Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Comment Re:A lot longer than that, actually (Score 1) 38

Well I will fight the power by turning OFF my cellphone during the flight!

Lol, it's not really going to help, even when not flying. Always assume any device you didn't design and build yourself is compromised, and even then you have to presume any encryption protocols are compromised if you yourself didn't write them, and the signal intercepts have already occurred.

All you have going for you is being incredibly boring. The more boring, the better.

Comment Re:Lots of companies want Win10 (Score 1) 149

That may be true, but we have not yet discovered how to make a system that is truly, 100%, absolutely guaranteed secure. That means real world security is all about risk management: what risks can we identify, and what can we do to mitigate them?

Unless you are capable of building literally everything you need, from the most basic hardware components or the first line of code on up, at some point you will come to a decision between trusting some partner organisation and its staff to do what they say and looking elsewhere. And if you really need something big and you can't build it yourself, there are probably only so many potential partners to work with before you run out of options.

So, maybe no amount of assurances from Microsoft would reassure you, but if you're in charge of a hypothetical multi-year, multi-billion dollar R&D programme and you need a desktop OS to run your software on, who would you allow to reassure you? Apple? The Debian security team? A few hundred specialist developers you just hired to build you something from scratch on top of FreeBSD?

Comment Re:Lots of companies want Win10 (Score 1) 149

The real world doesn't work like that. Having independently audited the source code from a big provider, there isn't much difference between having your own background-checked people building it and having actionable assurances from senior executives at your supplier that their technicians with the same relevant background checks and security clearances have built it properly. At some point, there is always a level of trust in the individuals involved and a level of oversight in how the product is made and deployed, regardless of whose name appears on the payslip of those people.

Comment Re:The year after. (Score 1) 149

I'd guess they'd get told telemetry was optional but would be necessary for certain support functions/p>

I'm fairly sure that if you'd told them that, all of the banks I'm thinking of would have required either the ability to permanently disable all such telemetry code before going into service or, in some cases, a custom build of any relevant software with all such telemetry code removed.

or turn some automated functions (like software updates) into manual, downtime-required functions.

No-one in the environments I was dealing with would have been installing any sort of automated updates anyway. We're talking about the kind of place where taking anything out of service, other than special emergency procedures in some cases, typically requires a sign-off process that could last for weeks. Usually that would include significant amounts of lab evaluation before being put into production for literally any hardware or software change. It was also normal to require sufficient assurances to satisfy them that for large-scale deployments, what was later delivered in volume would be absolutely identical to what they had evaluated under lab conditions.

Obviously this is at the opposite end of the spectrum to "Just install it, I don't care". I'm just pointing out that in organisations with serious security or reliability concerns, this kind of thing does happen. I've encountered a similar abundance of caution in plenty of back office environments as well, say places like communications providers or the infrastructure used by big online retailers, but banks seemed like a good example here because they do also have large numbers of regular PCs accessible from front-office locations and running regular desktop OSes.

Comment Re:"Sales" = Win10 Licenses with 7 downgrade right (Score 1) 149

I think we're talking about different things here.

I'm talking about buying a new PC from a major vendor that comes with Windows 10 pre-installed but lets the customer replace that (legally) with Windows 7 or 8.1 post-sale. This is still allowed if the vendor offers it, but they aren't allowed to supply new machines with 7 or 8.1 preinstalled any more, only 10. I can't immediately find a reference, but I've seen reports that similar moves by Microsoft will prevent even selling new machines with those downgrade rights in a year or so.

I suspect you're talking about more general provisions under enterprise licensing agreements or some sort of developer programme. There are other schemes that Microsoft runs that let people do all kinds of things, but they aren't necessarily available to someone who just went to dell.com and bought a new XPS laptop.

Comment Re:Bluetooth Headphones (Score 1) 313

Plus Bluetooth on Android (may be true of iOS too, no idea) is fairly bug ridden and crappy. I've seen three relatively recent Android phones that crash if they try to connect to our minivan's BT system. Googling for "bluetooth share has stopped" (the error message the phones give) show this is a common problem and has been for some years. Looks like the 4.x series was the last version of Android that had remotely stable Bluetooth support.

You'd think, at the very least, Samsung would hold off until Google can put out a half way stable Bluetooth stack.

Comment Re:Fitbit is next (Score 3, Informative) 156


Who on their right mind is going to spend hundreds of dollars for some minor functionality?

Back in the 1980s, I remember thinking "If only there was a way to have my girlfriend (at the time) send me her pulse so I could feel her love on my own wrist in real-time. Of course the technology wasn't there, and wouldn't be for some time, so I had to settle for her bloody heart in a jar and 25 years in a psychiatric hospital.

Submission + - Three college students were behind BBC, Trump cyberattacks (zdnet.com)

An anonymous reader writes: How many hackers does it take to bring down one of the world's largest websites? Turns out, only three, and two of them are still in college.

Several sources have told ZDNet that despite claiming to have dozens of members across the world, the New World Hackers' consists of just three core members who carry out the bulk of the group's cyberattacks — the youngest of which is still a teenager.

The group also targeted and downed Donald Trump's campaign website and banking giant HSBC's website in separate attacks.

Comment Re:"Sales" = Win10 Licenses with 7 downgrade right (Score 1) 149

Yep, for now there are still options to buy new PCs and run older versions of Windows (legally), though only if you're willing to jump through a few hoops at this point. There will be more serious questions when that possibility is also removed, which isn't far away now in business planning terms.

Comment Re:Ummm.. (Score 1) 149

Well, if you want Microsoft to automatically determine which update(s) are relevant for your system, obviously you're going to have to share some level of information about what you have installed already. If that counts as telemetry, then yes, of course the update tools won't be able to work properly if you disable it. I'm not sure how relevant this is for Enterprise users, though, since the odds of individual users managing the updates on their own systems in an environment running Enterprise must be pretty low to start with.

However, that kind of telemetry is a far cry from functions like search boxes or Cortana automatically and silently sending details of what you're doing back to the mothership even though everything else involved is local to your system. This is the kind of privacy problem that most people objecting to the increased telemetry in recent Windows versions are concerned about.

Slashdot Top Deals

I have the simplest tastes. I am always satisfied with the best. -- Oscar Wilde

Working...