Forgot your password?
typodupeerror

Comment: Re:McDonallds should sue ... (Score 1) 123

by sjames (#47710641) Attached to: Comcast Training Materials Leaked

There's a time and a place. Even the McD's employee mopping the floor knows better than to ask a customer who says "clean the bathroom, the stench makes me want to vomit" "Would you like to vomit some fries with that?"

It's one thing if the customer has called to ask a "how can I" sort of question, it's another if they're calling because you are currently failing to provide what they already paid for. All you'll do that way is make them smile as they imagine sledghammering your balls.

It's far worse if the customer only got angry during the call because your flipbook/flowchart isn't solving the problem. You've just convinced me that I know more about your network than you do and now you want to sell me more based on your "expertise"?!?

There's a lot of data that suggests you can get a pile of cash robbing people in the park as well, but that doesn't make it right. The only reason the megacorps get away with it is where the competition is equally slimy.

Comment: Re:NOT CONFIDENTIAL!! YAY!! (Score 1) 140

by sjames (#47709807) Attached to: $125,000 Settlement Given To Man Arrested for Photographing NYPD

Why would a government body have any right to privacy at all?

For other cases, I would say the cutoff point is the public courts. If you can come to an agreement privately, fine. But as soon as the courts are involved AT ALL, it becomes a public matter. They are, after all, PUBLIC courts.

Comment: Re:Bad Security Model in the first place (Score 1) 318

by sjames (#47709735) Attached to: Ask Slashdot: How Dead Is Antivirus, Exactly?

If my experience serves, the average user will have no backups of any kind. The above average user will hire someone or ask a knowledgable friend to set something up for them.

If you're already recommending something to them and it would only take 5 minutes to set up, why wouldn't you set them up with a proper cron job and snapshotted backup volume?

Who said anything about letting viruses loose? I certainly don't recommend that.

Don't underestimate the fact that users cannot write the binaries they run. It may be possible to corrupt the memory space of a running app, but when it's closed, the hack goes away. There's not a good hook to insert a virus into.

If you wish to argue that enhancing the security model could be a good idea, I certainly agree. It may be a harder problem than you think. The NSA took a stab at it w/ SELinux, but that gets so complex to admin that professional admins question the possibility of properly tracking it all, so home users wouldn't stand a chance. AppArmor looks feasible for professionals in a real world environment, but probably will be ignored by home users.

Capabilities are a win, but are primarily used behind the scenes right now. Controlling them with fs xattrs lags behind.

Comment: Re:Linux's Security (Score 1) 318

by sjames (#47709417) Attached to: Ask Slashdot: How Dead Is Antivirus, Exactly?

...and they can do that without root, because frankly, there's nothing to hide from. How am I going to know there's malware on my Linux system?

For someone who thinks he knows everything, you burned yourself a bit there :-) Man ps. Man top. And REALLY, man chkrootkit.

Speaking of which, I would say it's false positive rate is no worse than Windows AV but it sure consumes a lot less system resources. It's pretty good at finding subtle signs of a problem where the rootkit hides itself imperfectly. It can also be run from a rescue disk so a rootkit on disk can't hide itself.

What, just because something is a popular meme means that it is good security advice? I suppose kids drown if they go swimming after eating too. I mean, if everyone says it, it must be true, right?

Only a fool wouldn't at least look at the evidence. All those wacky doctors claiming you can't drink antifreeze instead of wearing a coat. PFFFFFT! It says anti-freeze right on the bottle!

Comment: Re:Left or Right? (Score 1) 398

by sjames (#47709329) Attached to: Google's Driverless Cars Capable of Exceeding Speed Limit

I don't know what regulations may apply when it leaves the factory, but some combination of years of wear, a sticky cable, and larger than factory tires put on and that easily goes out the window.

There's also the human factor. For safety, we'd rather people creep a few MPH over than have them laser focused on the speedometer and not the road ahead.

Comment: Re:Safety vs Law (Score 2) 398

by sjames (#47706717) Attached to: Google's Driverless Cars Capable of Exceeding Speed Limit

I have seen speed traps like that. They were like that for years. They have slowly gone away as the area has become less rural. I wouldn't be shocked to see them still in existence further out though. It's very real. Good luck getting THE judge (aka the police chief's brother in law) to invalidate the ticket in towns like that.

In more urban areas they prefer to use red light cams and dangerously short yellows to force people to break the law for safety reasons. Generally, the traffic engineering 'rules' are legally just guidelines or recommendations.

Comment: Re:Left or Right? (Score 2) 398

by sjames (#47706259) Attached to: Google's Driverless Cars Capable of Exceeding Speed Limit

Actually, the tolerances are codified in law for some jurisdictions and discretionary in others.

The tolerances are there because speedometers and radar guns have limited accuracy. It is entirely plausible that speed limit is 70, speedometer reads 70, car is actually going 72, and radar reads 73.

Comment: Re:Real people just don't like dealing with Hipste (Score 1) 364

by sjames (#47705555) Attached to: Companies That Don't Understand Engineers Don't Respect Engineers

It's important to make a distinction between casual and disheveled. There are plenty of ways to dress that are not a suit and tie but cannot be called disheveled.

I tend towards business casual when I go in to work. Solid colored v-neck, dark pants w/ no holes, un-scuffed rubber soled shoes.

Comment: Re:Real people just don't like dealing with Hipste (Score 1) 364

by sjames (#47705457) Attached to: Companies That Don't Understand Engineers Don't Respect Engineers

While there are limits, the standard suit and tie are often impediments to an engineer. When the business people want to get in close and see what's actually going on, it means going over to accounting and looking at spreadsheets. For an engineer though, it may mean pulling up the floor and going into tight spaces with lots of dirt and possibly grease (especially for devops). It may mean going into environments where a suit doesn't allow the mobility needed and a tie is an actual danger. Ties and lathes do NOT mix!

Comment: Re:Bad Security Model in the first place (Score 1) 318

by sjames (#47705215) Attached to: Ask Slashdot: How Dead Is Antivirus, Exactly?

My home backup system is rsync on a cron job to another machine. It's easy. 2TB HDs cost $80 and a Raspberry Pi is more than enough to host one as a backup. No need for 5 guys to monitor that.

MOST viruses and trojans are more interested in carving out a space for a rootkit so they can spam, DDOS and have a jumping off point for other exploits. Those never touch your data and can be blocked by not running as root. I know of one (cryptolocker) that screws with user data. That one would be where the backups and snapshots come in.

You should look at AppArmor, it's much easier to live with than SELinux.

Parkinson's Law: Work expands to fill the time alloted it.

Working...