Follow Slashdot blog updates by subscribing to our blog RSS feed


Forgot your password?

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).


Comment: Re:What is required to secure the Internet? (Score 1) 27

by postbigbang (#49375847) Attached to: Book Review: Future Crimes


And how many civilians do you know that can do that? But we let them anyway. I know sysadmins whose knowledge of CVEs amounts to a "what's that?" answer.

The sales efforts to ensure that we're all using SaaS, popular websites, and social media with new bright shiny stuff that can store photos, too, all makes everyone fail to remember that these machines are loaded with their assets, and they need to understand them to protect those assets. Nah, you make more money by selling them a new hard drive and some AV stuff.

Sorry-- I never explain conspiracy when sloth and making another buck is the better explanation.

Comment: Re:And the almond trees die. (Score 4, Insightful) 417

by postbigbang (#49313135) Attached to: How 'Virtual Water' Can Help Ease California's Drought

Ummm, no. Although this happens, an increasing amount of silage and dark waters have contaminated many crops, and not just in CA. Were we to actually PROCESS the silage in a way that stanches e.coli, salmonella, protozoa, and other contaminants ranging from aspergillus to non-fungals and unknowns, a vast amount of efficiencies increase.

The best idea, IMHO, is to deploy widely sustainable practices that involve the highly fluctuating variables of rain, market fluctuations, and yields. Too much of this revolves around dice-rolling techniques, and "I'm gonna be rich if I plant a few orchards" mentality. No one likes the edicts of public policy, but simple planning goes a long way towards sustainability.

Our current opaque public policy mechanisms prohibit this.

Comment: Re:screw the system (Score 1) 284

by postbigbang (#49209441) Attached to: UK Gov't Asks: Is 10 Years In Jail the Answer To Online Pirates?

Tangible vs intangible is a huge difference. Ten years is a stiff deterrent and doesn't really fit either crime, depending on the value. In the case of say, check/cheque fraud, forgery for gain, converting property/conversion, these have a directly cost that can be calculated and audited. Intangibles, the crux of various publishers, is more difficult to do.

Although stealing is horrendous, the RIAA/MPAA/publisher's actual injuries/damages aren't what they claim them to be, IMHO. Ten years is too much.

Comment: Re:No, Never, for Any reason. (Score 3, Insightful) 734

by postbigbang (#49192351) Attached to: Ask Slashdot: Should I Let My Kids Become American Citizens?

I'd say: yes, do it, with your children's consent. No consent? Don't do it. Tell them at 16, they have to make a choice, and tell them what it means to them. Remember that twenty years in the future, many parts of the world will mature. Which one matures for them means having choices.

Comment: Re:how ? (Score 1) 324

by postbigbang (#49161857) Attached to: Ask Slashdot: How Does One Verify Hard Drive Firmware?

If you had a valid, uncompromised version of firmware, and were able to substitute it, and look at the streams, you could compare one stream to the other, uncompromised vs suspect. At some point, to do its work, the suspect firmware has to cough something different, be it an altered MBR, or something else to allow it to do its job. Otherwise, its sits in firmware forever doing nothing. There needs to be a routine, an exercise, comparing known vs unknown to assess what it does to a stream, or to infect/root its host.

I get the feeling that the NSA attack is likely focused on a fairly select few, otherwise the C&C traffic would be heavy enough to otherwise detect. A rooted machine may stay asleep for a long time, perhaps forever, but at some point, it has to wake up. Change your IP address to a CIDR block in Iraq and see if your router suddenly lights up.

Summary: to do its work, it has to either talk to something or infect/root the kernel or something the kernel uses a lot, otherwise, it's useless except as a local attack. It has to assert itself, and using known vs unknown analysis is perhaps the only real way of making it show its footprints in the snow.

Comment: Re:Tin Foil Hat Time (Score 1) 227

You have a lot of rational paranoia here. Tin foil or no, I often wonder if some of the VPN services are just honeypots.

There's always spinning up free instances in Azure or another host like AWS, and trying your hand there; at least the circuits would be somewhat secure. But if you're doing something at a monitored host and its record list is tracked, your IP access would at least be tracked. You might need several of these in a tawdry, highly latent chain to make things tough. That said, for some that need this, diligence might pay off. For others using such circuits for evil, I wish them failure.

Comment: Re: Yes (Score 1) 716

by postbigbang (#49035627) Attached to: Is Modern Linux Becoming Too Complex?

Slow down. We disagree on all your points.

First, use grub2 to set alternate boots. Not tough.
Second, use rsyslog or install syslog-ng to push out the logs to a log server so you can see why it goes down.
Third, BIOS is still the longest part of my boots; not sure what you're using.
Fourth, the file format you loathe is easy pushed back to half-ASCII if you simply must; you can ask chron to push it for you regularly, if you're really anal.

As far as stability is concerned, mine are just fine, thanks, doing their jobs nicely. This .ini problem you speak of is no different from the madness of other conf files that permeate the landscape, and prior versions are worse. I can squirt plentiful relevant system calls to one freaking spot, not eleven, and not nineteen different goofball apps twisting relevant settings through backdoors going back to Minix. I call that progress. It enforces a little discipline.

Never worry about theory as long as the machinery does what it's supposed to do. -- R. A. Heinlein