Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
For the out-of-band Slashdot experience (mostly headlines), follow us on Twitter, or Facebook. ×

Comment: Re:No, just no. (Score 1) 89 89

You drive a car because flying everywhere is expensive and not possible in most cases. You can't fly to the grocery store, to work, to school, etc. This isn't a very good argument. A better analogy is that you trust yourself to do car work better than you trust a mechanic. They are the expert and cost more to do the work but you have to read up on how to fix things and spend your time doing the work yourself. The expert costs money, you cost time (which is also money). Now your engine needs fixing. Do you pay for someone to figure it out for you or do you try to do it yourself? Both choices might have disastrous results; you might fuck something up big time and have to spend way more time fixing your mistakes, the mechanic might not get things done on time or within the estimate he gave you. Hell, in both cases, you might have your car stereo stolen either right from your driveway (a targeted attack) or from the mechanic's parking lot (an attacker looking for the easiest thing to steal). You might have a motion light pointing at your driveway and yard but its just you at your house guarding your stereo, maybe you spot the guy because he just walks right up to the house and the light goes off. The mechanic might have a fenced-in parking lot with a rent-a-cop doing their nightly drive-bys at various businesses, maybe he spots the guy trying to get past the fence but failing.

It's all a matter of money and time. What do you have the most of?

Comment: Re:More stupid reporting on SlashDot (Score 1) 192 192

Just because the government purchased something doesn't entitle you to its use. You don't get to borrow a navy fighter jet because your taxes helped pay for that. Besides, that $9.1mil is probably based on a certain number of licenses, it doesn't cover you.

Comment: Re:A few years ago (Score 1) 51 51

Microsoft is probably better off just sticking to what they do well, the surface and its derivatives. Their phones have always been less desirable and they can never seem to come out with a product that people actually enjoy using. They do well with their tablets and should stick to keeping those up-to-date with the latest tech.

Comment: Re:the 360 had HDDs in a custom candy with bans wh (Score 1) 98 98

There were definitely no bans from swapping out HDDs in the 360, it just wouldn't allow you to format and set it up for use. The only issue was that it would only recognize a certain set of OEM firmwares. You would have to buy a comparable drive made by the same manufacturer (WD, I recall), flash it with the right firmware, and place it in the drive caddy. This would then match up with the Microsoft branded retail drives available for half the price. When they switched to the 360 Slim, you were able to use any SATA 2.5" drive you wanted. You didn't even have to use the plastic caddy that the retail ones were sold with. A folded up piece of paper worked nicely as a spacer to keep it from moving.

The xbone has USB3.0 support so adding a new internal drive isn't even worth doing anymore. Just get a cheap 3.0 enclosure and whatever OEM drive you'd like.

Comment: Re:More stupid reporting on SlashDot (Score 1) 192 192

Because you aren't paying for it. Should Redhat give you free support when other companies are paying for the creation of documentation? Should a Amazon give out all their ebooks for free because someone already bought a copy of one of them? I mean, its already paid for so just give it out for free, right? It's not like these are businesses that rely on paying customers to run or anything stupid like that.

Plus, MS wants to move away from XP. It takes away from their talent pool to work on a 15 year old operating system that very few people actually want to run. Software engineers are wasting not only their hours but their potential working on XP. MS would rather have them work on new things than work on old things and the engineers would rather be coming up with new ideas rather than just patching old mistakes. Anyone looking for stability for current hardware can install 7 no problem so your average business/consumer has no specific need for XP anymore. If they are going to keep patching it, they are going to want a bunch of money to compensate for the time and money sink that it is.

Comment: What can you do? (Score 2) 128 128

What could someone possibly do if they gain admin access to a POS? Is this a Windows CE system where someone could run arbitrary code? Or is this a bespoke system where the admin password just gives you access to the settings of the system? The article mentions staff using a POS server to play games and download porn on but that is a server probably running Windows Server with some POS server software from the vendor. Rather than just making fun of the name, these guys should explain what exactly does the admin password get you.

Getting access to the network is something different. You could update every POS terminal out there with your own code to steal CCs or crash every terminal on Black Friday.

Comment: Re:Too early for criticism. (Score 1) 238 238

Virginia Tech does have the Corporate Research Center, CRC, where a bunch of companies have set up remote offices where companies hire students for coops, internships, and actual jobs. I don't know off hand how many jobs that place has created but I do know of a lot of the companies that come to Virginia Tech during career fairs do have small offices there although a lot of other companies are strictly located mostly in Northern VA with a few in Roanoke.

Comment: Re:No mention of getting data out (Score 5, Informative) 71 71

I think they are relying on people to accidentally forget to confiscate the devices when leaving secure areas or the malware is waiting for some other way to communicate out of the network. Recently, a researcher showed how he was able to move data (albeit, very slowly) between two air-gapped machines just using temperature changes of both infected machines. Something using built-in speakers and mics of two machines could also move data using ultrasonic audio. If this is a targeted attack looking for a specific piece of information, a private key perhaps, you wouldn't need to transfer the information very long before someone notices.

All of these air-gapped exploits pretty much rely on people clicking things they shouldn't or plugging things in to other things they shouldn't but the hard part is getting back out of the air-gapped network.

"Well, it don't make the sun shine, but at least it don't deepen the shit." -- Straiter Empy, in _Riddley_Walker_ by Russell Hoban

Working...