Follow Slashdot stories on Twitter

 


Forgot your password?
Close
typodupeerror
×

Comment Re:Too long (Score 4, Insightful) 178

by petard (#25742767) Attached to: Remote Access Policies

Why is it when we ask people to read through a 2-page user policy, they skip through and don't even bother reading to just sign it, yet those same people will sit down and pour through 3 inches of legal documents for 4 hours when buying a home?

If you want real security, then clearly explain the issues.

Bullshit. If you want real Security, enforce the punishment. Yes, it's that simple, and is also the answer to my previous question.

People read through 3 inches of legal docs when buying a home because they know damn well they could get burned legally.

Name the last time someone you know got fired for breaking a Security policy, or losing a laptop and not following protocol properly to report the company confidential data loss.

I thought so.

'Nuff said.

The current problems which are being, at least partially, blamed on deceptive lending practices in the mortgage industry would suggest that many people do not actually read through the legal documents they sign when they purchase a home. Do you think that for these deceptive loans, the stack of legal documents did not contain the truth? Of course it did. It was just buried in a pile of legalese, and people simply went with what the nice broker told them.

Comment Re:Just using VIM (Score 1) 702

by petard (#25714551) Attached to: (Useful) Stupid Vim Tricks?

No, no, surely we don't get geek credit for starting with a 9600 baud modem. My first was a 2400 baud (US Robotics, maybe?), and I even used (but never owned) a 300 baud modem. I remember how blazing fast 14400 baud seemed when I first got my hands on it.

Heh. We probably started about the same time... the first modem I purchased was a 2400 baud modem ("Prometheus" I think), and I used but never owned a 1200 baud model. 9600 was just particularly memorable because it was obsoleted *so* immediately after what was, for me, a substantial purchase.

Comment Re:Don't panic, but... (Score 1) 67

by petard (#25682001) Attached to: The Real Story On WPA's Flaw

We need to stop trying to concoct schemes that are specific to wifi and just treat all media as untrusted.

There, fixed that for you. What makes you think wired networking is secure?

Men with guns, usually ;-). But I agree with your point, and don't generally consider the condition of being wired sufficient access control.

Comment Re:Don't panic, but... (Score 1) 67

by petard (#25677577) Attached to: The Real Story On WPA's Flaw

I don't know that I'd say the difference is exactly fundamental. Sure, if you're talking about weaknesses a cipher, a general attack on might apply to any protocol that uses that particular algorithm. It's not just a cipher algorithm, though; getting secure key exchange right is a hard problem. You want the protocol you've selected for doing so to have been vetted by as many people for as long a time as possible. VPNs have been around for a great deal longer than these new wireless schemes, and more people have spent more time attacking them.

I simply don't see enough benefit (to having some wifi-specific scheme) to offset the risk that designing and implementing some new protocol introduces new weaknesses. In addition to that, I see that configuring your client to think your wifi adapter is a safe LAN rather than an untrusted network carries significant risk if you ever take that client to a public hotspot. Having some wifi-specific scheme makes that behavior more appealing to some people. Having your OS assume a wifi adapter is on a hostile network and the LAN is only over the VPN is by contrast much safer.

Comment Don't panic, but... (Score 5, Insightful) 67

by petard (#25674853) Attached to: The Real Story On WPA's Flaw

Attacks only get better, not worse. The right thing to do, IMO, is treat this as a warning. We need to stop trying to concoct schemes that are specific to wifi and just treat wireless media as untrusted. Harden the clients. Don't let them act like they're on a trusted local network until they're on your VPN. Besides getting more thoroughly vetted crypto, this leaves your road warriors in a much better position when they sign on in coffee houses, airports and hotels.

Comment Re:Just using VIM (Score 3, Interesting) 702

by petard (#25672219) Attached to: (Useful) Stupid Vim Tricks?

Sigh. I'm sure I'm not the only one here... I distinctly remember purchasing my first 9600bps modem. (A real Hayes, no less! I sent them a large manilla SASE and they shipped me the AT command manual for no charge.) I spent a few months mowing every lawn I could to raise the funds for it. Exactly a week after I got it installed and found a couple local BBSes I could connect to at 9600, Hayes shipped the very first 14400bps modem.

Apart from the nature and amount of labor involved in raising funds, that's been a pattern for so many equipment purchases since. That was the very first time I bought something so close to the release of the new shiny, though :-)
Security

UK Court Rejects Encryption Key Disclosure Defense 708

Posted by samzenpus from the do-not-pass-go dept.
truthsearch writes "Defendants can't deny police an encryption key because of fears the data it unlocks will incriminate them, a British appeals court has ruled. The case marked an interesting challenge to the UK's Regulation of Investigatory Powers Act (RIPA), which in part compels someone served under the act to divulge an encryption key used to scramble data on a PC's hard drive. The appeals court heard a case in which two suspects refused to give up encryption keys, arguing that disclosure was incompatible with the privilege against self incrimination. In its ruling, the appeals court said an encryption key is no different than a physical key and exists separately from a person's will."
The Internet

Comcast Discontinues Customers' USENET Service 327

Posted by CmdrTaco from the only-a-matter-of-time dept.
An anonymous reader writes "Comcast has discontinued its provided usenet service, once provided to all its high speed customers. First with the cap put on its customers several years ago on amount of traffic provided as part of the customer high-speed package, as of September 16, the service is no longer provided. Without fanfare, this bastion of the internet is being removed from the mainstream."
Mozilla

Firefox SSL-Certificate Debate Rages On 733

Posted by kdawson from the four-screens-i-mean-really dept.
BobB-nw points out the ever more raucous debate over the way Firefox 3 handles self-signed certificates. The scary browser warnings have affected a number of legitimate sites (such as Google AdWords and LinkedIn) that didn't renew certs in time. Lauren Weinstein loudly called attention to the problem early in July. "If you visit a website with either an expired or a self-signed SSL certificate, Firefox 3 will not show that page at all. Instead it will display an error message... To get past this error page, users have to go through four different steps before they can access the website, which from a usability standpoint is far from ideal. This way of handling websites with expired or self-signed SSL certificates is bound to scare away a lot of inexperienced users, no matter how legitimate the website is."
Hardware Hacking

Openmoko's Open Source Phone Goes Mass-Market 247

Posted by timothy from the long-may-it-wave dept.
nerdyH writes "Openmoko has begun shipping its Linux-based, open source Neo Freerunner phone to five newly announced distributors, in Germany, France, and India, says the company. The Neo Freerunner features an open hardware design, and a Linux-based operating system that users are free to modify. The project originally hoped to produce a mass-market offering last October. The $400 Freerunner will remain available direct, online, too. A 2.5G GPRS/GSM phone like the original iPhone, it boasts a 500MHz processor, WiFi, 3D accelerometers, a 4.3-inch VGA touchscreen, Bluetooth, and built-in GPS."
Censorship

GoDaddy Silences RateMyCop.com 561

Posted by Zonk from the that's-mighty-suspicious dept.
mikesd81 writes "Wired is running a story about GoDaddy shutting down a police watchdog site called RateMyCop. However, GoDaddy can't seem to give a consistent answer as for why. From the article: 'RateMyCop founder Gino Sesto says he was given no notice of the suspension. When he called GoDaddy, the company told him that he'd been shut down for suspicious activity. When Sesto got a supervisor on the phone, the company changed its story and claimed the site had surpassed its 3 terabyte bandwidth limit, a claim that Sesto says is nonsense. "How can it be overloaded when it only had 80,000 page views today, and 400,000 yesterday?" Sesto says police can post comments as well, and a future version of the site will allow them to authenticate themselves to post rebuttals more prominently. Chief Dyer wants to get legislation passed that would make RateMyCop.com illegal, which, of course, wouldn't pass constitutional muster in any court in America.'"
Privacy

Aussie Cops Want Powers To Search Any Computer 262

Posted by kdawson from the cold-dead-fingers dept.
goatherder23 writes in with news that the New South Wales cabinet has proposed new powers for police to search computers anywhere under a search warrant, and adds: "The Four Horsemen of the Infocalypse are invoked to explain why police need the new laws, which have yet to be introduced into Parliament. Would someone please explain to them before this happens that all computers on the Internet are "networked" and that some computers may be found outside NSW (or even Australia)?" "Police Minister David Campbell says police are currently only able to search computer hardware found on a premises named in a search warrant. He says with the changes, they will be able to go a step further and search other networked computers, regardless of where they are located. 'What we know is that there are organized crime gangs who use the Internet and other forms of technology to hide their crimes,' he said."
OS X

Mac OS X Secretly Cripples Non-Apple Software 559

Posted by Soulskill from the hand-in-the-cookie-jar dept.
spikedLemur writes "Vladimir Vukicevic of the Firefox team stumbled upon some questionable practices from Apple while trying to improve the performance of Firefox. Apparently, Apple is using some undocumented APIs that give Safari a significant performance advantage over other browsers. Of course, "undocumented" means that non-Apple developers have to try and reverse-engineer these interfaces to get the same level of performance. You really have to wonder what Apple is thinking, considering the kind of retaliation Microsoft has gotten for similar practices.

TrueCrypt 5.0 Released, Now Encrypts Entire Drive 330

Posted by CmdrTaco from the wear-a-condom-people dept.
A funny little man writes "The popular open source privacy tool, TrueCrypt, has just received a major update. The most exciting new feature provides the ability to encrypt an entire drive, prompting the user for a password during boot up; this makes TrueCrypt the perfect tool for non-technical laptop users (the kind who are likely to lose all of that sensitive customer data). The Linux version receives a GUI and independence from the kernel internals, and a Mac version is at last available too."

Slashdot Top Deals

One way to make your old car run better is to look up the price of a new model.

Close