Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Compare cell phone plans using Wirefly's innovative plan comparison tool ×

Comment Re:Undoing secure sockets layer (SSL) traffic (Score 1) 71

@acoustix: "I was thinking the same thing, but what if a person used a span port to mirror the traffic and send the mirrored traffic to a device capable of SSL decrypt? Couldn't that info be logged using that method?"

Only if they found a universal method of cracking SSL, which is very unlikely.

My Palo Alto firewall already does it. So what is stopping others from doing it using a mirrored port?

Comment I call BS on this (Score 1) 399

I refuse to believe that over 90% of people aren't swayed or challenged by these posts on Facebook. I post a lot of political stuff on FB (because it matters to me more than posting pictures of my dog) and I constantly check the validity of items posted - regardless of my political bias.

These posts definitely change how you think, even if you don't admit it. It makes you ask yourself if you really want to vote for an asshole like Trump, a blatant liar like Hillary, or terrible libertarian like Johnson.

Comment Re:Undoing secure sockets layer (SSL) traffic (Score 1) 71

"the international hub for the Olympics, was found to host many networks that are capable of decrypting Secure Sockets Layer (SSL) traffic — undoing a protocol put in place to keep data protected." link

Only if the client desktop computer is configured to accept forged certs as used in the Cisco SSL Inspection device.

I was thinking the same thing, but what if a person used a span port to mirror the traffic and send the mirrored traffic to a device capable of SSL decrypt? Couldn't that info be logged using that method?

Comment Re:why can't people accept that things happen? (Score 1) 93

the only thing public pressure does is cause the company to spend more money in redundant hardware which mostly sits unused and raises prices

My redundant hardware is constantly in use and I have nowhere near the budget of these big boys. Redundant doesn't always mean active/passive. Routers are especially easy to run active/active, hell that's way the Internet routes traffic. BGP/EIGRP will take care of the routing.

But I suspect that this wasn't a simple router failure. A router failure wouldn't require other systems to be rebooted.

Comment In other words, Moore's law will continue (Score 5, Interesting) 133

We hear the same bullshit every 2 years. Moore's law has nothing to do with the SIZE of the transitors. It has to do with the number of transistors on the chip and, to a lesser extent, the density of the transistors. Arranging the transistors vertically and horizontally will allow the law to continue.

Comment Re: Yawn (Score 4, Informative) 801

18 USC 793. This statute explicitly states that whoever, “entrusted with or having lawful possession or control of any documentthrough gross negligence permits the same to removed from its proper place of custodyor having knowledge that the same has been illegally removed from its proper place of custody.shall be fined under this title or imprisoned not more than ten years, or both.” Comey called her “extremely careless.” That was highly charitable. But even by that standard, Hillary was grossly negligent with classified material. Comey says Hillary had no intent to transmit information to foreign powers. But that’s not what the statute requires.

18 USC 1924. This statute states that any employee of the United States who “knowingly removes [classified] documents or materials without authority and with the intent to retain such documents or materials at an unauthorized location shall be fined under this title or imprisoned for not more than one year, or both.” Hillary set up a private server explicitly to do this.

18 USC 798. This statute states that anyone who “uses in any manner prejudicial to the safety or interest of the United Statesany classified informationshall be fined under this title or imprisoned not more than ten years, or both.” Hillary transmitted classified information in a manner that harmed the United States; Comey says she may have been hacked.

18 USC 2071. This statute says that anyone who has custody of classified material and “willfully and unlawfully conceals, removes, mutilates, obliterates, falsifies, or destroys the same, shall be fined under this title or imprisoned not more than three years.” Clearly, Hillary meant to remove classified materials from government control.

Comment Dissenting judge is wrong (Score 4, Insightful) 165

From the article:

"Notably, Reinhardt appears to have a commanding knowledge of what constitutes “hacking,” something that comes up over and over again both in the media and in the courts. He said that the decision “loses sight of the anti-hacking purpose of the CFAA.”

“There is no doubt that a typical hacker accesses an account ‘without authorization’: the hacker gains access without permission—either from the system owner or a legitimate account holder,” he wrote. Using someone else’s password with their permission but not the system’s owner isn’t “hacking,” but that’s what the court is treating it as."

Using another person's password with their permission but not with the system owner's permission is definitely a form of hacking. It's called social engineering. Social engineering is an attack vector that relies heavily on human interaction and often involves tricking people into breaking normal security procedures. Just because someone easily provided their account information doesn't mean that it was done so legitimately. It is ultimately the system owner who gets to decide who has authorization to their systems and what constitutes authorized access. At the same time, it is the system owner's responsibility to educate it's users as to what is allowed.

I would also take issue with the sentence where the writer claims that the judge has a "commanding knowledge" of "hacking".

Slashdot Top Deals

A penny saved is a penny to squander. -- Ambrose Bierce

Working...