Forgot your password?

Comment: This could totally work out (Score 2) 129

by SpzToid (#47499025) Attached to: Snowden Seeks To Develop Anti-Surveillance Technologies

Edward Snowden certainly has name recognition in the security space, which in branding terms equals big money. He's got his share of wild and crazy times overseas doing various hijinx not always on the up and up, sorta just like other security specialists of an earlier generation. Sure, in terms of branding alone Snowden could easily become the next McAfee, and he's still very young!

And isn't as if they weren't both wanted on international warrants either; and street cred. does sell sneakers.

Comment: Re:Derp (Score 1) 163

by SpzToid (#47497275) Attached to: New Mayhem Malware Targets Linux and UNIX-Like Servers

Yes, you are right and I stand corrected. In fact late yesterday, I happened upon a blog post teaching me the same explanation you gave me just now:

when we start SSH on port 22, we know for a fact that this is done by root or a root-process since no other user could possibly open that port. But what happens when we move SSH to port 2222? This port can be opened without a privileged account, which means I can write a simple script that listens to port 2222 and mimics SSH in order to capture your passwords. And this can easily be done with simple tools commonly available on every linux system/server. So running SSH on a non-privileged port makes it potentially LESS secure, not MORE.

Thank you for your important clarification regarding my security practices.

Comment: Re:Derp (Score 2) 163

by SpzToid (#47483745) Attached to: New Mayhem Malware Targets Linux and UNIX-Like Servers

Start your security process by not using port 22 for ssh, and instead using some random, legal 5-digit port number. Then block IPs from anyone doing a port scan. Also, setup port-knocking prior to any authorized user even starting to login using ssh. Of course certificates should only be used, not passwords for authorization. That should go a long way to keep the bad guys out.

Also bots tend to have the same user-agent strings, which tend to be obscure in and amongst themselves. These obscure, identifying user-agents can also be blocked, once identified.

To read and actually make sense of machine logs, the free ELK Stack rocks! Here's a guide to setup your own machine, for the purpose of reading logs in a very user-friendly way.

Comment: Re:Those bloody sepratists! (Score 1) 750

by SpzToid (#47476617) Attached to: Malaysian Passenger Plane Reportedly Shot Down Over Ukraine

Replying to myself here. I was being sarcastic dammit. 'Separatists', in the most-classic sense, typically don't have such sophisticated weaponry or manpower at their disposal, when they 'rebel'. Duh.

I even cited with photos of what a BUK missile battery looks like. Please don't think I'm some sort of anarchist, okay?

Comment: Re:Why fly over a war zone? (Score 1) 750

by SpzToid (#47476303) Attached to: Malaysian Passenger Plane Reportedly Shot Down Over Ukraine

Up until this period of time, airspace at that altitude, over this region, wasn't in any way shape or form considered to be a war-zone, I can assure you. Or else that commercial flight would not have been there in the first place. I do not believe this particular international commercial flight up there was something like an isolated event either. Now your point in retrospect perhaps...

Comment: Those bloody sepratists! (Score 2) 750

by SpzToid (#47475879) Attached to: Malaysian Passenger Plane Reportedly Shot Down Over Ukraine

That rag tag militia got lucky it seems, with a direct hit no less. Those light ammunitions gathered from round the house, what the odd Klashnikov and what have you.

Speculation at this point is this is what those rag-taggers managed to bring it down with:

+ - X.Org Server 1.16 Brings XWayland, GLAMOR, Systemd Integration->

Submitted by Anonymous Coward
An anonymous reader writes "The much anticipated Xorg Server 1.16 release is now available. The X.Org "Marionberry Pie" release features XWayland integration, GLAMOR support, systemd support, and many other features. XWayland support allows for legacy X11 support in Wayland environments via GL acceleration, GLAMOR provides generic 2D acceleration, non-PCI GPU device improvements, and countless other changes."
Link to Original Source

+ - Hackers Steal Personal Information of US Security-Clearance Holders-> 1

Submitted by schwit1
schwit1 (797399) writes "The article says they were Chinese but offers no evidence:

The intrusion at the Office of Personnel Management was particularly disturbing because it oversees a system called e-QIP, in which federal employees applying for security clearances enter their most personal information, including financial data. Federal employees who have had security clearances for some time are often required to update their personal information through the website.

This is a big deal. If I were a government, trying to figure out who to target for blackmail, bribery, and other coercive tactics, this would be a nice database to have. — B Schneier"
Link to Original Source

+ - Congress "Defends" State Rights by Passing Law Prohibiting Local ISP Competition

Submitted by Anonymous Coward
An anonymous reader writes "The U.S. House of Representatives voted on Wednesday to approve a proposal that would essentially allow states to prohibit local municipalities from setting up their own ISPs to introduce competition in local markets. The bill seems to be a pre-emptive strike against FCC claims that it plans to limit the ability of individual states from stifling local competition. The proposal was inserted into a general appropriations bill (appropriations bill = government funding bill) by Representative Marsha Blackburn (R-TN) and passed 223-200. Blackburn, of course, has received thousands of dollars in "donations" from large, well-known ISPs and from the National Cable & Telecommunications Association. The bill has to pass in the Senate in order to become law."

+ - Pseudonyms Now Allowed On Google+->

Submitted by Anonymous Coward
An anonymous reader writes "When Google+ launched, it received criticism across the internet for requiring that users register with their real names. Now, Google has finally relented and removed all restrictions on what usernames people are allowed to use. "We know you've been calling for this change for a while. We know that our names policy has been unclear, and this has led to some unnecessarily difficult experiences for some of our users. For this we apologize, and we hope that today's change is a step toward making Google+ the welcoming and inclusive place that we want it to be.""
Link to Original Source

Comment: Re:105 megabits per second (Score 1) 401

by SpzToid (#47460431) Attached to: Comcast Customer Service Rep Just Won't Take No For an Answer

TFA says he's a producer at AOL. Seeing as how he's an AOL employee, he probably needs a lot more bandwidth than you do, as you're someone who probably just works in I.T. Go figure. I don't understand anything about AOL either.

Obviously he needs way more bandwidth than he can get via an (AOL) dial-up modem, which explains why he's been with Comcast for the last 9 years.

Someone that works from home might opt for a larger package to obtain greater uploading bandwidth. I did that to advance from 1.5 to 6 Mbps recently myself, and I'm glad I did.

Maybe this is just AOL picking a Telecom fight with Comcast. Seriously, since when is it ever legal to record a call like this? But I suppose it becomes legal when you're on hold and the recording played to you says they'll record you first.

Optimization hinders evolution.