Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Compare cell phone plans using Wirefly's innovative plan comparison tool ×

Comment But satellite phone are easy to target (Score 1) 180

Hello

The funny thing is that equipping a target with a satellite phone improves the ability to identify them. In the case of a journalist and photographer team operating in Syria a few years ago, it was their satellite phone that allowed their location to be triangulated and subsequently attacked.

I would think it would not be too difficult to come up with some interesting usage patterns of DMs (sending messages in languages commonly used by ISIS, using certain phrases common to ISIS, geoIP location, access only from Tor nodes, proxies, VPN connections and so forth as selection criteria for further intelligence collection. Frankly, using DMs sounds like a great way to be targeted by state security services.

Regards,

Aryeh Goretsky

Comment Bug bounty program? (Score 1) 61

Hello,

I did not see any mention of a bug bounty program. Is there one? If the federal government would like to not just have its open sourced software reviewed but actually receive reports of bugs, they should consider adding a bug bounty program to encourage programmers to report any errors they find to the federal government, instead of selling it to an adversary.

Regards,

Aryeh Goretsky

Comment here is the Lenovo Solution Center download (Score 4, Informative) 43

Hello,

Since neither the original poster or the article provided it, here's a link to the page where the latest version of the Lenovo Solution Center can be downloaded from:

https://support.lenovo.com/us/...

Note that the downloads are listed at the bottom of the page.

Regards,

Aryeh Goretsky

Comment three questions (Score 1) 133

Hello Col. Hypponen,

I have three questions for you:

1. Do you think it is still possible to secure embedded systems (aka the Internet of Things), or is that an impossibility now, practically speaking?

2. If there was one thing you could every average computer user to do to improve their security, what would it be?

3. If you were a person of interest in the murder of your neighbor in a tiny Central American country, what would your strategy be for clearing your name?

Thank you for taking the time to read this. I look forward to your answers.

Regards,

Aryeh Goretsky

Submission + - John McAfee denied Libertarian Party nomination for President (reason.com)

SonicSpike writes: In a decisive rout for pragmatism over purity, the Libertarian Party has nominated former New Mexico Republican Governor and 2012 nominee Gary Johnson for president. Johnson came within an eyelash of winning on the first ballot, pulling 49.5 percent of the vote, just short of the required majority. (Libertarian activist Austin Petersen and software magnate John McAfee came in second and third, respectively, with 21.3 percent and 14.1 percent.) With sixth-place finisher Kevin McCormick (and his 0.973 percent of the vote) booted from the second ballot, Johnson sailed through with 55.8 percent.

Submission + - Metal foam obliterates bullets – and that's just the beginning (phys.org) 1

schwit1 writes: Composite metal foams (CMFs) are tough enough to turn an armor-piercing bullet into dust on impact. Given that these foams are also lighter than metal plating, the material has obvious implications for creating new types of body and vehicle armor – and that’s just the beginning of its potential uses.

Afsaneh Rabiei, a professor of mechanical and aerospace engineering at NC State, has spent years developing CMFs and investigating their unusual properties. The video seen here shows a composite armor made out of her composite metal foams. The bullet in the video is a 7.62 x 63 millimeter M2 armor piercing projectile, which was fired according to the standard testing procedures established by the National Institute of Justice (NIJ). And the results were dramatic.

“We could stop the bullet at a total thickness of less than an inch, while the indentation on the back was less than 8 millimeters,” Rabiei says. “To put that in context, the NIJ standard allows up to 44 millimeters indentation in the back of an armor.” The results of that study were published in 2015.

But there are many applications that require a material to be more than just incredibly light and strong. For example, applications from space exploration to shipping nuclear waste require a material to be not only light and strong, but also capable of withstanding extremely high temperatures and blocking radiation.

Last year, with support from the Department of Energy’s Office of Nuclear Energy, Rabiei showed that CMFs are very effective at shielding X-rays, gamma rays and neutron radiation. And earlier this year, Rabiei published work demonstrating that these metal foams handle fire and heat twice as well as the plain metals they are made of.

Submission + - LEOs Raid Another Tor Exit Node - They Still Believes an IP Address is a Person (techdirt.com)

schwit1 writes: An IP address is not a person, even less so if said IP address traces back to a Tor exit relay. But that's not going to stop the "authorities" from subjecting people with no knowledge at all of alleged criminal activity from being subjected to raids and searches.

It happened in Austria. Local police seized a bunch of computer equipment from a residence hosting a Tor exit node. ICE — boldly moving forward with nothing more than an IP address — seized six hard drives from Nolan King, who was also running a Tor exit relay.

ICE wasn't involved in the latest raid predicated on nothing more than an IP address — at least not directly. This search/seizure was performed by Seattle PD conducting a child porn investigation. Sure enough, investigators had traced the activity back to an IP address, which was all the probable cause it needed to show up at privacy activist David Robinson's home at 6 a.m. and demand access to his computers.

Submission + - Oracle, chat & raw code found in Mossack Fonseca offshore web portal (www.unicornriot.ninja)

HongPong writes: The PanamaPapers law firm Mossack Fonseca exposed most of their customer service portal's backend, unpatched Drupal code through misconfiguring an Oracle server, also revealing a "portfolio" content type & possible local chat server. These vulnerabilities provide clues as to how the PanamaPapers might have been extracted remotely. This extends stories in Forbes & Wired UK about their security problems.

Submission + - FBI Director James Comey Warns Against Unbreakable Encryption, Absolute Privacy

blottsie writes: In an interview with the Daily Dot on Wednesday, Comey suggested Apple should weaken its encryption on its products to the level of iCloud, which the company can decrypt. “Today, Apple encrypts the iCloud but decrypts it in response to court orders,” he said. “So are they materially insecure because of that?”

Comey also warned against "absolute privacy," saying, "I love strong encryption. It protects us in so many ways from bad people. But it takes us to a place—absolute privacy—that we have not been to before.”

Comment Fixed that for you (Score 2) 104

Hello,

I would suggest the following amendment to your draft text:

Be it resolved that computers running or intending to run Microsoft Windows purchased by the department which boot using the Unified Extensible Firmware Interface (UEFI) have the ability to disable the Secure Boot feature." REMOVING: s for both local hard drive and network booting.

If you want to put in verbiage saying Secure Boot should be disabled, the language should reflect this in its entirety, not just for what types of devices the computer boots from. Example: A manufacturer who disabled booting from SSDs, USB flash drives or optical media would still be in spec with your requirements, since you only specified hard disk drives and PXE booting in your text.

Also, keep in mind your requirement is not going to work with Windows 10 Mobile devices (phones, phablets and the like) as UEFI with Secure Boot enabled is part of the requirements for devices running that edition of Windows 10.

Regards,

Aryeh Goretsky

Slashdot Top Deals

ASCII a stupid question, you get an EBCDIC answer.

Working...