Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Comment Same for small plane crashes (Score 1) 256

The media are all over small plane crashes much the same way, giving a highly distorted view of just how safe aviation is. Aviation organizations like AOPA have started to get on the media's case about this.

If they reported car crashes with the same enthusiasm the "news" would be nothing but car crashes.


Comment Re:For them theoretically hacking a private org? (Score 1) 352

For them theoretically hacking a private org?

It's not that it's a public organization or a private organization that matters. What matters is that another nation-state is attacking a US entity.

One of the most important jobs of the federal government is to protect us from other nation-states; to "provide for the common defence." The US would mobilize a defense/counterattack if Russia bombed your warehouse, so is it really so hard to imagine they'd do the same if Russia attacked your data warehouse?

That Russia apparently went after a political organization certainly makes things expedient. But even if they had gone after something else, when you have a nation-state attacking, you take action. If nothing else, what the heck is a single corp/org/person supposed to do against the entire cyberwarfare division of Russia?

Comment Re:Facebook is entertainment, not news (Score 1) 113

Facebook is entertainment, not news

It's not about what it's designed for, it's about how it's used. And people are increasingly treating whatever trends at Facebook as actual news.

Facebook is news if enough of the population treats it as such.

Comment Re:Let's teach critical thinking (Score 1) 212

It's a sad indictment of American intelligence that we have citizens who actually believe the government wants to be paid in iTunes gift cards.

There are almost 300 million people in the US over the age of 14. And to steal a line from George Carlin, consider how dumb the average person is, and then realize that half the population is dumber than that.

When you have a sample size that large, there are going to be some people who, if nothing else, came up short in the genetic lottery when it comes to intelligence. There's nothing "American" about it; some people just aren't blessed with the intelligence of the average Slashdot reader. And this is why we have consumer protection laws, because their limits make them vulnerable, especially to much smarter people.

Comment Re:HDD price milking (Score 3, Interesting) 161

The HDD pricing situation pre-flood was unsustainable. Everyone was losing money in a madcap attempt to hold on to their market share and have the other guy go out of business first.

If not the flood, then something else would have happened to reset prices. The HDD market is still a big market, but you can't make a business of it by losing money. Current prices are (unfortunately) about where they should be for a mature market given the operating costs and SSDs eating into higher profitability high-performance drives.

Comment Was Already Approved For "Generic" Tier Rebates? (Score 2) 198

As much fun as it is to use Mylan as a punching bag these days, there's a final point in the Ars article that leads me to think this is hardly in the bag for the Feds.

The question of whether Mylan had misclassified EpiPens came up during a recent Congressional hearing of the House Oversight and Government Reform Committee. Mylan CEO Heather Bresch, defending the company's prices at the hearing, stood by the classification. She noted that EpiPen was classified as a generic before Mylan bought the drug in 2007.

And if that's true - that Medicare was already applying the âoenon-innovator multiple sourceâ rebate schedule to the EpiPen back in 2007 - then that makes this case a lot murkier. The Feds would then have to make a case as to why the drug can and should be reclassified at the higher âoesingle sourceâ tier. It's clear that in practice the EpiPen is a single source device, but the conflict at the heart of this is one of bureaucracy and not medical practices; the Feds would need to justify both the higher rate now, and why they're not culpable for approving the lower rate in the first place.

Given how long that this is going on, I suspect that this isn't an easy case to prove, otherwise the Feds would have done it already. Instead it's probably being brought back up now to either apply additional pressure to Mylan, or to strike while the political iron is hot.

Comment Re:Some time back. . . (Score 1) 120

The problem is that Amazon has separate feedback mechanisms for the product and the seller. And in the case of the former, they commingle all the product reviews together regardless of the seller. No matter if you buy a roll of tape from Amazon, Bob's Warehouse (fulfilled by Amazon), or Alice's Emporium (self fulfilled), the product review will be listed for all. So Amazon isn't wrong about negative seller feedback in a product review being unhelpful. The problem is that seller feedback isn't very obvious to buyers.

Comment Re: I'm Confused (Score 1) 111

I've started looking at Root and Intermediate CAs country of origin, and found that a lot of the big name guys don't actually reside within the US, and the Intermediate one might be in a different country. Really whenever inspecting a certificate within a browser, it might be a good idea for the interfaces to put pictures of little flags next to each one as to better identify their source.

Comment Re:The white flag is up for OS-level security (Score 1) 172

So this is basically saying that we can no longer depend on the OS to protect us against privilege escalation attacks. The bad guys will have to concentrate on breaking out of VMs or, at least in this case, attacking through the access that the Edge VM has to system resources.

No modern OS is immune to privilege escalation attacks. Even a formally verified OS would probably still be susceptible to them due to unexpected interactions. Never mind hardware based attacks such as race conditions and rowhammer. If someone is dedicated enough, and has enough resources, sooner or later they'd find a chink in the armor.

Instead you try to do the best you can, and then you layer on defense in depth on top of that. If someone is going to break in, then you can at least slow them down and force them to fight another kind of complexity.

Comment Seen it First Hand (Score 1) 47

It's a shame the Cisco blog is linked second, because it's a great (yet short) read.

Since the end of last month one of my very low volume email accounts has been on the receiving end of a new spam campaign trying to give me malware. The emails I've received exactly match the emails in Cisco's graph So it's neat to see what's behind it - in this case the Necurs botnet running at full tilt.

Considering this account was receiving virtually zero spam before, it's definitely a major uptick in spam.

Slashdot Top Deals

Brain off-line, please wait.