Forgot your password?
typodupeerror

Comment: My two cents. (Score 1) 825

by rindeee (#33159562) Attached to: Where To Start With DIY Home Security?
I think there are many good, valid approaches to home security, but let me give you mine. It has worked well. I went through the process about 5 years ago of trying to decide how to secure my home. I had a vested interest in something that really made a difference as I was deploying (military Reservist being sent over seas for a year) and leaving my wife and two kids behind. I looked at all the options including commercial, etc. We had good neighbors (this makes a HUGE difference) who helped look out for the place, as well. I ended up doing two things. First, a dog. A very big, very friendly dog. The kids could have bit his ear off and he'd of just rolled his eyes. Stranger comes to the door and he goes all Jekyll and Hyde. Second, IP cameras. Lots of them. The cameras covered inside and outside. I ran the whole show with EvoCam (from Evological) on a Mac. No, it's not open source, but it is only $25 and it's absolutely awesome software that includes customizable motion sensing (with exclusions), triggers, alerts, uploads, recording, remote view, etc. By doing this, I gave my wife the ability to secure the house while she was home using one template, while using another when she was gone. Her big concern was coming home to an empty house at night. Problem solved. She would receive alerts on her phone (with snapshots) if there was so much as a car that turned around in the driveway (or a the neighborhood fox ran through the yard). She even got to where she used it to figure out how the dog was getting into the pantry. The camera/software setup really took the place of a commercial alarm system and aside from the initial cost (Axis cameras aren't cheap, but they're very high quality) it was a very reasonably priced solution.

Comment: Re:China asks Slashdot how to catch hungry minds (Score 1) 403

by rindeee (#32774214) Attached to: Tunneling Under the Great Firewall?
For the most part, they (not just China, but most countries that try to control content) go after low hanging fruit. There are indeed a couple of ME countries that employ high-end Narus filters which, if managed and updated near real time, could pretty well block any means of bypass. The reality of implementation however is that it's just not worth the time investment. Typically with a bit of tweakery one can manage to use SSH, OpenVPN, an SSL proxy or some other form of obfuscation to circumvent the filters.

Comment: Let's contrast. (Score 1) 351

by rindeee (#32755628) Attached to: Microsoft Kills the Kin
"I don't know if they can't make up their mind or what the problem is over there," Ballmer said in an onstage question-and-answer session following his speech at the company's Worldwide Partner Conference in New Orleans. "The last time I checked you don't need two client operating systems." Okay, opinion noted. Now for the whole pot/kettle thing: KinOS, Windows Mobile/Phone 6.5/7, Windows Embedded Handheld...need I say more? Ballmer wants to criticize Google for having Android and Chrome?! Seriously? That's like Google criticizing MS for having a desktop and a mobile/phone operating system. Microsoft will have 3 concurrent phone platforms, a number of 'mobile' device platforms, desktop, server and so on. Variety is the spice of life and all, but if you want developers to build apps for your crap, you may want to keep things streamlined.

Comment: If they subsidize your cert... (Score 1) 281

by rindeee (#31886446) Attached to: Studying For Certification Exams On Company Time?

then you owe them when you leave (maybe). Since I wouldn't want to work for a company that is as stingy as you describe, I'd be looking to get my cert and use it to find a better job. That being the case, I'd gladly pay for it myself, and thank them for 'forcing' me to better myself/leave.

Comment: You forgot the "so what". (Score 4, Insightful) 80

by rindeee (#31733808) Attached to: Toshiba To Test Sub-25nm NAND Flash
Not everyone (including me) understands what the benefit to consumers will be when less than 25nm production is possible. Does that mean 1TB flash memory cards for my camera? Same sizes as now but cheaper? What? Just an additional sentence giving a "once possible, this will mean blah blah blah blah blah". Simple as that. Of course, with an 'article' (actually just PC Mag parroting a Thoshiba presser...for pay I'd imagine) as crappy as the one linked to in the headline, I don't know that it really matters.
Image

How the TSA Plans On Inspecting Your Monkey 114

Posted by samzenpus
from the I'm-gonna-need-to-check-your-monkey dept.
The uncertainty of what might happen to your service monkey at an airport security checkpoint won't keep you awake at night anymore, thanks to the TSA. They have issued an easy to follow list of how they will ensure your helper monkey won't go all Planet of the Apes on your flight. Some of the security techniques used to make sure your primate is not a terrorist include: "Security Officers will conduct a visual inspection on the service monkey and will coach the handler on how to hold the monkey during the visual inspection. The inspection process may require that the handler to take off the monkey's diaper as part of the visual inspection."

Comment: They're not seeing a primary source. (Score 3, Interesting) 112

by rindeee (#31612124) Attached to: US Not Training Enough Cybersecurity Experts
Working in the industry and hiring new Cyber talent on a weekly basis, I'd say that the author's aren't looking in the right place. We find the best, most talented folks are coming out of the military. These ladies and gentlemen are very disciplined, highly trained and have real (very real) experience not only within the ranks of military cyber operations, but most also have a good deal of experience in the intelligence community. They all have a great deal of experience (and preference) with open source tools, but understand the proper application and integration of COTS products as well. Anyway, my two cents.

Comment: I could sort off see this working. (Score 4, Interesting) 292

by rindeee (#31609632) Attached to: Tracking Pedophiles By Their Typing Habits
From a purely technological point of view, I could see this working IF you had a profile pre-built. That is to say, if you had established a baseline of a particular persons typing habits (tempo, speed, accuracy, common mistakes, pause patterns, etc.) then I think it would be relatively easy to identify/track them in the future. I realize that this isn't really what the OP is talking about, but I think this is the closest to reality as one could get. I've seen authentication tools that combine the password you've entered with the 'way' in which you enter it, doing essentially just that. Anyway, determining a persons proclivities based solely on the way they type is, well, stupid.

Comment: Simple (Score 4, Interesting) 396

by rindeee (#31566488) Attached to: How To Avoid a Botnet Infection?
I am over Cyber Security for a 36k seat enterprise. We've had no infections...period (and yes, we do have monitoring in place to catch behavioral anomalies that indicate zero-day, etc.). Here are the "must do's": 1. Block social networking sites. Need convincing? Here. http://google.com/safebrowsing/diagnostic?site=facebook.com/ or http://google.com/safebrowsing/diagnostic?site=myspace.com/ or http://google.com/safebrowsing/diagnostic?site=twitter.com/ 2. Block porn sites. All of them. Use keywords, IP/FQDN blacklists, adaptive/reputation blocking (Trusted Source type technology) 3. Use a managed AV/AM/HIPS solution such as McAfee ePO/AVE/HIPS/etc. if you can afford it. A good HIPS that does both network and application blocking is essential. 4. Exhaustively scan e-mail for content, attachments and (most of all) embedded URLs. 5. Finally, have a good dashboard. We rolled our own using Cacti, Nagios, Drupal and some simple Java, CSS and PHP. You need to be able to visualize things in as close to real time as is possible. Once you've established 'normal', you can spot 'abnormal' visually long before many automated analysis engines will alert you. This allows you to catch the things that may otherwise slip through the cracks. This doesn't have to be expensive (well, except for #3, it's expensive). You can scale a Linux based solution with entirely open source tools large enough to cover thousands of concurent users.

Slowly and surely the unix crept up on the Nintendo user ...

Working...