Become a fan of Slashdot on Facebook


Forgot your password?

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).


Comment: Re:More Flexibility? (Score 4, Informative) 466

by alcourt (#43670729) Attached to: Ubuntu Developing Its Own Package Format, Installer

Query: ldd
Control: see the various environment variables that specify which lib dirs are used in what order for that environment you just created. (LD_LIBRARY_...)

Applications can specify the exact version number of a library (.so.1 vs .so.2).

Note, none of this is Linux specific. That family of operating systems is far from perfect in shared library handling, but I won't pretend that it doesn't inherit at least some tools that have at least some flexibility from older Unix tools.

Comment: Re:Agents do have some latitude (Score 1) 427

by alcourt (#43363797) Attached to: TSA Log Shows Passengers Say the Darndest Things

I often would crack a friendly non-political joke. For example, asking if I got a piece of cheese for running the rat maze (the line was empty when I approached security). Treat them as a human, and they tend to treat you as one.

Of course, once I scared a TSA agent by accident (not in a way that resulted in police). Have an asthma attack shortly before going through security. The agent was clearly more scared than the other passengers.

Comment: Re:Energy conservation only applies to other peopl (Score 2) 187

by alcourt (#43325647) Attached to: NetWare 3.12 Server Taken Down After 16 Years of Continuous Duty

Oddly, I replaced my main home server with a highly energy efficient model four years ago (mac mini). I was using a kill-a-watt meter to measure that I was spending > $100/year on the old server, and that was a significant factor on what to get as a replacement. All my other systems are energy efficient laptops at home. I use the kill-a-watt regularly to test devices suspected of burning excess power.

Are there things I don't do? Of course. But I hardly ignore energy efficiency. I also make sure I'm not getting a low energy number that I will never make up the cost of over the life of the equipment. So that hybrid car? No go. I don't drive enough miles to justify the surcharge.

Electronic Frontier Foundation

DOJ Often Used Cell Tower Impersonating Devices Without Explicit Warrants 146

Posted by Unknown Lamer
from the bending-the-rules dept.
Via the EFF comes news that, during a case involving the use of a Stingray device, the DOJ revealed that it was standard practice to use the devices without explicitly requesting permission in warrants. "When Rigmaiden filed a motion to suppress the Stingray evidence as a warrantless search in violation of the Fourth Amendment, the government responded that this order was a search warrant that authorized the government to use the Stingray. Together with the ACLU of Northern California and the ACLU, we filed an amicus brief in support of Rigmaiden, noting that this 'order' wasn't a search warrant because it was directed towards Verizon, made no mention of an IMSI catcher or Stingray and didn't authorize the government — rather than Verizon — to do anything. Plus to the extent it captured loads of information from other people not suspected of criminal activity it was a 'general warrant,' the precise evil the Fourth Amendment was designed to prevent. ... The emails make clear that U.S. Attorneys in the Northern California were using Stingrays but not informing magistrates of what exactly they were doing. And once the judges got wind of what was actually going on, they were none too pleased:"

Comment: Re:T-mobile signed me up for a premium warranty (Score 1) 198

by alcourt (#43285587) Attached to: Another Way Carriers Screw Customers: Premium SMS 'Errors'

Oddly, every time I went to a T-mobile storefront, I had a courteous person who was willing to tell me the right thing for me, even if it resulted in a lost sale. I was looking at a cheap replacement device for a five year old emergency phone. They told me to not buy it from them, because it would cost too much. They're one of the only places I can get cell service without them using my SSN as an account number.

The online rep I dealt with a couple months ago made me nearly reconsider my options for carrier. I decided finally to chalk it up to one bad apple and went on.

Comment: Key is kinetic (Score 1) 482

by alcourt (#43239663) Attached to: Do Nations Have the Right To Kill Enemy Hackers?

The summary I read restricted a "kinetic response" to cases where "kinetic damage" occurred. For those who do not read that language, that means no dropping bombs unless physical damage is done.

So Iran might have been justified under this doctrine in attacking the creators of Stuxnet, but South Korea would not be justified under this doctrine in launching a few artillery shells/missiles at the initiator of whoever attacked them, because while wiping hard drives is really annoying, it does not rise to the level of "kinetic damage". Note, taking power offline may not even rise to the level of kinetic damage, even though there is serious issues caused. That gets into the fine interpretations though.

Most authorized retaliations are purely online/computer under the doctrine.

Comment: Re:Justice Department is just like an HR departmen (Score 1) 231

by alcourt (#43189759) Attached to: National Security Letters Ruled Unconstitutional, Banned

In my most recent job change, I was astonished at how helpful HR is. This was punctuated by a call from a HR manager to me about a month or so after I started asking if there were any problems they could help me with. The HR department has been helpful, doing their best to take work off me and help me get to my primary job duties.

Yes, some HR departments are at best unpleasant to work with and should be treated as a hostile entity. Some IT departments earn their nickname of "Preventer of Information Services". Some computer security departments earn less polite nicknames and make HR look like amateurs. Some senior managers make you scramble to memorize everything you can so you can document it as soon as you get home and call (because you wouldn't dare call from your personal phone or worse, use a work phone to call) a lawyer, or district attorney.

Hating HR may be popular here, but two of my jobs over the past many years have actually had very positive experiences with HR, right down to the last day and beyond.

Comment: Re:Wrong focus (Score 2) 297

by alcourt (#42913057) Attached to: Congress Takes Up Online Sales Tax

You forgot the other issue. Different products may be subject to different tax levels. For example, in one state, tea has sales tax. In another, tea has no sales tax. So you have to hold in your database not only all the varying rates, but the lists of what items are subject to what tax levels, and keep that database updated on probably a daily basis.

And yes, my tea vendor says Massachusetts has a tax on tea.

Comment: Re:"Product was not compromised"? (Score 3, Insightful) 65

by alcourt (#42839547) Attached to: Bit9 Hacked, Stolen Certs Used To Sign Malware

I had a long chat with one of their sales types a couple weeks ago. The sales person had to talk to backline engineering, but confirmed the next day that yes, the bypass I outlined in under two minutes to evade the tool completely would in fact work and their software was designed in precisely the way as to make support from OS and hardware vendors very difficult on Linux.

I tried to push them into the more useful area of logging what is done rather than trying to declare a known whitelist. Under their current scheme, a sysadmin couldn't write a custom shell script to their home dir and run it without going through twenty blessings first. Tweak that shell script? Won't run, even without privilege. I was not impressed.

Comment: Re:Confused. (Score 1) 270

by alcourt (#42770365) Attached to: Oracle Responds To Java Security Critics With Massive 50 Flaw Patch Update

You forgot that you are stopped at #3. Your change request is denied because your apps say the update will never work with their code and they need a minimum of twelve months to fix, and it isn't at the top of their priority list right now. Senior management has mandated these other features be put in, and these bugs in their java based web page code be squashed, so they can't make their code compatible with the update right now. Maybe next year?

Science is to computer science as hydrodynamics is to plumbing.