Become a fan of Slashdot on Facebook


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 Internet speed test! ×

Comment Re:"alternate vendors" (Score 1) 606

Exploiting it would be like saying "ok google open the burger king web page and rate it five stars" or "ok google text matt, i am going to burger king want to join" (everyone knows a matt, seriously). Instead they did something designed to be completely literally harmless. Google (and the dumb dumbs who put this assistant in their home blissfully unaware of the misdeeds that its capable of) needs a wakeup call, if anything.

Comment Re:"alternate vendors" (Score 4, Insightful) 606

The google home appliance was never designed to only listen to one operator. The owners know this. It is not trained to their voice, at all. There is no unauthorized use if the appliance was specifically designed to listen to ANYONE. Would be like saying visiting "" is unauthorized because you dont have direct permission from Google. Nonsense, google put it there knowing (hoping) people would come along and use it. If you think its any different with this appliance, you are sorely mistaken. There is a big different between having a trivial lock (a login with no password) and having literally no lock at all, no door, not even an entryway, just a thing sitting in the street waiting for someone to come along and look at whats there.

Comment Re:Am A Noob Too (Score 1) 279

You're right that very very few people go to that effort but thats not because of any intense expertise or expense. I have a similar setup with OpenWRT routers and APs (multiple devices in different locations with different specialties) a managed switch, VLANs, etc. Its all (except the distributed APs) on a wire shelf in my basement next to my electrical panel. Super easy.

Comment Re:How do you know? (Score 3, Insightful) 279

Recommendations? Take the C7 and install OpenWRT on it. Super easy to use, reliable, and capable of any firewalling you can dream up (including on IPv6). Plus then you have a nice graph to tell you how much bandwidth is in use and by which device. If you have a botnet participant in your network it will be obvious.

Comment "of course i'm protected, i just cant say how" (Score 0) 217

"There are some additional things I do," Spafford added, telling the reporter that "I'm not going to give details of all of them, because that doesn't help me."
Bruce Schneier had a similar answer. When the reporter asked how he protected his data, Schneier wouldn't tell them, adding "I'm kind of a target..."

So... security by obscurity is apparently highly regarded by the pros. Good to know.

Comment How odd (Score -1) 131

Last time I did a support chat with Amazon there was an option to email a transcript or not. It asks at the end of the session. Why would the scammer be choosing to send the transcript every time? He basically gave himself away immediately when he did that.

Comment Re:If your critical stuff is IOT.... (Score 1) 68

Which is great, except that wind farms tend to be in places like the middle of nowhere, Kansas, or a mile or so offshore.

These vulnerable turbines aren't even utility scale like you are picturing. These are backyard farm turbines and the like. Those turbines do use secure interfaces and protected networks. But hey lets shit on the IoT because one small time vendor screwed up.

Comment Re:Good for them (Score 1) 191

I work for a tech company. I don't think anyone has ever been asked if they had a criminal record during job interview in the 100+ people hired over the years.

Asked? Heavens no. The background check takes care of that. They only ever ask you to fill out the "have you had any felonies" form if they know you did and want to catch you lying.

Slashdot Top Deals

Enzymes are things invented by biologists that explain things which otherwise require harder thinking. -- Jerome Lettvin