Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror

Comment Re:Top secret data accessable from Internet. (Score 3, Interesting) 123

A few scenarios are possible:

1. Some high muckedy muck decided they wanted access to the data for some thingy and squashed the CIO/ISSO when they objected. This happens all the time.
2. Lots of compliance and security theater in place giving a false sense of security. What needed to get done wasn't done.
3. Probably some contractors involved who don't really care except to get paid.
4. Inside job.

Comment The tapes were re-used (Score 3, Insightful) 307

A while back there was a huge hunt to find the original tapes used to record the lunar landing. It is suspected that the tape was re-used due to NASA's tight budget and they couldn't afford more tape. The tape was very expensive at the time so it was common to just re-use what they could find. The Apollo mission was done, so why would they need to keep the tape around. I'm sure it seemed like a good idea at the time.

That or it's stashed under someone's coffee table and forgotten about.

Comment Oversimplified (Score 1) 74

It's a oversimplification to say the creators of software and hardware that make up networks and services must be held accountable for security. There is an inherent state that many of the bugs that get exploited are unknowable until somone stumbles upon them. Either the software's creator or the bad-actor finds it first and that's where the trouble lies.

I think the larger issue is the design of the internet is way too open and without any accountability.

Comment Re:Again? (Score 5, Insightful) 141

I'm ham licensed as well, and this kind of news is a really important aspect of the hobby. There are lots of folks out there who would like to take our radio space and sell it off and it is important that we keep reminding folks that when things get ugly we keep working.

Comment Two things you can do now (Score 1) 312

If you're a home user not much you can do aside from releasing and renewing your IP. I work for supporting a fast growing SaaS product and I've had to do my homework on this.

Two things:

1. Make sure your edge firewall / router has a high Packets Per Second capability. A DDoS attack may not involve a lot of bandwidth but rather send a boatload of packets at you. Your edge network will need to process it all, and if it can't you start dropping packets for things you want and don't want.

2. Out bandwidth 'em. I've not tried it, but I'm interested in Akamai PLXrouted service. In a nutshell if you get a bandwidth attack you adjust your BGP routes to push traffic though Akamai, who can provide Terabits of shitfilter for you. DDoS zero, you win. Or cloud it, using Amazon EC2 as a filter with a bunch of proxy instances that self heal if they get knocked out.

1 Mole = 25 Cagey Bees

Working...