Become a fan of Slashdot on Facebook


Forgot your password?

Comment: Re:You can at least make it hard for them (Score 3, Insightful) 249

He knows what he is saying. He said that if you are targetted in a high-skill, high-focus attack, it's basically game over.

It's like defending yourself from a random mugging on the streets and surviving a professional hitman. You can make it harder to be attacked by a random hacker or a unfocused hacker, but it's impossible to defend yourself from all kinds of attacks of a very skilled hacker focused on attacking you.

Comment: Re:Why virtual currencies are ineffective (Score 4, Insightful) 141

by thoriumbr (#48627685) Attached to: Will Ripple Eclipse Bitcoin?
It's because you are using the cryptocoin wrong. They are not means of holding wealth, but as means of transfering wealth.

If I need to transfer EUR from USA to France, I will have to pay my local bank in USD, convert to EUR, pay the transfer fees, and my counterpart will have to pay some fees there too. Depending on the amount, we both will have to explain something to our governments too.

Using bitcoin I just buy some coins, send them, and my counterpart sells them. Nice, easy, fast, and no taxes, fees or government explanations to give.

People keeps bitcoins on hand because it is increasing in price, but they were not intended to be used like this. You can use as you wish, but if the market breaks down, it's all your fault.

Comment: Re:Am I Missing Something? (Score 1) 727

by thoriumbr (#47715085) Attached to: Linus Torvalds: 'I Still Want the Desktop'

What, then, am I missing? What is this "Linux desktop" that everyone claims is not yet here?

Yes, you are missing something...

I am a Linux desktop user since 2001. Things now are way better than then, when ./configure && make && sudo make install where required to almost anything. When drivers where a problem, and other quirks.

But the Year of Linux on Destop will happen when Linux marketshare hits double digits. When you see hardware with stickers featuring a small penguin and "Linux compatible" bellow it. Before that, there's no Linux on mainstream desktop.

When Linux ceases to being "nerd's operational system", we would be there. But not yet.

But with Microsoft messing up with every OS release, tablets and phones dominating even the console area, web apps doing almost everything, and the PC market disappearing, I think we will be there soon. As soon as we realize that the desktop market is not that important anymore...

Comment: Re:I have a solution for impacted users (Score 2) 179

by thoriumbr (#47671871) Attached to: Microsoft Black Tuesday Patches Bring Blue Screens of Death

This is a quick and dirty procedure and leaves the update itself in an indeterminate state.

Quick if you live in an area with lots of cloned Windows around.

Not that quick if you have to call a few friends, ask they Windows' versions, get a match, grab a pendrive, drop by the friend's house, copy the files, use the friend's computer to download and burn a rescue disk, drive home, and proceed to step 2.

Comment: Re:FUD? (Score 3, Insightful) 132

by thoriumbr (#47508697) Attached to: Exodus Intelligence Details Zero-Day Vulnerabilities In Tails OS
I don't think this is FUD.

If any government gets to know that you have an exploit for a very secure system they are targeting, you will surely be contacted and will earn a lot of money. Disclosing the vulnerability to the mantainers will destroy a great part of the value.

I would tell it's FUD if the vulns were advertised by some competing Linux distro.

Comment: Re:Downsides (Score 1) 302

by thoriumbr (#47410863) Attached to: Wireless Contraception

EMP pulse? What dystopian Matrix-like world do you live in?

No, it's not paranoia. It would be accidental, not some nasty action from any government. EMP can arise from some special situations.

Several years (decades) ago, a design error on a computer power source created an EMP every time you turned it on. If you left any storage media around, it would corrupt data.

Where I live, there are some devices used to demagnetize smart tags on supermarkets, they create a small EMP too, and could cause problems to the chip.

Comment: Downsides (Score 1) 302

by thoriumbr (#47409427) Attached to: Wireless Contraception
I have read the same news from another source, and was discussing it with my coworkers. I can see at least four downsides:
1 - We still have to transpose a barrier on implanted chips. People don't like this idea.
2 - It can and will be interfered with, and make women pregnant when they don't want to. Even they trying to make the chip hard to interfere with, everybody working with tech knows that is not always possible. And a small chip on the hands of thousands of people will be a valuable target.
3 - It can malfunction. Like the above, things go wrong, and a recently implanted chip going crazy and releasing all its hormones on the body of a midterm pregnant woman will be nasty. It is made to not be removed even in the event of a pregnancy, so it's possible to happen.
4 - It can be damaged by an EMP pulse. If it's implanted on the arm, the body will get in contact with a lot of sources of electromagnetic radiation, like microwave ovens, cell phones and other transmitters, car ignition systems, and so on. Those sources can interfere with the chip.

Comment: Re:What OS does this targeted banking fraud run on (Score 1) 35

by thoriumbr (#47324845) Attached to: Banking Fraud Campaign Steals 500k Euros In a Week
Ok, let's elaborate...

Usually, the C&C server is a rented virtual server, hosted on a "cloud provider" with little regard to identity verification. Those servers are always paid for with money from an untraceable source (like Webmoney or Western Union). This makes very difficult to track identities from the server to the money, and from the money to the owners of it.
VPS providers running Linux are plenty out there. And a remote Linux server is easier to manage than a remote Windows server [citation needed]. Deploying the C&C server infrastructure on Linux, using stolen SSH passwords with bots is way easier than do the same using rdesktop to deploy the infrastructure on hacked Windows servers.
So, probably the server is a virtual Linux server sitting on a datacenter, and the owners of the datacenter may not be aware of the fact that they host a C&C Server.

On the client side, they are surely running Windows. Compromising a Windows user is easier than a Linux user. Linux users generally does not run SSH, Apache, MySQL et al. Linux servers do. On the other side, there's a massive amount of pirated versions of Windows XP vulnerable to a wide range of local and remote exploits. Sending a threatening email with a link is a very easy way to get a user hit a site hosting an exploit pack and get infected. From there, the computer is owned and the user is owned as well.

It can be a directed phishing. If someone had access to the bank's client list, they can send a very convincing email with real data, and get a lot of customers infected. If they send a generic email to a lot of unrelated people, someone will notice and probably inform the bank of the attack.

Science and religion are in full accord but science and faith are in complete discord.