be cut.

Let's go back to your original idea that the machine is compromised. If I have a virus file in C:\Dont_execute_anything_from_here, is my machine compromised? No, in most cases a file sitting on the drive would not randomly self execute. But, now let's say file "bad_code.exe" was written in such a way it took over program flow from my anti-virus when it was scanned. We would certainly say that the anti-virus vendor was at fault in this case.

Comment Re:What's a DLL? (Score 1) 152

>They've already owned the box just to put the DLL there.

Not exactly.

With UAC a prompt occurs to get administrative access, if this occurs at a time when the user does not expect it they may very well say no. Drive by downloads are one particular class of bug that can put a file in downloads, but have no risk of executing the file at that time, yes they are a bug that needs fixed, but one that seems to commonly occur. It is only later when an administrative installer executes that the system can be fully taken over.

Comment Re: The "Floor" was always a kludge (Score 1) 138

Your stock can drop instantly by half due to a computer error, but if the actual value of your stock is worth more than that, it will quickly return to its original value. It's called holding long term.

The issue here that you're having a problem with is people near the trading core can react much faster to real bad news, and you don't like it much.

Comment Re:If AB+ were forced on users (Score 1) 539

If it wasn't AB+ (which is really odd in a gov organization), you would just have an SSL inspection box that filtered out any crap they didn't want. Personally I don't want ads and their associated trackers 'monitoring' inside of government networks. Nefarious 3rd parties could easily buy or steal that data and use it to attack your network.

Comment Re: 25 Mb/s would be amazing!! but.... (Score 1) 522

Buy a logging chain and wrap it around one of the cable junctions at the side of the road. Then figure out a way to attach it to a passing dump truck without a) ripping your arms off and b) getting caught. The broken windows fallacy is only a fallacy when it's keeping you from getting upgraded service.

Comment Re:Business is suffering (Score 1) 522

>Do you expect your fellow citizens to pay more tax so that you can reap more private profit?

Yes. Because when you do this for something that isn't just a pet project, but benefits everyone in society it increases everybody's profit. Of course I'm sure you've not read a damn thing about utilities and public works in the last 100 years so you're a little ignorant about all that.

Comment Re:Think? (Score 4, Insightful) 522

>I've been on 25/5 and on 3/1 and really can't tell much difference because most stuff is oversold to be barely tolerable

Just because you live in Comcast or Centurylink's area doesn't mean that other places with better internet don't exist. I currently have 100/10, and would I notice a difference between that and 25/5, no, but the four other people in my house watching videos and playing games don't notice each other slowing down the net either.

That said, until a way to sue ISPs for their complete and total lack of providing their advertized service exists, many places will continue to have crap service.

Comment Re:Government should not pick winners and losers. (Score 2) 298

>Distributed generation, as it reduces the amount of electricity that must be moved over long distances, is more efficient, and therefore cheaper

Only if generation + losses is more expensive than each small generation plant, or have you forgot what economy of scale means.

Also distributed generation is expensive because the entire grid has to be redesigned from a from the centralized generation where a few big units determine the clock of the network to a smart network that will require millions if not billions in upgrades to stabilize millions of input sources.

Comment Re:Hash those pedals (Score 1) 78

Not a random length. You want a fixed total length. Say your longest possible password is 64 characters. You want to pad out every password to 96 characters, so if the users password is only 6 characters long an additional 90 random characters are padded. That way no statistical attacks can be performed.

Slashdot Top Deals

Computers can figure out all kinds of problems, except the things in the world that just don't add up.