Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×

Comment: Re:Not only Linux (Score 1) 93

by kwark (#46547409) Attached to: Speedy Attack Targets Web Servers With Outdated Linux Kernels

I found a compromised website on my companies shared hosting platform (which runs a 2.6 kernel (Debian/oldstable)). But the files where "infected" by a ftp account via proftpd on a machine running a 3.2 kernel (Debian/stable), the login was right on the first try. My guess is malware on the site owners machines stealing ftp logins (which is old news).

Comment: Re:Really, Slashdot? (Score 1) 135

by kwark (#45684479) Attached to: Safari Stores Previous Browsing Session Data Unencrypted

"Thanks, I didn't know that."

You didn't know that because it is not true. SSL encrypts everything before anything is send. That is why (before SNI) it is impossible to have multiple certificates for multiple virtualhosts on 1 ip adress: the host that is being queried and has to match a certificate CN isn't known at the time of the SSL handshake.

Comment: Re:Why do transit smartcards need to be hard? (Score 1) 96

by kwark (#45382513) Attached to: New Zealand's Hackable Transport Card Grants Free Bus Rides

"But this is a bus. There is an active connection to the central office."

Until the perp. is using a gsm jammer (or you get into an area without coverage). The bus terminal will store the transaction for later validation, but since the perp is using an anonymous or cloned card he has gotten an untracable free ride.

Comment: Re:Why do transit smartcards need to be hard? (Score 1) 96

by kwark (#45382473) Attached to: New Zealand's Hackable Transport Card Grants Free Bus Rides

"The reality is that 99.9% of people are honest and will pay what they should regardless of whether the cards are insecure and could be 'hacked'."

People are less honest then you think, most will do stuff they know they shouldn't if they think they will not get caught, even when there is no financial need.

This chipcards and the required tollgates were introduced with a promise to stop fare dodgers. Recent news of the dutch system appears to have the effect of going from 11% to 2%. http://www.ad.nl/ad/nl/1012/Nederland/article/detail/2943764/2011/10/03/Aantal-zwartrijders-RET-daalt-spectaculair-door-ov-chippoortjes.dhtml
The same might have been achived cheaper with more actual people in the public transport actually checking tickets..

Ya'll hear about the geometer who went to the beach to catch some rays and became a tangent ?

Working...