gfolkert - Slashdot User

Comment Ummm, yeah I'm thinking... (Score 1) 262

by gfolkert on Friday December 18, 2009 @11:48AM (#30487958) Attached to: Netflix Sued For Privacy Invasion

I completely agree, even then... let us consider how many people are in a specific Zip Code, especially in places that are super heavily populated... 87% chance? doubtful.

87% of all statistics are pulled from /dev/ass, including this one.

Comment Release it. This is old hat. (Score 2, Interesting) 600

by gfolkert on Tuesday December 01, 2009 @02:46PM (#30286574) Attached to: Ethics of Releasing Non-Malicious Linux Malware?

I'm sorry, but running userland "daemons" is child's play. This has been around for EONs. Please don't think you have something new here.

You problem here is that, you idea will only affect the *USER* environment, not the machine. Anything you run or install into the user environment will be bound by the standard user accounts everyone should be running as, without privileges (such as root/super user)

This separate the privileges from the user and the system quite well and delineates it.

Lets compare Windows and *NIX (in general):

Windows, I can send you and e-mail and you standard user just looks at my e-mail and via ActiveX can leverage a 10 year old exploit to install a service as a *SYSTEM ACCOUNT*. This means my process then has full access to the system... Possibly being able to wipe out the machine period, or use it for a launching pad to send out e-mails to other accounts on the system or other account in any address book or just grab your passwords (probably being abcd1234 or password or or what have you (Think Sarah Palin's Yahoo account... wooo really good password there)) for your Bank account. Its very much *THAT* simple, no stupidity involved.

Now, if for some reason ActiveX is disabled, I can just tell you how important the Microsoft update is and it needs to be run... and how you *MUST* forward it to your friends so they can be safe... Sheeple are gullible and will never be safe from this stupidity.

Now speaking of stupidity, its really the only way Linux/*NIX/*BSDs will be compromised... even then most likely only the *user's* data will be flogged. Not the whole system. Now, let us just say *I* download and run your program/update/shell/python script/perl script/etc... Sure it downloads and installs the BOINC daemon and runs in the background... to be honest who cares. Any program you run or have running to capture data from the user will only affect the *USER* not the whole system. Separation of privileges is pure and simple why the *NIX systems will not seriously fall prey to these kinds of things. And to be honest, unless you install a persistent AT job for the BOINC daemon to start or at the very least a cronjob that runs every minute... a reboot will kill your pitiful attempt.

Comment I think "Emergence" has occurred. (Score 1) 154

by gfolkert on Tuesday November 10, 2009 @12:53PM (#30047348) Attached to: US Navy Was Ordered To Listen For Martian Broadcast

Watch out for the possessed Voidhawks! (or even Blackhawks!) No... not a person from Chicago... oh wait. Hmm. Nevermind.

Comment Its not the HARDWARE COST. (Score 1) 863

by gfolkert on Wednesday October 21, 2009 @10:23AM (#29823147) Attached to: IBM's Answer To Windows 7 Is Ubuntu Linux

$2K is the cost of deployment, helpdesk calls, user confusion, lost proficiency, annoyance factor and other various sundry of items.

$2K IMO is a low ball, especially since many companies are going to be coming from WinXP or Earlier (many still use Win2K and Win9X).

This means about 10+ hours (not at employee pay rates, but fully realized Employee cost rates) per machine/employee, plus the re-training syndrome due to "change".

So, remember you FANBOIs (including Fan boys and Fan girls), just because its the newest version of Windows, doesn't mean its easy. Its not for 80% of the embedded workforce using the machines. Change a menu or how its presented, or change a location or add new entry that replaces another (with same functionality but different name) or a different look of the interface... and the helpdesk lights up. I've seen it happen when we change to an updated widget that displays the EXACT SAME INFO in the same dialog, but now that it uses your "system color theme" rather than our color scheme... users get confused, they don't need/want change. They do the same job day in day out.

You'll have complaining at the drinking fountain or browsing while in queue... (lost time and productivity not withstanding)

Think a bit more broadly and you'll see the whole picture.

Comment Errm, he was referring to... (Score 1) 264

by gfolkert on Monday August 24, 2009 @08:50AM (#29171877) Attached to: Fully Functional Bioengineered Tooth Grown In a Mouse

People Like Joe Biden, Al Gore, GWB, Amy Winehouse... etc.

Comment Re:Some distros less vulnerable by default (Score 2, Interesting) 595

by gfolkert on Thursday August 13, 2009 @07:24PM (#29059669) Attached to: Local Privilege Escalation On All Linux Kernels

Debian Sid running:

greg@maxime:~ [0] $ uname -a Linux maxime 2.6.31-rc4-686-bigmem #1 SMP Sat Aug 1 08:00:47 UTC 2009 i686 GNU/Linux greg@maxime:~ [0] $ cd /proc/sys/vm/ greg@maxime:/proc/sys/vm [0] $ cat mmap_min_addr 4096

How is that?

Comment What is this "Metric" you speak of? (Score 1) 260

by gfolkert on Monday July 27, 2009 @09:16PM (#28846223) Attached to: Company Claims Potential Magnification In Bio Fuel Production

Huh? Please 'splain to us dumb 'Muricans

Comment I for one welcome our new Blobish Gooey Overlord(s (Score 1) 424

by gfolkert on Friday July 17, 2009 @08:16AM (#28728015) Attached to: Huge Unidentified Organic Blob Floating Around Alaska

May you consume us all...

Or maybe this is the Earth fighting back taking care of the Global Warming problem.

Submission + - Unusual physics engine game ported to Linux (blogspot.com)

Submitted by

christian.einfeldt

on Thursday July 16, 2009 @11:37PM

christian.einfeldt writes: "Halloween has come early for Linux-loving gamers in the form of the scary Penumbra game trilogy, which has just recently been ported natively to GNU-Linux by the manufacturer, Frictional Games. The Penumbra games, named Overture, Black Plague, and Requiem, respectively, are first person survival horror and physics puzzle games which challenge the player to survive in a mine in Greenland which has been taken over by a monstrous infection/demon/cthulhu-esque thing. The graphics, sounds, and plot are all admirable in a scary sort of way. The protagonist is an ordinary human with no particular powers at all, who fumbles around in the dark mine fighting zombified dogs or fleeing from infected humans. But the game is remarkable for its physics engine — rather than just bump and acquire, the player must use the mouse to physically turn knobs and open doors; and the player can grab and throw pretty much anything in the environment. The physics engine drives objects to fly and fall exactly as one would expect. The porting of a game with such a deft physics engine natively to Linux might be one of the most noteworthy events for GNU-Linux gamers since the 'World of Goo' Linux port."

New AES Attack Documented 236

Posted by timothy on Wednesday July 01, 2009 @05:50PM from the ponder-don't-panic dept.

avxo writes "Bruce Schneier covers a new cryptanalytic related-key attack on AES that is better than brute force with a complexity of 2^119. According to an e-mail by the authors: 'We also expect that a careful analysis may reduce the complexities. As a preliminary result, we think that the complexity of the attack on AES-256 can be lowered from 2^119 to about 2^110.5 data and time. We believe that these results may shed a new light on the design of the key-schedules of block ciphers, but they pose no immediate threat for the real world applications that use AES.'"

L0phtCrack (v6) Rises Again 120

Posted by Soulskill on Saturday May 30, 2009 @01:46PM from the old-dogs-new-tricks dept.

FyreWyr writes "L0phtCrack — now 12 years old — used to be a security 'tool of choice' for black hats, pen-testers, and security auditors alike — that is, until it was sold by L0pht to @stake, then Symantec, to be released and subsequently dropped as LC 5. As an IT security consultant, I used this tool to regularly expose vulnerabilities or recover data when there were few other options available. Eventually, I let it go as tech evolved away. Now, after being returned to its original developers, version 6 was released this week with fresh features: support for 64-bit multiprocessors, (current) Unix and Windows operating systems, and a number of other features, including enhanced handling of NTLM password hashes and support for rainbow tables. Interested parties, especially consultants, will find this shiny new version sports a hefty price tag. It raises doubts in my mind whether it can effectively compete with open source alternatives that go by similar names, but as I found earlier versions so useful, its re-emergence seems worth the mention."

Comment NO NO NO... GALACTIC WARMING! (Score 1) 285

by gfolkert on Tuesday January 06, 2009 @08:23AM (#26341453) Attached to: Milky Way Heavier Than Thought, and Spinning Faster

Get it right!

Slashdot Top Deals