Follow Slashdot stories on Twitter


Forgot your password?
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Comment Stupid article (Score 1) 75

Satellite pagers (and in more modern times, texts over the cellular network) are the most reliable way to get alarms out to field and on-call personal. Sure, someone could send a malicious fake page or text, but these alarms are mainly just heads-up to personal who are not in the operations center that something is amis. The main board will always be checked / personal will always call in and double check before anyone actually pushes any buttons.

This is a really stupid article.


Comment Re:If the point was ... (Score 4, Insightful) 334

There's no proof that it has anything to do with Wikileaks, but in a world of IoT devices with no thought toward security, anyone who cares to do so can mount DDOS with the power of a national entity.

What's the point of doing what Assange and Wikileaks have been doing without any moral position? He isn't helping his own case.

Comment Re:Legal? (Score 2) 281

No, of course it is not legal to set a trap to intentionally hurt someone, even if you expect that the trap could only be activated by the person committing property theft or vandalism. Otherwise, you'd see shotguns built into burglar alarms.

Fire alarm stations sometimes shoot a blue dye which is difficult to remove or one which only shows under UV. Never stand in front of one when pulling the lever! But they are not supposed to hurt you.

And of course these booby traps generally are not as reliable as the so-called "inventor" thinks and tend to hurt the innocent.

Comment Re:First lesson (Score 4, Interesting) 135

I have two major beefs with IPV6. The first is that the end-point 2^48 switch address space wasn't well thought-through. Hey, wouldn't it be great if we didn't have to use NAT and give all of those IOT devices their own IPV6 address? Well... no actually, NAT does a pretty good job of obscuring the internal topology of the end-point network. Just having a statefull firewall and no NAT exposes the internal topology. Not such a good idea.

The second is that all the discovery protocols were left unencrypted and made complex enough to virtually guarantee a plethora of possible exploits. Some have been discovered and fixed, I guarantee there are many more in the wings. IPV4 security is a well known problem with well known solutions. IPV6 security is a different beast entirely.

Other problems including the excessively flexible protocol layering allowing for all sorts of encapsulation tricks (some of which have already been demonstrated), pasting on a 'mandatory' IPSEC without integration with a mandatory secure validation framework (making it worthless w/regards to generic applications being able to assert a packet-level secure connection), assumptions that the address space would be too big to scan (yah right... the hackers didn't get that memo my tcpdump tells me), not making use of MAC-layer features that would have improved local LAN security, if only a little. Also idiotically and arbitrarily blocking off a switch subspace, eating 48 bits for no good reason and trying to disallow routing within that space (which will soon have to be changed considering that number of people who want to have stateful *routers* to break up their sub-48-bit traffic and who have no desire whatsoever to treat those 48 bits as one big switched sub-space).

The list goes on. But now we are saddled with this pile, so we have to deal with it.


Comment Flood defenses? (Score 5, Informative) 135

There is no flood defense possible for most businesses at the tail-end of the pipe. When an attacker pushes a terrabit/s at you and at all the routers in the path leading to you as well as other leafs that terminate at those routers, from 3 million different IP addresses from compromised IOT devices, your internet pipes are dead, no matter how much redundancy you have.

Only the biggest companies out there can handle these kinds of attacks. The backbone providers have some defenses, but it isn't as simple as just blocking a few IPs.


Comment Re:hmm (Score 1) 212

Aesthetics is a legitimate thing to have a preference on; I mean, let's be honest, that's the reason behind like 80% of Apple purchases. And obviously there are other features I like better about Android, particularly native filesystem access without having to install a kludgy app, and its integration with Google services.

Comment Re:Attacking the source (Score 1) 171

Scott Adams is not an authority. He did say it. It's true (I read it as well). So what?

Attacking the source on unrelated charges is a sign of believing the charges (not of guilt, because the people doing the attacking are not the people in a position to know). Attacking the source for being unreliable, on the other hand, is completely legitimate.

Saying "the accuser has been known to repeatedly lie and manufacture evidence in the past" is on the point and relevant.


Comment Re:Clinton, Podesta, Putin and Trump (Score 1) 435

That bloggger didn't remember well enough. He (and you) are missing intermediate posts about it that are linked in the Year of the Lie of 2013 post -- so there's no excuse for him missing it.

From politifact in 2009:

Now, close to a year later, we finally have detailed bills to examine. They closely mirror what Obama promised during the campaign.

But the plans also introduce new ways of regulating health insurance companies that will surely change the current health care system. That could prompt employers to change their health plans, and we find Obama's statement less clear-cut now than it once seemed.
(emphasis mine)

So apparently Don Surber was a lot less honest than Politifact. That's why I never believe right-wing online nuts "fact-checking" because they always -- ALWAYS -- either intentionally or unintentionally omit something important or misinterpret what is said.

Comment Re:Clinton, Podesta, Putin and Trump (Score 0) 435

First, "honesty" is something you want in a President, but it isn't the only quality. Secondly, in this election the 3rd party candidates are terrible. Gary Johnson just seems almost as unknowledgeable as Trump, as does Jill Stein. I considered third-party candidates -- and rejected them. I think a lot of people are the same.

Slashdot Top Deals

Build a system that even a fool can use and only a fool will want to use it.