canipeal - Slashdot User

Comment Re:Secure systems (Score 1) 119

by canipeal on Tuesday November 08, 2011 @09:52AM (#37984232) Attached to: DARPA Seeks Input On Securing Networks Against Attackers

I wish I had some mod points to mod parent up. I would also suggest they remove the bureaucracy involved in the C&A and pen testing phases. Anyone who's ever been a part of the process can clearly see what little value is added against APT.

Comment lost in translation (Score 2) 128

by canipeal on Tuesday November 08, 2011 @12:35AM (#37982008) Attached to: Vulnerabilities Discovered In Prison SCADA Systems

I guess those 9 year old kids in China took the term jail break....literally.

Comment sue the bastards! (Score 1) 123

by canipeal on Wednesday November 02, 2011 @12:31AM (#37916164) Attached to: 1st Strikes Issued Under New Zealand Anti-Piracy Laws

The real offence here is horrible taste in music!

Comment Re:Virtualize (Score 1) 142

by canipeal on Thursday October 20, 2011 @01:59PM (#37779294) Attached to: Ask Slashdot: Computer Test Lab Set-Up For Home?

ESX-I ftw. Ignore any recommendations for VM Player/Workstation, you'll lose a lot of resources to system operating system over head. I built a ESX-i server for less than $200 bucks 16GB of ram with Phenom II 945. This included 3TB of storage and an Antec case. On this set up I virtualize 45-50 OS's simultaneously with no problems.

Comment Re:Tell me... (Score 5, Insightful) 153

by canipeal on Thursday May 28, 2009 @01:45AM (#28119651) Attached to: Data Breach Exposes RAF Staff To Blackmail

why didn't they just encrypt the disks? If it's supposed to be sensitive information, store it securely!

Because that would require common sense and competence.

Comment Flawed by Design. (Score 5, Insightful) 98

by canipeal on Wednesday May 27, 2009 @01:44PM (#28112347) Attached to: Testing So-Called 'Unified Threat Managers'

The notion of having a single point of failure "security" device contradicts one of the primary foundations of security principle: Defense In Depth. Multiple layers of security is essential in safe guarding your systems, placing them all one one unit is nothing short of moronic.

Comment Re:Geeksquad.Gov (Score 1) 88

by canipeal on Monday May 11, 2009 @08:27PM (#27915953) Attached to: 3,800 Vulnerabilities Detected In FAA's Web Apps

We'll get Chuck from the Nerd Herd and he can "flash" 'em.

The fear of being subjected to pasty hairy man boobs just might get the operations team at the FAA to get off their asses and do their job.

Comment Security expert point of view. (Score 5, Interesting) 88

by canipeal on Monday May 11, 2009 @08:15PM (#27915825) Attached to: 3,800 Vulnerabilities Detected In FAA's Web Apps

As a security engineer(CISSP&CSSLP) with several years of experience in C&A and pen testing, I must say that the results aren't a surprise by any means. What I DO find disturbing is the amount of detail provided in a public report given the fact that the FAA has yet to fully apply it's remediation strategies for the vulnerabilities identified. Is there any info as to what tools they used for app testing? My experience shows that tools such as App Detective and Web Inspect actually inflate the number of findings. This is due to the fact that the applications identify vulnerabilities by instance and not by category/type.

Comment Trail and Error without the expensive hardware. (Score 1, Informative) 177

by canipeal on Wednesday April 29, 2009 @04:52PM (#27764249) Attached to: Viability of Mobile Broadband For Home Use?

If you already have a data plan for your mobile phone then give this application a try: http://www.wmwifirouter.com/ It will turn your cell phone into a Access point. I use this application all the time when i'm on the road or when my connection goes down at home.

Comment I must say... (Score 0) 235

by canipeal on Friday March 20, 2009 @02:34AM (#27265477) Attached to: Building Your Own Solar Panel In the Garage

that I found this article to be quite *enlightening* I need to go to bed.

Comment i once invented anti-technology technology... (Score 3, Funny) 146

by canipeal on Sunday June 15, 2008 @09:21AM (#23799691) Attached to: Anti-Technology Technologies?

couldn't figure out why the darn thing kept blowing itself up....

NIST Opens Competition for a New Hash Algorithm 187

Posted by Zonk on Friday November 09, 2007 @03:00PM from the not-that-long-to-wait dept.

Invisible Pink Unicorn writes "The National Institute of Standards and Technology has opened a public competition for the development of a new cryptographic hash algorithm, which will be called Secure Hash Algorithm-3 (SHA-3), and will augment the current algorithms specified in the Federal Information Processing Standard (FIPS) 180-2. This is in response to serious attacks reported in recent years against cryptographic hash algorithms, including SHA-1, and because SHA-1 and the SHA-2 family share a similar design. Submissions are being accepted through October 2008, and the competition timeline indicates that a winner will be announced in 2012."

AntiPiracy Macrovision Bug is Actually Six Years Old 177

Posted by Zonk on Friday November 09, 2007 @10:23AM from the making-us-safe-as-we-game dept.

twitter writes "A recently reported Macrovision bug has actually been around for six years, according to Computerworld. 'Flawed antipiracy software now being exploited by attackers has been bundled with Windows for the last six years to protect game publishers, Macrovision Corp. said today. The "secdrv.sys" driver has shipped with all versions of Windows XP, Windows Server 2003 and Windows Vista ... users do not have to play a SafeDisc-protected game to be vulnerable.' The article goes on to play down danger and claim that Vista is safe, but ZDNet notes: 'Malware authors are actively exploiting a zero-day privilege escalation vulnerability ... [which] can be exploited overwrite arbitrary kernel memory and execute arbitrary code with SYSTEM privileges. This facilitates the complete compromise of affected computers.'"

Monitor Draws Zero Power In Standby 405

Posted by CowboyNeal on Thursday November 08, 2007 @10:42PM from the green-screens dept.

fifthace writes "A new range of Fujitsu Siemens monitors don't draw power during standby. The technology uses capacitors and relays to avoid drawing power when no video signal is present. With political parties all over Europe calling for a ban on standby, this small development could end up as one of the most significant advances in recent times. The British Government estimates eight percent of all domestic electricity is consumed by devices in standby."

MIT Offers City Car for the Masses 290

Posted by ScuttleMonkey on Monday November 05, 2007 @06:43PM from the popeil-pocket-car dept.

MIT's stackable electric car, a project to improve urban transportation will make its debut this week in Milan. "The City Car, a design project under way at the Massachusetts Institute of Technology, is envisioned as a two-seater electric vehicle powered by lithium-ion batteries. It would weigh between 1,000 and 1,200 pounds and could collapse, then stack like a shopping cart with six to eight fitting into a typical parking space. It isn't just a car, but is designed as a system of shared cars with kiosks at locations around a city or small community."

Slashdot Top Deals