Forgot your password?
typodupeerror

Comment: Re:The Only One I've Seen.. (Score 1) 65

by bennett000 (#39343825) Attached to: Dell Announces Intent To Acquire SonicWALL

That has nothing to do with Sonicwall and everything to do with the people who set it up.

Actually it has everything to do with SonicWall.

The issue wasn't the device's ability to block ports (inbound, or outbound), but the device's ability to ensure that only the licensed number of nodes were allowed outbound access through the device.

SonicWall makes money selling licenses, SonicWall is the party responsible for ensuring their devices only support the number of clients their licensed for. Their device was following through with this policy, but it was only limiting devices' outbound port 80 connections. There is no user setting to change the license policy, that's SonicWall's business model

Comment: The Only One I've Seen.. (Score 3, Informative) 65

by bennett000 (#39343319) Attached to: Dell Announces Intent To Acquire SonicWALL
The only SonicWall device I've ever had to work with had a limit of 10 nodes that could "connect to the internet". The limit was really 10 nodes that could NAT to port 80. Every other port was open. I always figured that if sonic wall didn't care about protecting their licenses why would they care about protecting their networks?

Ars Technica: GoDaddy Faces boycott over SOPA support->

From feed by feedfeeder

Major Internet companies have formed a united front in their opposition to the Protect IP Act and the Stop Online Piracy Act. Well, almost. One exception has been the domain registrar GoDaddy. In a op-ed published in Politico shortly after SOPA was introduced in the House, GoDaddy applauded the bill and called opponents "myopic."

Now furious Internet users at reddit (which, like Ars, is owned by Condé Nast) have organized a boycott of the registrar.

"I just finished writing GoDaddy a letter stating why I'm moving my small businesses 51 domains away from them, as well as my personal domains," wrote redditor selfprodigy on Thursday morning. He proposed that December 29 be declared "move your domain day," with GoDaddy customers switching to competing registrars. The post has accumulated more than 1,500 comments, most of them supporting the idea.

We contacted GoDaddy for comment. A spokesman declined to comment on the boycott specifically, but reiterated the firm's support for the legislation. She sent us a link to the company's written testimony to the House Judiciary Committee last month.

"This debate is about preserving, protecting, and creating American jobs, and protecting American consumers from the dangers that they face on-line," the statement reads. "US businesses are getting robbed and US consumers are getting duped."

The company dismissed free speech concerns. "Not only is there no First Amendment concern, but the notion that we should turn a blind eye to criminal conduct because other countries may take oppressive steps in response is an affront to the very fabric of this nation."

GoDaddy appears to be doubling down on this position. Today, it reposted its Politico op-ed to the GoDaddy support forums. Comments were disabled.

The House Judiciary Committee has released a list of 142 companies that support SOPA. GoDaddy appears to be the only domain registrar, or Internet company for that matter, on the list. Indeed, even traditionally strong copyright supporters like the Business Software Alliance have been having second thoughts about the legislation.

Read the comments on this post



Link to Original Source

Comment: Re:Keep Critical Infrastructure Offline (Score 2) 50

by bennett000 (#37802316) Attached to: Nasdaq Intrusion Spreads To Listed Companies

While it would be nice to do so, it will hardly be possible. Instead it is high time to send those making bad IT security decisions to prison for it. While this will also hit a few engineers, most will be managers going cheap, ignoring warnings and generally being incompetent.

I don't see this being hardly possible at all, thirty years ago we got along fine without having our critical infrastructure's information systems not plugged into a global network. I'm speaking more of nuclear reactors, hydroelectric dams, shipping locks, railway switches etc.

On the subject of stock exchanges, I seriously doubt much good has come from plugging stock exchanges into the global information network. Even as recently as fifteen years ago people were physically trading stocks on the floor of some of the world's major exchanges. Nowadays computers perform thousands upon thousands of trades in a fraction of the time their former human counter parts could. Is this really a good thing though? There's an absurd arms race going on between investment firms to install increasingly faster computers as close to exchanges as possible to get the 'jump' on trades. There's even a new trans-Atlantic trunk line going in, that shaves off a few milliseconds of latency, all in the name of automatically trading stocks, and 'making' millions of dollars. What purpose are these systems really serving though? Why is it a good idea to put such an insane amount of speculation into our financial markets? The day to day price of stock had little enough relationship to the actual value of a company prior to computers dominating the trading scene, now this representation is becoming more diluted.

As for sending people to prison for making bad IT security decisions, it's a lovely idea, but how do you determine who's to blame? The second something goes wrong, everyone starts pointing the finger at everyone else. Is the CFO to blame for not budgeting enough IT dollars? Is the head of IT to blame because she was following orders without questioning them? Should all the employees just be locked up to be safe? What about the programmer who didn't terminate a string properly, who works for an entirely different company that sold the software to the firm that was breached??

Then there's the people problem. Even if we could somehow make the billions of lines of code that drive computers perfect, we'd still have people opening up alleged 'job interviews', which are really just malicious excel files, or what have you. In this case at least there's a forensic trail and a 'smoking' gun to link the ignoramuses to their negligence.

I think there are a lot of cases where it would be a lot cheaper to hire security cleared specialists to manually handle the transfer of data between secure isolated networks, and the global internet. Sure it would seem more expensive, but these breaches can cost hundreds of millions of dollars. Specialists can be bought for less than a hundred thousand a year each, and they can be held directly accountable.

Comment: Keep Critical Infrastructure Offline (Score 1) 50

by bennett000 (#37799686) Attached to: Nasdaq Intrusion Spreads To Listed Companies
Simply analyzing the probabilities involved in computer intrusion should be enough to convince anyone that can understand high-school mathematics that we NEED to unplug critical infrastructure from global networks. Unfortunately the powers that be seem woefully ignorant of how technology works. The anti-piracy campaigns that involve breaking DNS highlight this ignorance.

Comment: Re:Threat to Computing (Score 1) 171

by bennett000 (#37417790) Attached to: Microsoft Previews Compiler-as-a-Service Software

There is something about this concept that I find very threatening. Service Orientated Architecture is no doubt a good thing and Software as a Service can save costs. However with something as simple as a compiler being outsourced to the platform vendor, this returns control over software creation that can be produced squarely with the vendor.

Imagine a vendor that could suppress the compilation of software that it deems unfavourable. A company would never refuse to provide a compiling contract to a business that makes products that compete with the vendor, would they? They would not create a terms of service that deems what software is appropriate to be compiled?

Have you ever heard of Apple's App Store? It's this crazy store which is the only place you can get applications for your phone or tablet, and Apple controls every piece of software published on it. Apple also imposes arbitrary bans on applications whenever Apple sees fit. Apple is also trying to push this model to their laptops and personal computers. Furthermore if you want to make your own applications run on your iDevice you have to pay apple $100, or violate the TOS to unlock your phone. That's right, imagine that, you outright own a device, but you don't have the right to administer it.

+ - Anonymous kills websites, cartels kill bloggers.->

Submitted by Anonymous Coward
An anonymous reader writes "While drug cartels in Mexico are disemboweling people they accuse of blogging about drug violence , Anonymous busies its self taking down Mexican government websites. With all the problems facing people in Mexico right now, including drug cartels extorting teachers for 50% of their pay and killing schoolchildren (thus shutting down the school system) Mexico's biggest oil field in terminal decline and drug cartels kidnapping bus loads of people and forcing them into gladiator-style contests to the death Anonymous' actions appear particularly petty. In light of all the problems Mexico is facing, Anonymous' attacks seem about as appropriate as kicking the crutches from under under Tiny Tim."
Link to Original Source
User Journal

Journal: *NIX crash course

Journal by bennett000

This is a crash course in *NIX CLI usage I just gave a friend.

*NIX Command Line in a nutshell, including stuff you already know, that I'm including for future copy/paste purposes. I'll try and keep it concise:

Graphics

+ - Khronos releases OpenGL 4.2 specification->

Submitted by
jrepin
jrepin writes "New functionality in the OpenGL 4.2 specification of high-performance graphics standard includes: Enabling shaders with atomic counters and load/store/atomic read-modify-write operations to a single level of a texture. These capabilities can be combined, for example, to maintain a counter at each pixel in a buffer object for single-rendering-pass order-independent transparency. Capturing GPU-tessellated geometry and drawing multiple instances of the result of a transform feedback to enable complex objects to be efficiently repositioned and replicated. Modifying an arbitrary subset of a compressed texture, without having to re-download the whole texture to the GPU for significant performance improvements. Packing multiple 8 and 16 bit values into a single 32-bit value for efficient shader processing with significantly reduced memory storage and bandwidth, especially useful when transferring data between shader stages."
Link to Original Source
User Journal

Journal: Apple Philanthropy Rebuttal

Journal by bennett000

Over the past week-end, the Canadian press published a story about Apple having more money than the US treasury. The link showed up in my social networking stream. I just had to say something about Apple not having a philanthropy program, despite the cash. I was quickly rebutted, by another user who claimed apple had 'countless' programs to help underprivileged orphans. Some companies do keep their charitable sides on the dow

Crime

+ - Lulz Front Man Goes To Court->

Submitted by bennett000
bennett000 (2028460) writes "The summer of Lulz has been slowly winding its way down, seemingly beginning with the Ryan Cleary arrest followed by various sweeps. Alleged front man Topiary had his day in court today, and it seems like his hard drive, containing sixteen virtual machines, and seven hundred thousand web credentials is in the hands of the authorities. One security expert has gone so far as to say it could put a damper on all but the most dedicated hackers"
Link to Original Source
Crime

Journal: Online crime, and online "crime"

Journal by bennett000

After two months of what can only be described as aggressive e-vandalism, serious arrests are finally being made by various authorities. Opinions on the subject are intense and polarized, this journal entry is not concerned with that debate; the concern is the definitively calculable online crime that is also going on, and how it is being pursued/reported by the authorities/press.

Microsoft

+ - Tried to Make Me Go to ZuneLand, I Said No, No, No

Submitted by theodp
theodp (442580) writes "All the cool music service kids — Apple, Spotify, and Amazon — were dancing on Amy Winehouse's grave after the singer's untimely death at age 27. So, why did the web rip Microsoft a new one for following suit and suggesting its Twitter followers remember Winehouse by downloading her 'Back to Black' album on the company's Zune music service? BTW, for you students of numerology, Winehouse is the sixth member of the so-called 'Forever 27 Club', where she joins Brian Jones, Jimi Hendrix, Janis Joplin, Jim Morrison, and Kurt Cobain in Rock and Roll Heaven."

Living on Earth may be expensive, but it includes an annual free trip around the Sun.

Working...