Follow Slashdot stories on Twitter


Forgot your password?

Comment Re:this new file sharing app Ares?? (Score 3, Informative) 421

"Most college networks require a login to use- even from your personal computer(s)."

Actually, not a login, for the simple reason that that breaks all non-browser devices. They require registration of your device, but if they required a login then no Playstations, Xboxes, or iPhones would work, because you can't login with an email client or a video game. Once a machine is registered (Identified by the closest thing there is to unique, the MAC)then all the bad guy needs to do is check to make sure the target machine is not on at the moment, and spoof the MAC address. The traffic will be logged as belong to the poor innocent spoofee. And yeah, it may be less than 1% that know how to do it, but a single innocent person be persecuted or prosecuted is too many.

Comment Re:this new file sharing app Ares?? (Score 3, Informative) 421

Managed switches don't help prevent MAC address spoofing unless you actually allow a MAC to only connect through the port it first connected on, which kinda gets in the way of people roaming on wifi. Yes there are actually wireless solutions that will approximate physical location by access point triangulation, but good luck in a busy spot. Actually identifying a specific computer on an untrusted network (which they all are these days) is extremely difficult. Knowing what port a particular machine is plugged into is easy, but knowing what machine it is is not. Some wireless solutions now also backhaul all traffic to a wireless controller, so when you roam your connection point to the network doesn't change, but like I said, specifically locating a wireless machine is also next to impossible in a busy public spot.

The problem with MAC spoofing is the incredibly difficult time the person who gets spoofed will have proving their innocence. And of course the legal types on the plaintiffs side will attempt to tell a jury that a MAC address uniquely identifies a machine, and if the poor innocent spoofee gets a normal non tech-savvy lawyer they will probably succeed.

Comment this new file sharing app Ares?? (Score 3, Interesting) 421

Did I miss something? Have the people coding Ares implemented a new protocol, or is this college 5 years behind? Of course, having actually been involved in writing software to track computers on a college campus I am also curious how the college is fingerprinting machines to detect MAC address spoofing, but since this is a press release I wouldn't expect any technically informative information.

Comment ??Anybody home?? (Score 1) 1127

umm, doood, why is PS not working when you swap out one of its DLLs with a "hacked" version some evidence of DRM? Adobe is perfectly capable of creating their own convoluted licensing enforcement without Microsoft getting involved.

And I must ask, if you are looping the output into the input of your sound card (which you seem to be doing) do you even have the competence to ensure you don't get good old fashioned feedback? This "story" really reminds me of some of the stuff I overhear from the seventh graders at the school where I work.

Do the Slashdot rubber stampers even read this stuff before putting it on the front page? Or is this some devious troll because we all quit reading idle?

Comment if you wait until it happens... (Score 5, Insightful) 195

You still need to do homework. I realized a while ago that I not only lack a good understanding of potential weaknesses in my sites, but I also lack the knowledge needed to actually do the forensic log analysis if I was to actually get exploited. Along the lines of the original post, what good introductory tools are there that relate to forensic log analysis?


Submission + - Eight corporate anthems to die for...well (

coondoggie writes: "As corporate anthems go, it's not a splash but we are always surprised to see companies come out with new ones. Here we have a recent song from "Dev Life". It contains the lyrics:" I'm coding Unix Windows Linux; I've got the dev life going mama; I'm like the coding Dalai Lama." Coding like the Dalai Lama? ! Yikes. But IBM isn't alone in these off beaters. Fujitsu, Checkpoint Symantec, Texas Instruments and many others have entered the rarified air of corporate songbirds. Here are links to eight of our favorite ditties. I know there are tons more out there, send them along if you get the chance. 4"

Slashdot Top Deals

After an instrument has been assembled, extra components will be found on the bench.