imac.usr - Slashdot User

Comment TalkTalk spokesman: "It's My Site!" (Score 1) 100

by imac.usr on Monday October 26, 2015 @10:47PM (#50807145) Attached to: 15-Year-Old Boy Arrested In Connection With TalkTalk Hack

"Don't you forget,
It's my site,
It never ends!"

--
for the record No Doubt did a pretty cool cover version of the song as well, check out https://www.youtube.com/watch?...

Comment Re:GZXsiuJkhKJHkuyIUHkjiuiu273IUHiuy98Gjw7&7%^ (Score 1) 60

by imac.usr on Tuesday October 20, 2015 @09:22AM (#50764943) Attached to: A Scientist Is Selling the Right To Name His Newly-Discovered Moth On eBay

Well not any more it doesn't.

Comment Re:Big Surprise (Score 1) 488

by imac.usr on Thursday October 01, 2015 @10:38AM (#50635417) Attached to: Carly Fiorina: I Supplied HP Servers For NSA Snooping

Well, Ron Paul *is* crazy, so that's not the best example.

Comment Re:Return of the Newton? (Score 1) 508

by imac.usr on Wednesday September 09, 2015 @04:11PM (#50489553) Attached to: Apple Product Event Highlights

Well, OS X does include a modern version of the Newton's old handwriting engine; if they can get that ported to iOS, *then* it'll be the return of the Newton.

Comment yawn (Score 5, Informative) 13

by plsuh on Friday August 21, 2015 @09:11AM (#50361087) Attached to: MDM Vulnerability In Apple iOS Sandbox Facilitates 'Rogue Apps'

This is a second-order attack that only affects MDM clients, and then only if they've installed a rogue app AND the MDM is pre-provisioning with sensitive data. It's also already patched. It's easy to check the OS version on iOS devices tied to an MDM so that the IT department knows which ones need updates.

Nice catch on the security side, but not a real humdinger.

--Paul

Submission + - Ask Slashdot: Maintaining Continuity in Your Creative Works?

Submitted by imac.usr on Tuesday August 18, 2015 @12:39PM

imac.usr writes: I recently rewatched the Stonecutters episode of The Simpsons and laughed as always at the scene where Homer pulls into his parking space — right next to his house. It's such a great little comic moment.

This time, though, it occurred to me that someone probably wrote in to complain that the power plant was normally in a completely different part of town, no doubt adding "I really hope somebody got fired for that blunder." And that got me to wondering: how do creators of serial media — books, web comics, TV shows, even movie serials — record their various continuities? Is there a story bible with the information, or a database of people/places/things, or even something scribbled on a 3x5 card?

I know Slashdot is full of artists who must deal with this issue on a regular basis, so I'd be interested in hearing any perspectives on how (or even if) you manage it.

Submission + - UN Estimates Earth Population to Hit 11 Billion By 2100 (nationalpost.com) 1

Submitted by iONiUM on Tuesday August 18, 2015 @12:38PM

iONiUM writes: From the article: "The world is expected to add another billion people within the next 15 years, bringing the total global population from 7.3 billion in mid-2015 to 8.5 billion in 2030, 9.7 billion in 2050, and 11.2 billion by 2100, according to new estimates from the UN."

Some interesting points include: Africa's population expected to grow from 16.2% of the world's population to 39.2% with Nigeria expected to overtake the US' population by 2050. India expected to overtake China by 2030.

The estimates don't appear to take into consideration war, famine, and food shortages that may hamper such extreme growth in third world countries, not to mention the mass-immigration and cultural shifts that would occur due to this scenario in places like Europe and North America.

Submission + - Multiple Vulnerabilities in Pocket

Submitted by vivaoporto on Tuesday August 18, 2015 @12:00PM

vivaoporto writes: Clint Ruoho reports on gnu.gl blog the process of discovery, exploitation and reporting of multiple vulnerabilities in Pocket, the third party web-based service chosen by Mozilla (with some backslash) as the default way to save articles for future reading in Firefox.

The vulnerabilities, exploitable by an attacker with only a browser, the Pocket mobile app and access to a server in Amazon EC2 costing 2 cents an hour, would give an attacker unrestricted root access to the server hosting the application.

The entry point was exploiting the service's main functionality itself — adding a server internal address in the "read it later" user list — to retrieve sensitive server information like the /etc/passwd file, its internal IP and the ssh private key needed to connect to it without a password. With this information it would be possible to SSH into the machine from another instance purchased in the same cloud service giving the security researcher unrestricted access.

All the vulnerabilities were reported by the researcher to Pocket, and the disclosure was voluntarily delayed for 21 days from the initial report to allow Pocket time to remediate the issues identified. Pocket does not provide monetary compensation for any identified or possible vulnerability.

Comment Re:People still use Firefox? (Score 1) 115

by imac.usr on Friday August 07, 2015 @03:01PM (#50270933) Attached to: Mozilla Issues Fix For Firefox Zero-Day Bug

You left out Safari, built by the same team that brought you iTunes for Windows so you know it's quality!

Comment Re:The hardware "ecosystem" depends on crap softwa (Score 1) 365

by imac.usr on Wednesday July 29, 2015 @02:22PM (#50207521) Attached to: Ask Slashdot: Everyone Building Software -- Is This the Future We Need?

Sorta off-topic, but in your case you'd probably still be better off switching to a newer system just to cut your electricity and/or AC bill...

Comment Re:Seriously? (Score 1) 137

by imac.usr on Friday May 01, 2015 @04:06PM (#49596035) Attached to: Windows XP Support Deal Not Renewed By UK Government, Leaves PCs Open To Attack

I work at a company whose IVR system is still dependent on a pair of Solaris 8 systems. :(

Comment A matter of priorities (Score 3, Insightful) 212

by plsuh on Sunday April 12, 2015 @07:26PM (#49459641) Attached to: The NSA Wants Tech Companies To Give It "Front Door" Access To Encrypted Data

The US government has lost sight of the larger issue here. The tail (NSA and law enforcement) is wagging the dog.

The NSA and law enforcement agencies want to be able to intercept anything, since it makes their jobs easier. However, this runs counter to the larger national interest of the United States.

Which country has the highest level of connectedness and dependence on the Internet? Which country would be worst hurt if a sophisticated attacker was able to penetrate and conduct malicious actions using the systems connected to the Internet? The US, that's who. It is by far in the US's overall national interest to properly secure the Internet and communications infrastructure. Eavesdropping on everyone else is a secondary benefit, in comparison.

The proper role of the President and the Attorney General is to separate the desire of the NSA and law enforcement to make their jobs easier from the greater benefit to the country as a whole. They need to tell the ambitious underlings "NO" in unequivocal terms, then bitch slap them if they keep whining about it.

--Paul

Comment Accessibility for Apple and Microsoft products (Score 1, Informative) 100

by plsuh on Saturday March 14, 2015 @05:12PM (#49257695) Attached to: Ask Slashdot: Mouse/Pointer For a Person With Poor Motor Control

You didn't say what platform, but this has been an on-going emphasis for both Apple and Microsoft for a long time.

For OS X and iOS, see

http://www.apple.com/accessibi...
http://www.apple.com/accessibi...

For Windows, see

http://www.microsoft.com/enabl...

Hope this helps.

--Paul

Comment End-to-End Audible Voting Systems (Score 1) 480

by plsuh on Monday January 12, 2015 @03:32PM (#48795871) Attached to: How Bitcoin Could Be Key To Online Voting

FFS, doesn't anyone do any research before posting stories? 60 seconds of research would turn up the Wikipedia entry on End-to-end audible voting systems. The problem of being able to verify that your vote is recorded as you intended without revealing the actual content of your vote has been solved by several teams. The ones that seem to have the best handle on things are Scantegrity, Pret-a-Voter, and Punchscan (the predecessor of Scantegrity) .

Using Bitcoin (which in fact has anti-anonymity properties) as an engine for voting is like attaching a tractor to a horse carriage. It may get you where you want to go, but it's nothing like a proper motor vehicle.

--Paul

Comment Really, really weak evidence (Score 4, Informative) 158

by plsuh on Monday December 29, 2014 @10:30AM (#48688799) Attached to: Norse Security IDs 6, Including Ex-Employee, As Sony Hack Perpetrators

Folks,

The evidence here is really, really weak. The connection is tenuous enough and the original pool of possible suspects via their methodology is large enough that I sure as heck wouldn't rule out a connection via random chance. Until we get better evidence, this isn't worth very much.

Norse Security says as much in The Fine Article:

Stammberger was careful to note that his company's findings are hardly conclusive, and may just add wrinkles to an already wrinkled picture of what happened at Sony Pictures. He said Norse employees will be briefing the FBI on Monday about their findings.
"They're the investigators," Stammberger said. "We're going to show them our data and where it points us. As far as whether it is proof that would stand up in a court of law? That's not our job to determine, it is theirs," he said of the FBI.

--Paul

Slashdot Top Deals