Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 internet speed test! ×

Comment Identity Access Management (Score 2) 63

It must be supported by auditing and reporting.

This is totally true and feasible in the enterprise. I work for a company that sells a product that aggregates all existing accounts, and then periodically sends out emails to managers saying, "Here's a list of accounts belonging to your team." The manager has to approve each one or revoke them. That way, there is accountability down the road if it turns out there were lingering accounts that shouldn't have been accessible or exploitable. Can also be used to certify the accounts on each remote application by the application "owner" or administrator.

These certifications are then reviewed by third-party auditors to validate their completeness. Several other vendors offer similar variations of this functionality.

Comment Re:It would be interesting to see the tipping poin (Score 1) 244

Many scientists have postulated that there is a bigger truth being hidden here-- the existence of a time machine used by future revolutionaries to undo the Third Reich's tyranical word dictatorship after Germany won World War 2.

Traveling back in time to "kill Hitler" has become so synonymous with time travel fantasies that it's unlikely future time travelers would actually do it for fear of divulging the existence of their powers and contaminating their preferred timeline. If people in current time knew they were at the mercy of time travelers, they could protect themselves by destroying records and implementing pervasive anonymity (ala technologies like Tor).

Thus, time travelers prefer to be more discrete and control history through lower profile nudges, like using future quantum computers to brute force the enigma machine and bring back the solution to the chaps at Bletchley Park.

Comment Re: Excellent (Score 1) 218

No they fucking aren't. I can get a ride with uber at half the price or less.

Those rides are subsidized by venture capital money. They're not profitable in how they are operating. They've lost billions of dollars. Enjoy your half-price rides while you can. Once they succeed at starving off the taxi industry, they expect to hold a monopoly over the transportation service market, at which point you will pay way higher fees. Somebody will have to compensate these venture capitalists for all the billions they've lost so far. Sounds like you are their intended target.

Comment Re:ToS (Score 4, Insightful) 218

Per this insightful article, venture capital money is artificially subsidizing those rides to make them seem cheaper than public transportation.

So why do people keep using and working for Uber? Money has a lot to do with it. Uber has used venture capital money to offer lower fares that attract more customers. Those subsidies also help Uber attract drivers despite often erratic corporate policies and a lack of job security.

These subsidies create false perceptions about transportation costs such as the one you voiced. People think Uber is doing it right and the traditional taxi companies have been doing it wrong the whole time.

The national taxi business is only worth $11 billion a year. Why is Uber so highly valued? Why is so much venture capital funding injected into Uber?!? Those investors are expecting to own a monopoly position in the transportation service market. Obviously, the intent of such a monopoly would be to ruthlessly squeeze as much money as possible out of consumers.

Comment Re:Yawn... (Score 1) 627

This is a very good suspicion. By downloading a full image of his phone's storage, the FBI or NSA gets photos of all the places he's been along with GPS breadcrumbs. It could very well be that this engineer crossed paths unintentionally with another surveillance target while traveling. Checking these breadcrumbs helps them determine whether they should add him to the surveillance list.

I wholeheartedly disagree with his compliance with their requests. I just want to support the AC's rationale for why the engineer was selected.

Comment Re:Why do people use Oracle? (Score 2) 198

It's fast while huge.

If you care about your transactional data, it can't be beat by any other on-premises RDBMS.

But the major reason is Oracle's customers are using web applications built to run on top of Oracle. They buy the web application and then purchase Oracle as the infrastructure.

The reason Oracle is trying to dissuade customers from hosting on AWS is that they're desperate to get those customers hosting on Oracle's own cloud solution. AWS has a slick Database Migration Solution.

Comment Re:Utter nonsense. (Score 1) 288

That sort of thing does happen when you do things without appropriate planning permission.

That was the way I understood the world to be before Uber came along and demonstrated that with enough money and placated constituents, local regulations can be ignored by big business.

Perhaps Trump is proactively offering Musk a pardon for his personal airport tunnel route in exchange for not productizing the TBM (Tunnel Boring Machines) and selling them to Mexicans looking to circumvent the border wall.

Comment Hipchat does this with every file transferred (Score 5, Interesting) 29

Using the Atlassian chat client, HipChat, if a user transmits a file to another user, the file is stored on Amazon S3, just like it sounds as Box is doing, and is accessible by an obfuscated URL. The files are then available via any unauthenticated GET requests that can stumble upon the URL string via brute force.

A clever attacker doesn't even need to use her own resources in the brute force attack. A website can be constructed with millions of links pointing at candidate URLs and eventually Google and other indexers will spider them and the ones that don't turn up 404 errors will be added to the web index.

Comment Re:protecting capabilities (Score 1) 404



It's interesting that you do not deny that Putin's interest in relieving the economic sanctions trumps (pun intended) his interest in crushing Isis. Ok. We are in agreement there.

You seem like a bright fellow, so you'll probably recognize the fallacy you've presented in your own post regarding Podesta's lobbying firm taking money from a Russian bank. Did that money actually win them influence over Hillary Clinton? Apparently not. According to your prolific tirades against Clinton on Slashdot, she's a war mongering hawk trying to start wars with Russia. Donald Trump, in contrast, has the potential to (using your words)--

...join hands with Russia and Turkey to crush Isis.

You are trying to paint Clinton and Podesta as puppets of Russian lobbying money, while claiming the DNC also promotes Putin as a boogeyman. Kind of emphasizes the lack of real influence this money had on Clinton. You repeatedly reference this Saudi oil money going to the Clinton Foundation and paying for Chelsea's wedding, but where are the details on the quid pro quo? What was gained for them or the Russian bank?

I think we're getting tired of your broken record of "yeah, but Clinton collected money from xyz." Why don't you build up a stronger case for why Trump should hold hands with Putin to destroy Isis? We would all like to see your references to the great and wonderful things Vladimir Putin has done that would help explain how his involvement in Syria is only out of a humanitarian interest. I am very curious to hear more about your rationale for Donald Trump developing closer relations with Vladimir Putin.

Comment Re:protecting capabilities (Score 1) 404

..instead of having the US join hands with Russia and Turkey to crush Isis.

The Russian interest at play here is not to crush Isis, but to crush the economic sanctions against Russia for invading Crimea and trying to take over Ukraine. These sanctions are crippling the ability of the Russian Oligarchy to enjoy their wealth and amass more.

Do you think Paul Manafort was advising Trump on how Russia could join hands to help the US destroy ISIS, or do you think he was telling Trump about how all the Russian oligarchs would love him if he were to remove these annoying sanctions?

Trump has a track record of championing making money over punishing wrong-doers. Consider this episode where he wanted a convicted rapist to avoid prison time so his casino could profit off of his boxing match--

Trump and Tyson are old friends who did business together in the late 1980s, when the real estate mogul promoted and hosted several of Tyson's fights at his Atlantic City casinos and even fashioned himself for a time as the boxer's "business adviser." And in a largely forgotten episode, Trump came to the boxer's aid during one the darkest moments of Tyson's careerâ"his 1992 conviction for raping a beauty queen. To save the champ from being locked up, Trump pitched a highly controversial proposal that would have essentially allowed Tyson to buy his way out of prison.

Comment protecting capabilities (Score 1) 404

Your premise in denouncing the report is that the methodology employed is not as sophisticated as you expect Russia to be capable of. You should consider and acknowledge a couple of espionage realities:

The spearphishing employed against Podesta worked and was trackable. The report is not going to talk about the hacking attempts that did not work and were not trackable. As in the case of the Tempest vans you reference. Because the report does not mention Tempest vans does not mean they are not driving around.

Intelligence agencies will only release info that does not compromise their capabilities of collecting intelligence. If they were to release a transcript of a private office conversation between Putin and Paul Manafort containing details of the hacking, then Putin would realize there is a bug in his office and clear it out. The confidence of these US intelligence agencies that Russia was meddling in the recent election is buttressed by information collected that can't be released without divulging the source mechanism for its collection. What you see in the report is safe information to release.

Comment Re:Back to the old model (Score 1) 70

I'd be surprised if Amazon would give a shit if Clarkson did punch someone else

Amazon's lawyers give a huge shit about Clarkson's capacity for future violence in the workplace. Hiring someone who is known to have a propensity for physically abusing co-workers produces a huge legal liability for the employer. If he punches someone on the set of the new show, that person will sue Amazon and in court, there will be a huge claim paid by Amazon for criminal negligence.

That's really why he got fired from BBC. It's not about being PC. When he punched the first person at work, that victim could only win a suit against Clarskon. A second attack would bring the employer into liability for knowingly maintaining a dangerous workplace. If they didn't fire Clarkson at BBC and someone else punched another co-worker, the BBC could be liable because of the inaction against Clarkson sending a message to other employees that punching your co-worker is tolerated by the BBC.

I would not be surprised if Amazon's risk-management department has assigned some kind of bodyguard or conflict resolution expert(s) who are on set for each filming. Amazon is a public company and this is a typical sort of precaution that would be insisted upon by the risk management department.

Slashdot Top Deals

There are no games on this system.

Working...