Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Check out the brand new SourceForge HTML5 speed test! Test your internet connection now. Works on all devices. ×

Comment Re:Hey, dummies (Score 1) 56

The ironic thing is that Windows servers have one of the easiest to use and most workable backup programs, wbadmin. From there, there is Veeam, and if one wants to stay in the MS ecosystem, there is MS DPM.

I would say part of the blame is that there is so much pressure to get stuff up and running, that stuff like security and backups fall to the wayside. For example, part of the cost in setting up a VMWare farm should be Veeam. However, backups tend to be ignored.

I'm sort of reminded of how people actually started practicing security when MS-DOS viruses started not just erasing hard disks, but zapping BIOS firmware and throwing monitors bogus refresh rates in order to have them fry. When hardware started getting destroyed, people started paying attention. I wonder how long it will take for the same thing to happen, once ransomware starts taking advantage of user permissions on the domain/tree/forest level and spreading via AD.

Comment Re:Hey, dummies (Score 1) 56

There are many ransomware-resistant solutions:

1: Pull backups. NetBackup, Veeam, and many others come to mind.
2: EMC Isilons offer SmartLock functionality that can be set to prevention deletion for everyone out but root on the physical Isilon console.
3: My little two drive NAS offers snapshots and backups to a USB hard drive. Malware can pop the current time, but just cd-ing to a directory to "#snapshot" and fetching the files is nice.
4: Amazon Glacier offers vault locks that once set after 24 hours, cannot be removed, even by the AWS owner. Set a WORM policy of 30-180 days, daily backups to that, call it done.
5: Good old fashioned tape drives. WORM cartridges are not expensive, although the drive unit is pretty pricy.

Is it the norm these days for backups to not be done, or people assume that RAID constitute as backups?

Comment Re:Only LUDDITE software is encrypted. (Score 1) 82

I have never gotten the "app" verb used in this context. I assume "apping an app" means using XCode and Git, with a very well-honed Agile and Scrum process, with multiple development, alpha, and beta stages to get code that is as bug-free as malware (malware tends to be the least buggy of types of software.)

Comment Re:Awefuly clickbatey summary (Score 1) 126

That puts Seafile in quite a bind. If they do a "file foo" on everything uploaded and hand that over, that can get them in some legal hot water, or at best, net them bad press. If they don't, they lose PayPal.

Looks like they made the best decision they could. As for Bitcoins, someone would make a mint if they could make an easy to use processing service, on the level of Square or PayPal. BitCoin is still a unsteady currency, but as a means to move real money to it, make the transaction, then move out of it quickly, it is usable.

Comment Re:And nothing of value was lost (Score 1) 126

I have used them as a credit card merchant ("Paypal Here" scanner), and I've had decent luck with them over the years. I have read horror stories left and right, but maybe I'm just lucky, but I wind up using them quite often for paying on commissions.

Next to BitCoin, they are definitely one of the easiest ways to get cash to someone.

Comment Wish this standard were open... (Score 1) 136

Blizzard has similar functionality where the app will look at queued login attempts and ask for approval. Before that, it was IBM's ZTIC which was one of the first 2FA systems which did this.

I wish this were open source, just like TOTP is right now. I use a third party application that allows me to sync my 2FA codes (encrypted, of course) among my devices, including my Linux boxes, and my NAS machines. Having the ability to just tap "approve" for SSH connections would be nice, but it likely would require more moving parts outside my LAN, which could make things less secure.

Comment Re:I never understood privacy (Score 1) 202

The problem is that we had secure communications networks. They were kept disjoint, and with incompatible communication protocols.

There is a way to design a secure network -- circuit switched, with the switch having an ACL that only lets certain machines communicate with each other and nobody else. Add RSA keys on a low level of the stack, and an attacker would have to compromise both the switch ACL and the authorized key list on the individual machines just to attempt communicating with one of the hosts.

Comment Re:Let them go nuts (Score 2) 202

With basic technology available in firewalling appliances, it isn't too tough to make a rule, "if it appears to be encrypted, drop the packets, send alert, and yank offending host from the network". Just block traffic going through a HTTP/HTTPs port without a user agent, MITM the rest. This works on the LAN. It wouldn't be too hard for a repressive government to do this on a WAN basis.

Comment Re:MP3 (Score 1) 311

I used to argue this over a decade ago, that AAC was Apple only. However, times have changed, with many other devices accepting this format. The days of WMA players are long gone, and virtually everything will play AAC. Ideally, one should purchase music in FLAC, and choose the best format for the device. For a high noise threshold car, 192kbps might be good enough. For listening with cans, might be best just to listen to the FLAC file directly for the best quality.

Of course, most newer audio heads assume you have some device with Bluetooth and may not even bother with storage or CD/DVD slots.

Slashdot Top Deals

If builders built buildings the way programmers wrote programs, then the first woodpecker to come along would destroy civilization.