Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror

Comment Ya no shit (Score 1) 418

When we bring someone on, they do NOT get root/admin to critical servers their first day. They have to be off probation first, which is 6 months where I work. Even then, credentials for things are not on a document. That is just asking for them to get lost or stolen. They are given on a wallet sized card, written specially for that person, and they are instructed to keep them safe until memorized.

The reason is, of course, to prevent fuckups, as well as to make sure we trust them fully. The idea of giving someone full access to critical stuff on day one is stupid. Shit it sometimes takes more than a day for them to get access to e-mail and all that just because of all the other things they need to do.

This is 100% on the company. Have working backups, CHECK YOUR BACKUPS, and don't give a new hire a sheet with access to your critical data.

Comment OpenVPN isn't bad (Score 3, Informative) 44

It is fairly easy to set up and supports new protocols. Linux seems to support it reasonably well and its Windows implementation isn't totally retarded.

However really, it is worth your while to invest time and effort in learning IPSec. I know it is a pain in the ass, I've done a ton with it. However it is powerful. The reason it is complex is that it can be used for basically everything. It is a general purpose encryption and authentication method for IP. It is also a mandatory part of the IPv6 spec so going forward it is just going to be a thing that all systems will have.

It also has the benefit of being widely supported. While not a lot talks OpenVPN, nearly everything already talked IPSec.

Comment As a simple example (Score 2) 227

Motive can determine what kind of crime something is. So let's say you hit someone with your car and killed them. Suppose you did it because:

--You were swerving to avoid hitting someone else, your motive was to avoid hurting another person, not to hurt them. That would likely be no charge, but at most Involuntary Manslaughter since there was no malice, no intent to kill.

--You swerve to hit them because you believe you see them strangling an animal, and it makes you fly in to a rage and want to hurt them (but not necessarily kill them). That would be First Degree Manslaughter.

--You swerve to hit them because they are a person you hate and they flip you off and you decide that fuck it, they deserve to die for disrespecting you. That would be Second Degree Murder.

--You swerve to hit them because you set out to kill them, you were looking for this particular person with the express intent of killing them when you found them. That would be First Degree Murder.

In all cases they are dead because you swerved in to them with your car. However the law can treat you very different based on your intent in the case. It is codified in to law that why someone did something matters, a whole lot.

Comment Ya I've never understood this Facebook paranoia (Score 2) 189

It is not like it is mandatory, and I don't see it going that way either. I know a lot of people who use Facebook all the time, who are glued to it. I know a lot of people who use it occasionally but don't give much of a fuck. I know a lot of people that don't use it at all (I'm one of those). This spans all ages too. There is this false idea that every single younger person is glued to Facebook so in the future it'll be the only way to communicate. Nope. Plenty of our students don't give a fuck about FB, whereas others love it. Same shit with older people.

So far I've seen no indication that not using Facebook makes you an outcast, unable to get jobs, unable to travel, or anything like that. As such if you don't trust it, don't feel what you give up is worth it, or just plain don't care, then don't use it.

Comment Ya my doctor noted this as a possibility (Score 1) 90

And told me to get a home unit, and bring it in to test it. His assessment differed from this in that he said that "most home blood pressure monitors are accurate". I brought in mine, the nurse tested it, and said it was accurate. The readings weren't 100% the same as what she got, but then they normally vary second to second anyhow.

Also of note is that she was much more careful with the test when testing my unit as opposed to normal. For both their and my unit she had me sit quiet and still, she made sure to place the cuff in the same place, and she took the reading slowly on their manual unit. On a normal physical she places the cuff over my shirt and and drops the pressure quite fast.

Now I would guess this is because they aren't that worried. My BP is normal to the high end of normal, but is normal, when measured at home and is on the high end of normal up to just at the bottom of the pre-hypertension range at the office. So I would guess she's not that concerned with having it right down to the mmHg, with in 10 is probably good enough. If it hasn't changed much since last time, no need to worry and no need to spend a bunch of time being super precise.

Now maybe my doctor is just lax and stupid, but he doesn't seem that way (and his background.credentials don't indicate that). However maybe this journal has a bit of a bias in wanting to over-diagnose hypertension and/or push that physician measurements are the One True Way(tm).

To me it seems silly to worry about 5% or less error on a test like this. The fact that BP ranges neatly line up on clear decimal lines should tell you that the specific numbers are guidelines only, not maxims. It isn't like the did some measurements and said "My god at precisely 140mmHg blood pressure becomes unhealthy and at precisely 120mmHg it becomes a complete non-factor!" Of course not, rather based on medical knowledge they established the normal, pre-hypertension, hypertension, and hypertensive crisis ranges and set them along base 10 boundaries because we like that.

It is a guide to trained professionals, not a stress point past which there is a sudden failure. Your doctor isn't going to treat it radically different if your BP is 141/91 vs 137/89. They'll evaluate what kind of treatment (if any) they think you should have based on a number of factors about you.

Comment May be closer than you think (Score 2) 128

While I'm not ready to go all in on AI controlled planes yet (or let's call them something else like Expert Systems, they aren't real AIs) I think starting to test is very valid. We are able to design systems with very good decision making capabilities these days. It is conceivable that we will soon be able to make them on par with humans, even for extreme cases like 1549.

It is certainly an area worth putting R&D in to.

Comment How is that key? (Score 1) 559

Lynch is no longer a federal employee, and unless she tries to return to government or run for office, it doesn't matter much. President Obama has served his term, he's done now and he won't be coming back. So how does it matter what happened during her tenure? She and her boss are out, that's it, it's over.

Or do you mean because you think Clinton should be prosecuted? Well guess what? She lost the election, and is also likely done. That aside Donald "Lock her up" Trump is now President and controls the justice department. He could push for it, if he wanted, yet he has publicly said he isn't going to.

So how is it in any way they "key takeaway"? You are as bad as the liberals who kept pointing to shit President Bush did to try and excuse things President Obama did. The important takeaways are about the administration in power NOW. They are the ones that can cause problems, they are the ones that need to be looked at. The old administration is old news. The bad shit they did is done. Worry about the present.

Comment Two reasons (Score 3, Insightful) 258

First is that gold bugs hate inflation. They see it as the ultimate evil. They like deflation. Well gold can lead to deflation, and likely would in the long run due to its limited supply, but bitcoin is guaranteed to have deflation given its design. So they like it because if it is used it would guarantee deflation.

The second is something you might have guessed from the first, it is because they don't know shit about money. They don't really have an understanding of what makes money what it is, or what makes a given currency good or bad. They see big amounts = good, big gains = good. Since both gold and bitcoin have been on a run as of late, that makes them good.

Comment Re:M$'s continual bandaid solutions continue to fa (Score 1) 52

UAC is not a sudo replicant, it is a tool for easily escalating to a privileged user. It is akin to what you see in many modern Linux GUIs when you try to run something, it asks for escalation and then runs as root, often for a period of time thereafter. Also your understanding of how UAC works is incorrect, you can have it change user contexts if you wish to set it up that way. You can tell UAC how to operate. Normally what it does is present even administrators with a restricted security token until they escalate.

Fine grained sudo control is more akin to Just Enough Administration (https://msdn.microsoft.com/en-us/library/dn896648.aspx) though that is even finer grained sudo.

Much like the original poster, please don't spout off if you don't know what you are talking about. There's a lot of documentation on the Windows security model out there, if you want to look in to it. However trying to criticize it when you don't understand its functionality is silly.

Comment Ok then (Score 2) 52

Please explain what needs to be done to "design things securely." Explain what specific sort of technical controls should be put in place in a kernel to prevent attacks. Make sure you aren't listing ones that they have already implemented, such as NX memory regions (which is what DEP is) and also make sure you aren't listing things you like in other OSes that are done in Windows under a different name like separate user/superuser privilege (which is what UAC is for). Let's hear these these brilliant, 100% effective solutions you have. I mean you clearly must know how, since you are so sure Microsoft doesn't do it, right?

Or if not, kindly stuff it and quit blathering on about shit you don't know anything about. Maybe go take a SANS course and get a handle on how there is NO perfect security, anywhere, period, and ti is all incremental, all about making things harder for adversaries.

For that matter you could even start at reading the linked article which says "Performing a similar heap spray on Linux is difficult, but easier than this. A lot of work went into this."

Comment Because I'm talking about Youtube (Score 1) 136

If you go to Youtube, it is going to send you a video in VP9 if it can, H.264 if it can't. It doesn't use H.265 at this point.

H.256 will probably be useful in the future but RIGHT NOW VP9 is huge because of Youtube. Same deal with Netflix. They've started using VP9 for some of their stuff (and more and more as they convert it).

So I'm not hating on H.265 support, Windows 10 supports it, new Intel CPUs support it, it is a coming thing. However VP9 is something that has been deployed for some time to get better quality/bit and is currently in use by the two most major video providers on the net. That makes it worth supporting.

Oh, and it is supported in hardware on new Intel chips so it isn't like a ton has to be done.

Comment It is an argument there's no way for them to win (Score 1) 134

Particularly because Windows is very happy to work with other security solutions. If you install a 3rd party AV or firewall it is no big deal. That software can turn off Windows' included solutions and then once installed, Windows will happily report that the new stuff is acting as your security solution. MS does not insist on you using their product, they just include it as an option.

Comment Re:Great, but what about open codecs? (Score 3, Informative) 136

Youtube.

If you want one simple reason (there are plenty of other more complex ones) Youtube uses VP9 and you get better quality per bit when you can stream from them in VP9 instead of H.264. Given that Youtube is, by far, the world's largest video site that is good enough to support it right there.

Slashdot Top Deals

Machines certainly can solve problems, store information, correlate, and play games -- but not with pleasure. -- Leo Rosten

Working...