Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror

Comment: Stupidity is abundant these days (Score 4, Informative) 88

If I break into your house, and then walk into your main hallway, and then say, "There is a security flaw in your home! From this point in your hallway I can listen to any room, or walk down freely into any room." As you're looking at your front door splintered from the battering ram I hit it with to get in, would you call it a "hack," a flaw or something to be concerned about how your hallway(s) go through your house? No, you'd say, "The hallway is fine, I need a stronger front door. BTW, the Glock I'm holding is loaded."

When I start to read, "SS7 was designed in the 80s," I already know I'm dealing wtih a mental midget. Actually, SS7 begain due to the first ever hackers. Remember 2600? As in, 2600 Hz was the signaling frequency for a landline switch. Throw that tone, and you could make calls (for free if it was a payphone). Hence, telecoms came up with an idea to do out of band signaling, which eventually became SS7. So, saying you can "hack" SS7 is very misleading because all SS7 does is coordinate call set up. That "ringing" you hear as you wait for the far, distant switch to reply that the called line is available, is a "comfort tone," as SS7 does it's work. Besides cutting down on fraud, SS7 keeps circuits available, because if the called number is busy, or unavailable, there's no point in setting up a line between your local switch and the switch at the far end.

In the deepest bowels of a switching office, usually near the back, you'll see SS7 racks. These connect from and between local, long-distance and other switches. It's what you'd call, "Back Office," network, similar to the network used by the telecoms to manage their servers your traffic go across but you'll never touch. Such as 3G data going through PCF after it's left the mobile switch, and before it hits an internet backbone ATM. So in simple terms, you'd have to break in, figure out the network, and then figure out a 2nd break in to get to the SS7, and then you'd be in a very small part of the network.

Honestly, if you're going to be doing that much effort, you're NOT going after SS7. Just hack the 3-letter agencies or other LEO server for court-approved wiretapping that is hanging off the switching network and you're in anything, everything, anywhere.

Comment: Re:Possibly android (Score 1) 110

by JWSmythe (#48590465) Attached to: Ask Slashdot: Best Software To Revive PocketPCs With Windows Mobile 5-6?

I used Familiar Linux back in the day, when my Compaq iPaq became little more than a paperweight. When it was new, I had bought the iPaq with the battery sleeve that had 2 PCMCIA card slots. I did use it for a couple things. One was a little wifi scan tool, kind a primitive Wifi Analyzer. The other was the fancy IR remote that you mentioned.

Since it was so limited, even though it was a little Linux box, it eventually just ended up sitting on my desk until the batteries died, and a few years later it end up in a box in the closet. I haven't seen it in a few years, so it got misplaced one of the times I've moved. No big loss, other than the huge amount I had paid for it when it was new.

Since I can do everything with my Android phone that I ever did with the iPaq, there really isn't a reason to even try to resurrect one.

Comment: Re:Just in time. (Score 2) 219

by JWSmythe (#48590369) Attached to: Seagate Bulks Up With New 8 Terabyte 'Archive' Hard Drive

Their consumer drives have gone to absolute shit. I was buying them because they were marginally cheaper than the other choices. I ended up with a couple dozen running over the period of about a year. As each matured to about 1.5 years old, they started dying. Seagate reduced their warranty for consumer drives down to 1 year, so now they're all paperweights.

I guess they're ok, if you want to build a computer that you only want to use for 1 year. Maybe building out a machine for someone you don't like, or you like repeat business from angry customers who lose all their data yearly.

One of these days, we're going to have a thermite fueled funeral pyre. I'll post the YouTube video. :)

At least these "archive" drives get a 3 year warranty, for now. I wouldn't be surprised if they start trimming that down over time as they find out what their real failure rates are like.

Comment: Re:that pre dates 9/11. laptops from late 90's for (Score 1) 184

by JWSmythe (#48580069) Attached to: Are the TSA's New Electronic Device Screenings Necessary?

I've only ever been asked once, over countless flights before and after 9/11. That was in 2000, to board a flight leaving the US for Europe. Unfortunately, I was using it on the first flight, and my battery died. I told the agent "The battery is dead, but I can plug it in if you'd show me where an outlet is". That was the end of it.

Comment: Re:Oh it's asteroids now? (Score 1) 135

by JWSmythe (#48570931) Attached to: Rosetta Results: Comets "Did Not Bring Water To Earth"

It wouldn't have "seeped out", but you're on the right track. hydrogen + oxygen + energy = water. and water + energy = hydrogen + oxygen. We understand a lot of the surface chemical processes on this planet. We don't understand all the subterranean processes, but we have an idea.

Non-terrestrial bodies can carry water. Landing on a single comet and saying "no comets have Earth-like water" is like saying "We've only found life on Earth, therefore no other life exists."

I think some people have a very homogenous view of the universe. Once you've sampled a few, you've sampled them all.

Even on the Earth, there isn't a lot of water. This may give a better visualization.

http://water.usgs.gov/edu/earthhowmuch.html

Comment: Re: 60 Minutes Pushing Propaganda? (Score 1) 409

by JWSmythe (#48541319) Attached to: Is Chernobyl Still Dangerous? Was 60 Minutes Pushing Propaganda?

Slashdot's archive policy used to be much longer. I think it was at least 6 months. I'm not sure why they changed it. It may be for the sake of managing comment spam posts. It looks like they're removing them now. At least I haven't noticed posts for knockoff merchandise lately. I still read at -1, since people still downvote perfectly good comments.

Even on Facebook, we sometimes have running conversations for weeks. There, it's all in who your friends are. The ones I friend can usually keep a conversation going. Sometimes well beyond when it should just die.

Comment: Re:This is of course complete nonsense (Score 2) 84

by JWSmythe (#48539599) Attached to: US Treasury Dept: Banks Should Block Tor Nodes

Well ... I worked for a company who dealt with lots of PII (like, info on *every* person in the US). We put together a system to monitor what TOR nodes existed, and compared attacks to TOR nodes. It was significantly used as an attack vector, not only because of the anonymity, but because the attacker could change IPs frequently. Not a single legitimate user used TOR.

We decided it was worth protecting our users, and the PII of everyone in the US, to refuse any traffic from TOR.

Banks doing the same thing does seem like it's in the best interest of the customers.

If you are a legitimate user, and some 3rd party logs into your account and transfers money out, would you prefer the bank to say "Sorry, it was some random person, and we have no way to find or prosecute them. They will likely do it again." or "The intruder was found and prosecuted."

Depending on the theft, you may or may not get your funds back. If someone goes in and transfers funds as you, some banks aren't willing to refund the transaction. Transfers aren't handled like credit card transactions, which are easily refunded.

Even if your bank does give you the stolen money back, that means they've absorbed the cost. So your loss ($1 or $1M) and refund, is now added to the fees, because the bank's operating expenses are higher.

I'd prefer the "inconvenience" of not being allowed to use TOR and other anonymous relays, and not have the bank have a huge and expensive fee schedule to make up for losses that are impossible to recoup from the thieves.

Comment: Re: 60 Minutes Pushing Propaganda? (Score 1) 409

by JWSmythe (#48539485) Attached to: Is Chernobyl Still Dangerous? Was 60 Minutes Pushing Propaganda?

Well, I do still log in occasionally, and comment. I gave up on submitting stories a long time ago, since I've had all of one published ever, and countless other good ones ignored.

Conversations on any story dry up pretty quickly. There's usually a 3 day lifespan at best. So after today, I doubt there will be many (if any) more comments.

Comment: Re: 60 Minutes Pushing Propaganda? (Score 2) 409

by JWSmythe (#48513817) Attached to: Is Chernobyl Still Dangerous? Was 60 Minutes Pushing Propaganda?

It's pointy-clicky-approve, rather than investigation of the story.

Then again, this is a glorified blog, not a real news site. They don't have the staff, nor the need, to do research. They are also linking other sources, so it is up to them to do their fact checking.

People have frequently overestimated what Slashdot is for, and then they complain about it. It's not like the format has changed. It's been like this since I started reading it years ago.

It's just less interesting now, and regulars are no longer regulars. I still check in occasionally, hoping it has improved, but it hasn't.

Comment: Re:Obsession (Score 1) 154

by JWSmythe (#48481851) Attached to: Australia Elaborates On a New Drift Model To Find MH370

When would it be ok for them to stop looking? A year and $182.5M later? 10 years and $1,825M later? An infinitely ongoing mission, searching every square foot of the bottom of the Indian Ocean, Gulf of Thailand and the South China Sea, and Pacific Ocean? MH370's maximum range covers an awful lot of area, including a lot of land.

Mr. Cole's Axiom: The sum of the intelligence on the planet is a constant; the population is growing.

Working...