Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
Compare cell phone plans using Wirefly's innovative plan comparison tool ×

Comment Re:I am not sur this is an improvement (Score 4, Informative) 136

So, this is an improvement because it is just one step of the process. If it fails (due to the no data connection issue you mention), you just click to use another method and it fails back to the previous text message option. So no real downside on that count. The biggest drawback I have hit with it is that Google won't let you use both this new method and a hardware security key (I was using a Yubikey). You have to remove the hardware security key from your account in order to add this new method. That's really a bummer because the hardware keys didn't rely on your phone at all. You just have a small USB key that you pop into the computer and press a button when prompted.

Comment So was this out of spec? (Score 4, Insightful) 266

This is interesting; the configuration on a device like this should be highly controlled. I have no experience with medical devices, but I know that process control equipment generally has vendor approved configuration (and often they only certify one AV vendor so even if our corporate contract is with vendor A, we have to use vendor B for the process control stuff because that is what is certified by the control system vendor. They also have very specific settings you have to use. Failure to follow the settings could result in lack of process control at a critical time. It seems medical stuff must be under similar (if not even more restrictive) configuration control. Having AV do a "scan" every hour is very stupid since any competent AV is doing on-access scanning anyway. I would expect the vendor for the software has specified folders / files / etc. that must be exempted from the scan as well (vendors for process stuff such as Yokogawa, etc. specify that). Seems to be a configuration failure on the part of the facility.

Comment Re:Exactly (Score 5, Insightful) 191

You know, it sort of made sense in the pre-internet days where you had only terrestrial broadcast and cable (and then eventually satellite). There, you had people with infrastructure, etc. in a country and you licensed your content to those entities to broadcast. Now it is a holdover. But, those broadcast entities still exist. They haven't been driven out of business yet. So they still license the content. And they complain like crazy if a streaming service based in another country is allowing that same content to be shown in "their" area (where their physical broadcasts can be seen). They say, "you'll put us out of business as nobody will pay us for our connections or broadcasts if you show the content we licensed over the internet". To which I say - Exactly.

It is time for channel based content to go. Who cares what channel or network the content they want to watch is on or even from? They just want to watch say Big Bang Theory or Orange is the New Black or whatever. It no longer needs to be on at a "time" on a "channel". But the old way of distribution is still pretty well entrenched at least for a little while longer.

Comment Re:What's a DLL? (Score 4, Informative) 162

Although it is very true that it is how windows was designed from the early days, modern versions of windows do have protections against loading DLLs from network locations that applications simply have to opt in to. For those that are designed to be locally installed to have NOT adopted those defenses is just like not bothering to enable ASLR (Address Space Layout Randomization), or other security measures. These applications should be updated to use the protections. Here's info on how to make the updates to applications: https://msdn.microsoft.com/lib...

Comment Re:Perfect security (Score 4, Interesting) 460

You wouldn't NEED to hack into it (although it is certainly a legitimate vector). Less technical "terrorists" could simply use enough force to take over a tower or control center and send commands from an authorized terminal (likely with an authorized ID gotten by the "rubber hose" method). You would then be able to proceed to down any planes in the control area of that tower. I think I would rather have the smarts controlling the plane (whether it be computer or pilot controlled) on the plane with outside access limited to when it is requested by at least a couple of members of the flight crew.

Comment Re:Sooo .. (Score 1) 127

I've been using the bluetooth trusted device for several days now with a Microsoft Band device and it seems to work pretty well. I generally only need to use my pass code unlock once a day or so. As you said, the idea is that a thief (or border agent or police) can see it as unlocked and leave and it will lock right away when it gets out of BT range. Seems like a decent security usability trade off, but of course it isn't secure enough for everyone. Fortunately we have knobs and levers like this that allow people to customize the settings to ones that are secure enough for their needs, but usable enough as well. I thought about the "on body" detection, but I don't think it will work as well for me as the BT with the Band. It is nice to have the choices though!

Comment Re:Subject to the whims of the masses... (Score 4, Interesting) 225

Well, that just calls for a reputation service so that the flagging gets the appropriate weight. Perhaps that is where meta-modding comes in (to give it a slashdot spin). But at some point, a pattern emerges that can be seen, analyzed, and corrected for when someone mods every story they see about a certain topic as false. I'm betting a company with the kind of data a Facebook or Google has can probably come up with a reputation engine for weighting the flags too that will work - not perfectly - but probably "good enough".

Comment Re:Only 30 Grand? (Score 1) 426

Although range is definitely a big issue, lack of the ability to extend the range (via "charging stations" or "battery swap stations"; something analogous to the common "gas station") is even more the issue. I can get by normally on 200 miles (my commute is 72 miles round trip), but on the odd time I want to say drive to see my daughter at college - 240 miles away - it is a non-starter mostly because I cannot fill up on the route.

Comment Re:Great... (Score 1) 377

Yes, the hard part is getting adoption. Just look how far Google's WebP image format has gotten. Or not gotten. (I'm not talking about their WebM video format which has also not gotten a lot of traction). Looks like they unveiled it in 2010 or before, but nobody has used it as far as I can see.

Comment Re:Or, Apple could be fearful of comoditization (Score 1) 405

That has actually already happened for a lot of people. My daughter has a Nexus 7 tablet that she uses with a keyboard case to take notes in her college classes. Many people will come up and say, "oh, I like your iPad setup". Or "Which iPad is that?". Similarly on radio shows such as Leo Laporte's "The Tech Guy" (which is generally for "normals" - the not so technical folks who need help with tech), callers will often tell Leo that they want advice on picking out an "iPad" when they clearly mean they would like some sort of tablet device. It isn't to the point of Kleenex or Q-Tip, but there are quite a few people out there to whom any tablet device is an "iPad".

Comment Re:Punishes fans? (Score 3, Informative) 216

no one says 'lets not go to the game, it's on tv"

Bzzt! Wrong! Maybe not many folks do, but I sure do. When presented with an opportunity to go I always decline and say that I would rather see it on TV. (Sometimes this has even been with free tickets). At home, there is no a-hole standing up in front of me the whole game. At home, no jackass behind me spills their beer on me. At home, the noise level is very low. At home, I can see the play and can see it from multiple angles with amazing replays. At home, the beer doesn't cost $10. At home, the bathroom is clean and safe and doesn't consist of a long metal trough. At home, I am unlikely to get attacked by some crazy drunk asshole and my car is unlikely to get vandalized. At home, the parking doesn't cost $25. Yeah, I've BEEN to pro football games twice. Never again.

Comment Re:Let's face it ... (Score 2) 33

Well the first step in exploiting IE or other apps on a system in the wild is to bypass EMET. Remember, EMET is a mitigation technology designed to make it harder to exploit a vulnerability in IE, Flash, Acrobat Reader, etc. by adding extra protections. So if you are able to turn EMET off, you can then get back to your normal exploit.

Comment Re:what a stupid article (Score 4, Informative) 174

While your definitions are correct, a lot of drive by downloads happen when you visit otherwise trusted pages - because the ad network servers either got successfully breached or they didn't vet their advertisers well enough (again). For example - go to cnn.com today and view the source of the page. ads.indeed.com, doubleclick.com, etc. All of these ad networks have had serious issues with serving malicious advertisements from time to time. They will allow someone's ad that uses a malware kit attacking all the Java, Flash, Adobe Reader, etc. vulnerabilities that are out there. People shouldn't get drive by downloads just because they visited what should be a trustworthy site. So yes, drive by downloads can and do come from what are supposed to be ads. They are purchased via legitimate ad networks and run on many sites.

Slashdot Top Deals

The most difficult thing in the world is to know how to do a thing and to watch someone else doing it wrong, without commenting. -- T.H. White

Working...