impver - Slashdot User

Comment Re:Costly... (Score 1) 115

by impver on Monday August 27, 2007 @04:03PM (#20375541) Attached to: PCI Compliance

You are right in that it is a time sink and has a high cost. You have to have all of this independently verified so you HAVE to pay someone to scan your systems for problems and they normally do it once, tell you whats wrong(sometimes very vaguely and with many false positives) and let you fix it. Then they scan again, rinse and repeat. Every time they do a scan you get charged and no matter what you do there will be false positives so it's almost always a 2 scan process. Now as for your statement about iPhones and such, the simple answer is you should have your credit card systems on a separate vlan that your normal corporate network should not touch. Simple as that (and that's not a hard feat). It would be absurd for a WAP or company lan for that matter to be able to communicate with your credit card servers. Vlan it off, allow access only from those servers that have to send/request information from your servers that store the credit card information. Remember, EVERY network/server/device that touches the servers with the credit card information has to be PCI compliant so it's in your best interest to keep them separate.

Submission + - BitTorrent Closes Source Code (slyck.com)

Submitted by Anonymous Coward on Wednesday August 08, 2007 @01:51PM

An anonymous reader writes: "There are two issues people need to come to grips with," BitTorrent CEO Ashwin Narvin told Slyck.com. "Developers who produce open source products will often have their product repackaged and redistributed by businesses with malicious intent. They repackage the software with spyware or charge for the product. We often receive phone calls from people who complain they have paid for the BitTorrent client." As for the protocol itself, that too is closed, but is available by obtaining an SDK license.

Submission + - Replacing atime With relatime in the Kernel (kerneltrap.org)

Submitted by

eldavojohn

on Wednesday August 08, 2007 @09:35AM

eldavojohn writes: "Our friend Jeremy at the Kernal Trap has has dug up some interesting criticism of atime from god himself, Linus Torvalds. As Linus submitted patches to improve relatime he noted: "I cannot over-emphasize how much of a deal it is in practice. Atime updates are by far the biggest IO performance deficiency that Linux has today. Getting rid of atime updates would give us more everyday Linux performance than all the pagecache speedups of the past 10 years, _combined_." And later severely beat atime about the head with a pointed stick: "It's also perhaps the most stupid Unix design idea of all times. Unix is really nice and well done, but think about this a bit: 'For every file that is read from the disk, lets do a ... write to the disk! And, for every file that is already cached and which we read from the cache ... do a write to the disk!" Well, I guess I can expect my Linux machine to become a little bit faster!"

Submission + - Vote Swapping Ruled Legal!

Submitted by cayenne8 on Tuesday August 07, 2007 @01:34PM

cayenne8 writes: Way back when (2000), during that election, there were some sites set up (voteswap.com and votexchange.com) for people across the nation to agree to swap votes. This was set up mostly for Nader and Gore voters to work against Bush.

California representatives threatened to proscute these sites as criminal offenses, and many of them shut down. On Monday, the 9th US court of appeals upheld that "the websites' vote-swapping mechanisms as well as the communication and vote swaps they enabled were constitutionally protected" and California's spurious threats violated the First Amendment. The 9th Circuit also said the threats violated the U.S. Constitution's Commerce Clause."

See the story HERE .

Submission + - Being Unhealthy Could Cost You -- Money (yahoo.com)

Submitted by

Joe The Dragon

on Tuesday August 07, 2007 @01:08PM

Joe The Dragon writes: "http://biz.yahoo.com/bizwk/070802/aug2007db2007081 804238.html?.v=1&.pf=insurance
By Jena McGregor

For employees at Clarian Health, feeling the burn of trying to lose weight will take on new meaning.

In late June, the Indianapolis-based hospital system announced that starting in 2009, it will fine employees $10 per paycheck if their body mass index (BMI, a ratio of height to weight that measures body fat) is over 30. If their cholesterol, blood pressure, and glucose levels are too high, they'll be charged $5 for each standard they don't meet. Ditto if they smoke: Starting next year, they'll be charged another $5 in each check.

Clarian has been making headlines for its aggressive and unusual approach to covering escalating health-care costs. Rather than taking the more common step of giving employees incentives for merely participating in its wellness programs, such as joining a smoking cessation group or using a health coach, Clarian is actually measuring outcomes. And unlike most employers, it is penalizing workers for poor health instead of rewarding them for taking healthy steps.
— - —

This is yet another way that employers try to mistreat there works and some times the work environment can lead to people gaining weight like making them work 80/H + week with fast food working lunches + hours that don't give the works time to participate in wellness programs. In cases like that it is very unfair to change employees for poor health that sometimes comes from a poor working environment."

Journal SPAM: FBI Raids Home of Suspected NSA Leaker 608

Journal by Jeremiah Cornelius on Monday August 06, 2007 @03:02AM

During the very time Congress was debating codifying the Bush administration's wiretap lawbreaking by revising the FISA law the Gonzales DOJ was raiding the home of a former Justice official to identify the person who first brought the illicit program to light.

As Newsweek details the FBI raided the home of Thomas M. Tamm, former official of the Office of Intelligence Policy and Review (OIPR) within DOJ.

Submission + - An Ebay Sale is a Sale

Submitted by syousef on Friday August 03, 2007 @06:20AM

syousef writes: An Ebay Sale is a Sale says an Australian New South Wales State Judge in a case where a man tried to reneg on the Ebay sale of a 1946 World War II Wirraway aircraft. The seller tried to reneg because he'd received an offer $100,000 greater than the Ebay sale price elsewhere. The buyer who had bid the reserve price of $150,000 at the last minute took him to court. "It follows that, in my view, a binding contract was formed between the plaintiff and the defendent and that it should be specifically enforced," Justice Rein said in his decision. All dollar figures are in AUD.

KDE 4.0 Beta 1 Released 249

Posted by Zonk on Thursday August 02, 2007 @05:06PM from the and-they-are-just-giving-it-away-this-time dept.

dbhost writes "Along with this morning's cup of coffee and log reviews, I discovered that the KDE team is moving forward with a long awaited beta release of KDE 4.0 beta release of KDE 4.0. The most interesting item I found in the notes is that the file manager in KDE is being separated from Konqueror into a component called Dolphin. Also, according to the announcement, konsole has been treated to a number of improvements such as split view, and history highlighting."

Submission + - Point and click Gmail hacking at Black Hat (tgdaily.com)

Submitted by

not5150

on Thursday August 02, 2007 @04:51PM

not5150 writes: "Using Gmail or most other webmail programs over an unsecured access points just got a bit more dangerous. At Black Hat, Robert Graham, CEO of errata security, showed how to capture and clone session cookies. He even hijacked a shocked attendee's Gmail account in the middle of his Black Hat speech."

Submission + - Forensics Expert says Al-Qaeda Images Altered

Submitted by WerewolfOfVulcan on Thursday August 02, 2007 @04:33PM

WerewolfOfVulcan writes: Wired reports that researcher Neal Krawetz revealed some veeeeeery interesting things about the Al-Qaeda images that our government loves to show off.

From the article: "Krawetz was also able to determine that the writing on the banner behind al-Zawahiri's head was added to the image afterward. In the second picture above showing the results of the error level analysis, the light clusters on the image indicate areas of the image that were added or changed. The subtitles and logos in the upper right and lower left corners (IntelCenter is an organization that monitors terrorist activity and As-Sahab is the video production branch of al Qaeda) were all added at the same time, while the banner writing was added at a different time, likely around the same time that al-Zawahiri was added, Krawetz says." Why would Al-Qaeda add an IntelCenter logo to their video? Why would IntelCenter add an Al-Qaeda logo? Methinks we have bigger fish to fry than Gonzo and his fired attorneys... }:-) The article contains links to Krawetz's presentation and the source code he used to analyze the photos.

Slashdot Top Deals