Become a fan of Slashdot on Facebook


Forgot your password?
Last Chance - Get 15% off sitewide on Slashdot Deals with coupon code "BLACKFRIDAY" (some exclusions apply)". ×

Comment Tee Shirt (Score 1) 363

I want a tee shirt that says "Star Wars", written in the Babylon 5 font, at the top of the graphic, and "To boldly go...", written in the Blade Runner font, at the bottom. The main graphic should be Serenity, with Tricia Helfer as 6 standing behind it. I will wear it to Comic Con. Gonna troll somebody, troll 'em all.

Comment A single life (Score 1) 492

I did tech support for AMD back in the 90's, and stumbled upon this idea back then. A friend had an old camper-van that I could buy cheap; AMD was a 24-hour campus with cafeteria, gym and other amenities. A cell phone and PO Box was all that was needed to complete the picture.

If I wasn't married, I might have tried it. Things were not nearly as expensive back then as they are now, but AMD paid their tech support folks crap; I would have been hard pressed to afford a one-bedroom apartment in the area on my salary. If you're willing to live simply, it's definitely a viable option.

Comment Jurisdiction (Score 1) 189

FBI must have been watching too much CSI of late. Black Rock Desert is about 500 miles outside LVPD's jurisdiction (and 140 miles outside Reno, for you Reno 911 fans). Plus, it's Federal land, overseen by the BLM. The FBI would actually have more jurisdiction there than LVPD ever would.

Comment As always, "It Depends" (Score 2) 213

Some certs have value in the training and experience requirements that come with them.

Some certs add prestige to a resume or company masthead.

Some certs equal a bump in pay.

Some certs do other things that may benefit either the person getting the cert or the company that employs them.

And some certs do none of these, are a complete waste of time, and only add value to the instructor's, governing body's and test facility's bank accounts.

And when it comes down to it, the only person that can make that determination is the person looking at the cert.
All blanket statements are wrong.

Comment Re:Incognito mode (Score 2) 308

IANAL, but I would think if you consistently use incognito mode, you could make the case that it's just how you work and was not an action taken in response to any sort of criminal activity or investigation. I'm not aware of any law that requires people to maintain evidence as part of their daily lives....

Comment Easy as 3.14159 (Score 1) 205

First off, start playing. Grab a free VM tool like VirtualBox, load up some raw Linux and Windows VMs in it, launch Kali, and start poking around. Break things, but in a manageable, recoverable, legal way. Never, ever, ever poke at something where you don't have written permission from the owner. If you want something a little less random, Lamp Security had some guided CTF exercises out there a few years ago that took you through the pen test process.

Look into formal training. In my experience, SANS has some decent hands-on classes, and you get a fancy certification to go with it. A better option would be to look into Black Hat Training class, and stay for the briefings and Defcon.

Talk to people in the profession. There are a lot of security folks on Twitter - Jack Daniel, Jeff Moss, Dan Kaminsky, Johnny Long, HD Moore and Deviant Ollam to name a few. Follow them, ask questions, join in conversations. Meet up with them at conferences. Security professionals love to tell war stories, and we love to educate people who are interested and want to learn.

Speaking of certifications, don't make the mistake of making them a goal. For what you're looking at, the so-called "big name" certifications (like CISSP) are pretty meaningless. CEH (Certified Ethical Hacker) would probably be worthwhile to have, since it would relate directly to the work you're doing. But realize that certs are mainly viewed as window dressing - great for the business card and marketing department, but all they prove is that you're good at taking tests. Make sure you're getting the knowledge that goes with the cert, and can demonstrate it in the field. The skills and abilities are far more important than the letters in your signature block.

Comment Laplink or null modem (Score 1) 466

I think the biggest issue you'll run into is finding something that will work for the DOS/Win 3.11 device.

See if you can rustle up a copy of Laplink with the LPT cables. It was designed for moving files in just this scenario; using the LPT cable was always a lot faster than serial, which topped out at 115kbps. Yes, that's kilobits per second, you young whippersnappers.

If you can't find laplink, find (or build) yourself a null modem cable. Hook it between the two systems' COM ports, and fire up a basic transfer program that supports batch transfers (look for ZMODEM support).

Comment Perfect world (Score 2) 182

In a perfect world, your employer would jump at the chance to send you, give you full per diem and a room in the conference hotel, rental car, and an allowance for books and materials on sale at the conference.

But as Huey Lewis said, "Ain't no living in a perfect world."

I was fortunate to go to Black Hat and Defcon in Las Vegas for 11 years while I was at my previous (private sector) employer. They paid for all but the first time. For that one, I took leave, paid my own way, and then came back and demonstrated to them the value and knowledge I picked up (mainly by starting just about every sentence with "Well, in a talk at Black Hat..." I got laid off when the company was downsizing, ended up in a public sector agency, which sounds very similar to your situation (great people, interesting work, surprising lack of sticks inserted up people's butts). Same situation - I had to go on my own first, the next year they willingly paid for me to go.

Your employer is at least offering to pay for the training piece, which says that they see some value in this. And I know how hard it is to do things like this on a public sector salary (which is still about 40-50% of an equivalent private sector one). My advice: look for the bargains. Stay at a cheap casino (you can get into places like Excalibur for $40-50/night, sometimes lower) instead of the conference hotel. Walk and use the monorail to get around ($10/day). Eat fast food, or fill up on conference munchies - don't eat in the conference hotel or celebrity chef restaurants, but find the coffee shops and cheap buffets. And most of all, talk to your employer. Tell them you're willing to go on your own dime this time, but when you get back, you'll want to make the case for someone from your group going every year, fully paid.

Building translators is good clean fun. -- T. Cheatham