dberstein - Slashdot User

Apple Denies Systems Breach In Photo Leak 311

Posted by Soulskill on Wednesday September 03, 2014 @11:00AM from the not-my-fault-i-promise dept.

Hamsterdan notes that Apple has posted an update to its investigation into the recently celebrity photo leak, which was attributed to a breach of iCloud. Apple says the leak was not due to any flaw in iCloud or Find My iPhone, but rather the result of "a targeted attack on user names, passwords and security questions." Despite this, Wired reports that hackers on an anonymous web board have been openly discussing a piece of software designed for use by law enforcement. Whether it was involved in the celebrity attacks or not, it's currently being used to impersonate a user's device in order to download iCloud backups.

"For Apple, the use of government forensic tools by criminal hackers raises questions about how cooperative it may be with Elcomsoft. The Russian company’s tool, as Zdziarski describes it, doesn't depend on any 'backdoor' agreement with Apple and instead required Elcomsoft to fully reverse engineer Apple’s protocol for communicating between iCloud and its iOS devices. But Zdziarski argues that Apple could still have done more to make that reverse engineering more difficult or impossible." Meanwhile, Nik Cubrilovic has waded into the data leak subculture that led to this incident and provides insight into the tech and the thinking behind it.

Comment Basic productivity CLI and GUI apps (Score 1) 531

by dberstein on Sunday March 02, 2014 @09:36AM (#46380827) Attached to: Ask Slashdot: What Software Can You Not Live Without?

CLI tools: vim, curl, wget, aptitude on Debian based distros.
GUI tools: Chrome, (Libre/Open)Office, Thunderbird. Any other is as required at "runtime".

Comment Re:Better News (Score 1) 528

by dberstein on Wednesday May 27, 2009 @07:09AM (#28107509) Attached to: Documenting a Network?

Damn, no mod points when needed. Most insightful (and IMHO true) comment I've read in ages.
Less is more ;)

Comment a multi-sensical cloaking device (not just sight) (Score 1) 828

by dberstein on Thursday May 21, 2009 @07:45AM (#28037685) Attached to: I'll keep my castle secure primarily with ...

The device would create the illusion of a standard habitat (sound, sight and smell) to those outside... but inside the cloaked frontier you'll perceive all wonders of my castle. The main point is that I need not to defend from those that don't intend on attack me. Since for the "world" there's nothing special in my castle, why would they want to spend resources attacking me?

Comment Re:Um, (Score 1) 109

by dberstein on Monday March 23, 2009 @01:26PM (#27300803) Attached to: Giving Your Greytrapping a Helping Hand

I've been happy with http://cheapvps.co.uk/ (Xen).
FreeBSD VPS I don't know, I've always used Linux ones (Debian in particular).

Comment Re:Um, (Score 2, Interesting) 109

by dberstein on Sunday March 22, 2009 @07:54PM (#27292821) Attached to: Giving Your Greytrapping a Helping Hand

Webmail as your primary MUA?! Are you kidding me?
I guess that's like saying skateboarding should be your primary transportation vehicle. Some people do it I suppose, but is it the best idea?
Get your own infrastructure and access your emails as you wish, like for example mutt on a remote terminal, or webmail (squirrelmail), or in any mobile IMAP client (my iPhone works great).
What about backups? What if tomorrow they change the policy of old/archived message?
I do have a couple of gmail accounts, but those are mostly for redundancy and seldom used by me.

Comment Re:Um, (Score 2, Informative) 109

by dberstein on Sunday March 22, 2009 @06:04PM (#27291751) Attached to: Giving Your Greytrapping a Helping Hand

I run my own mail server(s) and actually the number of spams I get is quite low with a daily average of 0.75 spams per day. That's down from ~20 spams a day before I enabled gray listing, RBL on my MTA and HELO restrictions.
There 0.75 spam/day emails are detected by my MUA's spam filter, meaning I tend to never have a spam email in my inbox!
You can find good/reliable VPS'es from $10/mo. that'll allow you to:

Run your own DNS servers.
Run your own SMTP/IMAP/POP servers (Postfix/Dovecote make a great combo).
Run your own web server.
Practice/learn sysadmin skills.
No lock-in to any vendor.

I rather pay for my own VPS than pay Google for a freaking email account and/or their App Engine.

Comment Give a man a fish... (Score 2, Insightful) 936

by dberstein on Tuesday March 10, 2009 @07:19PM (#27142681) Attached to: Living Free With Linux, Round 2

Give a man a fish...

To click icons and tick boxes you need to first understand the meaning of them, rationalize which of these elements fulfill your desired goal, and then activate the proper GUI widgets... each time to you're confronted with the GUI.

...Teach a man how to fish and he'll eat every day.

Using the CLI you need to know before hand the arguments/parameters that will fulfill your desired goal. It requires preparation (i.e. read the man page), but once you learn it it stays with you.

IMO CLI provides a more immutable interface, as opposed to GUI widgets that can and will change over time.

Software is a tool than when someone uses routinely its sensible to expect him to learn how to use it properly... for the rest of the human race there is Windows.

I couldn't be happier that the Linux experience is different from the Windows experience! Attempting to make a Linux or OSX experience Windows-er is as wrong, futile and useless as trying to compare a high-school romance with your spouse.

Comment Re:i like dvorak but stick with the standard qwert (Score 2, Interesting) 663

by dberstein on Sunday January 18, 2009 @07:20PM (#26510473) Attached to: Dvorak Layout Claimed Not Superior To QWERTY

I attest that Y is a consonant in Spanish. Vowels are only five: A, E, I, O, U.

Comment My spam fighting recipe and some theories (Score 1) 597

by dberstein on Friday August 15, 2008 @10:56AM (#24615459) Attached to: Where Has All My Spam Gone?

I have a similar setup, but got tired of content filters at the MTA level. My solution was to configure Postfix (my MTA) to abide more closely by RFCs (specifically for ELO|HELO commands) and install postgrey (`aptitude install postgrey`). Of course ensure you're not an open relay.
These measures decreased the number of spam arriving at my inbox by 90%. The spam that reaches my mailbox is handled by my MUA (Mail.app currently). The volume is low enough for me to check if its working. It does! As it was already commented read your mail logs... they make a fun read!
As for your sudden decrease of mostly spam incoming emails, some theories:
1. Some big telco closed port 25 for residential customers?
2. The recent DNS saga called sysadmins around the globe to check their servers and apply security patches and perhaps close open relays.

Privatunes Anonymizes iTunes Plus 176

Posted by CmdrTaco on Wednesday June 27, 2007 @09:39AM from the i-don't-know-if-anonymizes-is-a-word dept.

njondet writes "French-law.net reports that Ratatium.com, a French website specialized in technology news and software downloads, has just launched Privatunes, a free software that anonymizes DRM-free files bought on iTunes Plus. Last month's revelations that the DRM-free files sold by EMI on iTunes Plus came with user's full name and account e-mail embedded in them had raised serious privacy concerns. Ratatium.com explains (in French) that Privatunes is aimed at guaranteeing the privacy of users but also their rights as consumers to freely share and trade the songs they have purchased. However, the claim that this software is perfectly legal will surely be tested."

Submission + - Viacom Says "YouTube Depends on Us"

Submitted by

Anonycat

on Saturday March 24, 2007 @09:39PM

Anonycat writes: "Michael Fricklas, a lawyer for Viacom, has an opinion piece in the Washington Post that asserts that YouTube is responsible for damages in the $1B lawsuit initiated by Viacom. Fricklas attacks on several fronts, including that the DMCA's "safe harbor" provisions don't apply because YouTube is knowledgeable to infringement and furthermore derives financial benefit from it, that putting the burden of spotting infringement on the content providers is an undue burden to them, and notably that "Google and YouTube wouldn't be here if not for investment in software and technologies spurred by patent and copyright laws" in defending the relevance of the IP sector. Whether you agree with the case being made or not, it's a nice look into the minds on the pro-Viacom side."

Submission + - Internet Radio to be killed by the RIAA

Submitted by

Anonymous Coward

on Monday March 19, 2007 @05:22PM

Anonymous Coward writes: "Just got this in the mail from Tim Westergren, Pandora's CEO: "I'm writing today to ask for your help. We've had a disastrous turn of events recently for internet radio: Following an intensive lobbying effort on the part of the RIAA, an arbitration committee in Washington DC has just dramatically increased the fees internet radio sites must pay to the record labels — tripling fees and adding enormous retroactive payments! Left unchanged by Congress, this will kill all internet radio sites, including Pandora. Tomorrow afternoon there is an important U.S. Senate hearing on the future of internet radio."

This issue has started to get blog coverage: http://gigaom.com/2007/03/05/webcaster-royalty-rat es-go-up/ and http://www.rossdawsonblog.com/weblog/archives/2007 /03/the_vast_potent.html

If you live in the US, please contact your local Congressman now!

Please note that I have no Pandora affiliation except as a very happy user."

Submission + - RIAA and University of Wisconsin-Madison

Submitted by stephencrane on Monday March 19, 2007 @10:54AM

stephencrane writes: http://www.joegratz.net/archives/2007/03/16/univer sity-of-wisconsin-stands-up-to-riaa/ A student at the University of Wisconsin-Madison shares what his school is doing in response to the RIAA P2PLawsuit.com campaign. In this campaign, attorneys for Sony, Universal, EMI, Warner Music Group and more sent letters to several colleges demanding that they be forwarded to students. The letter (PDF) threatens students with a lawsuit and instructs them to identify themselves and pay a settlement to the recording companies via the website P2Plawsuits.com. UW-M has sent an email informing students that although they've been given letters to forward to students, they university will not comply without a written subpoena.

Web Censorship on the Increase 132

Posted by Zonk on Thursday March 15, 2007 @03:57PM from the xxx-xxxx-xxx-xxxx-xxxxxx dept.

mid-devonian writes "Close on the heels of the temporary blocking of YouTube by a Turkish judge, a group of academics has published research showing that Web censorship is on the increase worldwide. As many as two dozen countries are blocking content using a variety of techniques. Distressingly, the most censor-heavy countries (which includes China, Iran, Saudi Arabia, Tunisia, Burma and Uzbekistan) seem to be passing on their technologically sophisticated techniques to other areas of the world. 'New censorship techniques include the periodic barring of complete applications, such as China's block on Wikipedia or Pakistan's ban on Google's blogging service, and the use of more advanced technologies such as 'keyword filtering', which is used to track down material by identifying sensitive words.'"

Slashdot Top Deals