Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?
For the out-of-band Slashdot experience (mostly headlines), follow us on Twitter, or Facebook. ×

Comment: Re:Pearson is guilty of this (Score 4, Interesting) 238 238

One of the last companies I worked for was undergoing a single signon project. In their presentation they made it quite clear that they were actually encrypting passwords with a two way function. After the main presentation I pulled the presenter aside and asked why when hash functions are the industry standard.

His response was kind of hillarious (and kind of sad).... too many IT managers were afraid of the repercussions of not being able to actually recover an executives password if he actually lost it and had used it for something important that couldn't just be reset.

Comment: How the next DHS Grant might be applied for.... (Score 1, Funny) 126 126

The FUD industry really is scrambling for the money aren't they.

Can you imagine, actually getting paid to sit around jerking off to how disasters could happen for no other reason than to enrich yourself selling the fear, has now been turned into an entire industry.

Comment: Re: Above Congress? (Score 2) 161 161

> Politics remains the entertainment arm of the military-industrial complex. After all, people would be
> mildly non-plussed to learn that they were secretly ruled by spooks and banksters.

It is all Bread and Circuses. The whole system is really great in a way. We have a diffuse democracy at all the low levels, feeding up in a pyramid scheme to a few people at the top. The total resources of 300 million people is taxed and at the disposal of under 1000 elected people...

You almost couldn't ask for a better situation for playing global games for profit.

Comment: Re:Drone It (Score 1) 807 807

Oh I don't think any amount of carnage will ever be what prevents war. People have an amazing capacity to ignore it, that part is easy, there is a reason reporters became "embedded".

What I do think is that anyone capable of actually building and fielding a truely modern army in a major engagement capacity is capable of doing the math and realizing what a stupid idea it is for him. I also think those same people can do the math and realize how insanely profitable the status quo is for everyone involved on a broad range of issues.

Comment: Re:Drone It (Score 2) 807 807

I honestly don't think a real "organized" war of that kind is likely to ever happen again. We have long since passed the point where the major actors are just too big and powerful to risk war with eachother, so they engage in little more than proxy wars against eachother's minor interests.

Even that doesn't really seem to describe the present day since the major powers major interests are so aligned they don't even proxy war with eachother so much as with the fallout from the decades worth of mess they made with their proxy wars.

Maybe some small time actors will have "real wars" with each other, or maybe we will have one against a small time actor, but, I suspect anything even as large as a US/Iran war is all but impossible at this point.

Comment: Re:rotfl "Can't recall" vs "never happened" (Score 1) 33 33

In general nothing. However, in this particular case the implications are amusing.

Note he very specifically said:

Now, it is true that some of my reporting has been based on hacked cybercrime forums and hacked cybercriminals, but I can't recall an instance wherein I was the one responsible for the hacking

Now..... I would believe a hacker who was breaking into forums and stealing data might forget who he hacked and when. Similarly, if Magic Johnson told me "I don't recall sleeping with that woman", I might believe he doesn't remember THAT woman.

However the thing I have trouble with is the idea of seeing that line between investigating and actively attacking a host. You know, that line where the port scans end and the nop slides begin.....its a pretty bright line. The only way I feel he "doesn't recall" writing about his exploits is, by having so many exploits of his own he can't recall which ones he may have written about.

Thats what I find funny.

Comment: rotfl "Can't recall" vs "never happened" (Score 4, Funny) 33 33

Great answers but, when I got to this: "Now, it is true that some of my reporting has been based on hacked cybercrime forums and hacked cybercriminals, but I can't recall an instance wherein I was the one responsible for the hacking."

I couldn't help but laugh at the lack of a true denial. I have trouble imagining not being able to recall something like this. Hell, I can recall times I was tempted to put on a dark hat and attack someone's box (I was pretty sure he was the guilty party I was helping track down as a favor for if you are going to engage in cybercrime, don't use the same screen name known to your victims to post youtube videos showing your IP address ... best part is, I didn't even know the screen name until I told them who I thought it was, and they said I just named one of their suspects)

Comment: Re:The First Rule of Bacterial Fight Club (Score 1) 30 30

Actually, I am pretty sure you are right but for the wrong reasons.

As I recall the existing protocols were basically finding and manufacturing specific phages for each case, which makes for a bit of a labor intensive protocol. There is probably room to profit off that but its going to be in running a clinical lab itself or supply of specialized equipment.

Its not about cheap, its about where the cost is and what it is on.

Comment: Re:Hmmm .... (Score 1) 75 75

Funny thing is, those terms and stickers don't even always hold water.

There was a hilarious case a while back where some PC manufacturer lost a lawsuit where they had refused a warrantee repair. Basically the courts told them PC buyers expect to open the case so you can't refuse warantee service over an expected operating condition, but, they can require the customer to revert any changes they made before they qualify for service.

Didn't stop the proliferation of stickers of course, because they may not actually void anything, but they may make you decide not to try a warantee claim.

Hell my monitor has an ugly bracket for the stand on the bottom, if you want to put it on an arm, you have to either leave the bracket sticking down off the bottom, or, remove a sticker to get it off.... lol, sticker removed.

Comment: Re:Just half? (Score 1) 70 70

This. The only time I ever click on them is accidentally.

But you have to realize, most people don't really know half of whats going on behind the scenes as they browse the web. Hell, I don't, I know enough to know how much is going on and how to find out more if I want, but who really looks? All the time? At some point you have to trust trust and everyone has to do it at a high level.

Most people don't have any conception of what a potentially hostile environment they have entered. Browsing the web is like replacing the hand shake with receptive anal sex and going out to a diner party:
"Hi there ReputableSite.Com my good friend"
"Hey there browser, come meet all my friends, we have a private room for 500, and they ALL want to meet you! Oh, is that condom? You need to leave that here or the door wont work."

Comment: Re:Life finds a way (Score 1) 187 187

The moral of the story was that by crying wolf, the boy made him crying wolf the equivalent of him NOT crying wolf ever.

It is tempting, and even mostly correct, to think of bugs as little biological robots, but, they are robots that have very complex programs which have dealt with all manner of danger and trick in the past and survived. It shouldn't be surprising that they have coping mechanisms to detect bogus signals and adjust.

Just like the townsfolk recognized a bogus signal and adjusted. That adjustment was the correct response to the boy who cried wolf. It left them vulnerable the one time he was right, but, he was a signal they couldn't rely on.

You can take the moral several ways, but at its heart it is: If you develop a reputation for not telling the truth, people wont believe you when you do.

A language that doesn't affect the way you think about programming is not worth knowing.