Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror

Comment Security updates (Score 5, Informative) 185

Sometimes I get the feeling that security updates can in most cases cause more problems than the issues themselves.

I can think of many occasions that a security update has broken a server/router/etc. Obviously the lack of a security update can lead to a bigger headache in the future. But the typical user doesn't understand and has the attitude "IT broke the server again".

If a virus or hacker causes an issue the attitude is "I hope they fix that soon. I hate viruses/hackers" (obviously this is a huge generalization).

Comment Developers (Score 5, Interesting) 178

I can understand developers would like this, since the android emulator in the SDK is slower than molasses in (northern) December. I suppose ICS would not be an issue to get on this for the future.

But $200 seems a little steep since a real tablet can be purchased for that price range (although with perhaps with less CPU/RAM). $50-$100 would probably be the sweet point.

Actually this reminds me of something I thought of when Siri came out. How long is it going to take for someone to come out with a screenless / keypadless phone that is pure voice recognition (built into a headset like a BT headset??)? Same thing for GPS units (rather than being distracted by a map you just have to listen to the directions, much like having a person reading you directions "like in the old days"). That would extend battery life, reduce costs, although would also reduce it to the basic functionality (sorry no angry birds).

Comment Re:Open resolvers (Score 1) 187

That is not the issue I was having. These were remote TXT lookups to a remote domain with a large TXT record. It was always looking up the same host and same TXT payload. No recursion stopped that issue. These were very regular at one or 2 second intervals. Probably would make a good bandwidth DDNS if you had access to enough recursive BIND servers, and could send requests with forged source IPs (which today is harder to do due to better filtering at the ISP's). Thus one small DNS request is multiplied several hundred times in size, like the old Smurf PING attacks.

Comment Open resolvers (Score 2) 187

I am glad I took my lumps and disabled public recursive resolving many years ago on my BIND installations. Only do that for local IP ranges! This eliminates all the resolver issues. Also I found that when the DNS server was open I was getting a constant stream of unusual TXT lookups which were for oddball domains. These contained many K of data. I suspect these requests were fake source IP requests being used as some sort of bandwidth DOS attack.

Comment Re:Seriously unsurprising (Score 1) 258

I would like to think so too. When I developed a point of sale system in the mid 90's which used dial-up for CC verification there was no encryption involved at the time. But it did use a custom protocol specific to that CC processor which required an NDA to be signed. So it was security through obscurity. I guess most transactions are done through the internet today and use encryption and for simplicity dial-up would have inherited this as well (probably using a PPP IP connection instead of these custom serial protocols but I am only guessing on this, maybe that is too simple a solution for the banks). I suppose a real hard core thief could have patched into the phone line used for CC authorization, pretended to be the host by reverse engineering previous transactions using a phone line sniffer and authorized all transactions while making purchases. But that is a lot of work a relatively small payoff.

Comment Reason for click (Score 1) 153

Does anyone here know what is actually causing the clicking? Thrown head? Bad board on the drive? Miniscule error on track 0 of the disk? I know of a person who had the click of death on their hard drive and sent it in for data recovery. It took about a week but the recovery company was able to recover 99% of the data (I don't know why 1% was missing, perhaps just junk files that didn't matter, but all the documents were there). Cost was about $1800.00 for the 200Gb worth of data.

Slashdot Top Deals

Put your best foot forward. Or just call in and say you're sick.

Working...