Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×

Comment: Re:Is there any way to block the use of old cipher (Score 2) 51

by chill (#49175663) Attached to: FREAK Attack Threatens SSL Clients

Yes. http://www.openssl.org/docs/apps/ciphers.html

The question is does OpenSSL accept the weak ciphers as a downgrade bug even when EXPLICITLY DISALLOWD.

I haven't seen answered in any of the linked articles so am digging/testing.

After the last couple of bugs my organization set the explicit cipher/algorithm/has acceptable list. The export ciphers were excluded on purpose from our list.

SSL Labs https://www.ssllabs.com/ has a recommended list buried in their documentation somewhere.

Comment: Re:Typical government official, breaking the law (Score 1) 465

Nope. The devil is in the details as to the nature of the law being violated.

The difference between a civil offense and a criminal offense are usually defined by the nature of the offense and the punishment assessed. Civil offenses involve violations of administrative matters.

Read more: http://criminal-law.freeadvice...

Comment: Re:The Keystone Pipeline already exists (Score 4, Informative) 431

by chill (#49122571) Attached to: Obama Vetoes Keystone XL Pipeline Bill

Almost.

The Keystone-Cushing extension (Phase II), running away480-kilometre (300 mi) from Steele City to storage and distribution facilities (tank farm) at Cushing, Oklahoma, completed in February 2011.

The Gulf Coast Extension (Phase III), running 784-kilometre (487 mi) from Cushing to refineries at Port Arthur, Texas was completed in January 2014, and a lateral pipeline to refineries at Houston, Texas and a terminal will be completed in mid-2015.

It is only the Phase IV leg, running from between Hardisty, Alberta, and Steele City, Nebraska that wasn't approved. That part crosses the U.S.-Canadian border.

Obama signed off on the rest (symbolically, I believe, as I don't think it required Federal approval), back in 2011.

Comment: Re: They never hire for these jobs as far as I see (Score 1) 68

by chill (#49083081) Attached to: Government, Military and Private Sector Fighting Over Next-Gen Cyber-Warriors

No. InfoSec is exempt from that. Look for the phrase "direct hire authority".

The problem is for every opening I've had posted there were 250+ applicants. We only interview the Top 10 and dang near every one of those has advanced degrees and decades of experience.

Comment: Re:Pen name? (Score -1, Troll) 148

by chill (#49069871) Attached to: Wheel of Time TV Pilot Producers Sue Robert Jordan's Widow For Defamation

He's not dead, either. He just finally realized he had no fucking clue how to end the series and tell a coherent story and needed a way out.

His wife hatched the whole "I have an incurable disease and am going to die soon" plot to boost book sales. She then got Sanderson to finish the series for a song and kept the rights.

As best I can guess, she had her husband lobotomized -- seemingly sometime around book 5 -- and keeps him around as a pool boy.

Comment: Trace the Transfers? (Score 4, Interesting) 131

by chill (#49057387) Attached to: Bank Hackers Steal Millions Via Malware

So shouldnt' they be able to trace the transfers to the destination accounts? And continue doing so until the money is withdrawn?

Hell, even in places like Kazakhstan they don't have pallet loads of $100 bills waiting around for people to withdraw millions in cash. And you don't really walk into a bank ANYWHERE in the world and pull out millions in cash from a newly opened account without tons of ID, paperwork, being on cameras, access to large armored trucks, etc.

I'm familiar with the concept of mules and blinds, but for a scheme so sophisticated it sounds suspicious to use low level mules to pull out millions in cash. Multiple points of failure/discovery.

How the hell do they get the actual money OUT?

Put not your trust in money, but put your money in trust.

Working...