Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?

Comment What? Impossible (Score 1) 255

I suspect, more like 1 in 10 CEOs, managers, politicians, clergy, judges ... "The Laity" would seek marketed medical assistance with most S&T/R&D problems.

We do have IMO the most S&T/R&D dumb judiciaries existentially possible for this century (I hope). BTW: Thanks for that Dick, George, GOP-TP and plutocrats.

Comment Re:What could possibly go wrong (Score 4, Insightful) 216

Europe discovered America and now, a few years letters, America wants to discover Europa. They must be subconsciously influenced by the mother continent name from which they originated.

That is going to be quite a surprise to the ancestors of the Asian tribes that actually were the first to settle the Americas ;)

Comment Re:Those with the money (Score 1) 140

This has a lot less to do with the cable monopolies than it does with the broadcast monopolies.

Remember, the law the broadcasters were pushing for back in the early to mid-80s would have forced cable to carry all broadcast channels in the area, whether the cable customers had any interest in them or not, and forced the cable companies to pay the broadcasters for that "privilege".

The cable companies objection is that Aereo isn't forced to inflate prices to cover payments to broadcasters the way the cable companies are.

Comment Re:Just Sad (Score 1) 140

The antenna question and the some DVR other than a TiVo question are two separate issues.

Although the TiVos I mentioned do offer the flexibility of OTA or cable or both, with the ability to record two programs simultaneously while watching a third while also copying a previously recorded show from another TiVo on the same account or from a PC.

Comment Re:Yes they did. (Score 1) 572

Tough to detect with MOST browsers. They don't report cert chaining in a way that's useful for this. You COULD check the trust chain everytime you HTTPS. Firefox has the Lock icon to click. Same for Safari.

There are plugins for Firefox that alleviate this:

An indicator of changes in chain-of-trust, etc. Way cool "web-of-trust" validation infrastructure, with more info here:

People STILL ask me why I don't use Chrome or Surfari...

Additionally? Modify your workstations settings to use an authoritative external DNS server. OpenDNS is good... enough. Or your ISP servers from home. Then? Use TOR to browse. Be careful with your bank! They may close web-access to your account if TOR has it appear that you log in from Switzerland and Iceland!

These are not the best counter measures, and don't handle every case. TOR relies on SSL - but on a proxy-port, not 80, so usually outside the scope of these gateways. Depending how your company has it's CA published, they may still look "right" when using external DNS lookups, too.

Comment Re:Oracle Services (Score 1) 132

But if the overwhelming consensus is negative, how do they continue to gain new clients?

Because they actually have a good database product....

Yeah, it's called MySQL.

I have professional experience dealing with Oracle, both on Solaris and Linux, including Oracle RAC and working with MySQL Clusters. Oracle works well enough, but I would rather have MySQL.

Comment Re:Yes they did. (Score 5, Informative) 572

This is very common


Your employer probably does little with this - it is usually a part of the configuration for Microsoft Forefront TMG (Formerly ISA Server). I f you have Outlook Web Access, and do any spend on MS recommended practices, then you have a TMG, and 9 out of 10 times, the "Inspection Proxy for SSL" feature.

The intent is to scrub the stream for malware attachments and malicious XML, etc. Most are set-and-forget, with little competence to exploit or understand what they have done.

Bigger corporations, or those aware of data sensitivity issues are another matter. Outbound traffic may be subject to this inspection, for DLP with something like Vontu Network Prevent. These controls are managed by folks who spend 25K on netsec, not 25 C's. :-) Then? Clever operators may be logging and trapping all kinds of info. Reports are very "compliance centric" 'tho. The DLP operator team usually has a fair amount of audit scrutiny. Usually...

Any way, TLS is irrevocably broken. It is reasonable security, trivially implemented and nearly as easily defeated. You own DNS and the path? You own the world.

I am involved in defining a new transport security mechanism for my company's products, because TLS/SSL of handwaving, and IPsec brittleness.

User Journal

Journal Journal: Dude, where's my comments? 4

Posted a few comments on this Ask Slashdot article yesterday. Come back, and they've disappeared. They've not been deleted - I can still access them, from the recent comments area of my profile - and they've not been downmodded either. Not a Beta issue, as I'm not currently on it.


Slashdot Top Deals

You can tune a piano, but you can't tuna fish. You can tune a filesystem, but you can't tuna fish. -- from the tunefs(8) man page