Slashdot is powered by your submissions, so send in your scoop


Forgot your password?

Comment Re:Labor cost to install remains the biggest issue (Score 5, Interesting) 170

Hint you have to use a certified (by the solar panel manufacture aka the last guys that touched it) to get the fed tax credits.

Like most federal tax credits incentives etc it's pork for a corp interest. All you should need is the signoff from the electrical inspector maybe have them do a quick power output test and sign some paperwork. Instead the value of that work gets marked up the same as the tax breaks.

Comment Re:Unionize (Score 5, Insightful) 337

Because union are sure to draw in the best and the brightest?

Unions have to figure out how to reward the top people you want working for you. So far the best they have come up with is those with the most time make the most etc. Till then it's just a way to force you to keep the underperformers.

Comment Re:You know what's wrong with the world? (Score 1) 160

Funny hammer away at the keyboard is the only useful sysadmins, bash, powershell etc is great for break and fix sorts of things. Most everything else youre banging away at puppet/chef etc etc etc. If you're banging/clicking away as a sysadmin outside of wtf break fix or a dev place space (to figure out what puppet etc needs to make it look like) in that last 5+ years you're probably doing it wrong.

Comment Re:Not quite the same thing (Score 1) 91

Read the paper, PRISM has nothing to do with the data they gathered via intercepts that is a different program. From the article 90% of the data was coming from PRISM that is data they got via fisa warrants, they were overly broad and the NSA pushed for a broader scope than what they told the courts.

Of course the NSA spies on other nation states and foreign nationals that is their job as the primary spy agency for the US. But they dont need to bother with the clandestine bits when they get a rubber stamped warrant from fisa and hand it over to a company to get whatever data matches their overly broad query. Same goes for tapping fiber and routers they can avoid that hard work via the same fisa court. This is all far easier than doing it the hard way.

We know they do this the hard was as well, Snoden released papers with them tampering with networking kit while in transit that whole Tailored Access Operations bit for one.

Comment Re:Not quite the same thing (Score 1) 91

It's exactly the opposite PRISM used fisa warrants, NSL etc to badger companies into sending them the requested data. This was not tapping is or hacking rather having data requested sent to them via various means. The slides Snoden released were pretty clear PRISM was with the aid of companies FAIRVIEW and BLARNEY seem to be tapping cables accessing intermediary routers etc. As an ISP there are pretty well defined methods for that sort of thing to give them real time access to traffic.

Comment Re:Re-what? (Score 1) 139

Checking ANI's has been a staple of call center security for a long time now. Dialback verification works rather well at stopping fraud. Overall that is leaving a lot more traces than a carder wants to. Simple SMS verification can lock down voice transactions pretty well it's, up the the banks to actually do it, as long as the losses are on the business they have little incentive to fix it.

Comment Re:Re-what? (Score 1) 139

So carry cash? Making a small stand alone device that's a tpm (crypto processor whatever) chip, an nfc controller small keypad and lcd display to ack as one or more CC is pretty trivial. Hell you can get a fingerprint reader into that form factor.

NFC and similar removes the form factor of having something that has to swipe or plug in. There are a plethora of authentication protocols to provide a second factor that does not matter if it's compromised and do not require it be sourced from your bank. Maybe you like a nfc watch or want something in a traditional CC form factor. Maybe I use NFC on my phone, a one time pin from a printed card in my wallet (that is generated and authenticated by a server I own or a 3rd party besides my bank), a pin and I have to approve the amount on my phone. Point is to have a framework that allows varying levels of security and devices.

Online I like what some european (probably elsewhere as well) banks have one time CC numbers for online transactions. Want to be secure you generate a one time CC number and use it it's limited to the amount you specify and/or a specific number of transactions. Can also do recurring transactions limited to how many times a month and for how much.

At the end of the day you can not make a system that it's impossible to steal from. You can make it hard and you can limit the exposure.

Comment Re:Re-what? (Score 1) 139

TPM etc, your secure bits are not on the phone rather a simple stable module with a well defined access method. The TPM only has one part you still need a pin if your realy worried about it your pins can be one time. It's pretty trivial to print out a few pages of business cards and mail them to you, cross off a pin as you use them in order. So yea if you pown the phone you could get access to have the TPM sign a transaction and a PIN that was entered. If you're that worried about it making a stand alone device that is a tpm chip, nfc, a small screen and keypad much like a cheap solar calculator could be made by many vendors and associated to one or more accounts.

Comment Re:Not quite the same thing (Score 1) 91

I find it hard that anything but a corner case would require hacking to get to records held by third parties. I have decades of working in the hosting and ISP industries, requests for data come in daily get reviewed by council and generally processed, we get paid rather well to do the work. Hacking should require that you have a good reason to think that the third party is actually in collusion with the suspect. If they have a clue about security we dont have much to give them just encrypted data and logs of what connected when. That said a VM is always less secure than a physical and keep your keys separate from your data.

Nonsense. Space is blue and birds fly through it. -- Heisenberg