Slashdot Mirror

Twit's former contributor, Fr. Robert Ballester, is currently a guest on This Week In Tech ( https://twit.tv/shows?shows_ac... ), Episode 711, He is a Franciscan priest who is very into tech and tech toys, and he's also very personable, He's very tech-savvy, and has served the Catholic Church as a Friar. He has been recently been serving at the Vatican, my guess is perhaps he has something to do with the Pope learning to write a line of code. https://twit.tv/people/fr-robe...

Twit's former contributor, Fr. Robert Ballester, is currently a guest on This Week In Tech ( https://twit.tv/shows?shows_ac... ), Episode 711, He is a Franciscan priest who is very into tech and tech toys, and he's also very personable, He's very tech-savvy, and has served the Catholic Church as a Friar. He has been recently been serving at the Vatican, my guess is perhaps he has something to do with the Pope learning to write a line of code. https://twit.tv/people/fr-robe...

Sure, there are a lot of twits on Twitter, but I am not sure you could call it a honeypot for them...

I'm sure he'll have something to say about this on this week's Security Now podcast

Actually TWITter is just a place for all the TWITS to get together online!

I thought all the TWITS gathered at TWiT.tv.

No matter what certifications you get (although you should get certified, for legal reasons as mentioned by others), it's critical that you keep abreast of what's going on in the field, otherwise you're not doing your job. Listen to podcasts on the way to, from, and while you're at work. Read all the websites you can. And learn the tools.

This Week in Enterprise Tech: http://twit.tv/show/this-week-... - frequently mentions useful tools and products for testing or securing a business.

Security Now: http://twit.tv/sn - hosted by one of the best known names in the business, Steve Gibson.

Internet Storm Center: http://isc.sans.edu/ - Website has all kinds of detailed on latest vulnerabilities and security issues - podcast is also available in daily or monthly form.

Kali Linux: http://kali.org/ - can be used as a bootable environment or installed on a partition as a portable pen testing "toy."

Metasploit: http://www.metasploit.com/ - Widely used, frequently updated pen testing kit.

No matter what certifications you get (although you should get certified, for legal reasons as mentioned by others), it's critical that you keep abreast of what's going on in the field, otherwise you're not doing your job. Listen to podcasts on the way to, from, and while you're at work. Read all the websites you can. And learn the tools.

This Week in Enterprise Tech: http://twit.tv/show/this-week-... - frequently mentions useful tools and products for testing or securing a business.

Security Now: http://twit.tv/sn - hosted by one of the best known names in the business, Steve Gibson.

Internet Storm Center: http://isc.sans.edu/ - Website has all kinds of detailed on latest vulnerabilities and security issues - podcast is also available in daily or monthly form.

Kali Linux: http://kali.org/ - can be used as a bootable environment or installed on a partition as a portable pen testing "toy."

Metasploit: http://www.metasploit.com/ - Widely used, frequently updated pen testing kit.

So this must be partially in response to the knowledge that Steve Gibson was going to be talking about some problems with Tor in this week's Security Now: http://twit.tv/show/security-n...

Nope. It's identity eminent domain

haha, only they might actually argue along those lines (no shame). They're also appropriating Facebook's computer resources to make these profiles operate - it's no different than seizing property or money on a small scale, and the 5th Amendment has something to say about that (n.b. I'm playing the game that the Constitution is still in effect, rather than used to paper over "trouble").

Federated systems like Tonika can provide authentication of friends - Facebook makes authentication nearly impossible.

Almost all the reports are getting the gist of the paper wrong -- any press summation that doesn't go into the paper to understand it will get it wrong. The paper goes into deep detail that Apple has several services that, while protected by several layers of security that could be bypassed, can transfer data in the clear. There are also several services that don't have any obvious connecting software.

It's a rather deep hacker-style dive into iOS.

A good video about this is by TWiT Network. At http://twit.tv/sn465 Security Now ep 465 has expert Steve Gibson explain the actual paper.

Randal L. Schwartz (Floss Weekly, Schwarzian transform) would be proud of me.

I remember listening to a discussion on Leo Laporte's Windows Weekly podcast with Paul Thurott and Mary Jo Foley regarding this.They seem to be under the impression that the PC manufacturers, in their mid-to-late 2000s price wars not only hurt the image of the PC with a race to the bottom, but also set an unsustainable price point. Admittedly, this is just one factor in the decline of the PC, but that certainly helped set the stage.

https://github.com/movitto/omega
http://omegaverse.info/

Featured project on FLOSS Weekly tommorow (01/29/14):
http://twit.tv/floss

An excellent interview with Ladar Levison. Ladar walks through the events he went through. http://twit.tv/show/triangulation/125

The entire story is given by this in-depth interview with Ladar himself. http://twit.tv/show/triangulation/125 I highly recommend this if you are interested. He also explains that he was personally cited in the warrants, so even if Lavabit gos away, Ladar himself is still liable to give up the info.

http://twit.tv/show/triangulation/108

I am a keen listener to FLOSS Weekly hosted by Randal Schwartz, and am astounded at how often he is away on a geek cruise ship, evidently having a great time, and learning from other geeks. I cannot imagine a better person to address this question to.

I have several young kids, so I do most of my extra learning on the job and by listening to tech podcasts during my commute. There's http://twit.tv/show/floss-weekly and http://se-radio.net/ and dozens of others. Instead of switching browser windows to Facebook while I'm waiting for a large file to move between servers, I switch to my RSS feed reader that subscribes to tech sites. And yes, maybe once or twice a year I'll buy a book on a new language and technology and force myself to read through it and toy with the examples. Figure I'm sacrificing maybe 10-20 hours of my free time for that every six months.

But more importantly, someone that's not keeping up with the latest trends in software development is screwing themselves. I can build the Javascript for a web page without using jQuery - but it would take me three times as long, so why would I want to? I can write the server-side of a REST application in Java and Struts 1 instead of dozens of newer options, but why would I do that? I can set up a test environment or two on individual physical servers instead of having six different test environments running in virtual machines, but that just means testing runs three times slower, so what have I gained?

In this industry, deciding you don't need to learn new things just means you're content to waste your time and the time of your colleagues.

Steve Gibson did a podcast in which he tried to put homomorphic encryption in layman's terms ( here, about 25 minutes in is the meat of the discussion: http://twit.tv/show/security-now/376 ). What he said was possible, but didn't explain even in general terms, would be a distributed encrypted search engine in which you could send search request into it and get results, and the company hosting the service would not even know what you searched for.

I don't understand how you get from encrypted inputs and a mathematical operation that occurs without decrypting the inputs to a distributed search.

You should talk with Brian Berry from OLE Nepal. Heard the interesting FLOSS #66 podcast and he seemed experienced.

Src : http://wiki.twit.tv/wiki/FLOSS_Weekly_66

What's the environment like?
I personally worked in a lab in Darfur (Sudan); not related to the above, and used off-the shelf equipment (I had a Dell ruggedized laptop but used a normal Acer day-to-day). We had to be mobile in case of riots.

Filters for fan/ventilation intake. UPS and shock protection between generated power and sensitive equipment. Covers for everything, there was a fine layer of dust on everything every morning.

TwiT has its own full studio now too. I generally prefer it to Revision3 (less all over the map and more consistent in their weekly programming). But the two are closely aligned, so to each his own. I do love me some Techzilla.

Why are you posting links to these jackasses?

Hey, it's a real service to some of us webmasters. We can now add a little routine to our servers that scans everything send, looks for these URLs, and when it finds them, changes them to a random item from a list of URLs.

Sure, while you're doing that I've already emailed the news-site admins a .htaccess that checks the HTTP-REFERER and redirects deep-links to the main page if the referring domain does't match. I mean, shit, we fixed this in the 90s to stop "hot-linking" or "bandwidth leaches". A lawsuit? For fuck's sake, that's clueless. It's either a ploy to get more links and increase their search ranking (guerrilla marketing), and/or their management are incompetent and didn't run this by the IT guys (or IT is severely incompetent). I sent them my standard tech-service contract so they could have me on-call (retainer) to run technology related shit by me before they make further fools of themselves... Though I strongly suspect a guerrilla marketing campaign. (Interview with media strategist Ryan Holiday, author of Trust Me I'm Lying, about how easy it is to manipulate mass media.)

There's a pretty decent feed on http://live.twit.tv/ with Andrew Mayne and Molly Wood on-site for the launch, right now.

I'm not particular excited about this, but whatever. Wake me up when something epic like the moon missions of 69-72 happen. I won't hold my breath in my life-time.

Is that online, and if so do you have a link? It sounds like it would be immensely interesting. All I could find was the podcast by that name that interviewed him in 2009, and his Cosmic Variance blog entry about the experiment. In which he says that his favorite theoretical explanation for the result is violating Lorentz Invariance, i.e. the speed of light being the same for all observers and one of the fundamental assumptions of Relativity.

It was really interesting. Here is link. The whole first half hour is devoted to the topic but the real meat is around the 20:30 mark.

The really interesting part (paraphrasing) was "Relativity doesn't say that particles can't go faster than light. Relativity says that particles either (1) go faster than light, (2) slower than light or (3) at the speed of light and they never change what they do. We've never found particles that go faster than light and we don't think that they exist. We use particles that travel slower than light to help explain causality."

I've never really heard it put that way before. He didn't explain himself so I'm thinking he is referring to the infinite energy that is required to traverse the speed of light.

Check out the 2nd half hour too where the pauli exclusion principle is discussed. It's not in relation to the FTL discussion, but is still really interesting.

I was mistaken on the Sean Carroll being the one that made the point about the value of c being redefined. It was one of the other the other This Week in Science podcasts - I think with it was either Lawrence Krause or Brian Greene.

Check out http://eyes.nasa.gov/

That tool is brilliant, already watching Live. Also following a live stream with commentary at twit.tv.

I'll watch it at TwiT.tv -> http://twit.tv/2012/07/30/mars-landing-special-aug-5th-10pm-pdt

The presenters/guests to this event will be:

Jonathan Strickland (How Stuff Works) -> http://www.howstuffworks.com/jonathan-strickland-author1.htm
Dr Kiki (Dr Kiki Science Hour) -> http://en.wikipedia.org/wiki/Kiki_Sanford
Phil Plait (Bad Astronomer) -> http://blogs.discovermagazine.com/badastronomy/2012/07/20/mars-attacks-of-the-show/
Steve Sell (JPL, Sky Crane) -> http://science.nasa.gov/science-news/science-at-nasa/2012/30jul_skycrane/

Hope they do a good job!

Peace!

IIRC, he left around the time of the Digg 4 update (the one that killed Digg and caused it's users to flood tons of other sites).

I blame Leo Laporte of TWiT (this week in tech) - Dig 4 Was My Idea!
Sure Dig 4 was a flop, but consider this: What If his "idea" was to keep Dig from being a threat to his growing media empire?

Steve Gibson's Security Now podcast is worth listening to, and somewhat entertaining.

Besides the 15 minutes of SpinRite advertising in every episode, I actually hear him talking about stuff that's not covered here or most of the other news sites. I'm sure it can be found elsewhere, but he provides a good aggregator service.

And, to this day, he remains an unbelievably articulate and compelling speaker on the matter of privacy and freedom on the internet. He made a couple great appearances on the TWiT network in the last couple of years that are worth watching:

http://twit.tv/specials43

http://twit.tv/show/triangulation/24

I've been online since phone phreaking and running BBSes in the late 80s and Barlow is a giant.

And, to this day, he remains an unbelievably articulate and compelling speaker on the matter of privacy and freedom on the internet. He made a couple great appearances on the TWiT network in the last couple of years that are worth watching:

http://twit.tv/specials43

http://twit.tv/show/triangulation/24

I've been online since phone phreaking and running BBSes in the late 80s and Barlow is a giant.

A real diagnosis would be everybit as horrible as helping a relative on the phone with a computer problem

Funny example because Leo Laporte has been doing exactly that on his national Tech Guy radio show for over a decade. People who are not generally computer savvy call in and he tries to help them, live and unscripted. He doesn't always have a good answer to the caller's question, but in the worst case, he gets them pointed in the right direction at least. The show airs on Saturday and Sunday for three hours both days and has a pretty decent following, even if it's not quite a household name.

Paul Thurrott discussed this on Thursday on Windows Weekly:
http://twit.tv/show/windows-weekly/261 (jump to 21:20 and watch for about 5 minutes)
Paul thinks there was some pretty shoddy journalism with this story.

Steve Gibson (Secutiry Now! podcast, SpinRite disk recovery tool) just did a twit special episode about his experiences so far in his food experimentation which sounds similar. He has not done it for a long period yet, but he also considered it a life-before-and-after mark and he says he will never go back.

Surely the increase is due in no small part to Leo Laporte and the HAM Nation podcast?

It's my first and only exposure to anything HAM.

Hmm. At certain places (of employment)

(and of education and of public services)

they use a proxy that always forces Google searches to have SafeSearch on. Using https for Google appears to bypass this particular constraint. For the moment, anyway.

The IP range for secure searching is different from the IP range for other Google secure services. Such institutions just block access to Google secure search IPs, redirecting you back to the insecure version so they can spy on you and deny and/or punish you for seeking inappropriate knowledge (Security Now 255, 27:37 - 33:20).

There's no need for a gateway to act as a MITM performing encryptions and decryptions when it can be a MITM forcing plaintext communications for more efficient monitoring.

On Tech News Today yesterday or the day before, a BoA employee in their chat room indicated it was an issue associated with end-of-quarter processing. I think it's rediculious to assume that just because a website experiences issues, it's an attack. Mine are all database issues personally.

Kevin Mitnick was recently on Colbert Report to promote his book. Here is the link if anyone's interested.

Yeah, thats the "7 digit UID new school /."

The old school 5 digit UID and below /. crowd would have reported that Kevin was on 2600 / off the hook "recently" to promote the book. Which show was it? I donno, probably one of these:

http://www.2600.com/offthehook/2011/0811.html

I listened; it was a fairly interesting interview.

Somewhere in between old school and new school, he was on some TWIT network show recently too, apparently this one:

http://www.twit.tv/show/triangulation/21

The twit network is generally a little too non-technical / mass market for me, although they certainly easily are more interesting than TV. I think it would be hilarious if Leo purchased the "tech tv" trademark from whoever owns it using his apparently voluminous petty cash fund (if you've seen his new studio, you'd know what I mean)

Now someone else chime in with his Dr. Phil episode for that / newbie tone. thats what the 8 digit UIDs watch, or so I hear.

Kevin was interviewed by Leo Laport and Tom Merritt this week on their TWIT show, Triangulation: http://twit.tv/tri21
It was really fun to listen too. His McDonalds story had me rolling.
Just based on the interview with Leo and Tom, I'm getting this book.

Really because I remember listening to an interview with Jeremy Allison who said it was terrible compared to SMB and that the only reason it was invented was to fuck with Samba. I believe this was it. http://www.twit.tv/floww14

I use Google Reader to gather data from any rss feed of interest and also download weekly about 60 podcasts from various sources each week using the Feedreader aggregator. I have to plug, in particular, podcasts (or videocasts) from This Week in Virology, This Week in Parasitism, and This Week in Microbiology, all available via a starting point of www.twiv.tv . (If you think Parasitism is not interesting, listen to TWIP 22.) The Naked Scientist based in Britain offers a nice weekly collection of news gathered from that area. The Australian Broadcasting Network at www.abc.net.au/radio/ offers podcasts about technology oriented towards that part of the world. The Canadian Broadcasting Corp and the BBC also offer podcasts which include new developments in all areas, but don't allow you to specialize in one area, such as medicine or computers. Futures in Biotech ( http://twit.tv/FIB ) has produced some terrific interviews in that area and Leo Laporte and his This Week in Technology does a few podcasts that offer more than his usual troubleshooting genre. http://www.podnutz.com/ is strictly computers, but three podcasts in particular are of interest as trendsetting. They are 274, 302 and 316. They deal with the development and growth of Lisa Hendrickson's career. She's a female computer troubleshooter who is rapidly building a large business that repairs computers remotely and worth watching and learning from as an example of how to grow a new business in the US. The Howard Hughes Medical Institute produces podcasts and videocasts about advancing technology Do a search for NIH Videocasts for presentations by this organization. Econtalk may not be strictly technical, but has outstanding interviews about developments and history that disproves that idea that economics are dry and boring. I've been saving a list of Best Podcasts for over a year and they number now about 90, but amount to over 2GB, so are not readily posted. I also have the addresses of podcasts that are plugged into the Feedreader aggregator that I'll try to add here in case that's of interest if the moderator agrees to include them. Several of these were worth noting, too, like NY Times Tech Talk and RadioLab: http://rss.conversationsnetwork.org/ppq/56641.xml http://podcast.seti.org/index.xml http://www.rtve.es/podcast/radio-5/asunto-del-dia-en-r5/SASUNTO.xml http://feeds.feedburner.com/booksandideaspodcast http://downloads.bbc.co.uk/podcasts/radio4/clickon/rss.xml http://feeds.feedburner.com/Cyberspeak http://feeds.feedburner.com/diffusionradio http://www.econlib.org/library/EconTalk.xml http://www.npr.org/rss/podcast.php?id=510030 http://feeds.feedburner.com/GlobalChallenges http://downloads.bbc.co.uk/podcasts/worldservice/healthc/rss.xml http://www.hhmi.org/biointeractive/HHMI_Lectures.xml http://podcast.thelancet.com/laneur.xml http://www.materialstoday.com/rss/podcasts/ http://www.nytimes.com/services/xml/rss/nyt/podcasts/techtalk.xml http://dow

Tonido plug is an open source wal mart server, similar to PogoPlug. I've never used it, but it sounds like exactly what you are looking for. FLOSS Weekly had a nice episode on Tonido. They have web, iOS, Android, and BlackBerry clients and are completely OSS, including the server and clients.

eg:
vC!#/.-.-.-.-.-.-!#/e-mail-place
vC!#/.-.-.-.-.-.-!#/routing-thing

TL;DNL: Length matters -- long easy to remember sections + short "secure" sections.

P.S. Disallowed "special" chars or limited length == service is not hashing your password (I don't use such services that my PW schemes don't work with).

"Producing content is an expensive and painful business. " No it is not.

http://twit.tv/

http://www.pioneerone.tv/

http://revision3.com/

http://www.theonion.com/ - they make a broadcast "news" show for almost nothing.

Also The daily show and colbert report were dirt cheap before both of them got greedy as hell. John Steward started that show making a GOOD wage but now hew is making an obscene wage.

The costs per episode tv show is complete bullshit and they know it. High quality TV can be made a LOT cheaper and is starting to surface. SciFi channel CLAIMED they were going to do that but they became retarded and only used SAG actors and that instantly drove the price through the roof. Sorry but Charlie Sheen is not worth 1/20th of what he got paid for that really low budget TV show that ended up having expenses that were on par with a TV show like Eureka that has real talent and the cost of prop building and EFX every episode. And the costs for EFX are coming down fast... IF I can make a convincing meteorite hit on my $350.00 computer using a $800.00 program... It's game over. http://www.videocopilot.net/tutorials/meteor_crash_3d_p1/

I am for paying a good actor a reasonable wage and covering his/her expenses... but getting 7 figures for a movie or a year in a TV series is bullshit. And it's not acting ability that they are paying for. Tom Cruise cant act.

The whole industry needs to be shaken up hard.

Stop spewing crap when you know nothing of the case!

"Using an online service for something like your passwords is just incredibly stupid. It's a really well known place to hack for someone who wants lots of passwords. Backup your encrypted password container to your own place, but never something like this."

Hey, retardo, don't you think the people who made it know this? All of your password are stored on their system ENCRYPTED. They are encrypted on YOUR computer, with a password only YOU (not them) before being stored in the cloud. When you retrieve the password you get the encrypted blob, and it is decoded on your system.

*IF* and I stress *IF* the last pass servers were hacked (and nobody knows if they were, so the slashdot headline is pure tabloid) then all they got was encrypted blobs of material for a very small number of users.

IF something was actually taken, and your master password was "ignorant" then you might be bruteforced in short time, if you picked something long and non dictionary then not this decade.

The lastpass people run a very tight ship and because they noticed a slightly anomaly on their network they couldn't immediately explain they warned everybody within 24 hours! (as opposed to some sites who waits weeks)

You wanna know how Lastpass works? Listen to this review from Leo Laports 'twit' network:

http://twit.tv/sn256

I pulled the plug on Comcast over six months ago, and I love it. I bought a Dell Inspiron Zino HD 410 and hooked it up to my big ol' TV. It has HDMI out which actually sends the audio as well, since this computer is designed to be TV connected. It does a great job for streaming Netflix, Hulu, and Amazon VOD. I'm saving $60/mo., and enjoy a better experience. On demand streaming is wonderful, since there's so much out there to watch already. I do have to be patient, waiting for TV shows to hit Hulu or movies to hit Netflix, but it's been worth it to me. The only thing I really miss is the ability to just sit down and let the flashing box entertain me. Now I do have to make a choice. Before, I could sit down and let a Mythbusters marathon entertain me. I can still do that, but I have to think to do it before I can do it. I've also been spending more and more of my time watching podcasts from TWiT and others. I watch very little actual TV these days, only those shows I really want to see.

Security Now podcast episode #287 was entirely on the BitCoin system, and how well designed it is.

http://twit.tv/twil & http://twit.tv/floss

http://twit.tv/twil & http://twit.tv/floss

I haven't used either system but the podcast FLOSS weekly recently did a whole episode about PLONE that may help you decide if it is right you.

We are increasingly opening our tools and resources to create more opportunity for application developers. Whether you want to reach wider audiences, engage users more deeply or develop innovative advertising campaigns we have a range of services that can accelerate your digital ambitions...

http://www.guardian.co.uk/open-platform
The only print media outlet that I know of that's actually grabbing the 21st century by the scruff.
As mentioned by Jeff Jarvis on This week in Google
http://www.twit.tv/twig44