Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror

Comment Re:You don't. (Score 2) 107

As was pointed out in the comment I originally replied to, if you allow your phone to interact with an Exchange server, you end up giving the Exchange admins the ability to do a LOT of things to your phone without your knowledge.

Including, erasing everything saved on the phone.

I am not willing to give up that level of control.

If I'm on call, or if my employer wants to replace my desk phone with a cellular one to make it easier to reach me, or they want me to be able to read and respond to email from my phone, I'm perfectly happy carrying two phones.

But if I'm on my own time and I'm not on call, the work phone goes on a shelf, and it may or may not get turned off in the process.

Comment Re:You don't. (Score 1) 107

Thankfully I do not have to read my company mail on my phone for a living. If I had to, I would have paid for one of those HTCs without giving it a second thought.

If the company you work for requires that you be able to read your email on your cellphone, they damn well be providing you a cellphone to do it with.

Comment Espionage Act of 1917 (Score 4, Informative) 919

Since you didn't include a link to the text of the act in question, here is the text of the Espionage Act of 1917.

Section 1, paragraph (e) pretty clearly applies to the person who leaked all of the documents in question.

Section 1, paragraph (d) MIGHT have applied to Wikileaks... EXCEPT for the fact that they provided the State Department with copies of all of the documents that had been leaked, prior to publication.

What's more, not only are they redacting the documents prior to publication, they're redacting the documents EVEN MORE HEAVILY than the declassified versions being published by the Department of Defense.

So, yeah. Granted, IANAL, but I'd say that doesn't apply.

Comment Re:It's not "trade" (Score 1) 973

It's called a "Prepaid Card".

Several are listed here. but you should be able to walk into walmart, kmart, target, and many grocery store chains and buy a prepaid MasterCard or Visa card.

And if you can buy the card there, you can walk back in there with the card and a handful of cash and say "Put this money on here." and have them do it for you.

Comment Re:Two types of people... (Score 1) 278

I would imagine that there are two distinct major camps of people that work for Raytheon and similar companies. People that feel that they are doing the right work, and people who just don't think about it at all.

You might argue that they're a subset of the second group, but there are people who have thought about it but can honestly say they really don't care.

To quote Tom Lehrer on Werner Von Braun, "Once the rockets go up, who cares where they come down? That's not my department."

Comment Re:!News (Score 5, Informative) 320

Who else would have to foresight to include embedded executable code and a javascript engine in a print document format?

It's even worse than that. Take a good look at version 1.7 of the PDF spec

From section 7.11.4.1 of chapter 13, which is titled "Multimedia Features"

If a PDF file contains file specifications that refer to an external file and the PDF file is archived or transmitted, some provision should be made to ensure that the external references will remain valid. One way to do this is to arrange for copies of the external files to accompany the PDF file. Embedded file streams (PDF 1.3) address this problem by allowing the contents of referenced files to be embedded directly within the body of the PDF file.

And worse yet, quoting from one of the descriptions of flags in table 44:

(Optional; PDF 1.2) A flag indicating whether the file referenced by the file specification is volatile (changes frequently with time). If the value is true, applications shall not cache a copy of the file. For example, a movie annotation referencing a URL to a live video camera could set this flag to trueto notify the conforming reader that it should re-acquire the movie each time it is played. Default value: false.

In other words, you can ALSO embed the LIVE feed from your webcam in a PDF document.

Comment Re:Reply (Score 1) 462

If all you were able to do is listen to the network traffic, then yes, you're right.

But we're talking about a special case here, where the online banking is being done from within a VM. In that special case, malware installed in the host OS can monitor both the keystrokes and mouse events that are going to the VM in addition to the network traffic.

If I were going to write malware to try to steal usernames and passwords for "interesting websites", I'd wait until I saw network traffic to one of those sites, and *then* start logging keystrokes and mouse events. The fact that the network traffic is HTTPS doesn't matter. All that matters is *where* it's going, and HTTPS doesn't hide that. I don't care about the payload of the packets or what pages you're requesting. All I care about is the DNS name of the computer you're sending data to.

When the malware is installed in the same machine (real or virtual) as the online banking, you can log only the keyboard and mouse events that are beingg sent to the web browser and ignore everything else. What I proposed above allows you to further limit the data you have to sort through by only logging the keystrokes that are likely to result in data being sent to the websites I care about.

If there's a VM between the malware and the browser, you can no longer monitor just the keystrokes going to the browser -- you have to sift through *everything* that's being sent to the VM. But you can still use the network traffic to provide you with some context of what is likely to be interesting and what isn't.

Comment Re:What a Tragedy and No Charges? (Score 1) 1343

Yes, it's still a child who was killed senselessly, and a tragedy.

That being said, in this case, the child killed herself, and the parents (step- included) are going to suffer for it.

If she had killed someone else's child, it would still be a tragedy, but then two families would suffer.

Plus, in addition to whatever action the police and prosecutor's office felt justified, you would likely also have "Wrongful Death" and other civil charges pressed, tying up a court, judge, and jury.

Slashdot Top Deals

The trouble with being punctual is that people think you have nothing more important to do.

Working...