Forgot your password?
typodupeerror

Comment: Mobile OTP (Score 1) 113

by What'sInAName (#47559257) Attached to: Ask Slashdot: Open Hardware/Software-Based Security Token?

I'm surprised no one has mentioned Mobile-OTP (http://motp.sourceforge.net/). Perhaps it's a bit older, but it's absolutely free assuming your users have a mobile phone. (It doesn't even necessarily have to be a smart phone). We use this to secure our SSH gateways and it's not bad to set up -- it uses PAM.

+ - Seven IPMI Firmware Zero Days Disclosed->

Submitted by msm1267
msm1267 (2804139) writes "HD Moore today disclosed seven zero-day vulnerabilities in IPMI firmware from vendor Super Micro. The security issues were reported to the vendor in August, however the vendor, beyond acknowledging receipt of the vulnerabilities never communicated with Metasploit regarding a fix.

A Super Micro representative told Threatpost that this was an “old story” and that the issue had been resolved. A request for further comment from a Super Micro project manager was not returned in time for publication and the availability of patches could not be confirmed.

IPMI, or intelligent platform management interface, are tiny computers that sit on a motherboard that are used by IT administrators in large data centers for remote management of servers or remote BIOS maintenance. They’re mostly present in rack-mount servers, and are cumbersome to update because they often require physical access to the hardware, and in a service provider environment, for example, there could be hundreds of these embedded devices present.

Beardsley said that a Project Sonar scan for the IPMI firmware in question, version SMT_X9_226, found 35,000 of them online. He estimates that number likely represents less than 10 percent of the total devices in use."

Link to Original Source

Comment: Re:who thinks about their smoke detector? (Score 1) 177

by What'sInAName (#45084377) Attached to: Nest Protect: Trojan Horse For 'The Internet of Things'?

Many apartments are like this. Here in the Boston area there are quite a few apartment buildings with central heat that individual units have no control over. It's especially bad with those damn steam radiators. Depending on what kind of insulation you have, part of a room will be boiling hot and the other part will be freezing. If you stand in between the two extremes and rotate, you can kind of keep yourself at a comfortable temperature, but that's a bit... awkward to do.

Comment: I'm going for an S3 (Score 2, Interesting) 470

by What'sInAName (#41357025) Attached to: iPhone 5 GeekBench Results

(Grrr, thought I was logged in.)

I've decided that my next phone (soon, I hope) is going to be the S3. I'd been holding out with my iPhone 4 for a while, waiting (like many others, I suspect) to see what Apple would wow us with for the iPhone 5. Needless to say, I wasn't that impressed, though to be honest, part of me really didn't expect to be, given that there are only so many innovations they could have come up with. What could they have done? An even bigger screen? NFC? A phone you could roll up? The first two would hardly have been groundbreaking and the latter is tech that doesn't really exist yet.

Still, at the end of the day, I'm sure I could be happy with the 5, but I'm ready to play with a new toy. I've never had an Android device before, but got a chance to play with a tablet and some phones over my vacation, and I liked what I saw.

Captcha: revenues

Comment: Re:Key AND Password (Score 2) 167

I use Mobile OTP (http://motp.sourceforge.net/) for two-factor auth at work. Once I figured out the PAM side of things, it was quite straight-forward. I installed it on my server at home as well, but I'm a little more relaxed about it -- I allow ssh from a few "trusted" boxes via ssh-keys, otherwise it requires password+OTP token authentication. Now, I just have to worry about keeping those "trusted" boxes safe. (I do have a password on the ssh keys, but wonder if I have a long-running login session with the keys installed into ssh-agent, I might be boned anyway if someone were to break in.)

Comment: Re:Pah! Antisocial network (Score 1) 396

by What'sInAName (#39476357) Attached to: Senators Ask Feds To Probe Facebook Log-in Requests

What happens when they decide that people they can't find on social networks must either be lying, or must have something to hide?

Honestly, I am so fucking tired of all these facebook "hipster" posts that basically say, "I'm too cool to be on social media!" If you don't have Facebook, this doesn't affect you, so stop telling everyone you don't have Facebook. No one thinks you're cool because of it.

Please! I wasn't on FB before it was cool to not be on FB. Instead, I'm on a different social networking site. You probably haven't heard of it.

Comment: Re:Come back... (Score 1) 311

by What'sInAName (#39036333) Attached to: Followup: Ultraviolet Vision After Cataract Surgery

Yup, that's an excellent description of what it's like -- I think I actually described it that way ("feeling" it rather than hearing it) once actually. I only found it mildly annoying though. I always thought it was a cool (if somewhat useless) "superpower."

Nice to see I'm not the only one. I worked in a computer lab in college for a bit and would always be the one to walk around and turn off the CRT monitors that had been left on at the end of the day (though with a room full of them, it still takes a bit of time -- the sound isn't particularly directional). Never found anyone else around who knew what the hell I was talking about until now.

Comment: CTRL+F in meatspace (Score 1) 567

by What'sInAName (#37152486) Attached to: Most People Have Never Heard of CTRL+F

I have the opposite problem. I try to use Ctrl+F (well, grep actually) in the real world. Don't tell me you haven't. I can't recall the number of times I've been reading a book, deciding I want to search for something, and caught myself thinking "I'll just grep for.... oh shit."

It happens less and less now, since I've started using the iPad as a book reader. Now the only really annoying thing is getting a non-searchable PDF, which is fortunately pretty rare.

Comment: Research related to this has been covered. (Score 3, Informative) 521

by What'sInAName (#37059806) Attached to: Cancer Cured By HIV

From 2005:

http://science.slashdot.org/story/05/02/14/1519212/The-Cure-for-Cancer-Might-be-HIV

I thought the subject of this story sounded familiar. Seems like they've made progress! Let's hope it stands up to further studies. Many, many promising treatments turn out to be fools' gold.

Comment: Re:They don't get it (Score 1) 270

by What'sInAName (#35735174) Attached to: iPad Just Another TV Set?

I just ditched cable this winter. The hardest part for me wasn't giving up cable, but the nice MythTV DVR PC I bought from components and installed when it still meant something to install your own Myth box. (Not really bragging, I'm just proud of my accomplishment. Ok, so yeah, I guess that means I'm bragging, so sue me.)

Now I have an old Mac mini with Boxee on it hooked up to the TV (36" LCD 720p, nothing special at all) and can control it all with an Apple remote, which I like. (Well, I have a BT keyboard/mouse if I want to browse to something not available as an app on Boxee.) I also moved my home media collection to a smaller, quiet PC that also serves as the home Samba share, in another room. Not that the myth box was loud, but now my living room is super quiet.

So far, I really haven't missed cable, and I'm quite happy with the setup.

Algol-60 surely must be regarded as the most important programming language yet developed. -- T. Cheatham

Working...