Become a fan of Slashdot on Facebook


Forgot your password?

Comment Probably not real numbers (Score 1) 165

I wonder how many of these "activations" or windows 10 installs are people doing what I've done to over a dozen machines - "upgrade" from Windows 7 just to lock-in the permanent Windows 10 activation for that PC in the Microsoft servers during the free year.

I guarantee Microsoft hasn't captured the "telemetry" of uninstalling (where they have you put in the reason you are going back) for any of these, because then I blow away the Windows 10 with the original disk image, make sure that all of the GWX ads, unapproved "update agent" auto downloading and multiple spyware telemetry updates are removed from Win7, and disable the windows update service. Then I blackhole any machine that tries to connect to the "vortex" telemetry servers through the firewall.

Comment Re:Confused (Score 1) 69

Yes, Microsoft does update the OS directly without carrier interference when you opt to get insider updates or simply root your phone's registry to masquerade as another device on another carrier. The firmware component still goes through considerable lag and has greater delays, but it is possible to get a Nokia phone and flash it with a de-branded ROM when available for your model and be completely carrier bloat free.

Comment Re:That is confusing, who is "Android"? (Score 1) 69

There are many different backdoors in Android phones, I deodexed my rooted phone and killed off many carrier and vendor (and law enforcement) malware and remoting apks (the kind otherwise hidden and permission-locked) that operate over data, sms and phone connections, but it's almost impossible to know what still is in there in the baseband and core modules unless you have your own cell tower and fuzz everything they can send you. I consider my smartphone permanently rooted, easy to hack, and act accordingly.

Comment To stop all communication with Microsoft = work (Score 5, Insightful) 492

I have been going through and cataloging everything that Windows 10 does, and looking to end the communication with Microsoft component-by-component. It'll take removing packages with dism, setting group policies and making secure policies into the "default user", blocking employees being able to lock out admin simply because they want to log in to the store etc., turning off the update services, etc. It's a long road to lock down win10. You still can't keep the OS from doing anything it wants though, basically Microsoft has decided that they get to rootkit and keylog your box while background capturing your location and data files.

The first thing that admins should be doing is looking at how MS has invaded windows 7 with it's GMX and telemetry updates for the older OSs. Besides the tray ad, a whole new package of privacy invading phone-home and send your data was included in the "critical updates". There are about eight different tasks added to windows 7 scheduled tasks that even admin can't remove, they have to be manually pruned from the registry.
It takes a good amount of powershell, registry editing, and dism to script-remove this malware from windows 7, and if you were letting windows update since April, the damage is already done.

Comment Re:settled cannon for about a decade now (Score 1) 83

"AMD does a great job of getting open source?" AMD is the one flipping the bird, they burned users of Radeon HD 4xxx and below in Linux. This hardware was shipping integrated in new desktops/laptops in 2011+, and they abandoned their driver by 2013, leaving something that will only run in old X, so basically useless in anything Ubuntu 12.04.1 or newer.

It just takes one big FU like this for me to make sure everybody knows what AMD really thinks about Linux.

Comment Re:Uhmmmm (Score 2) 620

winnt4 in production is nothing, it is often required on equipment such as HP chromatographs and other lab equipment that is otherwise top-tier (before the company was destroyed by (presidential hopeful) Carly Fiorina.

If you are looking for old production equipment, I think you'd be impressed by the DEC PDP-11s still running in nuclear power plants that have a commitment to run through 2050.

Comment Re:I know (Score 3, Insightful) 172

Well, I am pretty sickened by the constant data connections between Windows 10 and Microsoft. Running in a VM, the network activity light and CPU load is constant. Granted some of this is the keylogger-level telemetry that they are gathering, but my OS should never start initiating network connections without my permission; this OS wants to automatically update itself and any apps you have installed (can't be turned off unless you just kill the services), comes with dozens of scheduled tasks to do so, and encourages you to store your data, contacts, emails, etc in their apps without clearly stating that it is all being duplicated on Microsoft servers.

Annoyance #2, actually dealbreaker, is how they've made the OS almost broken if you don't use a Microsoft account login. This means that your computer's login is the same password as your email address, and is out of your control. Microsoft or anyone pressuring them can get into your (their) computer since they control the password. It is way to easy for SOHO users looking for time-wasters in the Microsoft store to convert the local account into their own user login and lock out everybody including admin. The email address of the logon is proudly displayed on the logon screen to unauthenticated users, with no way to turn this off.

Comment Re: Who? (Score 2, Interesting) 574

45 years old = Neil WHO? High school years were not spent listening to music like this, they were Def Leppard, Quiet Riot, and Rick Astley years. This is music for old codgers, although probably better creatively than the formulaic top 40 stuff now.

I've noticed that classic rock stations have got in tune with actual listener demos because we're getting older. When I was a kid, oldies stations would play Chuck Berry and Elvis, music that only senior citizens would have heard new. Now I turn on the classic rock station, and they are playing Nirvana, REM, and Collective Soul alongside less Stones and Pink Floyd. Won't be long before classic rock would need to play late 90s, years where there was no more rock music.

The main change this article addresses is that people are starting to no longer buy or even download music, it's good enough to just put on internet radio, since it can narrowcast exactly what you want to hear. Radio and streaming, what was one a promotion tool for record companies, has become something out of their control that IS the end product for most people.

Comment Since the summary is impenetrably obfuscated (Score 5, Informative) 45

Here's the narrative:

- Trend Micro documented a 0-day Java exploit, leading to it's patching

- The hacking org Operation Pawn Storm that was using the exploit got all pissy, and redirected a domain that computers infected with their malware contact, pointed it to an IP address in Trend Micro.

The domain names contacted for command and control instructions are usually randomly encoded and encrypted, and rotate on a regular basis. The crackers know what the next domain name to be used is, but they are hard to deduce from the binary. Infected systems will likely move on to contacting the next domain/ip looking for remote control instructions in hours/days.

Comment Re:Disable Java == Broken Websites (Score 1) 122

>> For the record, I completed my Bachelors in Computer Engineering in 2010, in the US. I never once needed a Java web plugin. I don't know how "widely used" it was back then, much less today, but it certainly wasn't required.

You're lucky, in the late 90's it was impossible to get a CS degree without at some point installing Java in your brain. Still not as bad as the C++ course where the lab portion was some crashtastic IDE on Mac OS 9.

Comment Re: How about 2015 July 15 0000UTC? (Score 3, Informative) 283

That's better than VMWare 5.5, which required it's own NPAPI plugin, which barely worked with an old version of Chrome on Linux, and doesn't work with any distro you can just spin up. As a cross-platform management solution, it was dead before it was born.

Worse is Chinese no-name security DVRs that are still being deployed, that require an activex plugin.

Comment Google on your phone, unstoppable data flow out (Score 4, Informative) 217

I have a Galaxy S5, and have encountered the same types of problems with the baked-into-the-OS Google services. I have rooted the phone, installed app-ops (useless Google window dressing), and then xposed framework and xprivacy. The level of intrusion and data capture is simply stunning.

The first thing that usually blows people mind is when they visit Google GPS location history page at - even though they weren't aware of it, every move they've made for months has been tracked down to the minute by Google. You can "turn location history off" on that web page, but the GPS is so baked into the OS that this cute web page checkbox is almost guaranteed not stop the continuous GPS gathering. In fact, after blocking location access by GPS, you get a stern warning "enable location services for gps", and the "do not ask again" is greyed out if you do not allow it, you will get nagged regularly.

Your phone is essentially rooted. If it can ring remotely, be located via GPS and be disabled by "find a phone" features, it is not you that has root on the OS. It is the company that can employ that at any time.

The Google intrusion is multifaceted once you start digging in, dozens of different components of the OS that make contact with external servers without documentation. Spending massive time disabling their access to your personal data one by one will usually result in a borked phone. One of those back doors is going to get your data even if you think you turned everything off.

Then we have the Samsung apps that are in full intrusion mode. The health app? Wants your contacts and location. The keyboard software? Wants your contacts and location.

It is of course impossible to use these devices without your entire contact list, phone and text engagement, password list, etc, being scarfed up and sent to the cloud. Any single OS library that has network access can act as a gateway to other components that look like they are otherwise behaving when they access your clipboard, screen, etc.

The biggest problem is not that every aspect of your life is tied together by a corporation, who has recordings of your voice, keystrokes of everything you've typed, pictures of you that are run through facial recognition, etc. It's that this is all going over the wire to a corporation that is too big for one government to reign in. A corporation that has had their internal communications tapped by the NSA. A corporation that "plays ball" with law enforcement by giving them their own handy web portal to data. And of course is all behind one password that can be hacked and cracked on by the entire world of hackers from lawless nation states. Soon coming to a Windows 10 computer near you.

Comment Re:Die, white whale, die (Score 1) 249

Starbucks does acquire, gut, and destroy. In the Pacific Northwest there was a small chain called "Coffee People", that made an excellent product, including coffee milkshakes (not just coffee sugar slurpees). They sold out to Starbucks, and within a year all the locations were shuttered, except about 10% where the real estate was useful and were closed and turned into Starbucks.

The "Seattle's Best" brand was bought in 2003, and within months their production was closed and moved to Starbucks HQ. The brand survives probably just to take double the retail shelf space and make customers they are getting a choice.

Saliva causes cancer, but only if swallowed in small amounts over a long period of time. -- George Carlin