Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror

Comment Re:That's a tiny number (Score 1) 464

I m not a security expert or a systems architect, this is purely from a layman's perspective but this is what i would do

Log everything, every file access every read and write call, some one with root access may clean up the logs you might say, then integrate it into the file sytem architecture, still really talented hackers might circumvent the File-system and directly access it. Even better built into the hardware of the storage devices to make it really tamper proof. Once you do log everything, it is not too difficult to setup alerts on suspicious patterns especially for large scale theft.

If some of the above it too disruptive, too costly, too difficult to implement then alternative is to simply have peers review your access in sensitive systems. Meaning every time some one needs root access to those system, other sysadmins preferably needs monitor/approve etc, sure it creates more red tape and bureaucracy and decrease in productivity, but better than the loosing data of national importance. In general more the people having monitoring information access, less chance of theft, as it then requires more people to collateralize on your wrong doing making it statistically less probable.

Finally I would suggest encryption at multiple levels, I don't know what exact role snowden actually performed, but I cannot visualize many cases where he needed access to the contents of a file or object to do sysadmin work. Even if it required such decryption, NSA could easily setup dedicated servers which will decrypt file and of course log the requests.

These are crude ideas and are probably full of holes, but any with serious experience and sufficient time and thought can design robust systems making it much harder to steal. No system is perfect, but it could been made far harder and amount of information leaked could have been minimized far better.

I think this more a symptom of the american security apparatus rather than a problem with the NSA only, look at how easy it was for Manning to take information, he was no techie, not particularly given special access.

Far more than spooks collecting data I am worried at how badly they are securing it. To clarify I am not supporting this invasion of privacy, but merely saying that this data can end easily up in the hands of people who will do far worse than what NSA will do.

Comment Re:That's a tiny number (Score 5, Insightful) 464

what makes you think that foreign Governments didn't have already access to the information?,

if Snowden could get access so easily to so much without getting noticed, what makes you think any state couldn't have just easily bribed any other sysadmin and kept getting the same info?

You should really question the NSA security policies, for an organization which infiltrates networks regularly to have such poor security is appalling.

Surprisingly that doesn't seem to come up in this whole dialog about Snowden leaks. Everyone seems to think NSA is some all knowing efficient organization, the perfect big brother.

To me it seems they are woefully incompetent in even keeping basic access control policies in place.

Before anyone starts explaining about how it is difficult not to give root access to sys admins etc, it is not exactly rocket science to have peer reviewed access control polices even for sys admins, and alert systems in place depending on the amount of data being accessed over a period of time etc. if I think of 5 different measures of the cuff, I am sure any serious security consultant worth his fees should be able to do much much better.

I cannot stress this enough if a company losses data like this as happening fairly frequently these days, while worrying, I can on some level understand that it is not their core business, and perhaps they didn't spend enough on security and missed a step or two, but for an organization whose main objective is to do break into networks, this is plain stupid.

Comment Re:system design cross training & nostalgia (Score 1) 277

It is not that difficult I am sure there are plenty of ppl out here who have done better than me but here is what i do I routinely work with 56K, with latency hitting 800-1200ms(extremely poor ISP). Just need to adjust your browsing behavior accordingly. Unless I absolutely must, almost always have images and plugins are disabled. I prefer using links as a browser for reading news and blogs, by and large these sites do not require JS for the basic functioning. As a bonus, it is probably as safe as using noscript stringently, and also perhaps protect against the obscure img hacks? Also if possible i avoid using browser based applications when i can use desktop applications using appropriate protocols such mail clients, chat apps etc, or use apps that really use web storage properly, so you don't really feel the speed issue. By and large I find more than speed it the latency is this bigger problem. Of course i enjoy normal speeds like everyone else when i return to civilization so to speak.

Comment Re:Good. (Score 1) 699

No, the kids don't know any better, and the mother is practicing child abuse, especially against the 11 year old.

Brainwashing your kids against vaccination is particularly evil.

-- BMO

While Vaccination as a theory/concept itself is not a bad thing, there are enough defective/ improperly prepared/ fake vaccines in the world that if you not worried about it, you are just being foolhardy. To be clear I am not implying that avoiding vaccines is the solution, just that there is some validity on the other side of the argument as well.

Submission + - The Battle of the Next Gen Consoles Begin With a Win for PS4

YokimaSun writes: Sony and Microsoft at E3 last night showed off to the world their new next gen consoles and whilst both were impressive, Sony seemed to steal the day with better decisions. First off the price of the XboxOne is $499/£429 and to be released on November 30th, the pick of the games were Halo Combat and Star Wars Battlefront. However Sony will release the PS4 in the holiday season before Xmas for $399/£349 which is a full $100 cheaper. Heres where Sony have played a master stroke, first off the PS4 will be region free, major support for indie developers, there will be no penalty whatsoever for having used games and in 2014 PS3 Games will be streamed to the PS4. Will Microsoft back track on the Used game policy ?

Comment sustained focus ?? (Score 1) 166

The assumption that sustained focus in mass audience was possible in earlier age is just fanciful, ppl did and will always find things to distract attention from the subject. If the subject is not good enough to capture the attention of the audience the minds are going to wander no matter what
Censorship

Facebook/Twitter Banned In Thailand For Election 177

societyofrobots writes "In the run up to the July 3rd election in Thailand, use of Twitter, Facebook, and other social media are banned for campaigning and other election related purposes. Offenders face a maximum six months in prison and a 10,000 baht ($330) fine. The ban includes sending short telephone texts and forwarding emails. 'There will be a unit of more than 100 officers to monitor this,' said police spokesman Prawut Thavornsiri of the social media ban. 'If we can track the origin of (an online message) right away, we will block the site and make an arrest. But if the sites are registered overseas and we can't check the origin, we'll first block it and ask the IP (Internet Protocol) providers for further investigation,' Prawut said."
Patents

8-Year-Old Receives Patent 142

Knile writes "While not the youngest patent recipient ever (that would be a four year old in Texas), Bryce Gunderman has received a patent at age 8 for a space-saver that combines an outlet cover plate with a shelf. From the article: '"I thought how I was going to make a lot of money," Bryce said about what raced through his brain when he received the patent.'"

Slashdot Top Deals

Work is the crab grass in the lawn of life. -- Schulz

Working...