Become a fan of Slashdot on Facebook


Forgot your password?

Comment Re:Windows 10 has Secret Screen Recording Tool (Score 1) 203 203

I don't understand why people think this sort of thing doesn't happen. It has been *publicly disclosed* that this level of spying takes place. The NSA was caught red-handed putting spyware in the firmware of routers being sent overseas...why in the world wouldn't they partner with Microsoft to inject spying software into Windows?

It would be naïve to think that NSA do not try something like this. But what would Microsoft gain? They would risk their entire revenue, for what? Favors of the NSA? Microsoft - and any other vendor with business in US - will have to comply with lawful orders. Unfortunately, FISA decisions are not public. But Red Hat or any other vendors would have to comply with the same FISA orders.

Comment Re:Not Exactly.... (Score 2) 487 487

That isn't the issue. The issue is YOU being able to share MY WiFi key because I was dumb enough to let a Windows 10 user on my WiFi network. This is akin to me giving you the keys to my house so you can housesit, and you getting a hundred copies cut and distributing them to a bunch of people you know.

So wrong.

If you *tell* someone your WiFi password *then* there's nothing stopping them from sharing it with whomever they want. So do not do that. Not if he brings OS X or Linux or Windows.

If you want to allow some friend onto your network but not allow him to share your network with others, then *you* tap in the password at his computer when it connects. On OS X or Linux or Windows. That what you would do today, and that's what you would do when your friends brings a Windows 10. On Windows 10 simply DO NOT CHECK the "share" checkbox. It is off by default. Your network will not be shared.

Nothing has changed. Neither your network nor your password will be shared with anyone. Your friend cannot go into settings and share the network after the fact - it has to be done when connecting.

But if *you* connect to some network which you would like to share with your friends, you can check the "share" checkbox. When you do that, your password will be stored encrypted in Microsofts servers. When one of your friends (if you share with - say - Facebook friends) is in range of that network, his Windows 10 computer can engage the network. The network will issue a challenge with must be hashed using the password as salt, and the hash returned. Modern password auth works like that to avoid sending passwords in cleartext. This means that the *actual* password hash is a one-time hash computed from the challenge.

The computation of the hash is performed on Microsofts servers, and your actual password is NEVER available on your friends computer - not even in encrypted form - only the challenge response hash. Your friends computer must obtain the response to the challenge from Microsofts servers - and when doing so it must prove that it belongs to a friend of yours.

Furthermore, Windows 10 which connects to a network in this way will *not* allow access to other devices on the network except for the internet gateway. I.e. it can only be used for Internet access - nor for local file or media sharing.

Comment Re:Not for me (Score 1) 517 517

Even with disk cleanup removing redundancies in the winSXS folder, it can still swell to be over 12gb in size.

There are no redundancies in the WinSxS folder. That's actually the point of WinSxS: It is a "repository" of sorts where all OS files are stored and the actual files are merely hard links to the file in WinSxS. That way, even if a file is placed in multiple places, it is still only a single file.

To be able to *uninstall* updates, WinSxS does hold on to the "old" files. That way, if you roll an update back or uninstall a component, Windows will simply change the hard link or delete the linking file. If you do not want to be able to roll back to a previous state, you can always clean up by discarding the "old" service pack files by issuing the command "dism /online /cleanup-image /spsuperseded"

Comment Re:Still needs another vulnerability (Score 4, Insightful) 82 82

So to summarize: as a user, you can sometimes write to EFI memory.

That's currently all there is to it. There's no rootkit, there's no malware, etc. Just this space where you can hide and survive an OS wipe and reinstall.

Yes - it is a vulnerability for which there is no exploit published (yet).

This vulnerability is serious, as it allows an attacker to permanently infect the Mac *firmware* and gain control each time the Mac is booted - even if you nuke and reinstall OS X.

You may try to dismiss this as "still needs another vulnerability". Another vulnerability or even a social engineering attack, evil maid attack will all suffice. This one can be used to take permanent, undetected residence on successfully exploited macs.

That's bad in my book

Comment Re:Great Recession part II? (Score 2) 743 743

I am nervous as this feels like early 2008 all over again.

Don't be. In 2008 there was a real risk that banks would fall like dominoes. When talk started about a possible Greek default in the first round, the same concern was there: That a lot of European banks had so deep loans to Greece that a Greek default would cause the banks to start toppling and cause a widespread crisis in Europe.

This time, the other European states (notably Germany), ECB and IMF have largely taken over the "bad debt" from the banks. Which means that Central banks, ECB and IMF will have to write off some loans if Greece defaults, but banks and the financial system is largely insulated.

Last time, Greece used the threat of throwing Europe into a deep financial crisis as negotiation leverage. This time, that threat has been neutralized and that is why you see other European leaders standing more firm on Greece owning up to their situation.

Talk about WWII reparations is NOT owning up to the problems that created this crisis in the first place. Greece were about to be exposed as insolvent before entering the Euro. But getting into the Euro meant cheaper loans and could postpone the point where they ran out of money. So Greece at the time lied and cheated their way into the Euro: They "mistakenly" left out the state obligations for pensions as obligations (should have counted as long-term debt). They got in and got access to cheaper loans. But they did not mend the broken system, and here we are.

Greece must own up.

Comment Re:There is something to it, people are missing (Score 5, Insightful) 743 743

And that was new loans AT INSANE RATES.
Last time I've checked check dept per citizen numbers, Greek was roughly on the level of Germany.
But interest rates they are paying (and that mostly to German banks), oh my goodness:

Interest rates reflect the lenders perceived risk of not being able to retrieve the loan on time or at all.German citizens are vastly more productive than Greek citizens.

If I were to lend 10.000 euros to someone, I'd have a better chance of having that loan paid in full from a German citizen living and working in Germany than from a Greek citizen living and working in Greece. That does not mean that I would not lend to Greece, but it means that I would take a higher interest rate to compensate for the risk.

It is not a diabolic German plan to put Greece down. It's just economics.

Comment Re:Looks interesting but I am wary... (Score 2) 265 265

So this is just a sys-admin tool. Not a general purpose scripting language.

It is a general purpose scripting language.

An object-oriented general purpose scripting language with a number of features that makes system administration easier.

One example is DSC. It is a scripting language that can use the DSC *platform* to make sure that target systems are all configured the same way, albeit each with different parameters.

Another example is workflows. Wake me up when bash or python can start a script that can survive system restarts and pick up and continue from where it was when the system restarted, complete with state, variables etc.

Comment Re:Looks interesting but I am wary... (Score 1, Insightful) 265 265

But if I am going to learn something new, what advantages this powershell has that python does not? Cygwin + bash is cross platform enough for me to switch between ssh windows in linux boxes and my windows desktop.

Desired State Configuration (DSC) that FTFA was about, is definitely one such thing that PowerShell has that python has not. DSC is a *declarative* description of the configuration you want for a target system. You should think more in line of Chef or Puppet than Python. PowerShell DSC for Linux actually *uses* Python.

The idea is that you use PowerShell to define a data structure (much like a Ruby hash) that describes the configuration of the node. DSC will itself resolve dependencies. If you require a feature DSC will ensure that the feature is installed - much like a package manager - but it actually interacts with the package manager. What package managers do not do is to configure the products once they are installed. This could be connection strings, IP addresses, user accounts.

PowerShell DSC for Linux has "resources" for file system, user accounts, text file content, package managers (Yum, Apt, Zypper), scripts, daemons, ssh keys and more. You use those resources to describe how you want a system to look - like a Chef recipe. The resource description can be parameterized (it is just a PowerShell function and can take parameters like PS functions) so that the same resource description can be used for multiple targets with slightly different values.

Once applied, DSC will ensure that the target is set up so that it matches the target. From there on it can also report on drift (e.g. more users created, files deleted/changed etc) and can warn about it and automatically bring the node back to the desired state (undoing the drift).

Comment Re:PowerShell is yucky yucky yucky! (Score 1) 265 265

Wordy is the key issue, look at your average unix app generally all the flags can use a short - or a long -- for the same function.

How about if the unix app allowed only the long form option names - but allowed them to be abbreviated as long as the abbreviation was unambigous? (That's what powershell does)

PS forget that 30+ years of unix shell to near perfection and rolled their own verbose and obtuse creation

That why we still code in assembler and don't use those modern touch screens. Oh wait... (lalalalalalalal! -- fingers in ears, eyes firmly closed)

Comment Re:I'll bite (Score 1) 265 265

They will not get bash to work well under windows. The problem is the brain-dead and overcomplicated NTFS permission system. There is no way to get that handled without just as over-complicated and brain-dead "special" tools.

Yes, there is no concept of SUID/setuid on Windows. So there's no sudo "happy go lucky".

Earth is a beta site.