Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).


Comment: Re:If the data is being "wirelessly" transmitted.. (Score 1) 262

by TheCabal (#40964821) Attached to: Patient Just Wants To See Data From His Implanted Medical Device

I had a similar problem with my wife's insulin pump manufacturer. The unit is controlled by a wireless PDA. I read everything I could about the unit, but as a penetration tester, I was concerned that their security was not up to standard. I emailed and phoned the company, who flatly refused to disclose the details of their wireless technology or how it was secured. I even offered to sign a non-disclosure agreement. They just said "trust us, it's really complicated stuff". Fast forward a couple of years, and it appears that someone has indeed, broken their layer of obscurity. I've seen papers detailing how it may be possible to send commands to the pump to deliver the entire insulin reservoir. I again contacted the company, one of their managers answered "Who would want to do a thing like that?". I guess he never heard of 'For the Lulz'.

Comment: Re:WoW has been losing players for years (Score 1) 413

by TheCabal (#37122982) Attached to: <em>World of Warcraft</em> Finally Loses Subscribers

Back when I was playing, I put a lot of thought into suggesting what could be done to fix the problem with the cross-server 5man randoms. A reputation system came to mind, but the problem with this is that the system would get gamed by griefers. Even with perfect play, some people would rate down everyone in the party just for the lulz. In my situation, I was fortunate enough to have most of the asshats coming from a single server. But I realized that any system that relied on player input was going to be ripe for abuse. The extended dungeon cooldown timer for ragequitters didn't do anything to relieve any of the problems either.

Comment: Re:I hope they throw the book at him (Score 1) 339

by TheCabal (#37121320) Attached to: Fired Techie Created Virtual Chaos At Pharma Co.

None of this is a mitigating factor for his actions. Even if they were experimenting on baby pandas and he disagreed with that, is it this still a valid affirmative defense? No. Feelings for cute baby pandas aside, if they were legally experimenting on these baby pandas, his actions are not defensible. There is NO possible scenario where he can assert an affirmative defense for his actions.

Oh maybe this is actually the Umbrella corporation, and they were making ready to release the T-virus? Yeah, that's the ticket.

Comment: Re:I hope they throw the book at him (Score 1) 339

by TheCabal (#37121226) Attached to: Fired Techie Created Virtual Chaos At Pharma Co.

Try taking a Criminal Justice 101 class, or any pre-Law class before discussing this topic again, please.

The "what" is the crime. This is the most important part. Let's take a murder since you seem so fond of it.

I've murdered you. This is the crime.

The "why" or motive, is nowhere near as important, and is generally not even considered to be an element of the crime. Nobody argues motive in a burglary, just that the burglary happened. "Why" is usually only important in murder, since we've sliced homicide into types of offenses. Why did I murder you? You posted a silly comment on Slashdot. Is this more important than the fact that I murdered you? No, but it helps dictate what crime I may be guilty of. We can use motive as a mitigating factor. Self-defense springs to mind. I had to kill you before you posted again. I'd probably walk, especially if this was Florida.

So let's look at the crime with the facts we know: Our guy here, using an account and password that he was not authorized to use, accessed a network he was not authorized to access, and proceeded to delete 15 VMWare images.

Please tell me a legally cogent "why" that can be used as a defense for these actions?

Comment: Re:He is looking at 10 years in prison. (Score 1) 339

by TheCabal (#37120638) Attached to: Fired Techie Created Virtual Chaos At Pharma Co.

I've seen plenty of examples of MBAs who have behaved far beyond the pale, ethically. Just because it's a core requirement for a degree doesn't mean a person may actually learn anything from it. It's been my experience that MBAs behave the least ethically of all the people I've worked with.

Comment: Re:He is looking at 10 years in prison. (Score 1) 339

by TheCabal (#37120586) Attached to: Fired Techie Created Virtual Chaos At Pharma Co.

I've worked in places where local accounts were not allowed. This was enforced through an automated daily check of every workstation and server. The systems engineers didn't have the root passwords. Nobody knew what they were as they were randomly generated and NOT recorded. Everything was sudo as it was auditable in the logfiles, and we couldn't sudo su - or sudo /bin/bash, etc.. as a workaround. There were procedures if we had to actually BE root, usually involving booting into single user mode.

It's not as dire as you say it is, but sometimes it was terrible inconvenient.

Comment: Re:It feels old and already seen (Score 1) 413

by TheCabal (#37120200) Attached to: <em>World of Warcraft</em> Finally Loses Subscribers

The purchasable pets and mounts were a crass move.

I've played since vanilla, and for a while was a very hardcore raider, but eventually that wore thin. I stayed on because I had friends in the game and we enjoyed hanging out and running the occasional dungeon together, otherwise I would have left a long time before that.

I thought that the cross-realm dungeon finder would be a Good Thing, and I think for a while it was. Back when it first started, people were polite, said hello, etc... then after a while I've lost count of the number of 5-mans I've run through where not a single word was said, but rather a grim race to the end, collect your points and bail out. Then it got worse with the people bailing- "Oh, I don't want to run this dungeon" or the ragequits after a single wipe. Or the meter-sitters bitching that the DPS numbers are too low and trying to votekick people off. The relative anonymity and odds that you'll never see the same people again really brought out the inner asshole.. it got so bad that I eventually refused to group with anyone from a particular server in my realm because they had a reputation of being griefers that would wipe parties for the lols. The worst example was 2 hunters that joined as a group who would go and misdirect the healer, feign, wipe the party and call everyone n-ggers until they got kicked.

I recall being in a heroic Deadmines run, 3 guys were from the same guild on another server, myself and a random from another server. The party leader declared that he was going to boot the lowest DPS before the last boss so he could bring in a guildie for the kill and loot.

Raiding became a chore, and the social structure that comes from it became unbearable. Raiding no longer became a fun thing, but a way of gaining prestige and status on the server. This of course, required extreme dedication of time and effort, and having an "off day" would more than likely result in getting benched and replaced by the dozens of other raiding hopefuls looking for a slot.

The new raid bosses aren't very impressive. Even the Lich King fight was anticlimactic. The Vanilla and BC fights were much more intense. The fights now are pretty much "stand here, don't stand there" positioning fights. Lady Vashj was a pure bitch because of the fight mechanic with the cores, and it was an achievement to defeat her and make it to Hyjal before Blizzard removed the keying requirement to unlock that raid zone.

Comment: Re:My experience (Score 1) 81

by TheCabal (#36997978) Attached to: Probing Insulin Pumps For Vulnerabilities

Just a followup to this, I posted a summary of the article on Facebook, and my wife predictably reacted the same way the press did.

Me: "Guy gives a talk about the *possibility* of hacking a wireless insulin pump"

After answering questions of responsible disclosure and security through obfuscation, she asked why someone would want to do such a thing as try to kill a diabetic. She was unfamiliar with the term "for teh lulz"

Comment: Re:Had a pump for 8 years (Score 1) 81

by TheCabal (#36997860) Attached to: Probing Insulin Pumps For Vulnerabilities

I disagree. My wife is a brittle diabetic, and she's spent so much time in her childhood years at extreme highs and lows, she's become somewhat desensitized to low blood sugar until she's in the 50 range. There have been a few cases where she has felt a low coming on and collapsed before she could get to something to eat. Other times, she's acted drunk while hypoglycemic and refused to eat anything.

Of course, she's probably one of the exceptions for the "most diabetics" case, but it matters to me.

Vax Vobiscum