Slashdot Mirror


User: mlts

mlts's activity in the archive.

Stories
0
Comments
5,534
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 5,534

  1. Re:Super on Rear-View Cameras On Cars Could Become Mandatory In the US · · Score: 1

    You are right. Sit in a 1990s pickup compared to a recent model. It is a lot harder to get a 360 view without using your mirrors in recent models.

    However, it is less style than positioning side airbags and rollover curtains. Side airbags have made windows be higher and smaller than windows of pre-2000 cars.

    Is it worth the safety gain for better protection in a T-bone versus less visibility? This can be debated, but things won't be resorting, one has to start using mirrors and the backup camera in newer vehicles.

  2. Re:Cryptography FAIL on Canon's Image Verification System Cracked · · Score: 2

    It depends on the smart card. I'd love to see someone extract a private key out of a CAC, for example. There are other smart cards which have been completely compromised, but newer ones made within the past couple years are getting to the point of having decent security.

    Nothing is 100% secure, but CACs are good enough for the DoD, and that says something.

  3. Re:_much_ police evidence by Canon on Canon's Image Verification System Cracked · · Score: 3, Insightful

    From what I've seen, usually images are vetted by people, either experts or others being asked by the judge, "Do you swear that these images are authentic?" An affirmative answer to this usually has more weight in our justice system than signatures and certificates, even though it is a lot harder to fake a cryptographic signature than lie under oath. A defense attorney would be rebutted by a prosecutor stating:

    "These men swore an oath that this was the authentic image. Versus some random numeric mumbo-jumbo of stuff that can say an image is wrong even when it looks exactly the same to the eye."

    If you are lucky, the jury might be clued enough to consider that reasonable doubt. However, most likely the jurors won't be computer savvy. They likely will not know the difference between a PKI system versus a ROT-13 encrypted message and their eyes will glaze over if presented with technical encryption details.

    Convincing Joe Sixpack of something takes a different way of thinking than persuading an educated /. person who has a clue about cryptography and knows the difference between actual security versus theater.

  4. Re:What kind of proof was this supposed to be anyw on Canon's Image Verification System Cracked · · Score: 1

    Cracking one chip doesn't mean that they all are cracked. The concept is sound, and all it takes is another rev of the chip to have better anti-tamper protection. For example, one cryptographic token maker, someone had a website about being able to use hot water to pop the case in two for access to the chip. They (IIRC) learned their lesson and started using poured epoxy with no seams before putting the case on. None of their newer tokens have been cracked, as far as I know.

    Right now, TPM chips have no physical protection, it is even stated prominently on sites that this is the case. However, eventually they will end up going the route of HDCP chips, and being epoxy-blobbed to the motherboard and/or put in a more tamper resistant package.

  5. Re:Cryptography FAIL on Canon's Image Verification System Cracked · · Score: 2

    What they should have done was have exactly as you stated -- a tamper resistant CPU, akin to smart cards. This would have a private key generated and stored on the chip. Canon would have a certificate that would sign the private keys (so someone couldn't just fake a private key with a hacked camera body.)

    This way, if camera "A" got compromised, every other Canon camera out there would still be protected. It appears that the method they used, if one camera got hacked, every one was broken open because they all used the same private key.

  6. Re:Free MS Security Essentials on Antivirus Firms Short-Changing Customers · · Score: 1

    It definitely is a solid product. Its big brother (Forefront Client Security) has been advertised by microsoft as the only enterprise level A/V solution that can actually actively stop the zombie apocalypse.

    Just the anti-undead capabilities put it ahead in this match for enterprise level AV stuff.

  7. Re:Windows - Microsoft on Antivirus Firms Short-Changing Customers · · Score: 1

    There are two different Symantec products that do AV:

    Norton-named stuff, which is the home version. It isn't bad (especially NAV 2009 or newer), but with MSE, why bother, unless you are buying a suite with other utilities.

    Symantec-named stuff, the enterprise version. SEP (Symantec Endpoint Protection) is decent in my experience, especially for enterprise level stuff (NAC, reporting to the bean counters that every machine has AV and is up to date at such and such a time, enforcing policies that come from misreading SOX/HIPAA/etc., etc.) SEP also doesn't require yearly sub renewals... but instead, how you pay is for support, which businesses should have.

    I have a swear by/swear at relationship with Symantec. PGP Desktop is a must have for any Windows user (mainly for encrypted E-mail with smart cards and easy managing of my private key's WOT), but there are cases with some smart cards where you have to smack around the background PGPServ process every so often so it works.

  8. Re:Logistic issues I see: on Foodtubes Proposes Underground, Physical Internet · · Score: 1

    A ROW for fiber is a lot easier than a tube which has a relatively large diameter, and can interfere with other things. It isn't hard to route a fiber conduit around a large sewage tunnel; it is hard to do the same with a freight tunnel.

    If I read the TFA correctly, the tunnel powers the induction motors which are stationary, making the cargo more of a passive item to be moved, so a dead induction motor means that everything at that junction will end up with problems going through there.

    As for the person who gets rendered (rendering along the lines of food processing, not CPU processing) in the tubes, there isn't any court precedent set. Subways, it is understandable who loses, same with power plants. However until the courts have had cases where the tube owner is found not culpable because Mr. Splatterbottom decided to crash out inside after a drinking binge, this is still iffish and a good attorney might find some excuse to get the judge to find for the plaintiff. I'm sure the tunnels will have entrances at the depots, but there are also access hatches for servicing, which unless securely locked down, someone will find their way in who shouldn't belong there.

  9. Re:Expect resistance on Foodtubes Proposes Underground, Physical Internet · · Score: 1

    In the US, this might be useful, but if the tubes get saturated, I'm sure short haul trucking may not be dented. Especially of the cost of getting tube access from a warehouse to a store is high.

    USPS, et. al. won't be affected, unless we can get Heinlein-style intercontinental ballistic tubes going. They likely wouldn't be affected much due to their business being regional, or national for the most part.

  10. Logistic issues I see: on Foodtubes Proposes Underground, Physical Internet · · Score: 5, Insightful

    1: Getting right of way to drill the holes needed for that stuff.
    2: Maintaining it. It sounds like if the induction motors break down, fixing those would be a PITA.
    3: Unsticking the cargo if it gets jammed somewhere.
    4: How many of these can travel through the tube network at a time? If the induction motors can't handle that many, it might not be as efficient as the company touts.
    5: Security of cargo. I'm sure there will be people who would love to divert things to their end.
    6: Transients climbing in the tubes, and cleaning the messes up if they get struck. If a bum dies in the tunnel, does the company get sued for wrongful death?
    7: Plans for power outages.

    There are a number of basic logistical concerns. It would be nice to have a freight tunnel system, but it is fraught with a number of issues.

  11. Re:Antivirus? on AVG 2011 Update Causes Widespread Problems For 64-Bit Windows · · Score: 1

    You would be surprised -- some broadband places hand you a CSU/DSU, tell you to "plug computer in here" and go on. This is why I end up making sure friends/family have at least a basic firewall like a Cisco ASA 5505 or 5510.

  12. Re:This FUD may create a business niche on Jailtime For Jailbreaking · · Score: 1

    Grr, hate replying to myself... meant "create a niche". Darn typos.

    One clarification: The nice thing about Android, it can be made into a decent balance between a UNIX environment and a place to run mainstream commercial apps. So, a phone can run the balance of being tweakable with nmap and other tools a command window away, as well as handling Exchange and other communications.

  13. This FUD may create a business niche on Jailtime For Jailbreaking · · Score: 1

    Maybe all this FUD about jailbreaking/unlocking may create niche -- a cellphone for people wanting open access to their device, where the only limit on them is the hardware limitations. I'm sure there are people out there who wouldn't mind paying for an Android phone that ships with su available, stock Android UI (no MotoBlur or any other vendor/cellular carrier stuff), and with the source code available for all parts of the OS so custom builds are more of spending time making cool features, not trying to fight one's way around manufacturer created obstacles like signed kernels, eFuses, or the like.

    If it wasn't so close to the end of the model's production cycle, I'd consider a N900 just on principles alone, although it really would be nice to have Google make an ADP with up to date hardware specs for running Android apps.

  14. Re:A major "con" of cloning falls apart on Dolly the Sheep Alive Again · · Score: 1

    This sounds a lot of what caused the Irish potato famine. A monoculture of Lumper potatoes. All it took was one blight and there went the the whole crop.

    Of course, there were other items as well (such as the English demanding their food exports regardless of the famine-level conditions),but had other potato breeds been used, some crops would have died off, but others would have persisted.

  15. Re:That old saying applies on Attack of the Trojan Printers · · Score: 1

    You work for a firm that is run by people with a clue.

    A lot of PHBs at SMBs just say "security has no ROI" and only worry about an edge firewall and antivirus products on the PCs as the main security bastions. Because one can romp freely through their internal network without setting off an IDS or getting the brains splattered by an IPS, these are the gold mines for blackhats, as usually the SMBs have a good sum of unprotected salable data, and a large pipe to use for DDoS abilities.

  16. Physical access == pwnage on Attack of the Trojan Printers · · Score: 3, Insightful

    Nothing really new here, other than perhaps people realizing that printers are a network entity (which they have been at least since the HP LaserJet cards). As for housing a blackhat-usable machine, that has been done for ages, as it isn't hard to just plug in a laptop or network powered biscuit PC and start firing up nmap.

    How to protect about this? Cisco's core routers have plenty of tools to deal with rogue devices (MAC address locking per port, healthchecking, etc.) Wireless networks take some more doing, but can be just as well locked down.

  17. Re:Sarah Palin... on Sarah Palin 'Target WikiLeaks Like Taliban' · · Score: 1

    I'd disagree -- the election would have been in the bag for the Republicans had the bank failures not have happened in September. This woke up the voters when they kept hearing words like "Great Depression imminent", and seeing large named banks about to completely collapse due to bad securities.

    Before then, McCain/Palin had the upper hand and a pretty sizable war chest. They almost certainly would have won, especially in the key battleground states had the economy not given up its ghost when it did.

  18. Re:I Disagree with Your Assessment on Sarah Palin 'Target WikiLeaks Like Taliban' · · Score: 4, Insightful

    Problem is, and to use a car analogy, we are watching two teams fight and jostle for access to the steering wheel of a bus that already ate a guard rail, has careened off the road, across the median, and is now into oncoming traffic with nobody really watching where it is going.

  19. Re:Huh? on Microsoft Ups Online War, Says Google's 'Failing' · · Score: 1

    You would actually be surprised. A lot of cloud providers will say, "trust us, we use passwords and encryption and even electronic locks for physical security", and clients will happily hand over their data. They even pitch SOX and HIPAA compliance without even citing the relevant parts of the law.

    So, people trust cloud providers without looking at the SLA. Then when the cloud provider goes bankrupt, all their private HR info, their customer sales rolls and such now is public info, and there is not a single thing the former cloud customer can do about it.

    Clouds have their uses -- backups after an encryption API, or getting capacity up. However, people need to realize if unencrypted data leaves a facility, it should be considered public record.

    Don't forget that access to the cloud resources may need a heavy beefing up of the edge network, where simple core LAN infrastructure would have done the job.

  20. Re:This is a problem not just besetting AT&T on AT&T Goes After Copper Wire Thieves · · Score: 1

    I think that is exactly a tool that might need to be used more, although it takes resources and manpower from an already strained system (and property crimes are low on the list in general) -- more sting operations like that. Perhaps even a recycling center that is persistant, but is able to keep tabs on the perps just for evidence reasons.

    A long term sting like that would do three things -- make the thieves doing that leery of recycling centers in general, throw a number in prison, and perhaps help find other centers that knowingly accept stolen goods and shut them down from info given by questioning.

  21. This is a problem not just besetting AT&T on AT&T Goes After Copper Wire Thieves · · Score: 3, Insightful

    One of the reasons newer A/C condensers have signs like "NO COPPER INSIDE" is exactly because of this.

    The reason for this happening? Copper is in areas that have no guards, alarms, curious onlookers. Then it is just one insulation-burning step away from a recycler and cash per pound.

    The only real solution is to start forcing recyclers to have a chain of custody, similar to what pawnshops have when someone tries to sell/pawn something. No "well, I got this copper from an old remodel I just did" BS which serves now. Require a valid ID for sale with valid contact info. Some recyclers do their homework with this, but there are always others who don't.

  22. Re:Not that hard to kill facebook's tracking on Facebook's 'Like This' Button Is Tracking You · · Score: 1

    +1. Best place to keep FB is on its own Web browser separated from everything else using SandboxIE or a VM. Then on the other Web browsers used for general browsing, have their cookies auto-blocked. If you want to "like" something on FB, cut and paste the link into the FB browser.

  23. Re:It's an API! on Windows 7 Phone Gets Jailbreak Tool · · Score: 2, Interesting

    Windows CE isn't a bad OS. I wished MS could have taken a different tack, but I sort of understand how they are going with WP7:

    1: Release as closed as possible.
    2: Add functionality.

    The reason for this is that if they continued with the "open" platform of WM6.5, eventually there would be malware on the platform and the whole ecosystem would be known for being "insecure" just as users bash Windows on their PC for being "insecure" (when it is their own fault for installing pr0nviewerxxx.exe, or they get nailed through a Web browser or add-on, something the OS can't really protect against [1].)

    I predict that eventually MS is going to allow signed executables onto their devices, as well as a way for the enterprise to slap a root cert onto devices so they can have in-house apps and easily distribute/update them via OTA. However, I am sure MS wants to go slowly at this and watch iOS and Android's mistakes so they don't get stung by rogue apps, or Web browsers that allow a phone to be compromised by merely hitting a site.

    [1]: Of course, no OS is completely secure, but comparing oranges to oranges, Windows is on par for the course, supporting ASLR, DEP, and other security features. The battle for the desktop is being fought at the browser, add-on, and Trojan executable points these days.

  24. Re:IBM patent quality on Inside the Labs At HP, Microsoft and IBM · · Score: 3, Interesting

    IBM has some patents that are actual innovations, rather than "hmm, lets patent the fact that water is wet and farts smell" type of crap that is all too common these days:

    Take the ZTIC. This is simplicity in itself, but if banks actually used a device like this (handed it out to their customers and made them use it), it would essentially stop bank and credit card fraud cold.

    Another item is IBM's hard disk research -- this got us from the megabyte drives to the terabyte drives with GMR and other ways to drastically increase the areal density of HDD platters.

    The thing that HP, Microsoft, and IBM do is pave the way for others in the field, and often this is lost on people. It takes someone making a battery technology before someone else can make a device that uses it.

  25. Re:Alternate viewpoint on Level 3 Shaken Down By Comcast Over Video Streaming · · Score: 1

    Nail, head, hit. Their crying to Congress and wailing in the streets is nothing more than a way to try to extort or wheedle revenue, nothing more.

    Why can't they just get their act together, shut up, and build like every other firm that has to handle customer traffic?

    The *only* reason Comcast is even in business is because of their monopoly status. Elsewise, they would be in the dustbin of history by now with all the dialup ISPs.