Follow Slashdot stories on Twitter


Forgot your password?
Compare cell phone plans using Wirefly's innovative plan comparison tool ×

Comment Re:Productive Purpose? (Score 1) 64

I'd be careful with doing this. It can create a legal liability, if InfoSec runs a password cracking tool against current hashes and succeeds in getting plain text passwords at that point the individual accountability becomes questionable. You can enforce procedures to keep InfoSec legally accountable, but a savvy lawyer will create doubt. The better answer is to run a password cracking tool against hashes that are older, 6 months to a year depending on your password change requirements. Then target any users whose password is cracked with training on password security. With your legal team's approval and help, you can inform the user that they are getting the remedial training because an old password was cracked.

Comment Re:what? (Score 3, Insightful) 403

Nothing has happened to innocent until proven guilty. It is a factual statement that Hillary is under investigation by the FBI. Now if the RNC had said something like "under investigation by the FBI and will be found to have broken multiple laws" that would be another story. Just because you are innocent until proven guilty doesn't mean it isn't known that you are being investigated.

Comment One less device (Score 1) 507

While I like the Roku on my non-smart TV for my soon to be ex-wife she would rather have less boxes around the TV. In addition to less boxes, that means fewer remotes. For a non-techie sometimes even a Harmony remote is frustrating. Also if there are problems with the home network, it is one less device to manage and troubleshoot.

Comment Re:Sad Puppies (Score 1) 231

The Rabid Puppies support the straight white male theory. The Sad Puppies want an end to the collusion to pick Hugo winners, Scalzi has for years run a loose slate. His was no where near organized like last year's Sad Puppies and Rabid Puppies slates, but it was a slate nonetheless. The Sad Puppies, don't care about politics, skin color, or sex of the author. The founders want good Science Fiction to win, not Science Fiction that delivers a message that the Social Justice Bullies agree with. Just take a look at many of the nominations last year, men, women, straight, gay, all were there. The founder of the Sad Puppies is a Hispanic male, and Brad Torgersen who ran one of the campaigns has been married to a black woman for a very long time. The Social Justice Bullies want people to think it is about sex, either gender or partner preferences.

Comment Re:not quite there yet (Score 1) 22

I saw a therapist just yesterday who said that it is a service now available to do DNA testing and at least get an idea of which categories of drugs you'll likely have a good response, bad response or no response. She said she just had a client go to the place for the first time and was going to see how it works out for that client.

Comment Re:This is why we can't have nice things. (Score 1) 229

That's one thing I thought of after I saw the announcement, but I doubt that's the primary reason. Probably the main reason is just that they want to avoid the service getting eaten up by people who don't even understand what the "quality" and "resolution" settings on their cameras or other camera-enabled devices mean. Even with Google's compression, I imagine it's not too hard to use steganography to fit the Constitution, or a chunk of the Bible, or most of 1984, or the Kama Sutra, or the technical plans for a planet-destroying battle station in an image.

If a service like Google, Amazon, Facebook, or Yahoo! resizes and recompresses the image data, that's one thing. If they start stripping iTXt chunks that contain copyright or attribution information, that could be a serious legal problem; likewise if they reduce quality so much that it obscures a watermark containing a copyright or trademark notice.

Comment Not sure he has clean hands... (Score 1) 131

The first time, he makes a big deal about the address in question not being really his, but one he did use for WHOIS registration. I know there are people who have legitimate reasons for hiding their personal address when operating a controversial website, but the solution for that isn't to give a totally bogus address. Or maybe the CSA saw that it had been used as a "private" registration (not knowing it had been subsequently revealed) and assumed it was a relevant secret on that basis? And how is it's Amazon's fault if the address was used to cause the sending of a replacement credit card? Did the scammer rent a room at said hotel and request that the card be sent there?

The second time, he complains about the disclosure of the last purchased item and the shipping address. I'd say that the majority of the time when there's fraud, if the real customer calls in, he'd like to know where the item is actually going so he can include that in his police report. In spite of the scammer's attempt, the agent really didn't give out any useful information about the credit card.

The third time, we don't have a the transcript, so it's possible that the agent read off all the addresses, the AWS username, and all credit-card numbers ever associated with the account. More likely, the agent said, "I'm sorry, I can't give you that information. I can send a copy of your invoice to your e-mail address on file."

Even the last-purchased item is arguably sensitive. What if it's a bulk-pack of condoms, for example? Or (back to Amazon's roots) a book on the list of banned books? I'd encourage Amazon to close that hole, but I'm not sure I have a good solution.

Comment Survey methodology? (Score 5, Insightful) 464

Let's see some information on how they did a "web-based survey". I really have a hard time believing the numbers they are talking about. I don't know of a single firearm enthusiast who would buy a smart gun as more then a novelty item.

As far as I'm concerned, when Feinstein's bodyguards are willing to only carry smart guns, then the technology is mature enough for use.

Comment Sure, online address books are nice... (Score 2) 289

but there are actually a few phone numbers that I remember, and can type on a telephone keypad (or the numbers-only widget on a smartphone) quicker than I can look them up (even with type-ahead on the person's name). They're also harder make data-entry errors with than a written-out e-mail address, or, worse, someone's Facebook or Google+ name.

Comment Re:Sigh (Score 2) 265

This is the only answer that needs to be posted. At my previous job, someone put a bug into the CIO's ear which got filtered down to my Director and I had to pull a report on all port scans for a year. Good news is with Dell SecureWorks is that generating the report was easy. Bad thing that I knew from the get go was the sheer numbers would amaze people who don't deal with this every day. I don't recall the numbers since it has been almost two years, but the smallest number to break down was some thing like 10-15 port scans per second between all the ingress points for a medium sized company. We didn't even normally bother reporting on it because it is useless.The brute force port scans isn't what worries me, it is the sophisticated attackers willing to spend months doing slow probe of the network.

Slashdot Top Deals

A penny saved is a penny to squander. -- Ambrose Bierce