Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 Internet speed test! ×

Comment Why is cheating frowned upon anyway? (Score 0) 333

It's been argued in the past that schools do not prepare you for the real world, and I think this is an excellent example.

When you get into 'the game' (i.e. a job), cheating is simply part of it. Others will routinely take credit for your work. The people that deserve the promotions the least are often the ones that get them. Hard workers with good ethics are overlooked, cheaters & fakes get ahead, and nice guys get foreclosed on. If anything, hearing that 1/3 of students cheat and got away with it makes me glad that they are learning valuable skills that will be used for the rest of their lives.

Comment 'Thwarted'? Try 'tripped over'. (Score 1) 68

93,000 compromised accounts. If they can tell that an account was compromised vs. a legitimate use, that means there was something unique to these logins. For the sake of argument, let's just say it was a browser-agent. Let's also make some baseline assumptions:
- Let's say that the 93,000 accounts only make up 10% of the total scope of the attack. 930,000 accounts hit, or 1% of the account-base (according to Sony).
- Let's say that only 1 attempt was ever made per account (the most difficult scenario to detect).
- Let's assume that across all the accounts on these systems, 1% of the logins are fat-fingered, and 50% of the user-base logs in per day: 2% average user error.
* These assumptions are very biased in Sony's favor.

If suddenly 930,000 of your accounts (2% of daily logins) had a 90% login failure rate across the board, that would be a terrifying moment for a sysadmin.
If suddenly 930,000 of your accounts started seeing logins from a uniquely distinguishable user-agent, that's a blatant attack.
If, with a dedicated security team, it takes you 3 days to notice that this is going on, there is undeniable incompetence.

Thwarted? No. It was probably some lone sysadmin scanning through the logs that said 'hey, this user-agent sure is showing up a lot...'.

Comment Re:Thats quite noble but... (Score 1) 242

This has nothing to do with it. You are implying that people would be 'Chosen' to do this, when in fact these individuals are *volunteering*.

I can see no political detriment to this, other than the future spin people would put on it (e.g. Future claims that Japan forces the elderly to clean up radiation spills). If these people want to make the world a better place for everyone else, at their own risk and peril, why not let them? I'm proud to share the planet with people like this.

Comment Passion over certs. Certs to fuel your passion. (Score 1) 444

I'm a high school dropout. I have no college under my belt, and only a GED. I'm 23. I do however, have MCITP: Enterprise Administrator, CCNA, and am actively pursuing MCITP: DBA, CISSP, PMP, and RHCE. Am I cert farming? Yes. I'd openly admit it in an interview too. I've forgotten a great deal of what I learned in preparation for my CCNA, and I will likely forget a great deal more about my future certs. What-more, I payed $10,000 in 2010 for cert training, and will drop $6,500 more this year. $16.5k (half my 2010 salary) on certs that I don't yet directly use. Why would I do this? Because it exposes me to new technologies. I could learn it myself, sure; but the certification requirements and training will help me know that I've gotten everything out of it that I need. Quick example: In any 2000 functional level Active Directory domain, a NON-administrator user can add up to 10 computers to the domain by default. I have INTERVIEWED over a dozen people with experience managing domains, and nobody yet has known this. Certs are a tool. Like many other things, they are up for interpretation and can arguably mean nothing. However, if you use them to fuel your passion, and push you in new directions, it doesn't matter what a prospective employer thinks about the individual certs you have, your passion will win you the job.

Slashdot Top Deals

Sendmail may be safely run set-user-id to root. -- Eric Allman, "Sendmail Installation Guide"