Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?

Comment: What can you do? (Score 2) 128

by masterofthumbs (#49535819) Attached to: POS Vendor Uses Same Short, Numeric Password Non-Stop Since 1990

What could someone possibly do if they gain admin access to a POS? Is this a Windows CE system where someone could run arbitrary code? Or is this a bespoke system where the admin password just gives you access to the settings of the system? The article mentions staff using a POS server to play games and download porn on but that is a server probably running Windows Server with some POS server software from the vendor. Rather than just making fun of the name, these guys should explain what exactly does the admin password get you.

Getting access to the network is something different. You could update every POS terminal out there with your own code to steal CCs or crash every terminal on Black Friday.

Comment: Re:Too early for criticism. (Score 1) 238

Virginia Tech does have the Corporate Research Center, CRC, where a bunch of companies have set up remote offices where companies hire students for coops, internships, and actual jobs. I don't know off hand how many jobs that place has created but I do know of a lot of the companies that come to Virginia Tech during career fairs do have small offices there although a lot of other companies are strictly located mostly in Northern VA with a few in Roanoke.

Comment: Re:No mention of getting data out (Score 5, Informative) 71

by masterofthumbs (#49463367) Attached to: Chinese Hacker Group Targets Air-Gapped Networks

I think they are relying on people to accidentally forget to confiscate the devices when leaving secure areas or the malware is waiting for some other way to communicate out of the network. Recently, a researcher showed how he was able to move data (albeit, very slowly) between two air-gapped machines just using temperature changes of both infected machines. Something using built-in speakers and mics of two machines could also move data using ultrasonic audio. If this is a targeted attack looking for a specific piece of information, a private key perhaps, you wouldn't need to transfer the information very long before someone notices.

All of these air-gapped exploits pretty much rely on people clicking things they shouldn't or plugging things in to other things they shouldn't but the hard part is getting back out of the air-gapped network.

Comment: Re:not to defend this but... (Score 1) 255

by masterofthumbs (#49029161) Attached to: Jeb Bush Publishes Thousands of Citizens' Email Addresses

The email records extend to Dec 31, 2006. There are a couple days into Jan that you can click on but there are no emails on those days. If you bothered to actually click the link, you would have seen that he didn't publish anything that occured after the end of his term.

Comment: Re:Target audience? (Score 5, Insightful) 84

by masterofthumbs (#48989947) Attached to: Smartphone Attachment Can Test For HIV In 15 Minutes

I'm guessing the target audience is medical workers in poorer countries with limited access to labratory equipment to test for these diseases. The local doctor can come to the village with their smartphone, this device, and a bunch of clean needles for it. The more mobile and cheaper medical equipment can be, the easier it is to care for people. This doesn't address the idea of safe sex though, its just a piece of test equipment.

Comment: Re: I tried the switch also (Score 1) 296

I had a class this semester where the professor distributed homework in .docx format. LibreOffice had the worst time displaying even the simpler circuit diagrams that were made using Smart Art. Even if I converted the document to PDF, the screwed up formatting would carry over. I ended up finding out that Dropbox would convert any docx to PDF when you would preview the document in your browser. The formatting Dropbox would display was identical to how the document was displayed in MS Office so I would just save that PDF and work off of that.

On Linux, the problem was even more of a pain. Any of the .pptx he used in lecture would have really weird fonts (font size was either too big or too small) when I would open them in Libre. I found out that I didn't have any of the MS ttf fonts installed but even after installing those, the slides still weren't exactly right. These were both slides that he had made himself and slides that were given out from the publisher of our textbook.

Comment: Re:Reality - Support (Score 1) 296

Installation of enterprise versions of Office are incredibly easy. Pop in a disc or download the executable and run it. I believe its maybe just one prompt asking where you want to install it. After that, it just installs without any interaction.

But in reality, IT would just have an image to push to every machine that would include Office so install time is negligible.

interlard - vt., to intersperse; diversify -- Webster's New World Dictionary Of The American Language