Slashdot Mirror


User: DavidTC

DavidTC's activity in the archive.

Stories
0
Comments
10,705
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 10,705

  1. Re:"Progress"? on Can Your ATM Play Beethoven? · · Score: 1

    So they can upload credit card and bank account information to their webmail, of course.

  2. Re:Er? Bad question! on Increasing Computer Security through Hardware? · · Score: 1
    Administrators certainly can read data by default in NTFS. The way it works is that all data is encrypted to them and the user who owns the file.

    Whether or not you can set it up any other way I don't know, but that's how it works by default.

    And setting up no local adminstrator account is insanely stupid...what if the network drivers break?

  3. Re:Huh? on Increasing Computer Security through Hardware? · · Score: 1
    I knew someone as going to claim that, but it still doesn't make any sense. You'd have to postulate an enviroment where you often change out hard drives, but rarely reboot. Just because the second is true doesn't mean the first is, and in fact that combination doesn't seem to make any sense.

    And 30 seconds (Which is probably about twice or even three times as long as actually required.) compared to the time required to open the case and swap out the hard drive is minisucle, in addition to the time required to set up the hard drive once it is installed.

    There is no reasonable circumstances where it can be worth saving 30 seconds or less when setting up a computer that reliably costs you three second a reboot, except the ones I mentioned...you have a hardware drive switcher on the front of your computer or you don't know anything about your BIOS or you literally never reboot and didn't set it to start with. (And I obviously can't be complaining about the people who never reboot, as I'd never notice!)

    And if you're going into the BIOS for any other reason, it's right there.

  4. Re:DDOS, And Virtual Addresses? on AOL Blocking Spammers' Web Sites · · Score: 1
    Why the hell would spammers care if someone besides them steals the credit card numbers?

    You've fallen into the track of thinking of spammers as some sort of legitimate business people. Considering their entire business is model is based on theft of resources, I think that's rather a leap.

  5. Re:Would this work or be fair? on AOL Blocking Spammers' Web Sites · · Score: 1
    ISPs are not common carriers, and have never been. I'm sorry, but I wish people would do more research here, and stop parroting the words 'common carrier' without knowing what they mean.

    A common carrier ISP wouldn't even be able to disconnect people committing DoSs, much less spammers. Common carrier means you have to get everyone access and carry all traffic. Common carrier status only normally applies to monopolies that own wires. You cannot build your own phone network, so the local phone company is required by law to carry your traffic. They can't even disconnect you if you're blatantly breaking the law. (They'll sic the FCC or local police on you, though.)

    You can, however, get your own connection to the internet, usually in a dozen ways. No ISP is a common carrier, and web hosts being common carriers would make as much sense as office buildings being common carriers.

    However, there are legal issues with attempting to filter out 'harmful' stuff, and saying you're doing so, and failing, with regard to children.

    However, AOL already does this, with their family filtery crap, so they've clearly got some experience in this and know how to not get sued when Johnny accesses latino transexual hooker porn. So they won't get sued when someone manages to click through to a spam site.

  6. Re:Beating up your own customers on AOL Blocking Spammers' Web Sites · · Score: 1
    Just to be clear, when you talk about 'sharing' hardware, what you really mean is that the innocent website is purchasing web hosting from spammers, right?

    We are all clear that a web host that allows spammer sites to continue to exist on it is just as much a spammer as the guy who sends the email, right?

    Or are we talking about site that jsut appeared out of nowhere and haven't been shutdown yet? Because, if we are, don't worry...AOL will LART the sites before they block access to them. (Well, at least, at the same time.)

    If someone's innocent they don't have to worry...their site will be back when the spammer is gone.

  7. Re:Yes, but on AOL Blocking Spammers' Web Sites · · Score: 1
    No fault of their own?

    I dunno, is doing business with criminals enough to be a 'fault'? I think it is.

    You buy services from criminals, don't be surprised if those services don't work that well. Don't be surprised when the criminal gets shut down. Don't be surprised when the trunks you rented from the criminal, with the criminal's name printed on the side, are not allowed in certain parking lots, and you keep getting pulled over by the police.

    It was a bad choice. It happens. So does building a gas station right before they move the interstate on-ramp to the next street over, or setting up a multi-million dollar Betamax factory. Tough. Don't go whining that we should be soft on the criminal because you're paying him to use his stuff, I personally find that incredible offensive and stupid. Don't remind me you're funding a criminal operation, Jesus Christ.

    Any business that finds they're purchasing services from a criminal needs to immediate stop doing so, and hope no one noticed.

    (Before anyone claims that the situtation wasn't them buying from spammers, it was them and spammers buying from the same ISP...any ISP that knowingly enables spammers to continue to operate using that ISP's resources is a spammer.)

  8. Re:Is this a *smart* idea? on AOL Blocking Spammers' Web Sites · · Score: 1
    Who the FUCK said anything about content?

    AOL is blocking you from accessing the websites of people who steal from them.

    I think that's an entirely reasonable business decision.

    And, BTW, you can claim spam support are not against a 'reasonable' term of service...but that means everyone has unreasonable terms of serice, including your ISP. It's against everyone's terms of service, except 'bulletproof' services that are operating in direction violation of their upstreams' stated terms of service. (Of course, 'stated' and 'followed' are clearly different things. But that doesn't change the fact it's a violation of someone's terms of service, if you go far enough upstream.)

    And ISPs aren't common carriers, and don't want to be common carriers. The mere fact you'd even try to associate the term 'common carrier' with ISPs means you're talking out your ass and haven't done the slightest bit of research here.

    In short, basically every single fact you've said is a provable lie. I'd call you a troll, but I think you're just an idiot.

  9. Re:I moved ... on Tech Work in the Boonies? · · Score: 1
    How did you ever end up in LA if you don't like massive, out of control cities?

    I mean, isn't LA the city that other massive, out of control cities use as the standard baseline? It's what we've been using in Atlanta.

  10. Re:DC folks love driving on Tech Work in the Boonies? · · Score: 1
    Atlanta folks love driving too. We've got people who commute from the north Georgia mountains. Atlanta, if you are unfamiliar with Georgia geography, is nowhere near the mountains. (The actual mountains, not the pretend ones that are more correctly called 'hills'.) They have an hour winding through mountain roads at goddamn five in the morning, and then they hit the expressways and are 'only' two hours from Atlanta. (They leave that early because Atlanta has 'rush hours', not 'rush hour'. Roughtly from 7 to 10 in the morning, and 4 to 7 at night.)

    And, in something that I just cannot bend my mind around, we have idiots who commute backwards, who live in Atlanta and work in the suburbs. Yes, we now get rush hour in both directions, although the backward ones are a bit more reasonably sized...almost like the forward ones of a decade ago.

    Somedays I want to go down there and physically drag pairs of people from stopped cars facing in opposite directions and say, "You! Move to where he lives! And you move to where he lives!"

  11. Re:Er? Bad question! on Increasing Computer Security through Hardware? · · Score: 2, Informative
    NTFS encryption is exactly as good as Windows security.

    Haha. No, seriously, the concept behind NTFS encryption is great. It keeps keys with login creditials, and they're decrypted with your login password. I forget the algorythm, but it's not some snake oil crap, it's a real, heavy duty encryption thing. Linux could use something like it, it's so amazingly transparent and just works correctly.

    The problem, of course, is that administrator has all the keys, and administrator isn't anywhere near protected enough to be allowed that kind of power...a single spyware and all everyone's super secret files are free for the taking.

    Basically, NTFS encryption on Windows is about the same concept asking people their names before they board a plane, but doing a really good check on the name they gave, with absolutely no check to see if that's actually their name. They've bolted working security on a system with completely broken authentication. You can only get 'your own' files, but it's rather easy to be someone else, or even the administrator, so it's really goofy.

  12. Re:Huh? on Increasing Computer Security through Hardware? · · Score: 1
    An interesting idea I've always had would be to do that, encrypt (parts of) your hard drive, and then stick a key in your CMOS memory, in an unused area. (In Linux, this can be accessed through /dev/nvram, but be aware that all your CMOS is there, so writing to it randomly will cause your machine to end up with gibberish settings.) This lets the machine work normally, even booting up and decrypting automatically with that key, but ensures they can't just reset the CMOS and instantly be in.

    Of course, you need to backup the key to disk and keep those safe, in case someone actually does reset the CMOS.

    Also, stick your harddrive params in the BIOS so they can't 'just' grab another hard drive and have the computer boot off that. (And it's faster, too. It amazes me whenever I sit down at a computer, boot it, and I have to wait three seconds to detect the hard drive...just how often are you switching out hard drives? Is wasting three second on every boot worth saving 30 seconds to go back into your BIOS and run autodetect when you do switch them out? That setting is for idiots who are scared of their BIOS, people with those hardware drive switches, and people who never ever reboot.)

    Of course, it's not entirely secure. They could find an indentical hard drive and use that, or decrypt your hard drive (I don't know how much you can fit in a CMOS, but they can't have that much wasted and usable space. You might end up with 64 bit encryption.), but at that point, and with that much time, it's probably just easier for them to get a hardware keyboard logger and log your passwords.

  13. This is the stupidest concept ever. on Fighting Terrorists Through Software, Anonymously? · · Score: 3, Insightful
    And it's not stupid because it's a privacy invasion, it's stupid because it makes it more likely terrorists can get past the system.


    All they have to do is figure out their position on this 'watch list', which is easy enough to do with the ability to query the list in private hands. Then pick the least suspected one of them to carry the bomb. If they want to be really clever, send a half dozen really suspicious people in in front of the guy with the bomb, so security is busy and they won't get hit with a random search.


    Flagging suspicious people in ways they can find out they have been flagged is so mind-bogglingly stupid anyone suggesting it should be utterly shunned by the security community. Hello, terrorists normally operating in groups! In any group, there's going to be a few people we've never suspected, and we must never let the terrorists know which ones those are!

  14. Re:You know they forgot... on City Officials Almost Ban Foam Cups · · Score: 1

    Being a Canadian is Unamerican! I'm going to report you!

  15. Re:They SHOULD ban styrofoam on City Officials Almost Ban Foam Cups · · Score: 1
    Yes, except no one recycles.

    If you're going to throw it away, paper is infinitely better than plastic. Not to mention is a renewable resource.

  16. Re:Ready for the desktop? on Linux Kernel 2.6.4 Released · · Score: 1
    And I just explained how it was easier on Linux.

    You simply, oh, open up a guide, which took me 30 seconds googling to find, to upgrading. Holy cow, seven whole packages you might need to upgrade to have a working system, and exactly what you need to type to find out.

    Your gcc and make almost certainly already are the correct versions (We're talking four years old here.) and everyone's util-linux should already be up to date.

    You probably will need a new version of e2fsprogs and procps. You might need a new version of binutils and util-linux, depending on how old your distro is. You'll need a copy of module-init-tools if you don't have it.

    But, yes, I can see how you wouldn't be able to type those seven commands and compare version numbers, and heaven forbid if one of them wasn't up to date...you'd actually have to to type the name of the package into urpm or emerge or apt-get or whatever your distro uses to download it!

    And, of course, you also need to scroll down and check if you're using any of the stuff in the other table, and run those commands if so.

    My God, how complicated! I'm sure it's easier to install an entirely new OS and hope and pray all your drivers work. And spending ten minutes the next time you want to change network settings because MS has redone the interface. And locating and downloading TweakUI again. And spending a hundred dollars for the priviledge of a slightly updated kernel.

  17. Re:Ready for the desktop? on Linux Kernel 2.6.4 Released · · Score: 2, Insightful
    A service pack isn't the same thing as a uprgrading major version on the kernel.

    A 'service pack' would be something like upgrading from 2.6.3 to 2.6.4, which you can do trivially, it's a single patch. If you don't want to deal with patching, or are a few versions behind, you can even download a clean copy of the source and delete your old. Then you do 'make oldconfig' and say 'no' to the new drivers that have popped into the kernel, (unless, of course, you need them), and run make install. Or you just download a binary.

    Upgrading from 2.4 to 2.6 is like upgrading from the Windows 2000 kernel to the Windows XP kernel, which you can't even do. WIth Linux, you can do it as long as you update a few important things, depending on how old your distro is. A lot of them support 2.6 even if they don't come with 2.6, so all you'll need is a new version of the module loading utilities, or possibly not even that. Alternately, you might need to upgrade half a dozen packages, which should be fairly easy if you know how to upgrade packages on your distro. There are lists of the version you need.

    But, anyway, it's not the same as a service pack, it's an entirely new version of the kernel to go from 2.4 to 2.6, despite what you might infer from the version numbers. You're going to have to update a few things, but be glad it's not a microsoft OS, you'd have to do an installation of an entire operating system over your old one to go from 2000 to XP.

  18. Re:3:16? on Linux Kernel 2.6.4 Released · · Score: 0, Offtopic
    You're only supposed to update the date on the copyright when you change something, otherwise it's fraud.

    Unless you're trying to imply that the Bible has changed in the last year.

    Also, "God" is not God's name. His name is YHVH or however you want to transliterate it. (That is, that's the name of the 'God' the Bible is talking about. The actual name of God may vary, check your local listings.)

  19. Re:Detachable RO setter? on USB Swiss Army Knife · · Score: 1

    ...for five minutes, until you lose them.

  20. Re:Avoiding Recovery CD's on Recovering Secret HD Space · · Score: 1
    I have an HP laptop that doesn't have that.

    It did have a few megs empty space at the end of the drive, that I kept, but have since learned that was for the goofy XP logical drive thing you can turn on, so I need to run partition magic and delete it.

    OTOH, they did make a goofy decision to have four restore CDs, instead of one restore DVD. (I mean, it's a laptop with a DVD built in. What am I going to do, swap it out for a CD?)

  21. Re:CA should have known better than to allow this on Computer Associates Pays Off SCO · · Score: 5, Insightful

    CA ended up with UnixWare licenses, not Linux licenses. It's just that SCO has turned all UnixWare licenses into Linux licenses.

  22. Re:Misleading Headline on Computer Associates Pays Off SCO · · Score: 5, Insightful
    That's exactly right.

    CA went to the store and bought a computer. Someone threw three AOL disks in the box while they weren't looking.

    Now AOL's trying to claim they've been a customer for 135 days, because, after all, those were 45 day free trial CDs.

    Actually, it's even sillier than that. CA got Unixware licenses. SCO has just gone around saying they won't sue anyone who purchases Unixware licenses to cover their Linux intallations. At no point did CA see 'Linux license' on anything, even if they had checked the box carefully thy would have ended up with them.

  23. Re:Nitpick on USENIX Responds to SCO; Fyodor Pulls NMap · · Score: 1

    It's not that they're doing anything. To dstribute under the GPL you have to accept the GPL, and SCO has publicly and repeatedly said the GPL is invalid.

  24. Re: Metric System on Visual Autopsy Of An ATM Card Skimmer · · Score: 1
    Yes, that was my point.

    The different amounts are completely out of wack. A cubic meter should be a liter should be a gram.

    Of course, the real problem there is that a meter is way too big. If a meter was ten centimeters (You know what I mean.), then everything would be nice and usable.

    If people really have a problem with that, it's easy enough to teach them more prefixes.

  25. Re: Metric System on Visual Autopsy Of An ATM Card Skimmer · · Score: 1

    I don't really understand what you're saying. It's powers of ten, it's 'metric' currency. It doesn't matter that you already had shillings and pounds.