Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror

Comment Re:Well, that was quick (Score 1) 181

This is extremely short-sighted. Under TTIP, VW cars would not only be perfectly legal in the US but VW would be able to sue the US or the state for interfering with their sales.

Both stories could end up having a positive result for the average person but TTIP would ensure that nothing positive comes out of either.

Credit where credit is due

Comment Re:Let me say (Score 1) 362

Well, since you brought it up...

"The Universe operates on a basic principle of economics: everything has its cost. We pay to create our future, we pay for the mistakes of the past. We pay for every change we make and we pay just as dearly if we refuse to change."

-Guild Bank Annals, Philosophical Register

Comment Re:Ummm...try changing the password! (Score 1) 545

That port is allowing access to the "Connection Request" page which is only a trigger for the CPE to initiate communications with the ACS server it already knows. Unless the CPE has been hijacked and the ACS server location has been tampered with, the only thing that an unsecured Connection Request page could cause, is a DDoS attack on their servers by someone requesting connection from all their CPE's in the field.

The two ways that I can imagine TR-069 being exploited are DNS spoofing (CPE talks to the wrong server - someone could mess up the settings on the CPE but won't get any passwords) and access to the LAN side pretending to be a TR-069 client (could get access to any passwords sent to the "CPE" from the server).

What should be read from the CPE and what should be set on the CPE is subject to discussion on a daily basis (just did an ACS implementation at work) but the protocol itself is not the problem.

Comment Re:Breaking News! (Score 1) 192

I'm Greek and I'll be the first to admit that the police can be bandits (putting it mildly) at times as the OP mentioned.

While plain spotting is a well documented hobby, there is no excuse for taking pictures of airplanes in areas where there are more "no photography" signs than "no smoking" signs. On top of that, noting the plain numbers in crossword puzzles is not exactly "openly" collecting data.

As for spies, i don't thing they all drive Aston Martins, wear black suits and sunglasses.

I'm not trying to defend the actions of the police. They should have let them go with a warning, perhaps confiscate any cameras or film rolls if they wanted to cover their backs, but lets call a spade a spade. These guys hadn't done their homework. They went on holiday to a place where photographing military installations (most airports in Greece are classed as that) is prohibited, they found out they shouldn't take the pictures but they went ahead anyway thinking they can get away with it.

Security

DNS Inventor Tackles Flaw 101

nk497 writes "Dr Paul Mockapetris is looking to fix the flaws in the Domain Name System he helped invent. 'It was never meant to be the only security mechanism for naming data on the internet, but was intended for additional security measures to be added to it later.' The flaws, first uncovered by security researcher Dan Kaminsky over the summer, lets attackers redirect genuine URLs to malicious ones — a problem Mockapetris believes could be solved using digital signatures."

Slashdot Top Deals

There can be no twisted thought without a twisted molecule. -- R. W. Gerard

Working...