Follow Slashdot blog updates by subscribing to our blog RSS feed


Forgot your password?
Compare cell phone plans using Wirefly's innovative plan comparison tool ×

Comment Re:Time to update firewalls. (Score 1) 87

Virtually all modern firewall/IDP systems have SSL decryption. Given that virtually all websites use SSL nowadays, it makes no sense at all to even have an IDP if it can't handle SSL traffic.

Until you run into an app/site that breaks, then you have to disable it (at least for that site/app). Like this: "Dropbox not working when Client DPI-SSL is enabled" (link)

The "problem" is that those SSL/TLS packet inspection approaches are the functional equivalent of a man-in-the-middle attack. Given how reliant we are becoming on SSL/TLS, it is no wonder that forward thinking sites and apps are taking measures to protect against that. Of course, those same measures defeat the good guys being able to protect against more sophisticated threats.

Comment Re:It's the OS that just keeps on giving (Score 2) 220

I think Obi-Wan even spoke of this: "I felt a great disturbance in the [Windows], as if millions of [webcams] suddenly cried out in terror and were suddenly silenced. I fear something terrible has happened."

Obviously, he was speaking allegorically when he said those words, with the Force representing Windows and voices representing webcams. It makes sense if you think of it, with Gates and Balmer representing Palpatine and Vader having power over the dark side of the force (the new guy is Kylo-Ren), and the webcam is the modern "voice" we use to communicate. Yes, it all makes sense. Sadly, now it has come to pass.

Comment Re:Spoofing should work by whitelist (Score 3, Insightful) 113

Very true. However, this is one of the rare instances where there exists a solid and nearly complete technological solution (telecom is regulated and it would be entirely feasible to both fix the problem you describe and then implement the solution I described) to something that is social problem (people being deceptive and abusive over telecommunications media). If the problem doesn't get fixed then it is either because institutional inertia on the part of the telecom providers or because they think it would be more profitable to maintain the status quo.

Comment Spoofing should work by whitelist (Score 4, Interesting) 113

The group hopes to put in place Caller ID verification standards that would help block calls from spoofed phone numbers and to consider a "Do Not Originate" list that would block spoofers from impersonating specific phone numbers from governments, banks or others.

This is totally the wrong approach. It is why, for example, antivirus products tend to not work all that well. Instead, the phone company should not be able to legally allow phone number spoofing unless and until the entity that wants to spoof proves to the phone company that they or another legal entity they control is the legal owner of the number which will be displayed. I'm sure it will still be abused because people are sort of relentless in their desire to game the system, but it would be orders of magnitude better than what we have now.

Comment Re:Diversity quotas make things *worse* (Score 4, Insightful) 415

Not only do you get people that are worse off, it tends to overcorrect to remove non-minorities.

Not only that, but then the actual best qualified minorities get looked at and they wonder to themselves, "Are they looking at me and wondering if I am actually the best qualified or of I'm here because of a quota? Am I going to have to prove myself by working 50% or 100% harder than the white guy sitting next to me at the table despite the fact that I already worked 50% or 100% harder to get here because I love what I do and this what I was born for?" As a minority who has worked very hard and has a passion for technology that has been a fear of mine. I am thankful that I have not encountered that (or at least if I have I have not taken notice of it), though I have had friends (both other minorities and women) who have experience it.

Then you wonder why your bigoted policy ends up with lots of incompetent diversity candidates.

And that's the other problem. These diversity programs actually end up becoming a drag for the minorities and women who are passionate and worked hard because they love the field and not because someone trying to fill a diversity quota recruited them.

Sadly it is much more difficult to measure these sorts of effects, so success is defined by number/percentage of minorities/women hired and pay parity/disparity, which are actually atrocious metrics to use for too many reasons to enumerate.

Comment It's because 90% of security warnings are rubbish (Score 5, Insightful) 125

In my experience, 90% of security warnings are rubbish. For example, I recall when UAC came to Windows Vista. I don't ever recall clicking deny/cancel/no (or whatever it was) with the possible exception of a situation like "oops, I meant to click the executable right next to that one."

Same deal with Java applets. My bank uses a Java applet for depositing checks. I get a warning from the browser every single time, despite selecting the "always trust applets from this publisher" (or something like that option).

Of course, there are lots of software packages with instructions like "Step 1: Disable your antivirus." or, worse, "Step 1: If you get any security warning dialogs just click to accept them."

In fact, I've never encountered a single person who can actually point to an occasion where a security dialog alerted them to a real threat that was then neutralized. Even worse, one of the more common warnings (the untrusted SSL certificate/issuer) has confused people even more into thinking that "red address bar means not secure and green lock means secure", when in fact your browser's trust of the certificate's issuer has exactly zero impact on how secure the connection is. We've been conditioned to treat all these warnings as noise. Incidentally, people ignore speed limit signs at least 90% of the time for exactly the same reason: we've been taught that they're meaningless.

Comment Re: I beg to differ (Score 4, Insightful) 138

They're filling needed jobs and helping to keep the local economies moving by doing tough, dirty, and low-paying work that most citizens don't want.

This is what I don't get. The problem isn't that citizens won't do the jobs. The problem is that employers don't want to pay what the market demands. Do you realize that the argument you make is the exact same argument used by those support expanding the H1B program? Heck, why even bother? Just tell tech companies to start hiring illegal immigrants because citizens don't want to do the tough, dirty, low paying job of developing software or managing IT systems.

Comment I beg to differ (Score 4, Insightful) 138

We could not have picked an acquirer more devoted to vibrant journalism.

Really? Univision is one of the reasons I came to understand how blatant the liberal bias in the US media is. For example, there are lots of (legal) immigrants and children of immigrants who believe, now brace yourselves, that people who come to the US illegally are in fact criminals and that the right thing to do is to enforce the law. However, watching Univision's coverage of immigration-related matters, you will never hear anything about those people. All you will hear is how we need amnesty now. Come to think of it, they are really no different than any other major media outlet.

Vibrant journalism indeed. I once had a great deal of respect for Univision and their news people, but they have certainly proved they are biased. For example, according to Univision hispanic/latino/a Democrat politicians are held in high regard because of how their ethnic background helps them better understand the plight of the common latino/a in this country. However, hispanic/latino/a Republicans are considered sell outs and are demonized. Come to think of it, black politicians suffer the same problem. You can't be ethnic and go against the approved group-think.

I'll probably get modded into oblivion, but it's the truth.

Comment Re:Political elites (Score 3, Insightful) 156

Just the political elites doing what they do irrespective of the skill set of people they are employing. People keep banging on about corruption in some third world nation when corruption is well and truly alive in your back yard.

Actually, this is not a political elite mindset thing, it is a government mindset thing.

About 10 years ago or so I attended a government information assurance (they didn't call it cybersecurity back then) conference. The keynote speaker was a technical high up (maybe CIO, maybe CTO) of one of the three letter agencies. He said to an auditorium full of government information assurance managers something to the effect of, "the federal government is the only large organization that will regularly take people with no technical education, no technical training, and no technical knowledge/experience and put them into the inherently technical role of being responsible for securing information systems." You could hear a pin drop.

The point is that this sort of thing has been going on forever in the government (a campaign functions in nearly the same way as the government in many respects) for a long time. It makes sense why the government gets hit with so many data breaches. In fact, it was always surprising to me that it didn't happen more often.

Comment So, who do they support for president? (Score 4, Interesting) 102

Remember that the huge gains of these individuals have been made during the administration of a president who had as wealth redistribution, a la Robin Hood, as a stated goal of his presidency. Now, go look at who each of these billionaires, with a b, is supporting for president, and ask yourself if that candidate is really going to "stick it to the rich, and help the middle class" or if the rich will keep getting richer.

Don't get me wrong. I am all for people being compensated for their efforts and have nothing against people taking risk and profiting from the risk taking. But, if you happen to think that these folks got where they are by acting against their own interests, you are definitely kidding yourself.

Comment Re:The other category of trailer lies (Score 1) 260

In this case, you whatch the movie and don't even see those 1-2 minutes from the trailer that were worthwhile. Because, by the time the executives are done meddling with the movie, those scenes didn't even make it to the final cut that was released in theater.

Good point. I guess that in either case the trailer gives a deceptive view what the movie will contain. Most movies nowadays are rubbish, so I tend to be picky about what movies I watch. In 99% of the cases I wait for the movie to come out on DVD, and check out the reputable reviews (not necessarily just the IMDB star rating) so I don't waste my time/money.

Comment This is now normal for movies (Score 5, Insightful) 260

I've lost count of how many "comedy" movies I've see where the movie didn't match up to the trailer. Specifically, I'm thinking of the movies where there are about 1-2 minutes of gut-busting scenes in the trailer, then you watch the movie only to find out that those 1-2 minutes were all the worthwhile comedy content in the whole movie. I've seen much the same with other movie genres. It is very disappointing.

The way Hollywood cranks out movies now it is little better than an assembly-line. Worse, perhaps, because a decent assembly-line generally produces good quality products. It is one of the reasons there is rarely more than one movie a year that makes me want to actually go to the theater.

Slashdot Top Deals

As of next Tuesday, C will be flushed in favor of COBOL. Please update your programs.