AngryDad - Slashdot User

Submission + - Should hosting companies have change freezes?

Submitted by AngryDad on Wednesday November 21, 2012 @01:38PM

AngryDad writes: Today I received a baffling email from my hosting provider that said "We have a company-wide patching freeze and we will not be releasing patches to our customers who utilize the patching portal for the months of November and December". This means that myself and all other customers of theirs who run Windows servers will have to live with several critical holes for at least two months. Is this common practice with mid-tier hosting providers? If so, may I ask Eastern-EU folks to please refrain from hacking my servers during the holiday season?

Comment Here is how vunlerability disclosure should work (Score 1) 123

by AngryDad on Tuesday September 25, 2012 @12:12PM (#41450741) Attached to: Did Microsoft Know About the IE Zero-Day Flaw In Advance?

This process was developed/implemented by HexView a few years ago (I worked for them at that time): Whoever finds the vulnerability likely has enough knowledge to roughly estimate what it takes to fix it and test the fix. He/she supplies all details to the vendor and gives them a hard time frame, e.g.: "I will release this data to the public 30 days from now". At the same time, vulnerability alert without details to prevent/delay re-discovery may be released to the public. If the vendor fails to resolve the vulnerability in a timely manner -- too bad, you were given enough time for fixing and testing.

Comment No, thanks! I prefer to pay xebba.com for privacy (Score 1) 144

by AngryDad on Sunday May 04, 2008 @12:01AM (#23288758) Attached to: Making Free Phone Calls With Google's GrandCentral

Before you sign up, read GrandCentral's terms and conditions. I'd suggest using Xebba instead. They are not completely free, but they specifically mention that they do not record calls and do not harvest anything from your conversations.

Submission + - Tire pressure sensors can be used to spy on cars (hexview.com) 2

Submitted by AngryDad on Tuesday April 01, 2008 @03:24PM

AngryDad writes: Starting from the model year 2008, all vehicles sold in the US are required to have Tire Pressure Monitoring System (TPMS) installed. The article from HexView enumerates privacy issues introduced by TPMS, and some of them look pretty scary. Did you know that traffic sensors on highways can be adopted to read TPMS data and track individual vehicles? How about an explosive device that sets itself off when the right vehicle passes nearby? TPMS has been discussed in the past, but was never looked at seriously. The article provides great overview of TPMS history, technology, and ways to resolve problems.

Journal Journal: Is Internet threat measurable?

Journal by AngryDad on Wednesday July 18, 2007 @06:14PM

How do security companies measure Internet threat levels? To find out the answer we collected a year's worth of threat level data from four security companies and compared the results. The results show very little similarity between the four companies, which turns the question "How do they do it?" into "Why do they do it?". It appears to be not possible to accurately measure and represent the global Internet threat level.

Slashdot Top Deals