Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror

Comment: Ban security products from the US (Score 1) 125

by tommyatomic (#49745071) Attached to: US Proposes Tighter Export Rules For Computer Security Tools

The idea that the US is some how in charge of how security researchers spend their energies will be its own undoing. Research will be done outside the US. Security researchers have long memories. Nothing stops them from doing all of their research outside the US. And nothing will stop them from denying US interests access to their tools, research, and discoveries.

Customers in the united states will still find out about the vulnerabilities. They'll find out after they are penetrated.

Thankfully stupidity is not an invitation to have violence committed upon you. IF it were such an invitation; then the author of the newly proposed export controls would be in danger of being beaten to death.

Comment: Re:geo-block this crap (Score 2) 139

by tommyatomic (#49330919) Attached to: Chinese CA Issues Certificates To Impersonate Google

That is two significant leaps past being idiotic. An internet connection is not required for a cash transaction and registers dont all use integrated credit. ATM's and integrated credit cash registers authenticate to the merchant service subscribed to by the business which would in turn authenticate to various card issueing banks. Zero authentication through China. Geo-block the crap out of China and your ATM's and Cash registers will run just fine.

Comment: geo-block this crap (Score 2) 139

by tommyatomic (#49329711) Attached to: Chinese CA Issues Certificates To Impersonate Google

My company had massive amounts of fraudulent connection attempts originating from china. We geoblocked china and 95% of it went away. I feel for what the people who live there have to endure but I give ZERO $hits about the negative effects of blocking access to a country that blatantly allows and endorses state sponsored criminal hackers attacking businesses.

I believe in one set of rules for everyone. How do you suppose China would respond if the tables were turned and the governments of GB,France,Germany,USA, Australia, and Canada all set China in their crosshairs and declared open season.

Comment: what about Lobbyists? (Score 1) 127

by tommyatomic (#48970173) Attached to: FBI Put Hactivist Jeremy Hammond On a Terrorist Watchlist

Have there not been lawsuits in the past to get the government to use unbiased enforcement of laws and policies?

Two of the "terrorist" definitions from the article the article: "intimidate or coerce a civilian population," or "influence the policy of a government."

How are those definitions not absolutely met by advertising agencies, corporations and lobbyists? This seems like shooting fish in a barrel for the aclu.

Comment: encrypting everything actually is helping (Score 2) 431

If a criminal steals your data it is a crime and the injustice of that crime must be balanced. If the government performs an illegal search which should be a crime but somehow isnt; the injustice of that crime doesnt seem to matter.

Encrypting everything everywhere is the result of the government being somehow being unable to stop itself from violating its citizens by performing illegal searches.
Heavily encrypting everything means the government actually has to follow their own laws which they are not exempt from. There is one set of rules and the government should never be exempt from them.

Comment: NOT EFFECTIVE VS H2O (Score 1) 290

by tommyatomic (#48858485) Attached to: Police Nation-Wide Use Wall-Penetrating Radars To Peer Into Homes

Radar is completely ineffective against water. Radar doesn't penetrate water. Any criminal with a basic understanding of even the most basic science will hide next to a hotwater heater.

That OR the police kick in everyones door because they've confused all hot water heaters with criminals in hiding.

Comment: Re:Seems unintuative (Score 1) 175

by tommyatomic (#48618239) Attached to: Researchers Accidentally Discover How To Turn Off Skin Aging Gene

I believe it's already known that avoiding sunlight helps prevent this enzyme from being released, and in turn keeps skin looking younger. This is just artificially lowering it even further in an attempt to to create immortal, sunlight-fearing vampires.

If you read the article you would know that this will infact create vampires that NO LONGER fear the sun. You stated the reverse. Vampires that fear the sun are not news.

Comment: common sense makes good news (Score 1) 137

by tommyatomic (#48550121) Attached to: Tesla Wants Texas Auto Sales Regulations Loosened

State blocks the sales of a companies product. Company employs a newsworthy amount of common sense and does not put 5 billion dollars into the state by building a mega factory for a product that is blocked in the state it would be constructed in. It also fails to contribute the jobs that would be needed to build and staff the mega factory to the overall employment of that state.

I for one am thrilled. I think bad things should always happen to vindictively stupid people and then be thoroughly reported in the news. Thinking of all of the non-Tesla cars not being bought by all the people not employed building or staffing the factory not constructed in Texas makes me feel warm and fuzzy.

Thinking of the talented, hardworking, unemployed people in texas who having suddenly found themselves deprived of this opportunity can suddenly divert their time to forming a lynch mob to go after the legislators responsible. I'd PVR that lynching when it make it to the news and watch it on loop.

Comment: Licensed Criminals (Score 1) 231

by tommyatomic (#48353327) Attached to: Canadian Police Recommend Ending Anonymity On the Internet

Why aren't these clearly genius level Law Enforcement Professionals making the far more reasonable request that the government require anyone intending to commit a crime in the near and/or far future to apply-for and obtain a licence to commit crime?

Criminals can anonymously (you cant make it too easy) submit something akin to a flight plan prior to committing a crime (otherwise how else will police be able to pursue victim-less crimes) and after a crime occurs police can call all the licensed criminals in the vicinity of crime to ask if they were the perpetrator.

Comment: Most honest least used function in the 'system' (Score 2) 37

by tommyatomic (#48270315) Attached to: Hacking Team Manuals: Sobering Reminder That Privacy is Elusive

PDF page 10 or manual page viii.

Top of the page.

AUDIT
Console section that reports all user and system actions. Used to monitor abuse of RCS.

Even the manual assumes the system will be abused. Any doublespeak marketer would have changed the work 'abuse' to 'use' .
Obviously they are already marketing the system to be abused be governments/law enforcers.

Comment: CurrentC is actually an attack against consumers (Score 1) 631

by tommyatomic (#48253247) Attached to: Why CurrentC Will Beat Out Apple Pay

CurrentC is basically trying to side step the issue of retailers needing to update security for PCI Compliance and PCI DSS. PCI compliance is effectively a consumer
protection that requires retailers to maintain an adequate level of security in all of their systems that handle credit or debit transactions.

It incentivizes security by placing 100% responsibility for fraud on retailers that fail to provide the minimum pci compliant level of security. It also prohibits the use of EOL operating systems that are no longer security patched such as WindowsXP and mandates firewalls, antivirus and other security.

But CurrentC put all liability on the consumer and completely bypasses the penalties and merchant liabilities associated with PCI DSS. Credit and debit cards provide a buffer of security and dispute resolution between consumers and merchants but CurrentC wants to go straight into people bank accounts.

This is a hot sweaty nightmare of bad. I dont think anyone is realizing how nearly impossible it is to reverse a fraudulent bank transfer.

Having said that I can see where banks could provide protection to consumers by creating consumer accounts that require individual consumer authentication prior to any ACH transfer from the account. However Banks dont provide that level of security to non-business account customers.

My prediction is that within 6 months of going live the amount of fraud will force the FTC to step in. I personally think credit card companies are the devil but CurrentC is worse.

Comment: Dealers may not light how tesla fights back. (Score 1) 294

by tommyatomic (#48162869) Attached to: Michigan About To Ban Tesla Sales

Tesla could always attempt to burn the dealer down the dealer industry to spite the dealers.

Massive financial incentives would be the best way. I would love to own a Model S. But really what I can afford is more in the price range of a 3 year old Compact Subaru or a Ford. My financial capacity determines my purchase choice. Therefore if Tesla wanted to spite the auto dealers that don't want to play fair: Telsa could also choose not to play fair. They could generate incentives to reduce the opportunities for dealers to make a sale to a customer that really actually wanted a Telsa. Those incentives could come right out of Tesla's so far as I've seen unused marketing budget. Threatening a dozen heavily subsidized customers per banned-state would be a pretty evil start.

Effectively operating off of a theoretical page out of the art of war. Any sale Tesla in a given state generally denies an autodealer a sale; which denies them funds to fight their irrational war against the future.

In hunting terms its called poaching. Unchecked poachers frequently cause significant ripple effect in herd populations. Likewise the Model S lack much if the service issues that cause people to replace or trade in their cars thus denying many future dealer sales.

Comment: Re:I like... (Score 1) 643

by tommyatomic (#47769141) Attached to: U.S. Senator: All Cops Should Wear Cameras

Yet they can afford armored vehicles and military weapons.

I agree with the point it seems like your trying to make but I'd like to point out that the state and municipal police dept arent buying ANY armored vehicles or military weapons. They are actually being given surplus assault vehicles and military weapons for FREE. They still have to buy ammunition and additional magazines though.

Take an MRAP to a metal recycler and junk it to pay for the cameras.

Comment: More information always better than less. (Score 1) 579

by tommyatomic (#47371527) Attached to: Unintended Consequences For Traffic Safety Feature

Due to the layout of my city and neighborhood I am regularly a motorist and pedestrian. Is a pedestrian I find the countdown timers to be exceptionally helpful in deciding to cross or not.

As a motorist I find them even more helpful as in my city we are subjected to random length yellow lights. It is never my intention to run a yellow light however in some intersections if you stop for a yellow light you may find yourself sitting at the yellow for up to 15 seconds. When the random length yellows were initially silently implemented there were a rash of rear-end collisions for vehicles stopping at intersections.

I would propose that drivers are entitled to more information rather than less. Drivers should see a countdown for the length of yellow lights as well as Green and Red lights.

This would allow motorists to make educated decisions. Currently drivers compelling their vehicles in a given direction hoping that the deities responsible for fate happen to be in their favor.

The additional information should come at the cost of zero tolerance. Currently we refer to collisions as accidents inferring that fault may not lay with the motorist.
Giving drivers more information should make them fully responsible. Run a red light = lose your license. Run a red and hit someone = go to jail.

Most people I've ridden with who seem compelled to run red lights seem to do so in an effort avoid intersections that dont perform the function of directing traffic but rather provide the function of blocking traffic:. IE light signals that sit red or turn RED with no opposing traffic or pedestrians. Get rid of broken intersections that punish people for obeying traffic signals and new drivers wont learn bad habits/existing drivers wont have bad habits reinforced.

The degree of technical confidence is inversely proportional to the level of management.

Working...