Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Comment Re: How do you secure the unsecurable? (Score 1) 112

The ISP, in turn, immediatly has to notify and throttle users who are part of the botnet. They have to do it otherwise they'll be airing and abetting internet pira...er, ddos attacks, and thus, are open to lawsuits. This creates the proper incentive to rubber stamp... I mean, streamline the process.

The user, of course, has a chance to contest this throttling in case that the user is not part of the botnet (IP addresses are so easy to spoof these days). So it is totally fair. All they have to do is send a counterclaim and if it is rejected (which it will), they have the option to take this to court.

Did I say a single word about identifying them by IP address, jackoff? No, so put a cock in it.

Besides, we can do more about IP address spoofing.

Comment Re:The attackers (Score 1) 112

This wouldn't involve the ISP, it'd be entirely within the router. The router could access any DNS server, but hosts on the internal side could only access the router's caching DNS server unless the user authorized an exception for them. It wouldn't entirely prevent attacks like this one, but it'd prevent direct attacks and forcing the attacks through multiple levels of caching would blunt the attack to a degree and make it easier to throttle the sources of the malicious requests.

Comment Re:And what about Wi-Fi (Score 1) 125

My money is on wifi not working right.

Wifi is a crapshoot in crowds that size, especially when you consider that > 90% of the fans in the stands have smartphones, all of which at least have wifi on and most of which probably have some setting that automatically connects them to open networks. At a minimum there's a bunch of RF noise from this alone.

It's worse if you consider the number of stadiums that install wifi -- I've never been to one where it worked well and in many it doesn't work at all. And stadiums themselves are often a clusterfuck of management, "operated" by the team in terms of cash revenue but managed by some stadium commission as a physical facility so that the local taxpayer can pick up the tab for annoying facility costs that aren't related to making the team owner richer.

It wouldn't surprise me at all if older stadiums retrofitted with wifi were done so on the local sports facility commission/taxpayer's dime and had all the usual corners cut as one might expect with such a project. The expectation (and effort) was probably decent coverage in luxury boxes, locker rooms and press areas. Fan seating areas get "covered" with a visible 2+ bar SSID, but nobody was willing to pay for RF engineering a workable solution for 70,000 people to actually use it.

So at best they're operating in RF soup with proper APs nearby, hoping that between signal proximity and operating on the 5 Ghz band they will get useful coverage. At worst they're working in RF soup off a crap solution.

Ideally, their software would be designed to be as network-independent as possible so that as much useful work as possible could be done without any network signal. But what do you bet it's a bunch of BS cloud based bullshit, dependent on appy Azure apps that Microsoft is hoping NFL teams and their corporate leaders will buy into even further.

Comment The attackers (Score 3, Informative) 112

Ultimately, it's the groups that initiated the DDoS who are to blame. But others have to take some responsibility for failing to do what they could to mitigate the opportunities to initiate attacks:

1. ISPs could implement measures based on RFCs 3704 and 2827 that would make spoofed traffic difficult to impossible to generate.

2. Router makers could implement RFC 3704 and 2827 rules in their firewalls by default, could implement default rules that blocked access to external DNS to everything except the router (with the option for the user to allow some or all access), could provide a separate network for IoT devices that defaults to no Internet access and the user has to specifically authorize access per device, and could make randomized default passwords the standard for factory-default configurations.

3. IoT manufacturers could make randomized default passwords standard and design their devices to not require Internet access to configure.

4. Consumers could acknowledge that they're responsible for their own networks and routinely make use of the available tools to check on the health of their networks and the status of the devices on it.

Comment Re:How do you secure the unsecurable? (Score 2, Interesting) 112

I think the best way to handle this is to make people somehow accountable when they participate in a DDoS, whether they do it willingly or not. Personally I think their internet access should be throttled to dialup speed for 60 days if they are conclusively found to be participating, and that 60 days starts over each time they're found participating. It will make them think twice about buying insecure shit.

Comment Re:Who should we blame? (Score 5, Insightful) 112

Regardless of who is behind it, it's about time that we treat DDoS as the censorship that it is. I'm sick of hacktivists trying to justify bringing down major websites just because they don't like whoever runs it, while at the same time talking about how they are pro democracy and pro free speech. DDoS is the opposite of both, no matter who the target is. People who justify it because they don't like Walmart or whoever are fucking hypocritical assholes.

Comment Re:Compact Florescents would like a word (Score 3, Informative) 122

Fuck knows what shit it is that you're buying, but there's a CF replacement bulb in every socket in my house and I've literally never changed one.

The outdoors one is on from dusk to 11pm all year round and is a CF. Still going.

In fact, all that's happened is that I've started replacing the CFs with LED lights - and same thing there. Not one in the bin yet. In fact I've still got a box of 20 LED bulbs which are just waiting for the CFs to die but I don't get up on a chair to change them unless they do and NOT ONE has. In the same time, I've replaced 12 halogens and about 7 incandescents.

And I'm using the cheapest thing on Amazon that I can buy in bulk and is supplied in a direct-replacement for an existing bulb-shape.

Hell, I even replaced all the tiny little high-power halogens that were popular in light fittings with bigger-but-same-output LEDs that take 1/50th the power.

I honestly don't know what junk you're using or what's wrong with your house electrics, but CF's do what they claim, and so do LEDs.

Submission + - Clinton Foundation works with Big Pharma to keep the price of US AIDS drugs high (reddit.com)

Okian Warrior writes: A newly released Podesta E-mail explains how the Clinton Health Access Initiative (CHAI) works to keep the price of AIDS medicines high in the US.

CHAI contracted with Big Pharma companies for AIDS drugs to be distributed in developing countries. In return, the group agreed to resist efforts to bring similarly lower cost and generic drugs to the US.

The email is a reaction to "comments President Clinton made on lowering domestic AIDS drugs prices at the World AIDS day event":

We have always told the drug companies that we would not pressure them and create a slippery slope where prices they negotiate with us for poor countries would inevitably lead to similar prices in rich countries.

[...] If we do try to do something in this area, we suggest that we approach the innovator companies that can currently sell products in the US with the idea of making donations to help clear the ADAP lists. For a variety of reasons, the companies will likely favor a donation approach rather than one that erodes prices across the board.

[...] I would guess that they would also likely favor a solution that involved their drugs rather than an approach that allowed generic drugs from India to flood the US market at low prices or one that set a precedent of waiving patent laws on drugs. ... We can go to war with the US drug companies if President Clinton would like to do so, but we would not suggest it.

Comment Weather (Score 1) 125

Little better than random chance, then.

Pisses me off that the biggest IT investments and supercomputers exist for meteorogical purposes that perform little better than chance.

Though important, for shipping, air travel, etc. it's not THAT important to get a tiny little percentage over just looking around and thinking it's going to piss down in a moment, or sticking a box in the North that lets you guess how long until the same weather hits the South.

Just seems one enormous waste of money to me. And who exactly PAYS for their weather forecasts? Are airlines really paying millions of pounds a year to find out if the skies are going to be a bit rough?

Slashdot Top Deals

How come everyone's going so slow if it's called rush hour?