Slashdot Mirror


User: mlts

mlts's activity in the archive.

Stories
0
Comments
5,534
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 5,534

  1. Re:After all the publicity Stuxnet created... on Precursor To the Next Stuxnet? · · Score: 2

    Not to mention that Stuxnet showed that one could do a major attack against a country without a single shot being fired.

    Additionally, I'm sure the IRG has a bunch of coders looking to exact revenge... and there are a lot of IT departments run by lazy PHBs who believe in the slogan, "I can just call Geek Squad if we get hacked... otherwise it is too expensive to bother with security."

    So, seeing something Stuxnet based is not a surprise... I just wonder what will be attacked first, some power company whose idea of security is turning off SSID broadcast (but leaving the wireless segment open so the old game console can get on without configuration), or perhaps some manufacturing company who has Joe Sixpack in receiving browsing pr0n between trucks causing malware entry will be the target. It really is only a matter of time when someone will knock something down.

  2. Re:if you're already in a secure facility on Making Sensitive Data Location Aware · · Score: 1

    Depends on what is "classified".

    True classified/sec/TS/SCI stuff, no way.

    However, company data like next model releases and such are a different story, and if leaked, may hit a rumor mill, but won't be as damaging as a list of agent names (and their families) winding up public.

    I would love to see this implemented on servers in an encrypted HDD controller. If the server is moved, access to the data on the HDDs is lost until a proper smart card is inserted and a PIN given. This would help deter data loss if servers are stolen out of a server room (of course, collusion between the admin and physical thieves would mean this would be rendered pointless, but no security mechanisms are 100% -- you figure out how much good they do weighed by their cost and hassle.)

  3. My question... on Australian Government Redacts Anti-Piracy Consultation Paper · · Score: 1

    Will they actually use a redact feature in their document editor, or do black font on black background (or just draw a black rectangle object over the text)?

  4. Apple is going where the money is... on Is Apple Pushing Away Professionals? · · Score: 3, Interesting

    In the past, Apple catered to pros because they were the ones who would spend $10,000 on a Quadra or //fx model. However, since their pricing model has changed, they are best served at catering to Joe/Jane Consumer.

    The only gripe I have is that Apple needs consider the IT market as well, and not just focus on consumers. Right now, Apple is doing well, but the enterprise is not just a huge market, but also is very hungry for Apple products. (As an IT person, oftentimes the top brass of companies will be using Macs as their own laptops. It makes me glad Lion has complete hard disk encryption, although having a TPM chip and BitLocker-like access would be ideal.) Apple could easily get some offerings into the IT sector. A redesigned Mac Pro that could work horizontally and fit on a drawer with attachable rack ears would be a start. A standalone disk array with redundant drive controllers and FCoE would bring them up to date for SMBs needing storage.

    IT is definitely a market that Apple might do well in, although Apple's main success is with consumers.

  5. Re:It just needs to be bigger. on Looking For E-Ink Applications Beyond Ebook Readers · · Score: 1

    I agree here. Some of the color LED signs are hard to read, while some of the monochromatic tend to be just plain obnoxious.

    e-Ink on that large a scale can bring about a number of nice things:

    1: For business parks, it wouldn't be hard to change the logos of businesses there on their main signs.

    2: It would be trivial for billboard companies to change signs.

    3: Stadium signs with team logos instead of "Home and Visitor".

    4: Traffic signs that don't require constant upkeep or mechanical sliding/flipping parts to show that a lane turns left or doesn't. Downside is that crooked towns will use it to change speed limits at a whim.

    5: Office/dorm room signs. This way, there is a list of who is where, but it can be easily changed on a semester basis.

    6: Better updating of who and which groups owns which conference room at what time.

    7: Parking garage maps showing spots in use, empty spots, reserved spots, and multiple spots taken by the douchebag types.

    8: If this could be done on the ground, perhaps even dynamic parking in an area. One day, RV parking would be required so spaces are marked with that. Another day, most vehicles are compact cars. Still another day might have handicapped vans that require ramp space. This way, if a place knew what people's vehicle requirements are, parking places can be made the right width.

    9: As part of #8, if dynamic road markings could be used, it would allow for better traffic control (for example to divert traffic onto frontage roads and away from the highway during a high speed pursuit, a wreck, or other disaster.)

  6. Re:umm... on iOS 5 Update Available · · Score: 1

    Titanium Backup backs the Android apps first to the SD card. Then it will copy them to DB.

    If you want to completely and utterly back up your device to DB, you can use nandroid with an app that background syncs to DB. This way, you have the complete image (OS, apps, settings) ready to go at a moment's notice, but it isn't encrypted, so that might be an issue for some.

    On the iPhone, some game apps are sane enough to store their data files in Documents so they can be copied off via iTunes. However, most don't.

  7. Re:updating it now, I think on iOS 5 Update Available · · Score: 1

    In a case like that, it can't hurt to just DFU update the darn thing. I always do that when updating between versions, even though it takes time restoring and copying back apps. This way, the device is erased completely and there is no cruft from the previous iteration of the OS.

  8. Re:umm... on iOS 5 Update Available · · Score: 1

    Correction: Untethered JB. The tethered JB is out (for the iPhone 4, and supposedly the 4S's turn is coming), but not many Cydia apps work with iOS's 5 structure as of now, so it can't hurt to just give it time until iBlacklist, BiteSMS, etc. get updated.

  9. Re:umm... on iOS 5 Update Available · · Score: 2

    I'd say the hype depends on the feature in use. The ability for apps to use iCloud for data storage (key:value pairs as well as documents) is nice to have.

    As for backups to the cloud, on Android, you have comparable -- just use Titanium Backup and Dropbox. To boot, Titanium Backup encrypts all backups to boot, so if the DB account gets compromised, your app's data is secure.

    Realistically, blowing away all hype, iOS 5 gives you:

    Scroll down from the task bar, and you get some decent widget-like functionality. Not as in depth as Android, but at least it is there for stuff at a glance.

    iCloud for music is excellent. Especially with the service that scans your MP3 stash and allows you to download AAC files on the go. This functionality is something Android lacks. Same with downloading movies.

    The ability to have pictures uploaded to the cloud immediately is useful. I'm sure there are Android apps which give this, but don't know any offhand.

    The one thing I wish iCloud could offer -- ability to save and archive off app data, is missing. Say I want to uninstall a game but keep the saved game, I have to resort to jailbreaking, and then using PkgBackup or AppBackup to pull the data to a safe place. With Android, any backup utility (I prefer Titanium Backup, but I'm sure others are able to do it) will allow you to save off the latest Angry Birds scores and uninstall the app if you need the space.

    iOS 5's main feature is iCloud. Time will tell how useful it is. I do hope for a tethered JB, so I can have it do iCloud backups without needing a Wi-Fi connection though.

  10. Re:Ex player. on WoW To Add Avenue For Real-Money Gold Buying · · Score: 1

    I'd say, try EQ2, or if you want something retro, EQ1. Yes, these games have been around a while, but they do have a solid sense of community. At the minimum, you know the trolls and the trolls are actually trying to use their heads to try to heat up 1-9 or PR chat.

    Yes, EQ2 has items you can buy in the marketplace, but it is limited to mounts, XP potions (double xp for a period of time), a rent-free house, appearance gear, and the ability to buy added character slots.

    Of course, EQ2 isn't perfect, but I play MMOs because I like the people, and one can find some very cool people who are capable of more than just four letter epithets to group/guild with.

    EQ1 is also good at this, although the game engine is a bit dated. If you can deal with that, there is an insane amount of game content -- you will never get bored, even when you hit the max level.

  11. Re:One simple question. on German State Confesses To, Downplays Government Spyware · · Score: 1

    This may be a good case for a TPM on computers. A "black bag" operation would then force the user to have to pull out a recovery key in order to boot the attacked machine.

    Of course, one can theorize about a backdoor in a TPM, but that would require a lot of international cooperation, a lot more than just using an "official" keylogger.

  12. Re:Who is in charge of redactions? on Incomplete PDF Redaction Leaks Data From UK MoD · · Score: 1

    Acrobat has a built in redaction mechanism, as of 3 years ago. It isn't just a black bar over text which is how some places used to do redactions... it actually destroys all what is under it, be it text or graphics. Once the document is resaved, the changes are permanent (no undo available, etc.)

    There is just no excuse for improper redactions. It is built into Acrobat, as well as Wordperfect. Word, you install an add-on so you get non-undoable black boxes where the juicy info used to be.

  13. Re:falling ahead? on Nexus Prime, And Ice Cream Sandwich, Go For a Video Tour · · Score: 1

    With the rapid development of Android, it is going to end up a Ford or Chevy type of thing -- either iOS or Android gets the job done, and one can argue endlessly about one versus the other.

  14. Re:USB and Gameboy port... on Was the iPod Accessory Port Inspired By a 40-Year-Old Camera? · · Score: 2

    Nintendo did a good job with that connector; from what I know, it took a lot of wear without breaking. The designers of USB could have imitated worse things.

    If I were to guess about the form factor of the 30 pin connector, it would solve a number of issues:

    1: It is decently thin. Maybe one could make a connector thinner, but then there is the engineering for dealing with high insertion/removal cycles, mis-insertion, torquing, and so on.

    2: It provides structural support. This provides it an edge over MicroUSB, because one can just mount any device on a cradle using the 30 pin connector, and it will stay in place without any additional reinforcement (molding around the bottom).

    3: It provides enough pins to handle things the original design likely never was thought to do, such as HDMI.

    4: The springs holding the connector in place are in the dock or the cable, so if those break, it is generally easier to replace that than the iPod, iPad, or iPhone.

    I would think the 30 pin connector got that way out of functionality constraints if anything.

  15. USB and Gameboy port... on Was the iPod Accessory Port Inspired By a 40-Year-Old Camera? · · Score: 1

    I'd state that the current USB port and a connector on the Gameboy would be closer than a PCB edge connector (which was made to give enough juice to pop flashes, flip the board, pop more flashes.)

  16. Re:End of the reboot? on HP To Introduce Flash Memory Replacement In 2013 · · Score: 1

    From the tinfoil hatter's point of view, it would be nice to have enough power to be able to overwrite master encryption keys multiple times, then set a flag that as soon as the CPU is turned on, to move register state aside, switch to the hypervisor, and wait for re-obtaining of keys, either by scanning the boot path and checking the TPM, checking with the Mandos server, or prompting the user for a passphrase to unlock and reload keys back into memory.

  17. Re:End of the reboot? on HP To Introduce Flash Memory Replacement In 2013 · · Score: 2

    That sounds good, but on the other hand, I don't want an app that corrupts memory to trash my hard disk.

    The tiered storage concept may sound antiquated as we get higher capacity media with higher speeds, but it also protects us against widespread data damage.

    For example, if some process had a buffer overflow, it usually will just impact the RAM its in, and at worst case, cause a reboot. If everything was all memory mapped, all the stored data would be in jeopardy, so what once would necessitate a reset button push would require a bare metal backup.

    Some tasks, like embedded stuff, this wouldn't be a problem. However, I'd stick with the tiered storage model for most computing just to isolate failure and corruption, even though the RAM level of storage may be just as fast as the disk level.

  18. Re:End of the reboot? on HP To Introduce Flash Memory Replacement In 2013 · · Score: 0

    This has been a constant plague on laptops since the early days. I've often seen a laptop suspend itself, only to require a reboot because it won't unsuspend.

    The only exception to this in my experience have been Intel Macs. They actually come up from being suspended almost always, as opposed to needing a complete reset.

  19. Re:Ofcourse not on HP To Introduce Flash Memory Replacement In 2013 · · Score: 2

    What might be interesting would be a hypervisor technology that can copy process memory space and other items to another VM completely. This way, an application sitting on VM "A" gets paused, its data copied to VM "B", and the old VM "A" shut down. Since both VMs would see the same filesystems (except perhaps /boot might be different due to the new kernel), an application likely wouldn't know or care about the kernel update unless some call it used got deprecated. Of course, there are plenty of consistency issues that would be needed to be worked out, but this is the next logical step.

  20. Re:This ruling does not last long. on Calif. Appeals Court Approves Cell Phone Searches · · Score: 1

    Just as an aside, you can use longer numerical passcodes on the iPhone, and not have to use the full keyboard. Just set your 5+ digit code and use all numbers, and the next time it gets used, it will pop up the numeric keypad, and an OK button, similar to how it asks for the SIM PIN (if one sets that.)

  21. Re:Passcode on Calif. Appeals Court Approves Cell Phone Searches · · Score: 2

    On the iPhone, if you can pull the data out with iFunBox, then the forensic tools can.

    Similar with Android -- ADB access or access to the SD card will allow the phone to be dumped.

  22. Re:70% on fully updated installs. on How Windows Gets Infected With Malware · · Score: 1

    Malware doesn't need UAC to deliver a payload. A lot of stuff can run as a user:

    1: Slurping up files.
    2: Obtaining keystrokes can be done with some software in userland.
    3: Some Web browsers install in the user's home directory. Hooking into that or modifying the executable directly isn't difficult.
    4: Running a botnet client can be done.
    5: User documents can be encrypted with an obnoxiously large public key and a note left where to send the random money.
    6: Caches can be riffled through to look for contacts to target for spear phish attacks.

    Even without Administrator access, malware can do a number on a user. Heck, even without leaving the context of the Web browser, it can sit and wait until someone logs on their bank, then use the authentication cookies to perform a transfer while putting up a bogus screen for the user (like site is down or whatnot.)

  23. Re:No iPhone 5, just iPhone 4s on News From Apple's iPhone Event · · Score: 1

    Maybe they can put out an unlocked version of the phone. Now, that would be extremely useful. This way, you can use a GSM provider if the CDMA doesn't have coverage in your area, although why two providers for one phone would be beyond me.

    But more realistically, it would make the device extremely useful when travelling without having to pay the insane roaming fees.

  24. Re:My professional opinion on SAIC Loses Data of 4.9 Million Patients · · Score: 4, Insightful

    Nail. Head. Hit.

    "special hardware and software" gets me...

    A LTO-5 drive and access to GNU tar or cpio is an alt-tab away for a number of IT people.

  25. Re:Espionage? on SAIC Loses Data of 4.9 Million Patients · · Score: 1

    Any firm that doesn't have a chain of custody of tapes is failing ITIL 101.

    For example, on premises, tapes should be either sitting in the silo, inserted in a tape safe [1], or in the blue containers with a seal on them waiting for the IM van.

    Not rocket science here. It is disappointing seeing organizations not follow this.

    [1]: Businesses need an on premise tape safe. This is less for security (since the safe should be located fairly near the data center, and behind locked doors), but for protection in case of fire.