Forgot your password?
typodupeerror

Comment: Probably a bad choice (Score 1) 722

by david_craig (#36507046) Attached to: I Name My Servers After:

I used to name boxes after ex-girlfriends, and it was a good way of matching the machine to a personality that I would remember. It was a great naming convention until I bought a labeller and tagged all my hardware with the appropriate hostnames. I think my wife's main objection was that the name on her PC was a little too familiar. I now use Dr. Who villains.

Australia

Finding Fault With Qantas' RFID Baggage Tracking System 106

Posted by timothy
from the like-denver-but-warmer dept.
lukehopewell1 writes "Australian airline giant Qantas has implemented new baggage tags powered by RFID technology. The RFID tag is encoded with the information on a passenger's boarding pass when placed in a bag drop area, and is summarily sent to its destination. But is it any good? ZDNet Australia tested the new systems and found that the system sadly had no intention of sending our cargo."

Comment: Re:PCI/PA-DSS (Score 1) 386

by david_craig (#36112970) Attached to: Ask Slashdot: How Should Sony Compensate PSN Users?

I don't see anything from Sony's statements that show they were in breach of PCI-DSS. They stated that they were using encryption on the database where credit card information was stored (as required by PCI-DSS). PCI-DSS is hardly an onerous standard to comply to. You can be 100% compliant with PCI-DSS and still be vulnerable to trivial exploits.

Comment: Is disclosure not enough? (Score 1) 386

by david_craig (#36112866) Attached to: Ask Slashdot: How Should Sony Compensate PSN Users?

Very few companies disclose the fact that they have been hacked.

I did some contracting work for a multinational charity a while back, and they knew that a rootkit had been installed on all of their web servers (which accepted credit card donations). They didn't bother to fix it until a second hacker broke the webserver (preventing apache from restarting due to a second rootkit that kept port 443 open). When the website went down the servers were rebuilt, and a press release went out blaming the outage on flooding in different part of the country from where the kit actually resides. The charity decided that they would not bother securing the webservers as they considered it cheaper to just rebuild them every three years (which is how long they had been running in an unpatched state for - I don't know how long they had been compromised, but it was at least four months).

I'm sure that sort of think is common, and public disclosures are rare so I'm glad that Sony public announced their breach. They could have blamed the outage on earthquakes in Japan, they could have said the shut-down of PSN was to "Ensure the security of customers during the unlawful attacks being committed, thus far unsuccessfully, by an extremist fringe group".

Public disclosure by Sony (which was reported on mainstream news where I live) allowed me to report by credit card stolen. The only other information that Sony held was my address (which can easily be obtained legally) and a fake date of birth that I supplied.

I don't see any reason why I should be compensated for a free service not being available. I don't demand some free stuff whenever twitter is over capacity and I can't access it.

If you are concerned about fraud report your credit card stolen, take advantage of the free fraud monitoring services if you wish, and move on.

It highly likely that your details have already stolen from another company you've bought goods or services from and they haven't told you about it.

Comment: Re:No sympathy for Sony (Score 1) 380

by david_craig (#34748234) Attached to: PS3 Root Key Found

When I bought it, it had backwards comparability for almost all PS2 games...not now

I'm assuming that you don't actually own a PS3. I bought one of the early PS3 models that had PS2 backwards compatibility, and I can still play PS2 games with the latest firmware. PS2 backwards compatibility was removed from the hardware of newer models.

Comment: Answering OP's questions (Score 1) 483

by david_craig (#33322282) Attached to: Building a Traffic Radar System To Catch Reckless Drivers?

I'm disappointed that there have been so many comments suggesting anything but help on speed camera (possibly because they are unpopular devices). Speed cameras do have the potential to reduce speeds around accident black spots, assisting in the number of injuries and fatalities. Speed cameras can also be considerably cheaper to implement than traffic lights and provide a revenue stream to fund maintenance.

In terms of preventing disputes of pictures taken by cameras I would suggest that you look at techniques used in the UK. There they take two photographs of any speeding vehicle at precisely timed intervals. There are marking on the road to show distance so the two images can be used to prove that the vehicle covered the distance stated on the ticket.

Another item I would recommend is that all digital evidence is signed with a digital signature to show it has not been tampered with. In Australia md5 hashes were used to show an image had not been tampered with, and that allowed someone challenge the ticket successfully in court as the defendant was able to demonstrate that someone could have easily replaced both the image and hash (as anyone can create an md5 hash, but a digital signature requires the private key).

Tamper proofing is also very important (expect attacks on cameras with many items). I strongly recommend mounting cameras on high poles (at least 2.5m, basically beyond the swing of a baseball bat) to reduce vandalism.

Mobotix make some excellent cameras, and while they are not designed to function as speed cameras they are programmable and offer and excellent api. Additionally, they function extremely well in bad weather conditions due to having no moving parts. They also make vandal resistant cameras and I have personally hit one of their cameras repeatedly with a sledgehammer and it continued to function throughout. I've also used them without issues in the top end of Australia where the temperature can exceed 45C and there is often high humidity.

Comment: I'm sure it's deliberate (Score 0, Flamebait) 436

by david_craig (#31308328) Attached to: Schooling Microsoft On Random Browser Selection

"But I do not believe there is some nefarious intent to this bug"

The article states that IE is more likely than any other browser to appear at the bottom of the list. To me, this is one of two optimal positions (top or bottom being easiest to pick out).

Microsoft is so well known for dirty tricks I'm sure that this is not an accident

Comment: Re:malware... (Score 2, Insightful) 583

by david_craig (#30301734) Attached to: Black Screen of Death Not Microsoft's Fault

It's really easy in the UK to get someone to publicly say sorry due to the lible laws. If you are sued for lible you have to prove that your statements are true. It's much cheaper to just apologise than go to court even if the truth is on your side.

I would not be the lease surprised if the apology was the result of a legal threat.

Google McLibel for an interesting case where someone refused to apologise for statements that a reasonable person would consider true.

Comment: Re:Paging Bernie Madoff Clients... (Score 0) 666

by david_craig (#30294244) Attached to: Somali Pirates Open Up a "Stock Exchange"

In most countries a ship with an armed crew is considered a pirate ship. You cannot dock at most ports around the world even if you are carrying only small arms.

So yes, you are missing something.

Also, in almost all cases of piracy around Somalia the crew and cargo have been released unharmed once the ransom has been paid. If you start arming crews you will have firefights, people will get injured. People will die. I consider that a bad thing, and I hope you do to.

A heightened U.N. naval presence around the area is making a bit of a difference. Support from the US would help (and considering the U.S. killed what was the government of Somalia and severely fucked up the country a few years back I they should contribute something other than telling people to arm their crews (which has been the advice from the U.S. administration under Nobel peace prize Obama)).

Comment: mod prarent up please (Score 1) 550

by david_craig (#30016716) Attached to: Visually Impaired Gamer Sues Sony

I have to say that the above point (visually impaired != blind) is highly relevant to the discussion.

Where I'm from someone can be registered blind yet still have some form of eye-sight. My grandfather visually impaired to the point of being considered legally blind, but still drove a car. While this was reckless and irresponsible, he could still do it. He got the best parking spaces too as he had a handicapped sticker for his car due to being visually impaired.

Many of the comments in this topic assume that visually impaired means completely blind, which is just plain wrong.

So if you have some moderator points, could you please be so kind as to mod up the parent. Thank you.

Comment: What about old hardware? (Score 1) 697

by david_craig (#29867449) Attached to: Low-Power Home Linux Server?
I was given a Sparcstation 5 a few years ago that I have running faithfully as a home server and it draws less than 70 watts. It runs DNS, squid, OpenVPN and a few other things quite well (its running OpenBSD, but you could just as easily put Linux on there). You could pick up a similarly aged system that would have a low power requirement from ebay for well under $300. It's also better for the environment to re-use something that someone else would have otherwise thrown away than to buy something new.

E Pluribus Unix

Working...