Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Comment Re:More regulations stifling businesses. (Score 2) 221

Ticket retailers are both a monopoly and an oligopoly. Essentially all retailer has a monopoly over a given venue. The venue may be allowed a small amount of ticket blocks which are used for their own purposes (direct sales, gifts, charity, marketing, etc..) but the vast direct-sales come through a single distributor.

Those ticket distributors are largely an oligopoly, since venues only want to deal with reputable outlets with large market shares in order to maximize sales.

All of them (Venue, Talent, Distributor) have a very shaky interest in eliminating scalping at all. Tickets are sold, the stadium is filled, most people are happy. Scalping only hurts one group of people: Consumers. In the long long term, people will be so jaded with going to 'ticketed' shows that the attendances will drop below capacity. That also hurts the smaller acts far more disproportionately than the rich ones (which have a more captivated audience to saturate the scalping tax). The arts dies and we all point fingers at one another instead of 'fixing the problem', whatever that looks like (I've given my 2 cents in a different post).

That's not how it works. You stopped describing the process halfway through and then waved your hands and said "the arts dies". QED.
Scalpers are drawn by profit motive. That profit motive exists because, clearly, there is untapped demand. A scalper is a speculative investor looking to realize the remaining value in that untapped demand. Scalpers don't just go out there and buy up every ticket for every show, any more than business investors tell their portfolio manager: "Go buy 100 shares of every company in existence!"

In the long term, yes, people will get jaded with ticketed shows where it's 35 dollars to get into some dive bar with a 3 meter box along one wall serving as a "stage", and then attendances will drop below capacity. That is, the market will cease to generate extra demand for many concerts at the prices offered. In the instances when this happens, the speculative investors who bought up blocks of tickets will actually LOSE money, because they will have to resell the tickets at/below face value, or may not be able to resell them at all because demand has already been turned off by the hefty asking price. Next season when that band comes through or when a similar band plays that venue, the investors already know, "Hey, almost no one is spending 50 bucks to go see The Decemberists play in a ramshackle beer hall, no matter how much hipster hype they get on college radio". They don't buy up all the available tickets. This leaves more tickets in the hands of the original ticket seller. Word gets around among fans that "Hey there are still lots of tickets left to that show and this year they're only $18.50! Me and Kaiteleighn are going - come with us!"

The market adjusts. You are talking about this as if tickets have some durable value and are being snatched up and hoarded forever by greedy scalpers. That isn't the case. Tickets are a commodity. Scalpers are commodities traders. Scalpers won't keep buying up tickets that don't return profit. Profit doesn't exist unless demand is higher than supply.

Submission + - Petya Ransomware's Encryption Defeated and Password Generator Released (bleepingcomputer.com)

runner_one writes: An individual going by the twitter handle leostone was able to create an algorithm that can generate the password used to decrypt a Petya encrypted computer. In my test this, this algorithm was able to generate my key in 7 seconds.
To use Leostone's decryption tool you will need attach the Petya affected drive to another computer and extract specific data from it. The data that needs to be extracted is 512-bytes starting at sector 55 (0x37h) with an offset of 0 and the 8 byte nonce from sector 54 (0x36) offset: 33 (0x21). This data then needs to be converted to Base64 encoding and used on the https://petya-pay-no-ransom.he... site to generate the key.

Unfortunately, for many victims extracting this data is not an easy task. The good news is that Fabian Wosar created a special tool that can be used to easily extract this data. In order to use this tool, you need to take the encrypted drive from the affected computer and attach it to a Windows computer that is working properly. If your infected computer has multiple drives, you should only remove the the drive that is theboot drive, or C:\ drive, for your computer.

Submission + - Vulnerable Serial To Ethernet Converters Let You Hack Just About Everything (securityledger.com)

chicksdaddy writes: The biggest threat to the security of hospitals, airplanes, transportation, the electric grid and just about everything else is a little piece of equipment most companies don't even know they have deployed: Serial to Ethernet converters, the Security Ledger reports. (https://securityledger.com/2016/04/serial-to-ethernet-converters-the-giant-infrastructure-risk-nobody-talks-about/)

The inexpensive devices are used to allow legacy equipment that relies on serial connections and protocols to "speak IP," connecting to more modern networks and management tools. As a result, they're used almost everywhere: on airplanes to connect aging avionics equipment, in electrical substations, data centers, you name it. In fact, a serial to ethernet converter was attacked and knocked offline in the recent attack on the electrical grid in Ukraine. (https://ics-cert.us-cert.gov/alerts/IR-ALERT-H-16-056-01)

The problem: the converters are riddled with remotely exploitable security holes and lack many basic security features. The latest evidence of this came last week, when the Department of Homeland Security’s Industrial Control System CERT (ICS CERT) issued an alert about one of the most commonly used serial to ethernet converters, a device called NPort manufactured by a Taiwanese company, Moxa. (https://ics-cert.us-cert.gov/alerts/ICS-ALERT-16-099-01) That followed the publication of research by Rapid7 on the Moxa devices that found no-authentication-required features that would permit an attacker to push new firmware (software) onto the converter and a buffer overflow vulnerability that opens the devices to having malicious code run on it. Vendors like Moxa have also been slow to respond to security issues reported to them — if they respond at all, said Reid Wightman of the firm Digital Bond. After months of ignoring Digital Bond's inquiries, Moxa told ICS-CERT that it will have a patch ready for the critical, remotely exploitable holes in its hardware...in late August.

With more than 5,000 NPort devices publicly addressable, the possibility for mayhem and so-called 'cyber kinetic' attacks looms large. Taking control of the Serial to Ethernet converter is paramount controlling the devices that connect to it, experts said “Once you have access to the converter, its game over,” said Billy Rios of the firm Whitescope. “The devices attached to it will do whatever you tell them to do.”

Submission + - The Future of Ransomware is Self-Propagating Worms

Trailrunner7 writes: Ransomware has become one of the top threats to consumers over the course of the past few years, and it has begun to spread to enterprises as well of late. But as bad as this problem has become, researchers say that what we’re seeing right now may be just a ripple in the water compared to the tsunami that could be on the horizon.

Perhaps the biggest factor, though, in the move toward ransomware attacks on enterprises is the ability to infect multiple machines, destroy backups, and pull in a large payment all at once rather than relying on multiple smaller payments from individual victims. In order to get that large payment, though, the attacker needs to have the ability to get his ransomware on large numbers of machines in a target network, and that requires rapid infections and lateral movement inside the network.

Enter the self-propagating ransomware worm.

Researchers from Cisco’s Talos team did an in-depth analysis of the current state of ransomware attacks and looked at what the future may hold, too. They analyzed the recent attacks featuring the SamSam ransomware, which has some functions that allow it to spread on a network. It goes after network backups and looks for mapped drives.

“The ultimate goal for this stage of invasion is to locate and destroy networked backups before mass-distributing ransomware to as many systems on the network as they are able to access.. After finding the backup systems and destroying any local backups, or otherwise denying access to said backups, the adversary scans and enumerates as many Windows hosts as they can. After the hosts are enumerated, the attackers utilize a simple combination of a batch script, psexec, and their ransomware payload to spread the ransomware through the network in a semi-automated fashion,” a paper from Cisco Talos released this week says.

Submission + - Uber Releases First-Ever Transparency Report (thestack.com)

An anonymous reader writes: Uber released its first transparency report today, an overview of the information that was requested by U.S. regulators and law enforcement in the second half of 2015. The report shows that while Uber is not yet receiving the number or type of requests that non-transport companies do, the data requests affect millions of Uber customers and drivers.

Uber received 408 requests for information from law enforcement, and 415 from state and federal governments. These requests were complied with in approximately 85% of cases, where after review, Uber provided at least some of the data requested. They also responded to 67 requests for information from regulatory bodies and from airports, with data provided on over 11 million riders and 600,000 drivers.

Submission + - Symantec: Zero-Days Doubled In 2015, More Companies Hiding Breach Data (csoonline.com)

itwbennett writes: According to a new report by Symantec, 54 zero-day vulnerabilities were discovered in 2015, more than twice as many as in 2014, and the number of breaches of more than 10 million records also hit a record high. Driving this is a new professionalism in the market. 'People figured out that they could make money by finding zero-day vulnerabilities and selling them to attackers,' said Kevin Haley, director of security response at Symantec. 'So there became a marketplace, and these things started to have value, and people started to hunt for them.' At the same time, 2015 saw another disturbing trend: The number of companies choosing not to report the number of records they have lost rose by 85 percent (from 61 in 2014 to 113 in 2015). 'More and more companies aren't actually revealing what was breached,' said Haley. 'They will say attackers came and stole from us, but not saying how many records were lost.'

Comment Re:No uncertain terms? (Score 1) 400

You can't force a company to spend money and man hours making something that doesn't exist so that you can use their product they way you want to,

Why not? I can be forced to spend money (and therefore the man hours necessary for me to earn that money) in order to consume a product -- health insurance -- so why can't a company be forced to spend money and man hours making a product?

In the 21st century we've already established that the government can compel behavior whenever it suits the public interest. Everything else from here on out is just a temporary quibble over details, until all regulations are permitted.

Comment Re:Phone Numbers (Score 1) 289

I think it's an interesting thought, but disagree. To many places say "go to oursite.com" or "getfreebies.net" for that to be true. I believe you are attempting to equate laziness with ignorance, which is wrong. Most users are lazy, but they know what an address is. Hell, most technical people are lazy too. We just maintain truckloads of bookmarks.

This isn't something you can "disagree" on. I spend a significant portion of my time teaching/training/educating users up and down the food chain. Let me assure you -- there are a LOT of people out there who do not have any idea what the address bar in a browser is and how to use it. When you show them something as simple as typing "maps.google.com" they look at you like you've just given them a pill which regenerated their kidneys and cured their need for dialysis.

Comment Re:Phone Numbers (Score 1) 289

- Universally Ubiquitous
- Nationalized
- Lowest Common Denominator
- (for POTS anyway) Pretty damn rock solid in most of the world

Did Facebook kill Email? No.
Did Google kill the address bar? No.
Did Apple kill the PC? No.
Did solar panels (insert any other energy technology) kill the grid? No.
Will Facebook messenger (or any company-centric IM system) kill telephones? No.

Next flamebait topic please.

It is easy to sit here on Slashdot and say that Google did not kill the address bar, because I've no doubt at least 85% of the people here know what "URL" stands for, how a URL is composed and read by a browser, and are also people who desire a high level of direct control over their computing and therefore don't mind memorizing dozens of unique URL strings for the sites/pages they use most often.

Actual normal users, on the other hand, only know whatever their current system tells them. I work with/around hundreds of people every day who only know one URL: google.com. I rarely get more than 1-2 days without observing a user go to google and type "yahoo mail" as the search string, then click a google result for the Yahoo! Mail site. This is how they always access their email. Going to the address bar and typing in mail.yahoo.com is like asking them to interpret ancient copies of the Bible written in Greek. The address bar wasn't totally 'killed' by Google, but the google mentality and in-browser search providers have so heavily obfuscated the site/page address that a significant percentage of computer users would be stymied by a browser operating at, say, the Netscape 4 level, and it would take them a very long time to find things they access every day.

It's a very apt comparison to phone numbers, which for many people under 25, they don't know ANY numbers of their friends' or family members. They have been using name-based electronic lists of contacts since they were 17 or earlier. If they lost their cell phone and were standing at a pay phone they would have no idea how to contact anyone without calling Directory Assistance... i.e. Google for phone numbers.

Comment Re:This is a good thing. (Score 1) 291

to pay for basic income, everyone has to earn less

I don't think that's accurate. Productivity since the 70s has doubled, but real-terms wages have been stagnant. In the last 3 decades, the top 0.1% of Americans have doubled their wealth. It's obvious that improved technology can maintain the same lifestyle for the same number of people but with the labour of fewer people - the maintenance of employment levels has mostly been due to the improvement of that basic lifestyle (smartphones, better medical technology, etc) providing jobs for displaced farm workers etc. The system we have encourages spending the extra productivity of technology and economic growth on an expanded lifestyle, but it could be diverted instead to providing a basic lifestyle without requiring extra labour.

But as I understand it the critique of your position is that "the extra productivity of technology" came from the inventor/entrepreneur class specifically because of the profit motive -- that is, the motive to earn more profit than the other guy. And therefore when you say "it could be diverted instead to providing a basic lifestyle", you are falsifying the equation by doing an operation on one side that you're not doing to the other. You are assuming that you wipe the profit motive out of existence while still keeping the innovation and economic activity which arose from the profit motive. That innovation and economic activity doesn't exist on its own absolute terms.

So the critique of your position is that sure, you could take the results of increased capital/production/capacity and divert it to people who didn't invent or bring to market the innovation which made it possible... one time, and maybe for a full generation if there was a previous extraordinary growth to draw from. But rather quickly human nature adapts to the new reality. Once you have removed that more-profit-than-the-other-guy motive, there is zero incentive for the remaining inventors/producers/entrepreneurs to continue to invent and produce and bring new things to market. So what happens over time is that the previous increase in productivity is spent by the redistributionists, and then the rate of increase slows dramatically without motive to drive it drives it, and then the market re-normalizes at a new level where yes everyone is closer to equal but at a lower equilibrium point.

Comment Re: Remove casing from a Wallmart clock - get invi (Score 1) 621

None of the other people or nationalities you listed have books from God that tell them to kill nonbelievers ask a means to please their God.

That is the difference.
But, by all means, if you feel differently about it, you can travel to Syria and make nice with Isis.

I'm sure you're up to the task, after all, you're so fair minded and much better than the rest of us.

Huh? What comment are you replying to? What makes you think I am asking for fairness or being nice to terrorists. On the contrary that is my entire point -- the GP I was replying to was saying that this kid's supposed isolation as a result of the incident is the most effective way to make him into a terrorist. I am pointing out that isolation doesn't make someone into a terrorist. There are millions upon millions of people leading "lives of quiet desperation" every day and they don't become terrorists, and it is ridiculous to support anything remotely resembling any kind of understandable rational path to murdering people and blowing things up for a political/religious ideology. If feeling a bit isolated leads you to bombing civilians, then you were already a terrorist in your heart, and the isolation was just a minor catalyst which would have inevitably happened in thousands of future social situations.

I don't see the relevance of your reply. If you are trying to make a point that belief in Islam makes terrorists, well that's your own thread, go for it.

Comment Re:Remove casing from a Wallmart clock - get invit (Score 1) 621

They made this kid feel like an isolated second class person and to be honest, I can't imagine a more effective way to turn this kid into an actual terrorist.

The attention he got was more about undoing the damage than rewarding any actual genius.

So we're on Slashdot, the official Internet home of mom's basement losers and Magic The Gathering addicts.... in other words, hundreds of thousands of people for whom the first 25 years of their lives consisted of nothing but "[being made to ] feel like an isolated second class person". How many Slashdot users go blow up innocent people as a political ploy?

If feeling a little isolated and second class is the most effective way to turn you into a terrorist, why didn't all of the isolated second class Italians and Irish and Germans and Chinese and Japanese immigrants who barely made it to this country with the clothes on their back and didn't have 30,438 federal assistance programs, become raging terrorists? How is this country even still standing -- what with all the mass bombings and slayings and blood running in the streets from all those angry disaffected young Japanese men terrorizing San Francisco?

There is absolutely 0.000% of anything in this kid's history in the United States which should explain/justify/rationalize him turning into a terrorist in the future. You're simply making another instance of the Bundy-porn argument made by the James Dobsonites in the 1990s -- Bundy watched a lot of porn; Bundy raped/killed a lot of women; therefore if someone watches a lot of porn, "I can't imagine a more effective way to turn this kid into an actual serial rapist".

Comment Re:Do Not Conflate This With Individual Free Speec (Score 1) 109

Ugh, quote FAIL. The final paragraph belongs to the comment I was replying to.

Speech used by an individual to express ideas is free speech. Advertisements -- especially advertisements representing a very large organization -- are not. Corporations should not have the same rights individuals have and I feel that free speech is one of those clear cut distinctions. There is a long history of consumer protection everywhere in the world -- learn about your own country's struggles with it. It's not a simple issue and advertisement should not be regarded as free speech.

Slashdot Top Deals

Nothing ever becomes real until it is experienced. - John Keats