Slashdot is powered by your submissions, so send in your scoop


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 Internet speed test! ×

Comment Apply the rules! (Score 1) 209

Hi You don't specify which government, but let's assume it's one with an comprehensive information assurance policy. First things first. Find out who the technical authority for information assurance is in your country. Then find out what the official policy on erasing and destroying information assets are. This information may not be published, and you may need to be registered with the technical authority to access it. Then cross reference against the terms of the contract. Then do. To help you a little, most best practice policies describe a range of methods. The selection of which method depends on * the device used to hold the data - HDD, flash memory (multiple technologies), DRAM, etc * the classification / protective marking of the data (SECRET, TOP SECRET etc) * whether the device is being re-used (for new data) within the same secure facility where it was held originally, or is it being removed from that facility (for destruction) Removal methods vary from using certified data erasure products, to complete physical destruction via a specified and approved method. In any case, there will be a detailed procedure to follow, possibly also independent witnessing and certification of the destruction. In any case, there will be an explicit process to follow, as well as copious paperwork. Note the use of the phrase 'certified...products'. While tools such as DBAN may be effective, they are not approved and certified by your national technical authority for information assurance. Using a non-certified product is equivalent to using nothing, and there may be penalties if you claim to have followed the set process, but used such non approved tools. Your organisation should have an information security officer (or similar executive) who is responsible for this. Normally it is a pre-requisite to have such a professional as a pre-requisite to handling classified / protectively marked material in most countries. What you've discovered should really have been caught pre-contract signing, by your legal and/or commercial people. You need to talk to your bosses about this. Oversights such as this can destroy a business, both in terms of money and reputation. HTH g

Submission + - The Xbox 360 reset glitch hack - New Homebrew Hack (

An anonymous reader writes: "GliGli released a new hack to boot the Xbox360 into XeLL and thus run homebrew software on your console. It's is compatible with ALL dashboard version and ALL Slim and Fat (expect Xenon, Falcon support will follow later) models and is unpatchable via software updates by Microsoft." —

Comment Re:No sense at all (Score 4, Insightful) 400

I think you are confusing some of the political unrest from the 80s with the self-serving mindless violence of recent weeks.
It is absolutely true to say that government cuts are affecting national and local funding for all citizens, and they are affecting deprived areas. However, these cuts have only come in to effect fully from April this year. The unemployment and illiteracy have been at those levels for a long time, including during the boom years of 1995-2005, and during the previous Labour administration. It is illogical to say that the currently limited impacts of the austerity measures are giving people cause to riot. If you look at the actual activity during the riots, it didn't include political protest, marches, speeches or any other normal signs of protest by ordinary people. It did include a relatively large number of groups causing criminal damage, violence and commiting flagrant acts of theft - typically of high value goods and big name brands. This was theft on a large scale, enabled by breakdown in normal social barriers.
The government is planning to reduce both front and back office police numbers, however these cuts have not taken place yet to any extent. Police numbers are at almost record levels. The police didn't retreat to protect stations, they deployed in the areas that they thought needed protection. However the mobile hoards, enabled by SMS and social networks, just moved to new sites, typically after a short skirmish. In short, asymmetric confrontation and overwhelming numbers. Once the scale of the problem was understood (a d a few politicians returned from holiday) they brought in an extra 16000 police for London alone - an increase of approximately 25% on the normal force. This managed to suppress most of the activity.
There are currently reportedly over 1000 people arrested, and the MPS have suggested that possibly another 2000 will be, once the CCTV and other evidence is analysed. This is hardly tiny by any one's measure.
As for brutal policing, the MPS have been negatively criticised for not being tough enough in the first few days, and they adjusted their tactics subsequently. They have not however used plastic bullets, water cannon, tear gas or any other large scale crowd suppression measures. This is not brutal. If you want to see 'firm' policing, ask the French.
As for fixing problems on the ground, the previous administration spent 10s of billions over more than a decade on enhanced social benefits and programmes for the disadvantaged. While it has doubtless helped many, it has also raised a generation that expects to live off the state, spurn education and employment, contribute nothing in return except vocal occasionally violent protest about how they are not provided enough.

Comment Re:PNG? That photo size is huge. (Score 1) 128

Not only is it a big ass PNG, it's also in AdobeRGB colourspace - so probably about .1% of the readership is actually able to see it correctly. and never mind cutting file size by 75%, try 90 or 95%, and that's without even touching the resolution. The only question is why he didn't go the whole hog with a 32-bit image instead of the paltry 8-bit option. (that last bit was sarcasm, or should I say the last 24 bots were sarcasm) Leading technology web site, eh? Remind me again of the relevance of slashdot, with stories regularly appearing a day or two days behind other sites, slashvertisements, and little in the way of original content. And I agree with the others, taking advantage of users' good will and giving nothing back is pretty weak.

Comment Re:What kind of stupid question is this? (Score 1) 174

I really hope you're trying to be sarcastic or ironic - otherwise there isn't a clue stick big enough. The 'only way' isn't. There are several. All methods of interception require money, some require legislation and the rest require subterfuge and technical skill. In this case I imagine it's very simple. The state has a law saying it's legal for certain agencies to intercept calls in order to protect national security. The state's telecoms provider(s) purchase interception equipment from telecoms hardware providers. It gets plugged in and switched on. The state uses it. No conspiracy, no mad l33t skillz, no drama. Except possibly for the subjects/victims of the interception. For examples of legal intercept equipment, see or There is of course the relatively recent case of illegal intercept, in Greece. There it came to light that politicians and other high profile figures had their mobils calls tapped. On investigation, one of the country's mobile providers found that someone had installed, configured and turned on the 'legal intercept' software/hardware to do the tapping. Here's the rub - it wasn't done by the government company or home intelligence service. So who did it and why?

Canadian Judge Orders Disclosure of Anonymous Posters 250

debrain writes "The Globe and Mail is reporting that Google and a newspaper called The Coast must disclose all information they have about the identity of individuals who posted anonymous comments online about top firefighters in Halifax. The story in question is titled 'Black firefighters file human rights complaint,' and there are some heated opinions in the comments."

Man Sues Neighbor Claiming Wi-Fi Made Him Sick 574

OrangeMonkey11 writes "A Santa Fe man who claims to suffer from 'electromagnetic sensitivities' has sued his neighbor after she refused to stop using wireless devices. 59-year-old Arthur Firstenberg claims his sensitivity can be set off by cellphones, routers and other electronic devices. From the article: 'Firstenberg, 59, wanted Raphaela Monribot to limit her use of the devices. "I asked her to work with me," he said. "Basically, she refused." So he sued Monribot in state district court, seeking $530,000 in damages and an injunction to force her to turn off the electronics. "Being the target of this lawsuit has affected me very adversely," Monribot said Friday in response to e-mailed questions. "I feel as if my life and liberty are under attack for no valid reason, and it has forced me to have to defend my very basic human rights."'"

Comment Re:TrueCrpt (Score 1) 51

They have - by mandating that appropriate controls are implemented, including full disk encryption. See - specifically requirement #40.

Truecrypt is not a product tested and approved by so it can't be used for UK government business. If someone is willing to pony up the accreditation fees, and it passes, then it can be used.

These new UK gov regulations are interesting - they make specific nominated individuals in every government organisation personally responsible for data security - with penalties including fines and prison. Unsurprisingly, data security is now very heavily implemented and monitored.

Comment Re:Should not be a problem... (Score 2, Insightful) 51

All UK government devices storing information classified as RESTRICTED ( no US equivalent) must have two factor authentication, and full disk encryption using a FIPS140 certified product from a CESG-approved list. Anything carrying CONFIDENTIAL or SECRET has the same, plus additional techniques and handling protocols to ensure CIA (confidentiality, integrity, assurance). TOP SECRET isn't discussed in open forums.

This is a non story if they are accidental losses. All organisations, including those within and around the intelligence communities, lose assets. The real questions should be (1) was it accidental, (2) if not, who made the effort and (3) are you confident the systems in place will protect the information for long enough until its value decreases below the effort required to recover it.

  To be honest, the more pressing issue for ordinary citizens is not governments protecting or losing information about citizens, but private organisations.

Comment Re:Highly sensitive data? (Score 1) 51

This would be the UK that led the development of modern computing with the work of Alan Turing, led the development of the use of computers in industrial and military environments (Bletchley Park) and which dramatically shortened the second world war. This would be the UK that invented public key cryptography before the NSA. This would be the UK which developed working, scalable MIMD parallel processing (transputer) in the early 90s. Then there was the matter of Boole, who did some minor mathematical work. That UK.

PlayStation (Games)

US Air Force Buying Another 2,200 PS3s 144

bleedingpegasus sends word that the US Air Force will be grabbing up 2,200 new PlayStation 3 consoles for research into supercomputing. They already have a cluster made from 336 of the old-style (non-Slim) consoles, which they've used for a variety of purposes, including "processing multiple radar images into higher resolution composite images (known as synthetic aperture radar image formation), high-def video processing, and 'neuromorphic computing.'" According to the Justification Review Document (DOC), "Once the hardware configuration is implemented, software code will be developed in-house for cluster implementation utilizing a Linux-based operating software."

Comment re-order your priorities (Score 1) 1095

leave the laptop. you have two weeks in a new country / continent, why sit down with a laptop? If you want to email or blog, there are many internet kiosk/ cafe type places.

Seriously, leave it.

Two weeks is too long in London. Give yourself a day to get over jetlag, and 1-2 days to cover the major attractions. Then take the next ten days to travel around, and come back to london to a final sweep of interesting places, and get ready for the flight.

You can grab a train to Paris (France), and spend a day or two there - get another country in. Get a flight to Dublin, Cork or Belfast (45 mins) Yet another country.

Comment Re:Cloud Computing(TM) (Score 2, Insightful) 264

mod parent up.

The first step is to find out what the business wants, and how much it is willing to pay. THEN you go out to find out what tech is appropriate/affordable to do it.

Ask the heads of each office, and the main business managers what they want the tech to do now, in a year and in three years. Do you have a business continuity plan that has to be allowed for. If you don't have a BC plan, now's a good time to have one done, before you buy a load of kit that may not do the job.

Once you have a list of business needs, and put them in a prioritised list (again the managers set the priority), you go out and look at what can do the job. Assuming you find a reasonable solution within budget, you need to plan the migration.

Protip: do not attempt to migrate everything in one go. Do it in steps, with breaks in between.

Proprotip: whatever your migration, be able to revert to the original solution in less than 8 hours - ie one working day.

Migration is the biggest gotcha - plan, plan and plan again. Do a dry run. Start with the least critical services. You do have backups, right? Fully tested backups, from ground zero? You do have all your network and infrastructure accurately and completely mapped out, and all configuration settings / files stored on paper and independent machines?

Both arguments for VM and KISS have their place - only you can decide. But when you do decide, make sure it's based on evidence, and will end up making the business better.

Don't forget Total Cost of Ownership - the shiny boxes may run faster, but will you have to hire two more techs to keep them running, or a new maintenance contract?

Don't forget training - for you, your staff and the end users. If you're putting shiney newness in place, people will need to know how to use it, and do their jobs at least as quickly as on the old solution. No use putting in shiny web4.0 uber cloud goodness, if the users end up spending an hour doing a job that used to take 5 minutes, because they don't know how to use it properly, or the interface doesn't easily work with their business processes.

good luck

Comment show them the money (Score 1) 301

"Executives" are interested in money - what earns money for the company, what costs money for the company, what can increase future money for the company, what prevents increasing future money for the company.

Think about the main things you are doing, or plan to do over the next week, month, quarter, year. Which of the four results (earn, cost, increase, decrease) do those things do? Can you mitigate (reduce) the negatives? Can you improve the positives? What are the costs (time, money, resources)? What are the impacts/benefits (save or increase time, money, resources)?

Here's a couple of examples:
"Our mail system is aging and is struggling with the current load. I estimate it causes up to two hours delay per employee per month. I plan to increase the memory and disk space. It will cost $x hundred, and take 3 days to implement. The benefit will be the increase in productivity and delay the need to buy an entire new server for two more years."

"Our finance dept is struggling to keep up with the number of invoices that need to be processed. With the CFO I am evaluating three new systems which can help automate the process. The cost of the system is $x in capital expenditure, and then $y in annual licence fees. The CFO estimates that it will reduce the time to invoice clients from 10 days to four days, and increase cash flow for the company."

So, think in terms of money. Think what business problems or opportunities that IT makes better (or worse). State the problem or opportunity, what you are doing / want to do, say what the impact of your proposal is / will be.

Stick to this basic formula, and you'll soon be seen as someone who brings answers and adds value, instead of the stereotypical geek who complains, costs money and does little of value.

Slashdot Top Deals

If this is a service economy, why is the service so bad?