Forgot your password?

Comment: Clarifications on the 1% (Score 1) 683

by tanawts (#46073873) Attached to: VC Likens Google Bus Backlash To Nazi Rampage
There are no additional fractions needed. There still seems to be confusion around the "1%". You or people you know are in the "1%" when as an individual, you/they have a minimum salary of $350,000.00 a year. The folks who are having to ride those buses are most certainly not making $350k. There is no need to reference ".01%" Unless you are really trying to address folks like Gates or Larry Ellison directly.

Comment: Enter at your own risk (Score 1) 204

The way that I read Jeff's comment was not so much as a ban of the Feds but he seemed to be politically cautioning the attendance of Feds on potential hostilities from attendees who aren't particularly thrilled with the recent disclosures. We can all argue the maturity level of the conference but in the immortal words of Friedrich Nietzsche: "Madness is rare in individuals, but in groups, parties, nations and ages, it is the rule" Surely there would be severe consequences on both sides were there to be pranks or aggressions on Feds in attendance. Of my many years of attendance, I have never considered Defcon to be a completely open environment free from danger, but rather a Hackers Mos Eisley where you can interact with all walks of life, but that you had better be aware of those who do not like you.

+ - The state of information security today->

Submitted by tanawts
tanawts (786512) writes "Capturing a recent topic posed during a panel at CERIAS Symposium, Gene Spafford breaks down the problems of the industries current response to computer security today.

The article touches on recent government involvement, pwn2own style competitions, and the vicious cycle of IT professionals being pulled into incident after incident without being allotted the time and priority to correct the systemic problems that cause these security fiascos.

"There's another barn on fire! Quick, get a bucket brigade going — we need to put the fire out before everything burns. Again. It is getting so tiring watching all our stuff burn while we're trying to run a farm here. Too bad we can only afford the barns constructed of fatwood. But no time to think of that — a barn's burning again! 3rd time this week!""

Link to Original Source

+ - Crisis averted in BIOS source code leak->

Submitted by mask.of.sanity
mask.of.sanity (1228908) writes "The world's largest BIOS vendor has attempted to calm rising panic over the leak of the cryptographic signing keys and source code for its UEFI BIOS
A Taiwanese vendor had left a file transfer protocol server open for anyone to browse and download internal emails and the source code for the vendor's UEFI BIOS and cryptographic signing keys.
The company, American MegaTrends, said the security keys on the ftp server were not used for production systems."

Link to Original Source

Comment: Re: Improve infrastructure, don't inact laws to p (Score 1) 80

by tanawts (#43380223) Attached to: Why Laws Won't Save Banks From DDoS Attacks
To put it another way. The wolf does not adhere to the laws of the little pigs. If your tired of him blowing your house down, you need to stop thinking about patching holes in your straw house. Reenforcing reeds isn't a scalable solution. You need to start building the houses with bricks.

Comment: Re: Improve infrastructure, don't inact laws to pr (Score 1) 80

by tanawts (#43380175) Attached to: Why Laws Won't Save Banks From DDoS Attacks
I'm not sure that we have a choice. "Because its hard" is probably not going to be a sufficient excuse with respect to the critical mass we are heading toward. If everything that the world has invested in standing on top of the Internet is so important, than all that important stuff is going to need to experience the growing pain of adapting to new redesigned transit protocols. The alternative seems to be a sheer cliff.

Comment: Improve infrastructure, don't inact laws to prolif (Score 2) 80

by tanawts (#43376411) Attached to: Why Laws Won't Save Banks From DDoS Attacks
Given that a lot of these problems stem from inherent design flaws with our current Internet protocols, perhaps we ought to start improving upon the 20 and 30 year old protocols we've been relying on. Fundamental scale and design flaws will continue to empower bad people to do bad things so long as it continues to be nearly effortless. BGP, DNS, IPv4... You can only build on a foundation for so long before its age and brittleness beings to cause serious problems.

Comment: Sounds like tech support? (Score 1) 630

by tanawts (#41352639) Attached to: Ask Slashdot: When Does Time Tracking at Work Go Too Far?
I guess I am desensitized... I realize this is a pharmaceutical company, but this is all very standard behavior in the tech support / call center world. I've seen this sort of thing since 1998, so it really isn't that new to me. In both cases it sounds like management is being asked to predict productivity and deliverables based on time. Is your job function serial in nature at all? Does someone have to do something to a product before its passed to you and do you pass it to someone after that?

Comment: Two types of Professionals (Score 1) 515

by tanawts (#40576003) Attached to: Ask Slashdot: Old Dogs vs. New Technology?
You are going to find two types of techs throughout your career.

* The Career-Person:

Is there to punch a time card and collect a paycheck
Learns only what is necessary to do the job
Probably received a classroom education on tech
Goes home and complains about not having enough free time to socialize

* The Enthusiast:

Loves technology and loves getting paid for working with it
Is constantly researching new technology even if it doesn't have to do with work
Could either have a degree our self taught education
Goes home and hacks on/fiddles with some sort of tech

In every non-trivial program there is at least one bug.