Become a fan of Slashdot on Facebook


Forgot your password?

Comment Re:Open Wifi AP FTW! (Score 1) 18

The system is basically automated WPA2 Enterprise. I read that a few airports in the US (Chicago) are starting to have this through Boingo. Normally Boingo is pay, but it's free for use through this service, so I'm guessing the carriers are paying a fee to them. It makes sense to authenticate the devices to make sure it's "allowed" to be on it.

Comment Re:Lenovo. (Score 1) 477

Agreed. I had a Thinkpad T400 and now a T430. I love them. Everything is user replaceable, and they don't look out of style after you've had it for 2 years since the design barely changes.

That said, the speakers are lacking. On Linux I have to crank the volume up to 200% often. I don't know of a way to do this in WIndows (partner has a T410 with WIndows).

Comment Re: Make it easy? (Score 2) 150

You can use Whonix in virtualbox. It basically replicates this setup, where you have a gateway VM and a workstation VM. The workstation can only access the Internet through the gateway. So if the workstation is compromised it still can't leak your IP.

Comment Re:TAILS (Score 1) 234

The solution to this is to run Tor (specifically the Tor bundle) in a combination VM (or container, such as Docker) and AppArmor/SELinux profile. So no changes are stored; it reverts to the original image each time it's run. Furthermore, you can the restrict access of everything other than the tor daemon to only be able to access the tor SOCKS port on localhost, and block all UDP (no DNS).

That way even if rooted with a 0-day, it can't really give up your identity and it won't persist. Sure, they could probably chain 0-days together to try to escape the VM/container and sandbox, but it would certainly make it quite a bit more difficult for them.

There are pre-made Docker containers and AppArmor profiles for the Tor bundle already. They just need modified/combined to let you use both at once.

Comment Re:Memory availability breeds memory use (Score 1) 147

I had a 32GB card on my SGS4, but I quickly started running out of space from nandroid backups (the huge system image for the S4 doesn't help...I was running low on space with only 2-3 backups). Combined with TitaniumBackup backups and other data, and it just wasn't enough. Ended up having to upgrade to a 64GB card.

Comment Reverse SSH Tunnel (Score 5, Informative) 164

As one other comment suggested, get a cheap VPS and setup a VPN so that you can connect to your network. DigitalOcean has one for $5/month (I'm in no way affiliated) and you can then have your router connect to the VPN. Setup the routes correctly and any VPN user can access every device at home.

However you won't always want to load up the VPN on your phone, and if there's just 1 computer you want to access you can use a VPS with a remote SSH tunnel. Have the computer on your network connect to the VPS and forward some high numbered port, say 4222, to port 22: ssh -R 4222:localhost:22 user@vps. Then you can ssh into your VPS on port 4222 and it will go directly to your home computer. Just made sure you add "GatewayPorts yes" to /etc/ssh/sshd_config or the remote port will only bind to localhost.

Couple this with autossh and the home computer will always keep the connection open and re-establish it as necessary.

Sure, there's a little overhead, but I've never really noticed it. I use this trick so that my phone and tablet can always ssh into my laptop no matter where the laptop is (home network, friend's house, coffee shop, etc)... no need to find the IP address and worry about port forwarding.

Comment Starbucks is also guilty (Score 1) 247

I created a special email address for Starbucks several years ago,, and I started getting spam on it within weeks after giving it to them. And this wasn't just "legitimate" third party spam, but was penis enlargement type spam. I set a gmail filter to always trash anything coming to that address, and every time I check the trash there are still a bunch of spam emails coming in to that address. So I don't know whether Starbucks sold the address to a third party who may or may not have sold it to someone else, or whether it was stolen from Starbucks, or what.

Comment Re:Why not, Comcast's been doing this for years (Score 1) 445

You can call them and say you have your own router and that you want a regular pass through modem like the kind given to residential service. Say you have your own router that you NEED to use and that the integrated modem/router they gave you is messing it up since you can't disable NAT. They will come back and replace it with a normal modem, and they didn't charge me for the site visit. If the phone rep doesn't understand why, just say that you need to swap out the router/modem for a consumer model (they gave me an Ubee that supports IPv6) because they one they gave you doesn't work with the new networking hardware you just bought. I had to do this when I first got Comcast business service, and just explain you want a residental modem that isn't a router and they'll give you it.

Slashdot Top Deals

If at first you don't succeed, you are running about average.