Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
For the out-of-band Slashdot experience (mostly headlines), follow us on Twitter, or Facebook. ×

Comment: Re:Ooo! I can solve that one! (Score 1) 291 291

Sorry, i forgot to mention, Stuxnet only infects PCs and searches for the Step 7 (Siemens Development Environment) Software as well as any possibly connected / accessible PLC. The PCs that are most likely infected are those from the Service/Support or Development Department. These are usually not 'production' system but rather office PCs/Laptops that are likely used for other purposes than to program S7 PLCs most of the time.

PLCs run autonomous and use a real time embedded proprietary OS and are not infected by Stuxnet directly, Stuxnet may upload and hide new code to the PLC, but it does not copy itself to, or run on, a PLC.

Anyway, a few good safety rules should of course protect you from the original Stuxnet variant. Not allowing USB ports is a good measure but most users will revolt. Disabling Mass Storage device drivers is a better way to go in most cases. Not allowing a PC on both Production AND Office/Internet LANs is, of course, another. But usually technicians get lazy.. or they want to continue to play Mincraft SMP while they debug the S7 controlling the reactor safety systems -_-);

Comment: Re:Ooo! I can solve that one! (Score 3, Interesting) 291 291

I looked up how Stuxnet works because it was relevant to my work and company (we use a lot of S7 PLCs on our production network).

The original was now much more than a glorified backdoor. It would install itself but did not contain any directly malicious payload. It would try to connect back to attacker, then the attacker could send and execute any payload they wanted.

It is likely the first payloads where used to identify priorities the attacked system (downloading source code etc). Then a malicious attack payload was specifically created to do the most harm and sent.

It was a glorified backdoor because it could propagate by itself and had the components to detect and connect to, upload and hide code to PLCs.

If it was installed by USB on a PC that was not connected to the internet then it would not have caused any direct harm since it wouldn't have been able to connect to the attacker.

Anyway, of course you can design a variant of Stuxnet that can try to damage any PLC without prior knowledge (contain a malicious payload), but i doubt it would be very effective. Without knowing what a PLC does / is supposed to do, the damage by simply changing values would likely be minimal and be immediately recognized.

Comment: E7 is not Sandy Bridge based (Score 2) 128 128

The Quote

The new E7 series incorporates the benefits of Sandy Bridge

is a bit misleading, i think.

As far as i understood it uses the older Westmere EX architecture. So while it may have added instructions also available in the Sandy Bridge architecture, clock for clock it will likely be slower in most cases and probably won't reach the the clock speeds of Sandy Bridge based chips.

Comment: Re:Well... (Score 1) 376 376

Thank you for the reply. I assume you mean T-Com part of Deutsche Telekom, which was Privatized. As Part of the deal there was a law that any other ISP or Phone Carrier can lease lines up to the home for the same fair conditions anywhere in Germnay. That means if DSL is possible then you can get other from any other ISP. I don't know your address of course but i looked up for restaurant addresses in Baden Baden on google maps and just picked the first one and used the address (Holland Hotel Sophienpark GmbH, Sophienstraße 14 with Phone # 07221 3560) to look up availability for Arcor (one of many cheap ISPs, see http://arcor.de/ right on the fron page to the lower right) for which i had to five the street Address (Sophienstraße 14) and Area code of the Phone Number (07221). It stated that it is available at 6Mbit/s for 29.90 a month. After that i went to 1&1 (dsl.1und1.de) and check availability there for the same address, it says that the 16Mbit/s line is available for 24.90/Month for that address.

You are right though in that the actual speed might be a lot less, this is usually true if you live in an older home that does not have twisted pair wiring but only parallel wiring (the twisting cancels noise, without it the signals of other surrounding lines get mixed in). Simply if you live in a 100 year old house (not uncommon in germany) it probably also has 100 year old phone wiring.

In any case, if you can get inet from any provider you can get it from all of them. Whoever told you otherwise was lying (wouldn't be surprised if t-com lied to you, they are not a very good company, sort of like AT&T ;-)

Comment: Well... (Score 4, Insightful) 376 376

My Parents live in the US (Missouri), i live in Germany.
They pay more then i do, they only have one choice for broadband (SBC Global which is now AT&T) and their download speed is slower then my upload speed. And i don't mean 'stated', i mean actual.
They have 768kbit/s down stated and they do get that but they pay around $45/month. In Germany i pay 29.90 euro for 32Mbit/s stated of which i actually get 3.9MByte/s sustained so 31.2Mbit/s actual and 2Mbit/s upstream stated of which i get like 220kbyte/s so 1.8Mbit/s).

My brother lives in mountain view (near google) and used to live in menlo park. On both occasions he had only two choices (dsl and cable form one provider each).
Each was horribly slow and very expensive. And this is in the F*ING HEART OF SILICON VALLY!!!. At least now in mountain view he gets free google wifi (which he uses exclusively, thank you google!).

In Germany i have 8 different DSL providers, all tying to outbid each other (this is in a small rural town with maybe like 5000 inhabitants). Unfortunately with DSL the max they can provide is 16Mbit/s over twisted pair, that's why i went with cable, which for the speed is just as cheap and way cheaper then anything i ever saw in the US. Sure i heard of things like 'Fiber to the premises' but in the areas my parents, my brothers and i lived it was never even considered, and in the last 10 years the price of 'broadband' was actually raised 2x. Each time my parents would cancel or threaten to cancel to get the 'new user' prices again which would be what they payed before. But it's not really much of a choice, if they want broad band they have to pay what AT&T asks.

This article is either total BS or somehow every place i know in the US has been miraculously spared of any type of competition leaving horrible service, horrible speeds for extravagant prices.
Does anybody in the US have something like 32Mbit/s (uncapped) $40/moth? If so, where do you live and what is your ISP?

Comment: Re:Which PDF viewer? (Score 1) 189 189

Well if you just want to READ pdf files (not print them) then i would suggest just loading them in Google Docs.
You don't need any plugins for that (no Flash etc) as each page is simply converted to an image server side. I would think that this is secure.

In any case i always disable all file format plugins in FireFox. It actually happened a few days ago that i was suddenly asked to save a PDF file even though i didn't click on any link, on examining adblock i found a hidden iframe that apparently tried to load what i am very certain was a malicious pdf in the background.

Comment: File Sharing IS NOT illegal (Score 1) 313 313

by itself. If you share content that is copyrighted in your country, to which you do not have appropriate distribution rights for that country, then you MIGHT be doing something illegal.

When i download my favorite Linux distro via BitTorrent i am NOT doing something illegal. Having used a File Sharing program does not mean i have ever used it for any illegal purpose.
136 people admitted using file sharing software, they did NOT admit to using it for illegal purposes!

Why have we allowed the assumption that File Sharing = Illegal to become so commonplace?
I am outraged this is not the first point of contention for this study.

Comment: Thats ok (Score 5, Interesting) 883 883

i think it would be bad anyway if the companies whose primary business is selling fossil fuel also controlled a large chunk of the renewable energy market.
I mean can you say 'conflict of interests'?

Leave it to the little guys that are better (specialized/core business) at it anyway.
And at least now we truly know where they stand.

Comment: That is a sad statistic (Score 3, Insightful) 538 538

most other countries have a higher broadband adoption ratio with better speeds
and lower prices, so if the majority of the people living in the US without
broadband don't want cheaper/better performing internet then something must
be really really wrong.

I would be guessing the lack of competition, throttling, being treated like dirt
and then spending a (comparatively) huge amount of money for the privilege
has probably scared those people off.
Security

+ - Russia One Ups U.S. Bomp Superiority->

s31523 writes: "In 2003 when the United States tested their newly created Massive Ordinance Air Blast weapon (A.K.A Mother Of All Bombs), it was king of the non-atomic hill. Now, Russia claims to have the "Father Of All Bombs". The newly created Russian weapon contains less explosive material that is "highly efficient" and has a reported blast radius of 990 feet. Col.-Gen. Alexander Rukshin, a deputy chief of the Russian military's General Staff, said the new bomb would allow the military to "protect the nation's security and confront international terrorism in any situation and any region." Is this a new era of non-nuclear arms racing?"
Link to Original Source
Censorship

+ - German ISP Arcor blocks porn websites

Sascha J. writes: "As heise (German, Google translation) is reporting, the German ISP Arcor started to block some well-known porn websites like youporn, sex.com and privatamateure.com. According to the Arcor spokesperson, Paul Gerlach, they started blocking these sites because another company sent them a request to block them, because these websites do not have proper age verification. heise researched and found out that the request came from a German company who also provides erotic material, but follows the official age verification guidelines. Also, the Impressum (Imprint) of the website adultpark.de links directly to the Imprint of arcor.de. This leads to the conclusion that Arcor is actually blocking these easily accessible websites in order to help their own companies gain popularity and earn more money. If ISPs already start blocking websites for their own profits, I wonder what the next step is going to be."
Movies

+ - Porn industry looking for fix for piracy problem->

Hedgehog writes: Piracy has the porn industry up in arms, and they appear to be hard up for solutions to the problem. The increased popularity of BitTorrent and other p2p networks has made profits harder to come by for the industry. 'With sales tanking quickly over the past several years in favor of free alternatives, the industry is now trying to figure out ways to stay afloat. Piccionelli estimates that no more than 15 or 20 percent of the porn in the wild is legitimate — for an estimated $50 billion industry, that could mean a lot in lost sales, although it is highly debatable whether many of those downloading XXX features on their P2P network of choice would have purchased those titles instead.' At least they're not looking at DRM: 'Noting something that Hollywood still has yet to acknowledge: "I worry about [the producers] coming up with DRM or technological solutions, because they're not going to work."'
Link to Original Source
The Courts

+ - eBay Seller Files Federal Lawsuit Against Autodesk->

New10k writes: "Tim Vernor is an eBay seller (happyhourcollectables) with over 10,000 positive reviews. He specializes in comic books but sells most everything. He got thrown off eBay after Autodesk filed complaints against him for reselling Autodesk software. He has responded by filing a federal lawsuit alleging fraudulent use of the Digital Millennium Copyright Act. He has already passed the federal court's "is this guy a wacko?" test and the suit is official — Autodesk has 30 days to respond. Details at AECnews (http://aecnews.com/news/2007/09/10/2377.aspx)."
Link to Original Source

Getting the job done is no excuse for not following the rules. Corollary: Following the rules will not get the job done.

Working...