Become a fan of Slashdot on Facebook


Forgot your password?
Trust the World's Fastest VPN with Your Internet Security & Freedom - A Lifetime Subscription of PureVPN at 88% off. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. ×

Comment You can drive? You might become a bank robber! (Score 1) 154

Good lord this is fear based propaganda. Good lord the English speaking world is being overrun by right wing fear mongers AGAIN.

Yes anyone that mods a game would have just SOME of the skills requisite to performing cyber crime. Those same skills would most likely be applied to just being blue/white collar wage earning paying taxes worrying about the mortgage in 15 years time.

The missing piece of this puzzle is simple morals. How about just teaching respect and morality to children. I dare say this will have a far more positive impact on society and crime rates than this fear non-sense.

Comment The head phone jack is universal but not needed (Score 1) 536

The head phone jack has been great. It did the trick. And for a lot of people if not most it still does. To change to another jack format is just stupid. It'll be excessively costly for consumers and frankly a waste.

I however have switched to wireless I use standard headphones with a bluetooth wireless receiver. And I love it. Why? Well my phone has become so much more than an audio device (phone,music,books). It's now my credit card, subway pass, door key etc. My phone is constantly being removed and put back into a pocket. The number of time my head phone wires have gotten caught on the odd thing here and there and caused my phone to go flying me to look like I have been yanked by the back of my head and have had my headphones ripped forcibly from my head are countless. All this stopped instantly once I went to a bluetooth receiver. I use the headphones I like and the controls for my audio and phone are now on the receiver. I don't even have to bring my phone out for audio tasks. They are so small I can place the receiver on my sleeve, in my pocket, clipped to my jeans where ever. I can move it around so that it doesn't get in the way of what I am doing.

And the best part is the receiver is only $25. I have a couple of them. One extra in the bag just in case the batteries die. But they rarely do.

Comment Re:Users View Updates from Apple as Risky (Score 4, Insightful) 320

I have to completely agree.

Apple software installs effectively trash your carefully configured machine. How many WTF moments have I had just after a simple update and realise that my personal content has now magically moved. To where? Pictures and Videos I take of the family all of a sudden are assimilated into the Apple sphere. My preferences for video audio, homepage, picture, editing etc all trashed.

And in most case it's damn near impossible to remove. Thus being relegated to un-used software that is slowly dying in a dark corner of the hard-drive.

Comment Re:I don't get it (Score 2) 170

Do you have any concept of how much 2.5 billion is? The average person in the United States will make a grand total of $3.4 million in just one life time. That's 735 lifetimes of money. All upfront. 1% interest on $2.5 billion is $25,000,000. This guy makes more on 1% interest in a year than the average person makes working in 7 lifetimes. That's 1%. Do you know how hard it is to only make 1% interest. Banks are going to borrow from this guy. He he were to covert this into 1 dollar bills and stack them in a single pile. The pile would be: 895000 feet 169.5 miles. This guy could achieve low earth orbit by simple stacking money and standing on it. NFL players make on average 1.9 million. This make Mr. Minecraft equal to 24 NFL pro teams. Yep this guy makes as much a 2/3 of the entire league. Sorry he made that in one pay day. What exactly is there to horde? This guy isn't an idiot. He's stupidly rich. Like Richie Rich rich. $70,000,000 our of $2,500,000,000 is still $2,430,000,000. That's multiple billions here still. Most countries if they had 2.5 billion could pay off the entire countries debt. If you think this guy is still an idiot I suggest you look in a mirror first.

Comment Too Late for Aus (Score 3, Interesting) 336

NFC has taken off in Aus in a big way. With most retail outlets having terminals that take Paypass/Tap&Go ( NFC payment brand names here ) accepted across competing financial institutions. There is zero chance Apple will make any headway here asking retailers to forgo the already established infrastructure. Also basically asking retailers to stump up money to install another payment network. Given the existing network was no additional cost to them. Apple is making a mistake here. I don't think it will hurt them too much but Apple Pay will certainly not be a reason for market share growth of the platform. The larger screens most certainly will give them some growth but not this ridiculous shackle.

Comment Re:No Excuse really these days. (Score 1) 348

Do you mean the position that we need firewalls?

Yes, was curious to understand reasoning behind position.

I would have thought that that the need for firewalls was self evident.

The industry is full of bad ultimately harmful ideas which see widespread adoption for locally optimal reasons. It is far from self-evident to me firewalls do not fall squarely into this category.

You are stating that firewalls are harmful. What back this statement up?

The smart devices we use today all tend to have a variation on mainstream OS's. All of which come with some form of host based firewall. Thus the management of these devices from a firewall perspective is even easier. So much so that it is now possible for most marginally technical people to ensure they are properly configured at least at the time of device activation / installation.

I think today anything claiming to be a "smart device" needs no firewall because it accepts no incoming connections. It operates by calling home to the vendor. If you want to access your "smart device" you connect to the vendors server and ask nicely to please access your own gear. A mega ultra cloud firewall...!!1!!!!1!

More generally would be interested in understanding why a device with a specific purpose is more secure when it listens for commands through an internal firewall vs the same listener without? Is a bluetooth headset more secure behind a Bluetooth firewall? Perhaps a concrete example...

Smart device do not only initiate connections. If you use a stock OS as a base for you smart device you are also accepting the fact that these devices will also implement service listeners. You may have a crack team of coders that does a very good job of inspecting each service and only allowing the bare minimum and none that have rogue listeners. But your developers are not always able to review each line of code that is used in patches moving forward. Things change. And they should change. As things improve a good vendor will patch these devices. So Where am I going to invest my effort. I'm going to invest effort into making sure my product works perfectly. If I spend a tiny amount of time ensuring that things are blocked with a firewall I don't have to worry if some changes in apps and services that I'm not in total control of all of a sudden have listeners. I could care less if the firewall is blocking them. This means I'm investing far less effort into on going maintenance and getting the same secure result. Easy win for me.

The interesting thing is you do have a firewall on bluetooth. You do if you use bluetooth to carry IP traffic. This is of course if you use a firewall. So yah you are more secure from bad blue tooth devices if you have a firewall.

Why do you feel firewalls are effective? There seems to be an implicit assumption that firewalls are effective... what makes that true?

What if all the worlds firewalls were thrown in the trash heap and in their place systems were configured to accept only Authenticated, Authorized, Integrity protected, Encrypted inquiries from acceptable locations?

Would that world have better or worse security outcomes than todays world? I think no question it would be better.

No more making security decisions by ports and trivially spoofed address headers or checking worthless boxes on a compliance chart only to have the whole house of cards collapse when Debbie in accounting clicks on the wrong untrusted email message with spoofed from header.

Instead of administrators configuring ports and addresses in firewalls what if they instead spent that same time managing the only thing that means squat in a secure system ... TRUST

It is not like the technology does not exist. People ignore it because it is easier to hide behind their precious firewalls. So they allow it and by extension allow their suppliers to continue to supply them with crap.

So how do you think acceptable locations are defined in this age? It's usually the firewall. It's almost always the firewall. Authetication and authorization are a different part of the comms stack.

Firewalls are not the end all and be all of protection. They are a part of the protections you should have in place. No one should ever feel completely safe with only a firewall. But you can feel safer with one. So Debbie does down load a bad file. And the file goes nuts. One of the common things these trogans do is they start to test other devices on the local network looking for more holes. Well if you do have firewalls in place this attack vector is stopped. Debbies machine is still probably cooked. You file shares are probably toast. But direct access to local machines is protected. Again this is only part of the solution. Corp AV software should also be present on all nodes. Intercepting viruses when they do start to infect things. And so on.

All of my builds have firewalls. It really is a no brainer. It costs me nothing in cash, time, or effort. I'm also religious about ssl which is far harder to enforce. I also enforce design patterns that use API's rather than RPC metaphors. All payloads that exit my applications are scanned for virus's. aka something that hits disk. In addition to all this I try to use NoSQL over SQL stores. Which mitigates most of the SQL injection issues.

There are a lot of bad trends in tech. Being security conscience is not one of them. Use the tools that are given you to secure a system. Simply because the people you hire are never going to be as smart of a globe full of resources that may want to harm you. Why not draw from this same pool of people to help secure your systems. Use firewalls. Use AV. Use IDS if you can.

Note: IDS is now starting to become mainstream. Thank goodness. With out it our home networks would be over run in ms.

Comment Re:No Excuse really these days. (Score 1) 348

Do you mean the position that we need firewalls?

I would have thought that that the need for firewalls was self evident. Especially in a business context. Even more so in this context were financial transactions are being processed.

The smart devices we use today all tend to have a variation on mainstream OS's. All of which come with some form of host based firewall. Thus the management of these devices from a firewall perspective is even easier. So much so that it is now possible for most marginally technical people to ensure they are properly configured at least at the time of device activation / installation.

How many times have we heard stories about POS terminals at places like McDonald's being compromised and the bad guys scoop tons of customer data. Far too many is the answer. These devices had little to no protection at all from would be bad guys. Simple protections put in place like firewalls go a long way to addressing these vulnerabilities. Are they perfect. Of course not. But they are a lot better than having nothing. Today these protections can be implemented in a manor that has almost no impact on how people do business. Which means that when implemented correctly they will not cause any additional labor on the part of the end user in order to ensure that they remain secure.

Since it cause none or very little impact on the way you do business why wouldn't you implement these simple safe guards?

Data breaches and losses are a significant threat to companies. Small one more so than the large ones. Small companies fold when bad things happen. It's a trivial insurance policy that shockingly very few actually implement.

Comment No Excuse really these days. (Score 1) 348

I do a ton of infrastructure builds. From a few boxes to 1000's of VM's. There is no excuse for no firewalls.

If a vendor is disabling the firewall then they should absolutely be approached. If the clown you are talking to says that's the way it's done then go over his head. Tell your boss.

Be gently of course. Doing the run around my hair is on fire dance is not going to win any one over.

You can even help the vendor. There are a ton of tools for all OS's that will help you determine the port that need to be open. Simply run up the software and scan the open ports. Tada you have a simple set of fire wall rules at least. Are they perfect? Of course not they can be improved on. But it's something at the very least. I'm not overly a fan of point to point rules in firewalls as they are self defeating in the long run. ( This is a longer story )

So yes host firewalls should always be enabled. And the rules you use better be documented.

Comment Re:Puppet. (Score 1) 265

Puppet is not orchestration. This problem is an orchestration problem. A very simple one but still orchestration.

Puppet is declarative which can mean it has no order to events. Most people make use of some screwball dependency chain in puppet giving the illusion of orchestration.

Use something Ansible if you want to orchestrate a change

Comment Go-Daddy Bottom Feeder (Score 2) 110

This company has been a lowbrow bottom feeder since the beginning.

At first glance the pricing looks OK. But soon you realize you are fenced in. You find out your domain is held hostage by lack of features. Features that are ransomed off.

Buying Go-Daddy is purely a speculative exercise that is not backed by history or sane projections.

Comment Post Fix dereferencing about time. (Score 1) 126

I was very active back in the early days of 5.0 development. I fought for this and lost.

I always struggled with the non-nonsensical @{} ${} ..... style. It was difficult to mentally process. Long chains of dereferencing would be especially complicated.

I'm very pleased to see this finally make it in.

Slashdot Top Deals

Somebody's terminal is dropping bits. I found a pile of them over in the corner.