Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×

Comment: Re:neither bridge nor tunnel (Score 1) 226

by celtic_hackr (#49347039) Attached to: Russian Official Proposes Road That Could Connect London To NYC
Or do like the Chesapeake and make it a mix of Bridges and tunnels. That way when the Chinese, N. Koreans or Russians try an invasion we can seal a tunnel on the American side, and wait for the invasion force to fill up the tunnels and bridges before we blow the other end. But, if they built it, I'd do that road trip! Think of all the tourist spots, Tunguska, Wooly Mammoth fields, Gulag,...

Comment: Re:B is the new F? (Score 1) 315

by celtic_hackr (#49251963) Attached to: Clinton's Private Email System Gets a Security "F" Rating
It was over a decade ago. It was a busy box, running a DNS sever, SSH daemon, mail and web with Postgres and MySql. Python and a host of other stuff was installed. It wasn't static html. Like I said I never patched it, and there were security patches that had come out. I believe at least one was a buffer overflow issue. It was vulnerable by the time it got hacked. It happens. Linux isn't immune to attack, just harder. If you don't patch, it makes it less hard. I also didn't do any hardening. Don't recall which distro it was, possibly a RH distro before I switched over to debian for servers.

Comment: Re:The Clintons (Score 3, Informative) 315

by celtic_hackr (#49226287) Attached to: Clinton's Private Email System Gets a Security "F" Rating

Yet cited email as a tertiary reason for firing the African ambassador.

Installing a private Internet connection in your Dept. Of State office bathroom, in order to bypass the government link is a far cry from running a mail server out of your home.

There's a massive difference in setting up a server you own and are the only one to have 24/7 unfettered access vs using a free email provider.

That's for sure! We've all seen how secure Yahoo, AOL and Google email accounts are. That is not to say running a private email server is a walk in the park. Just because someone uses a free email provider doesn't mean they'll have a more secure server.

So you are aware there was a memo put out by Pres O. 24 August 2012 concerning use of private email for state business.

You do realize she'd set this server up in 2009 and left in Feb 2013? So she continued to use her own server her last five months, rather than do a disruptive move to the State server, when she already knew she was leaving in a few months. Your point?

Comment: Re:B is the new F? (Score 3, Informative) 315

by celtic_hackr (#49225875) Attached to: Clinton's Private Email System Gets a Security "F" Rating

The rating is an F because it supports SSL2. Yet, they didn't show a single example where it permitted an SSL2 handshake or connection. Every email server supports SSL2. The real question is does it actually permit SSL2 connections. Hell my server "supports" SSL2, but I have it connections disabled in the configuration. This security rating is just a load of political crap. Everyone picking on poor ol' Hillary for using a private server. It must be weak because it's not based at the State Department. Because we all know the best and brightest computer nerds work for the Fed?

Now given what I see there from this scan, she's using SHA-1 for signatures. Definitely not best practice. I'd rate that server as a C or a D. The server appears to be an IIS server. A hardened Linux server would have been the way to go. Just because it's not a guvmint server doesn't mean it is automatically weak. My server gets attacked all day long and hasn't been hacked. Sure, I'm not a big target either. I once conducted an experiment to see how long it would take for someone to hack my Linux system. So I put one out there, and didn't patch it, did a minimal security setup, like you might get from a Linux Servers for Dummies tutorial (there are plenty out there). It took 4 months for my relatvely unknown server. But that was years ago. I haven't been hacked since, and no that is not an invitation to try. I get DDOSed on a semi-regular basis. Not much I can do about that, other than what I am doing. I haven't got a 1000 servers to offload attacks to.

In the end, a well configured and maintained server stands as much of a chance of being secure as any server out there, save perhaps the DOD. Bigger is not necessarily better.

Comment: Re:how much it took (Score 1) 274

by celtic_hackr (#49199757) Attached to: Laser Takes Out Truck Engine From a Mile Away

There are two real questions to ask here:
1) is if the laser is in visible light or not. If you can't see the red dot source a mile off, you can't evade it.
2) what is the range of the weapon. The range matters mostly inside the atmostphere. This weapon mounted on a spacecraft (satellite, etc) would have almost unlimited range, since the density of space is so minimal. Inside the atmosphere is another issue.

Let x = number of seconds to disable a target.
Let x > 2.
Let y = range of laser in miles.
let y > 1
Ergo y/x is less than or equal to 1800mph

So the weapon would only be effective against something travelling less than 1800mph, given the internal tracking system of the weapon can keep the laser position in the same area. If the range of the weapon is say 5 miles then you could take out something going very fast indeed, and if the device couldn't see the beam, it wouldn't know it was under attack until it was too late. Ultraviolet lasers have higher powr ratings than visible light. The weapon is likely in the UV range. Hence any defensive protocol would require having a UV detector. You'd have to be able to detect the beam from any location. Since this laser is a fiber laser, and those are metal doped fibers, it is almost certainly a UV laser. Hence notihng to see with the naked eye even staring straight into it, for that brief time before you die.

Comment: Re:Just damn (Score 1) 411

by celtic_hackr (#49152123) Attached to: Leonard Nimoy Dies At 83
This is true today, but it wasn't always true. I grew up watching and seeing smoking commercials and movies that glamourized smoking. Tobacco companies spent loads of money advertising and figuring out how to make cigarettes more addictive (like adding arsenic and cyanide), and more legal and dirty tricks. Tobacco companies are not blameless in the addiction of smokers.

Comment: Re:Just damn (Score 1) 411

by celtic_hackr (#49152065) Attached to: Leonard Nimoy Dies At 83

Actually, the average life expectancy of a 65 year old is about 17.6 years (so 83.6 years old).

Rhe average life expectancy of a 70 year old is ~14 years (so 84 years old).

The average life ecpectancy of an 80 year old is ~8 years (or 88 years old).

The average life expectancy of an 83 year old is ~6.6 years (or 89.6 years old).

So smoking probably chopped six or more years off his life, and most people who live to retirement have a good chance of living to 83.

Actuarially speaking. Since we're geeks here and this is pure logical math, and Spock could appreciate this.

"Stupidity, like virtue, is its own reward" -- William E. Davidsen

Working...