Become a fan of Slashdot on Facebook


Forgot your password?

Comment Re:Enterprises Will Like This! (Score 3, Funny) 249

Then, at some point in the future, Mozilla will run a campaign explaining that 10% of the interwebs is on Firefox 11 ESR, but there have been loads of new features and enhancements since then so we should all tell people to upgrade to Firefox 17. Friends don't let friends use IE 6^W^WFF 11.

Submission + - If Crypto is outlawed: confidentiality gone?

frog51 writes: "In certain jurisdictions, use of cryptography by the private sector is limited: e.g. there are reports that in the UAE and other countries not all of the encryption capabilities of the BlackBerry are permitted.

This removes a mainstay of current IT confidentiality. Are there workarounds in place? Or does this potentially break a major modern assumption — that we can secure information wherever we are?

In the 1990s the U.S. government tried to force the use of SkipJack, an encryption mechanism that would have led to all private sector encryption keys being escrowed. That escrow would have been a major target for espionage and terrorism. The US learned from this mistake, but are other regions doomed to repeat it?"


IBM's Plans For the Cell Processor 124

angry tapir writes "Development around the original Cell processor hasn't stalled, and IBM will continue to develop chips and supply hardware for future gaming consoles, a company executive said. IBM is working with gaming machine vendors including Nintendo and Sony, said Jai Menon, CTO of IBM's Systems and Technology Group, during an interview Thursday. 'We want to stay in the business, we intend to stay in the business,' he said. IBM confirmed in a statement that it continues to manufacture the Cell processor for use by Sony in its PlayStation 3. IBM also will continue to invest in Cell as part of its hybrid and multicore chip strategy, Menon said."

Saturn's Rings Formed From Large Moon Destruction 115

Matt_dk writes "The formation of Saturn's rings has been one of the classical if not eternal questions in astronomy. But one researcher has provided a provocative new theory to answer that question. Robin Canup from the Southwest Research Institute has uncovered evidence that the rings came from a large, Titan-sized moon that was destroyed as it spiraled into a young Saturn."

37 States Join Investigation of Google Street View 269

bonch writes "Attorneys General from 37 states have joined the probe into Google's Street View data collection. The investigation seeks more information behind Google's software testing and data archiving practices after it was discovered that their Street View vans scanned private WLANs and recorded users' MAC addresses. Attorney general Richard Blumenthal said, 'Google's responses continue to generate more questions than they answer. Now the question is how it may have used — and secured — all this private information.'"

Comment Re:Wow. (Score 2, Insightful) 326

It's also possible that the malware was actually dropped from a *nix or Windows system that wasn't itself infected, but where the user wanted to drag Dell through the muck. Doesn't need to be any of these Advanced Persistent Threats you keep reading about, just a terminated employee on his last day. I doubt that embedded hardware is connected to the internet while it's being assembled, so it seems unlikely that they got a chance infection - someone had to subvert their production process. That's most likely to be an insider.

Dell Ships Infected Motherboards 326

An anonymous reader writes "Computer maker Dell is warning that some of its server motherboards have been delivered to customers carrying an unwanted extra: computer malware. It could be confirmation that the 'hardware trojans' long posited by some security experts are indeed a real threat."

Nuclear Power Could See a Revival 415

shmG writes "As the US moves to reduce dependence on oil, the nuclear industry is looking to expand, with new designs making their way through the regulatory process. No less than three new configurations for nuclear power are being considered for licensing by the US Nuclear Regulatory Commission. The first of them could be generating power in Georgia by 2016."

Comment Re:Obligatory (Score 1) 604

I think that shows how bad Michael Dell is at running businesses. He correctly identified that Apple couldn't go on the way it had been run, but didn't suggest running the company a different way as a potential solution. If Dell is in trouble now, they will stay in trouble unless the market changes to require a company just like Dell.

Mass. Data Security Law Says "Thou Shalt Encrypt" 510

emeraldd writes with this snippet from SQL Magazine summarizing what he calls a "rather scary" new data protection law from Massachusetts: "Here are the basics of the new law. If you have personally identifiable information (PII) about a Massachusetts resident, such as a first and last name, then you have to encrypt that data on the wire and as it's persisted. Sending PII over HTTP instead of HTTPS? That's a big no-no. Storing the name of a customer in SQL Server without the data being encrypted? No way, Jose. You'll get a fine of $5,000 per breach or lost record. If you have a database that contains 1,000 names of Massachusetts residents and lose it without the data being encrypted, that's $5,000,000. Yikes.'"

Comment Re:Encryption drawbacks (Score 1) 175

Firstly, the kind of encryption they're talking about in the article, as implemented by BitLocker on Windows and third-party products on many operating systems, is transparent to operating system processes.

Erm :). Secondly, active directory domain controllers are typically run on servers rather than laptops, and full-disk encryption is typically run on laptops rather than servers.

Comment Re:Encryption drawbacks (Score 3, Insightful) 175

Taking those point by point (and staying on topic by discussing hard drive encryption, the subject of TFA):

* you must provide a meaningful key management

Depending on the size of the organisation and the purposes for using encryption, key management may not be necessary, though you still need a capable and reliable lost-passphrase-recovery helpdesk which is going to cost.

* you lose speed of your machines for number crunching

I think you need to review just how much time you think computers spend reading and preparing data from the hard drive. If you're in the middle of a number-crunching job, it's pretty much negligible. And besides that, most business laptop users (the target users of full-disk encryption) are trying to read e-mail and write Powerpoint slides, they aren't trying to simulate protein folding.

* you can easily lose data in the event of hardware corruption

* access to data is a bit harder even for legitimate purposes

Yes, that's the whole point. It's usually only a bit harder (you have to authenticate before the operating system will boot) but in return for that, the confidentiality of your data is protected. Security is about risk management and if the risk of publicising your company's secrets is more significant than the risk of users losing time by forgetting their passwords, then the trade-off is worth making.

* many systems (for example Active Directory domain controller .vs. ipsec) doesn't work well with encryption

Firstly, the kind of encryption they're talking about in the article, as implemented by BitLocker on Windows and third-party products on many operating systems, is transparent to operating system processes.

skills of your systems management must be higher

Oh noes! I pay my systems managers to manage my systems but don't want to pay people who know what they're doing!

Slashdot Top Deals

Quantity is no substitute for quality, but its the only one we've got.