Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).


Comment: Re:Points 4. and 5... (Score 0) 227

by lebean (#38220092) Attached to: Duqu Attackers Managed to Wipe C&C Servers

There's nothing foolish about it, he's wrong. That is, provided you continue to keep up-to-date with patches. Given two equal SSH daemons, both fully updated but one on a random high port, the one listening on 22 will log hundreds or thousands of attempts per day, the one on a random port will log *zero*. Which do you think makes log auditing easier to look for truly dangerous threats? (If you see failures on your "obscured" SSH daemon, you _know_ you have a problem because someone has fully scanned your address(es) and is actively attempting a break in, while those attempts just disappear in the noise on the port 22 daemon). Similarly, if/when that next SSH 0-day hits, which of the two is in immediate danger of being rooted? The one that is in the logs of dozens or hundreds of scanning script kiddies, or the one that has never been hit a single time by an unknown user, that nobody in the world even knows exists?

Comment: Re:Just remember the first rule of RAID 0 (Score 0) 564

by lebean (#28590775) Attached to: RAID Trust Issues — Windows Or a Cheap Controller?
The RAID 1 solution gives you resiliency, not safety. RAID 1 doesn't help you at all in that "Oh shit" moment where you've just mistyped a destructive command or deleted the wrong folder. It covers you when a drive dies. not when the virus-of-the-day goes nuts on your data. It's so cheap to do a much simpler backup solution than what was discussed above, there's just no reason not to. You can get any simple external drive and copy everything important to you, and you're better off than running only a RAID solution. The difficulty is the discipline to maintain it, and copying everything everytime isn't efficient. That's where "true" backup solutions come in and get you doing automated backups at full and incremental levels, eliminating forgetfulness and/or laziness. Now you want a 2nd external drive, so you can write backups to one for a week, then take it offsite and swap in the second, which will get your backups for the next week and so on. In the case of a flood/fire/tornado/theft, you do stand to lose up to a week's worth of data, but that's better than losing absolutely everything, which is what happens with your RAID solution. Backup doesn't have to cost a lot. 2 $100 external drives and something like Bacula, or BackupPC, or one of many other options can take care of you.

Mozilla SSL Policy Considered Bad For the Web 897

Posted by kdawson
from the among-these-shall-be-life-liberty-and-acces-to-https dept.
Chandon Seldon writes "The issue of digital certificates for SSL and the policies surrounding them comes up repeatedly. I've written an article criticizing the behavior in Firefox 3, which includes a serious comparison of the current Mozilla policy — restricting encrypted HTTP to paying customers — to a violation of net neutrality."

The major difference between bonds and bond traders is that the bonds will eventually mature.