Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×

Comment: Re:It's all crap. (Score 3, Funny) 107

by jeffmeden (#49190195) Attached to: A Critical Look At CSI: Cyber

I remember that episode. It was CSI:Miami.

But seriously, if *that's* the thing that put you off then I don't even know how you made it that far. Mostly because CSI Miami departed the land of the firmly ground in reality and wound up tethered somewhere in high orbit far before that episode.

That said it was certainly my favourite of the CSI series. Possibly because of that. None of the shows were remotely realistic in a wide variety of ways (oh god the pixels please no don't zoom any more!!!11), but since CSI Miami more or less gave up any pretense that it was meant to be and instead was 45 minutes of Horatio being awesome, saving women and children and shooting very heavily armed but remarkably inaccurare bad guys it was actually far more entertaining.

Yeaaaaaaaaaaaaaaaaaaaaaaaaaaaaaah B-)

You could say that this new spinoff

[sunglasses]

Is CSI: DOA

[yeaaaaaaaaaaaaaaaaaaaaaaah]

Comment: Re:Researchers create a 3d printed bandwagon! (Score 4, Funny) 59

by jeffmeden (#49188071) Attached to: Inside the Weird World of 3D Printed Body Parts

progress towards CNC-milling a pancreas.

That's interesting. Where I work we're making progress on human transplants of a web-scale ficas using nothing but red staplers crowd funded via a new meta-material crypto currency based on a Bitcoin NoSQL kernel which solves the pressing problem of laser mounted sharks doxing bio-hackers via Twitter's NSA paper trail.

Ohh, so close. You were "SSL exploit" away from Bingo.

Comment: Re:Same guy? (Score 1) 121

by jeffmeden (#49182773) Attached to: The Mexican Drug Cartels' Involuntary IT Guy

Whatever Hillary did/does is SOP throughout the entire system, which really is a series of cartels. If you want to flog the dead horse, knock yourself out. It will make no difference at election time.

What was the name of that movie where the doctor is kidnapped to deal with gunshot wounds?

Doc Hollywood, right?

Comment: Re:Nah (Score 2) 121

by jeffmeden (#49182739) Attached to: The Mexican Drug Cartels' Involuntary IT Guy

Thinking that's the most likely outcome from my POV as well.

After all, if you're pressed into service as a "hacker", it wouldn't take much to discreetly slip information to the authorities, considering that most cartel types don't strike me as being technically uber-literate. Sure it would be a massive risk, but totally doable depending on the environment.

There are enough other hackers under duress willing to snitch on you for trying to send a mayday, plus they are probably operating under the stance of "do what we say and we will kill you, don't do what we say and we will kill your family". On top of that your mayday is likely to end up in the hands of police or military on the narcos payroll.

Part of the Radio Narco objective is to monitor communications of crime fighting orgs. If you did get a mayday sent to the right people, you and the rest of the captives are as good as dead as soon as they start planning the rescue team, and if they do find out it was you who sent the mayday your family is probably going to disappear too. It's a supremely shitty situation all around.

Comment: Re:Bad idea (Score -1, Troll) 646

by jeffmeden (#49174557) Attached to: Snowden Reportedly In Talks To Return To US To Face Trial

However, you're not really going to be doing much better with the Russian government that the US government...

So, maybe *don't* join the Russian government's spy agency, *don't* steal a bunch of incriminating proprietary information about their secret dealings, and *don't* spread it to the world media? I mean, if he learned anything from this whole experience it's probably *don't* do that, amiright?

Comment: Re:Bad idea (Score 1) 646

by jeffmeden (#49174533) Attached to: Snowden Reportedly In Talks To Return To US To Face Trial

Really bad idea. If he was going to do this he should have never bothered leaving in the first place.

One plausible scenario is that he left in order to continue his work (although its unclear if he has been directly involved since handing the data off to Greenwald and Poitras) and create more visibility for himself. The only reason for returning, since as many will point out life in prison is not preferable to a free life in Russia or almost any other country, is so that he can continue his work by creating a zoo of a trial that drags on for years and hangs in the media like a raincloud over the US government, constantly reminding people of what the NSA/CIA did/does and what they are willing to do to maintain their grip on information. Eventually a politician (probably a presidential candidate) will come to his rescue as a goodwill gesture and motivate the right people to free him on parole, mostly to get him out of the media so he can live a reclusive existence in remote California or Texas or something.

Comment: Re:Who Cares? (Score 1) 35

by jeffmeden (#49173775) Attached to: Flaw In GoPro Update Mechanism Reveals Users' Wi-Fi Passwords

The range on the GoPro's Wi-Fi is so short that someone within Wi-Fi range is a few steps away from physical access anyway., and you only ever use the Wi-Fi when you're actively using the GoPro - you would know immediately when someone connected to it and fucked with it.

Someone else nearby might download the footage and see what i'm looking at with my gopro! Oh wait...

Comment: Re:Yes, I agree (Score 1) 557

by jeffmeden (#49172283) Attached to: Why We Should Stop Hiding File-Name Extensions

The first thing I do on windows is change the settings to show tilename extensions. Much of the confusion I see in others can be directly traced to the fact that they don't know what their files are.

Stop being afraid to make someone learn something useful to use a computer.

That being said, don't make people learn useless things. Design a powerful set of useful things to learn each of which is valuable and worth learning and remembering and then reward people for learning them by maintaining their usefulness

Making things overly simple robs users of the power to make things simple for themselves, and ends upt complicating their interaction with the computer.

The problem is that almost all forms of email consumption (browser based webmail, outlook, etc) have pretty good warnings regarding certain file types that it's a really really bad idea to run (they even try to explain this to the user to some extent) and the users just fly past those warnings on their way to doom. What good is it to show a user "important tax return info.docx.exe" instead of "important tax return info.docx" when they really should only try to open it if they see "important tax return info" (type: word document) anyway? All this nuance is completely lost. Take away their local admin privileges already, and address the real issue (that users privilege should never exceed their knowledge.)

Comment: Re:Dumb question (Score 1) 243

by jeffmeden (#49121941) Attached to: Study: Peanut Consumption In Infancy Helps Prevent Peanut Allergy

You do realize these kids were tested first to see if they had a peanut allergy.

FTA: "All had been given skin-prick tests to make sure they were not already allergic to peanuts. "

So they took precautions to make sure they kids weren't already allergic, something a parent isn't going to know. If you kids are allergic to eggs or had eczema, they might be at risk to having an allergy to peanuts. So the first thing you don't do is shove peanuts down their throats! You'd better have your child tested first. IF, they don't have an allergy, THEN you can give them peanuts, which should help prevent them from developing one.

Which is interesting because the allergists I've talked to don't seem to think the pin prick test for peanuts is conclusive. Apparently since this headline isn't "Children drop dead after being told to eat peanuts 'For Science'" that it is a decent way to test for it.

Comment: Re:Dumb question (Score 1) 243

by jeffmeden (#49121895) Attached to: Study: Peanut Consumption In Infancy Helps Prevent Peanut Allergy

Part of it was public awareness. You'd find it common in previous generations that people would tell you "it's all in your head" and other less than helpful answers to problems you had with things as allergies and many other health issues. Now, as this study suggests, that once there was public awareness, people were having their children avoiding high allergy risk foods and in doing so making the problem worse as humans are prone to do.

Or better yet you would just drop dead from an as-yet-unnamed disease (anaphylaxis) and the death certificate would list "Phrenitis" as the cod. What allergies?

Comment: Re:yes. (Score 2) 243

by jeffmeden (#49121841) Attached to: Study: Peanut Consumption In Infancy Helps Prevent Peanut Allergy

Except it doesn't. Try reading medical research sometime. Repeated exposure to an allergen can cause allergies.

And then one big dose of that allergen causes it to go away. How fucked up is that? Really, allergies make no fucking sense. This data suggests early exposure doesn't lead to developing an allergy in the absence of some other trigger, but people exposed early and often can still get them. Our bodies really are just fucking with us.

Comment: Re:Um, (Score 1) 112

by jeffmeden (#49096599) Attached to: TrueCrypt Audit Back On Track After Silence and Uncertainty

Yes. Because some people think that TrueCrypt was killed BECAUSE it was actually secure and the NSA wanted them to de-secure it.

As such, a warrant would let people continue to use it, secure in the fact that it actually works as required.

It also lets people fork it.

Frankly, I have been severely disappointed with BestCrypt, which I had hoped would end up as the replacement for TrueCrypt. (multiple problems with getting the regular operating system to recognize the 'mounted' drives)

Given that the authors were anonymous is it postulated that the NSA hunted them down and was ready to doxx them for not complying? What leverage could they possibly have had?

Comment: Re:Um, (Score 4, Interesting) 112

by jeffmeden (#49095993) Attached to: TrueCrypt Audit Back On Track After Silence and Uncertainty

What did the TrueCrypt developers have to do with the audit of TrueCrypt?

Is there a point to continue auditing a platform whose entire developer team has abandoned whilst urging all users to seek other encryption tools? At this point the audit is probably going to be interesting (related to the aforementioned dev abandonment), but not exactly useful... If you are still using Truecrypt, you have already been warned.

Comment: Re:WTF? (Score 1) 114

by jeffmeden (#49087971) Attached to: Duplicate SSH Keys Put Tens of Thousands of Home Routers At Risk

I don't think so. The pubic and private keys are only good for outgoing connections and not incoming.

Not funny. Anyway, having the private key is a valid way to authenticate inbound (if so configured) and its often enabled by default as it is thought to be a pretty good way to do it (until you put the same keys on a quarter of a million devices).

Comment: Re:what most people don't think of doing (Score 1) 114

by jeffmeden (#49087805) Attached to: Duplicate SSH Keys Put Tens of Thousands of Home Routers At Risk

What's this "machine ID" you speak of? The MAC address? It's pretty easy to configure the same MAC on a different machine.

Most people don't think of doing it that way because it's not a good way of doing it.

That part was a little bizarre (if you are physically connected directly from PC to router it doesnt matter much what ID the PC might have) but as a whole it creates a pretty tight way of ensuring integrity of the router configuration. In particular, not allowing any inbound access from the WAN until a hard password is set, and not allowing any association to the WLAN until a hard encryption key/passphrase is set. However, these are two steps most users don't want to bother with (and more importantly, will call tech support to help them with when they fail to complete the tasks). Security, as we have currently designed it, is pretty hard for the layperson. Vendors optimize their devices for the path of least resistance (read: path of least tech support) to minimize costs, and we shouldn't be a bit surprised.

If at first you don't succeed, you must be a programmer.

Working...