Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror

Comment: Re:Grinch is not a flaw - has no CVE!!! (Score 5, Informative) 116

by jandrese (#48628921) Attached to: Grinch Vulnerability Could Put a Hole In Your Linux Stocking
About 3/4 of the way down the "article" they explained the vulnerability:

To control administrative access, Linux keeps a list of all the registered users on a machine, in a group typically known as “wheel,” who can be granted full root access (usually through the Unix sudo command).

A knowing attacker could get full root access by modifying the wheel group, either directly or by manipulating an adjoining program such as the Polkit graphical interface for setting user permissions, Alert Logic said.

This is patently stupid. Yes, if you give a badguy administrative access, bad things can happen--even if you use a fancy GUI to give the bad guy administrative access. The only thing that is even slightly newsworthy here is that maybe a novice admin won't understand the purpose of the wheel group and could be tricked into giving permissions, but there are a lot of ways you can trick a dumb admin, there's no need to single this one out.

Comment: Re:So stream it... (Score 5, Interesting) 579

by jandrese (#48621733) Attached to: Top Five Theaters Won't Show "The Interview" Sony Cancels Release
Sony should say screw you to North Korea and release the entire movie for free on the internet. Make sure everybody has a chance to see it. Of course they won't because they still have to monetize it somehow, but it would be something to say "we're not going to give in".

Comment: Re:Wildly premature question (Score 1) 81

by Bruce Perens (#48620117) Attached to: SpaceX To Attempt Falcon 9 Landing On Autonomous Spaceport Drone Ship

If we look at jet aircraft, wear depends on the airframe and the engines, and the airframe seems to be the number of pressurize/depressurize cycles as well as the running hours. Engines get swapped out routinely but when the airframe has enough stress it's time to retire the aircraft lest it suffer catastrophic failure. Rockets are different in scale (much greater stresses) but we can expect the failure points due to age to be those two, with the addition of one main rocket-specific failure point: cryogenic tanks.

How long each will be reliable can be established using ground-based environmental testing. Nobody has the numbers for Falcon 9R yet.

Weight vs. reusable life will become a design decision in rocket design.

Comment: Re:Backups are not secure (Score 1) 172

by jandrese (#48619981) Attached to: Backblaze's 6 TB Hard Drive Face-Off
This is really not a good approach to using public key crypto. The private key shouldn't be on the servers, it should be on the client. I know it's a pain to handle per-file backups and especially deltas when everything is encrypted, but that's the tradeoff for proper security. In fact there's really no need for expensive public key crypto here at all. Just have the client use a cheapish symmetric key (AES256 perhaps) and send only encrypted data to the servers. There's no need at all for the servers to ever have the data in the clear.

Comment: Re:It's just some dipshit with weapons and no hope (Score 1) 874

by jandrese (#48600597) Attached to: Apparent Islamic Terrorism Strikes Sydney
From what information the police have released since then, it looks like you're right on the mark. The guy is a violent nutjob that also happens to be an Iranian Muslem; and he has lived in Australia for almost 20 years now. I doubt he has much connection with Islamic State beyond their chat boards.

Comment: Re:Cosmic Rays (Score 1) 56

by jandrese (#48598519) Attached to: Raspberry Pi In Space
It's really the same mechanism. In one case the high energy rays impart enough energy to charge or drain a gate, and in another high energy rays impart enough energy to break a DNA bond. The parent was talking about being continually hit with enough high energy rays to instantly crash a normal computer, which is well above the amount you need to kill a person.

I am not now, nor have I ever been, a member of the demigodic party. -- Dennis Ritchie

Working...