Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
Security

Submission + - Trust is for Suckers: Lessons from the RSA Breach (securityweek.com)

wiredmikey writes: Andrew Jaquith has written a great analysis of lessons learned from the recent RSA Cyber Attack, from a customer’s perspective.

According to Jaquith, in the security industry, “trust” is a somewhat slippery term defined in terms ranging from the cryptographic to the contractual. Bob Blakley, a Gartner analyst and former chief scientist of Tivoli, once infamously wrote that “Trust is for Suckers.” What he meant by that is that trust is an emotional thing, a fragile bond whose value transcends prime number multiplication, tokens, drug tests or signatures — and that it is foolish to rely too much on it.
Jaquith observed three things about the RSA incident: (1) even the most trusted technologies fail; (2) the incident illustrates what “risk management” is all about; and (3) customers should always come first. Here Jaquith reviews each of these in detail.

Submission + - Ask Slashdot:How to I not get other people's email

vrimj writes: vrimj writes "I have a common enough first name lastname combination that I sometimes get other peoples email at my firstname.lastname@gmail.com account.

It isn't a big deal if it is a person, I let them know, they fix it.

The big problem I am having is with companies and websites. These emails are often no reply which means I can't send back a quick note.

I got someone's credit card bills for three months before I realized there was nothing for it but calling the company (I tried a couple of emails first).

Recently got a notice about someone's kid signing up for a website. I don't have any but to hit the response and tell them that I first have to say I am that kids parent or guardian. I didn't know where to go from there.

Today I get an invoice from a cable company, it is for a different state. I can't reply. I go to the online support, they tell me my only choice is to call the sales office. I gave in for the bank but I am not talking to someone else's cable company.

Is there any way to make emails to an improperly formatted gmail address bounce or do something else obvious? Is there a technical solution I am overlooking.

I doesn't happen that often but it is an increasing PITA with no reply email addresses. I hate just setting up a filter because that cuts off these other people who made a typo or had someone not enter something correctly, but it is looking like the best choice.

It isn't spam, but it isn't my meat."

Submission + - Do Developers Really Need A Second Monitor? (earthweb.com)

jammag writes: "It was an agonizing moment: a developer arrived at work to realize his second monitor had been taken (given to the accounting dept., to add insult to injury). Soon, the wailing and the gnashing of teeth began. As this project manager recounts, developers feel strongly — very strongly — about needing a second monitor (maybe a third?) to work effectively. But is this just the posturing of pampered coders, or is this much screen real estate really a requirement for today's developers?"
Science

Submission + - Robots "Evolve" Altruism (sciencemag.org)

sciencehabit writes: Computer simulations of tiny robots with rudimentary nervous systems show that, over hundreds of generations, these virtual machines evolve altruistic behaviors. They begin to share small disks--a stand in for food--with each other so that their comrades' traits are passed on to the next generation. Experts say the study sheds light on why various animals--from bees to humans--help each other out, even when it hurts their own chances to reproduce.
Security

Submission + - OS X Crimeware Kit Emerges (threatpost.com)

Trailrunner7 writes: Crimeware kits have become a ubiquitous part of the malware scene in the last few years, but they have mainly been confined to the Windows platform. Now, reports are surfacing that the first such kit targeting Apple's Mac OS X operating system has appeared.

The kit is being compared to the Zeus kit, which has been one of the more popular and pervasive crimeware kits for several years now. A report by CSIS, a Danish security firm, said that the OS X kit uses a template that's quite similar to the Zeus construction and has the ability to steal forms from Firefox.

Networking

Submission + - Sony sued for PlayStation Network data breach (cnet.com)

suraj.sun writes: Like clockwork, the first lawsuit resulting from the security breach of the personal data of more than 75 million Sony PlayStation Network customers has been filed.

The suit was filed today on behalf of Kristopher Johns, 36, of Birmingham, Ala., in the U.S. District Court for the Northern District of California. Johns accuses Sony of not taking "reasonable care to protect, encrypt, and secure the private and sensitive data of its users."

He also believes Sony took too long to notify him and other customers that their personal information had been exposed. Because of that, the complaint alleges, Sony did not allow its customers "to make an informed decision as to whether to change credit card numbers, close the exposed accounts, check their credit reports, or take other mitigating actions."

CNET News: http://news.cnet.com/8301-31021_3-20057921-260.html

Privacy

Submission + - Bizarre porn raid underscores Wi-Fi privacy risks (msn.com)

alphadogg writes: Lying on his family room floor with assault weapons trained on him, shouts of "pedophile!" and "pornographer!" stinging like his fresh cuts and bruises, the Buffalo homeowner didn't need long to figure out the reason for the early morning wake-up call from a swarm of federal agents. That new wireless router. He'd gotten fed up trying to set a password. Someone must have used his Internet connection, he thought. Sure enough, that was the case. Law enforcement officials say the case is a cautionary tale. Their advice: Password-protect your wireless router.
Idle

Submission + - Computer opens unmanned store for holiday (stuff.co.nz)

tomhudson writes: "The Walkato Times in New Zealand is reporting that someone forgot to tell the computer not to unlock the supermarket on the Friday holiday. "About half of the 24 people who came into the supermarket paid for their groceries using the self-scan service. The service stopped working after alcohol was scanned, requiring a staff member to check a customer's age before the system is unlocked."

The owner, Mr Miller, was quoted as saying "I can certainly see the funny side of it... but I'd rather not have the publicity to be honest. It makes me look a bit of a dickhead."

Rather than take legal action, Mr Miller is hoping that the people who didn't pay will do the right thing."

Android

Submission + - Skype plugs Android app privacy hole (networkworld.com)

alphadogg writes: Less than a week after confirming that a flaw in Skype for Android could leak sensitive user information, the Internet calling company Wednesday issued an urgent update to fix the problem. Skype informed customers that "After a period of developing and testing we have released a new version of the Skype for Android application onto the Android Market, containing a fix to the vulnerability reported to us. Please update to this version [1.0.0.983] as soon as possible in order to help protect your information." Skype says it has had no reported examples of third-party apps misusing information from the Skype directory on Android devices, though is keeping an eye on things.

Comment About time (Score 1) 1

I have been preaching about this problem for ages.

I keep a counter on the wall of the classroom in the Cisco Networking Academy class I help teach. I'm glad to see people are starting to realize how big of a problem we have on our hands. Alas, it is a bit too late now. The best time to act would have been over a year ago, when we actually had time to make a smooth transition to IPv6.

Mars

Submission + - 400 People Volunteered for One-Way Mission to Mars (foxnews.com)

Velcroman1 writes: An interplanetary trip to Mars could take as little as 10 months, but returning would be virtually impossible — making the voyage a form of self-imposed exile from Earth unlike anything else in human history. What would inspire someone to volunteer?

A special edition of the Journal of Cosmology details exactly how a privately-funded, one-way mission to Mars could depart as soon as 20 years from now — and it prompted more than 400 readers to volunteer as colonists. "I've had a deep desire to explore the universe ever since I was a child and understood what a rocket was," said Peter Greaves, the father of three, and a jack-of-all-trades who started his own motorcycle dispatch company and fixes computers and engines on the side. "I envision life on Mars to be stunning, frightening, lonely, quite cramped and busy," he said. Given the difficulties of the mission, Lana Tao, the editor of the Journal, said she was surprised by the response. "At first we thought the e-mails were a joke ... then we realized they were completely serious."

Slashdot Top Deals

Between infinite and short there is a big difference. -- G.H. Gonnet

Working...