Slashdot Mirror


User: mlts

mlts's activity in the archive.

Stories
0
Comments
5,534
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 5,534

  1. Re:Procrastination on There Is No Plan B, the Ugly Transition To IPv6 · · Score: 1

    What I see is that city planners actually build roads to maximize traffic congestion. Cars stopped on a highway are not wrecking, so it makes the municipality's death stats look better.

    It gets me wondering if the car death statistics are not as much due to safer cars, but the fact that there are far more cars on the road, that the speeds where deaths happen just can't be reached on a day to day basis.

  2. Call me dense, but... on Inside Facebook's Infrastructure · · Score: 4, Interesting

    Call me dense, but with all the racks of 1U x86 equipment FB uses, wouldn't they be far better served by machines built from the ground up to handle the TPM and I/O needs?

    Instead of trying to get so many x86 machines working, why not go with upper end Oracle or IBM hardware like a pSeries 795 or even zSeries hardware? FB's needs are exactly what mainframes are built to accomplish (random database access, high I/O levels) and do the task 24/7/365 with five 9s uptime.

    To boot, the latest EMC, Oracle and IBM product lines are good at energy saving. The EMC SANs will automatically move data and spin down drives not in use to save power. The CPUs on the top of the line equipment not just power down what parts are not in use, but wise use of LPARs or LDoms would also help with energy costs just due to having fewer machines.

  3. Re:Facebook ID on Inside Facebook's Infrastructure · · Score: 1

    I use four items for FB:

    First, i assume anything I put on FB will end up in my worst enemy's hands, with the paranoiac fantasy #include option turned on. This means not listing when out on vacation because someone who may be interested in a burglary might be reading, not listing where I work, not listing the exact model of vehicle I have, and so on.

    Second, what I do is set permissions so all my stuff is only visible by one group of friends. This group, I manually add people too. This way, should someone I don't intend accidentally get friended, or it is someone that I have to friend someone for political reasons, they will have friend access to essentially nothing.

    Third, every 4-6 months, I go through my FB profile and delete stuff. No, it isn't deleted completely as I am sure that FB keeps snapshots as well as changelogs, but it doesn't hurt to preen information from there.

    Fourth, it is good to always check permissions on FB privacy settings and applications periodically. A lot of people end up with a rogue app on their profile spamming friends with malware-ridden links.

  4. Re:Free for all, or app market? on RIM Doesn't Want 200 Fart Apps · · Score: 1

    I like the idea of a bifurcated app store where on one hand, you have approved apps that have been vetted somehow (some scanner for API calls, etc.), then a free for all store with an app removal mechanism.

    However, the biggest problem is Joe Sixpack. One reason why Microsoft and Apple take the walled garden approach is because of Joe and the dancing bunny security problem. Phone OS makers fear Joe downloading something from the app store that is very dodgy, it doing something bad on his device, then he gets his friend Jack Reporter to do a local scoop on how this phone maker has no security.

    How does this get solved? There needs to be a technical obstacle high enough to keep Joe from hopping out of the walled garden to be eaten by a grue, but for people who know what they are doing, the obstacle would be nothing. Perhaps the process of rooting a Nexus 1 with the oem unlock command, or copying a file via adb push would be sufficient to keep Joe in the padded cell. Of course, a warning that the warranty would be null and void doesn't hurt.

  5. Re:Accelerometers in phones? on Could Anti-Texting Laws Make Roads More Dangerous? · · Score: 2, Interesting

    If texting ends up similar to DWI, that might just happen, where front line police officers would be able to check a person's call records for any calls/texts made in the past 1-5 minutes on the phone... perhaps even be able to have some augmented reality item that scans license plates, checks the owner's call records for any calls/texts made, and that would be grounds to pull someone over, even if it isn't the owner driving the car.

    Would it go this far? Who knows. However, this can be easily done, and because citations are a great revenue source for municipal areas who are unable to raise taxes, it might just end up happening.

  6. Re:Punish results, not behavior on Could Anti-Texting Laws Make Roads More Dangerous? · · Score: 1

    A lot of the people who don't care about their driving record also don't care about their credit history. Another judgment on the credit record? They wouldn't care. All that they would do is just make sure they change their cell number periodically so the bill collectors don't pester them, and toss the notices the constable hands them about appearing at trials into the trash compactor.

    Most slashdotters have pride in how they drive and how good their credit record is [1]. Sometimes it is hard to remember that there are those out there who just have no care about these things. And those people are on the roads.

    [1]: Of course stuff happens, but most people actually try to pay their bills on time when they can.

  7. Re:Accelerometers in phones? on Could Anti-Texting Laws Make Roads More Dangerous? · · Score: 2, Insightful

    I don't agree about the locking down phones or creating Faraday cages. However, the morons who text and drive recklessly usually are not the ones who die in the crashes, but the people they hit. If one looks at car wrecks involving drunk drivers, one finds that because the drunk caused the collision by a frontal impact (as well as being relaxed), the car mitigates most of the damage through the crush zones, airbags, seat belts, etc. However the other car that gets rear-ended or T-boned usually only has inches to feet to mitigate the kinetic energy before passing it to its occupants, causing far more grievous injuries.

    Here, the solution needed is a legal one -- texting means automatic 100% fault assignment and can be considered gross negligence which allows for triple damages, just like hitting a pedestrian is always the vehicle driver's fault.

  8. Re:Accelerometers in phones? on Could Anti-Texting Laws Make Roads More Dangerous? · · Score: 4, Insightful

    How about we have some expressways that are completely computer controlled? Punch in a destination, hand control to the computer, let it merge the vehicle, handle the distances between cars, slowing cars down a tad to get people in, etc. I'm sure a central computer can handle moving vehicles on a freeway a lot better than a thousand drivers with their individual reaction times can.

  9. Re:actually scary on Stuxnet Worm Claimed To Be Devastating In Iran · · Score: 1

    You hit the nail on the head with this.

    When i was doing consulting last year, businesses had zero interest in paying more than just a token amount for security. The PHBs would say, "why bother, security has no ROI, and any hacker that wants in would get in anyway?"

    Of course, when I asked the question about how they would deal with a compromise in progress, "we would call Geek Squad and they would send people to fix it" would be their answer.

    I think things won't change until destructive software becomes the norm, like it did back in the late DOS days where most viruses would try to format the C: drive or zero out the flash BIOS.

    However since it is more profitable for the bad guys to sniff passwords and have botnet clients spamming away, rather than erasing PCs, Joe Sixpack won't be bothered to take security precautions. Just like a dog being punished too long after a crime, Joe will not connect the lack of following basic security guidelines with the fact that his WoW account got hacked and banned, the bank account got emptied via a check (where there is no way to get the money back), friends asking Joe on FaceSpace to stop inundating them with malware links, and Joe's ISP cutting his connection due to large amounts of outgoing spam.

  10. Re:Spreading havoc? on Stuxnet Worm Claimed To Be Devastating In Iran · · Score: 1

    I can confirm this. Last year when I was trying to get a prototype of a new type of hard disk jukebox built [1], I learned that there were only a few companies out there with the expertise to do a basic design for a hard disk autochanger robotics. One was Siemens. The other firms were Chinese ODMs.

    So essentially if I wanted the engineering necessary, with a tried and true company, it is Siemens or nothing.

    [1]: I was doing research on a hard disk autochanger that could use 3.5" drives without enclosures similar to a tape jukebox. This is easy if the drives are in enclosures. It takes engineering if the drives are just bare.

  11. Re:Spreading havoc? on Stuxnet Worm Claimed To Be Devastating In Iran · · Score: 1

    I know some firms which are starting to airgap. They have a machine for signing executable code or documents which never touches the Net, and all patches for the OS are installed via removable media. Even USB ports are disabled with BIOS protection and physical snippage of leads on the motherboard except for single port for the SD card reader. This keeps a USB flash drive from saying it is something else.

    Maybe it is time to go back to the tried and true and move a bit towards more eggs in one secure basket, as opposed to many insecure buckets?

    Maybe it is time to go back to the mainframe for some tasks? Yes, they are boring, but you know they will be running when you come into the office in the morning, and the IBM rep is on site fixing a problem if something failed over transparently. Mainframe security issues are a lot rarer, and if they do happen, it would be with the client OS in an LPAR.

  12. Re:No hefty consultation fees needed on Stuxnet Worm Claimed To Be Devastating In Iran · · Score: 1

    Another idea is to have a hypervisor OS that is locked down and can do auto snapshotting. This way, if the Windows VM gets compromised, it can be rolled back, the infected snapshot cloned for forensics, and life can go on. VMWare can pop snapshots automatically and maintain them by day/week/month.

    Caveat: This is if you know the point in time the machine got infected. A lot of malware will install and then go dormant to make it harder to find when a box got compromised.

  13. Re:Honest question on AppleTV Runs iOS, Already Jailbroken · · Score: 1

    Big difference. Linksys does not care what you install on their routers. In fact, they sell some with larger flash space just for OSS based firmware distributions.

    Apple does care, and takes active steps to patch JBs.

  14. Re:Honest question on AppleTV Runs iOS, Already Jailbroken · · Score: 1

    I'd say they are pretty tough to hack. The iPhone 4 took almost 2 months to JB, even with the Dev Team having betas of the OS. Nobody else came close with a method to do this. 4.1 is still secure and most likely it won't be jailbroken until 4.2 comes out at the earliest.

    So, Apple is getting their devices pretty well locked down as time goes on.

  15. Re:Gluttons for abuse on AppleTV Runs iOS, Already Jailbroken · · Score: 1

    I am actually amazed Apple has not used TrustZone and the no executable features of the ARM chipsets yet.

    What is going to drive Apple to actually start doing the modifications to iOS to make it able to deal with the two world concept of TrustZone are most likely app pirates. Apple never cares about items like LockScreen, but what will get developers to abandon the iOS platform in droves are seeing apps they worked on being put on a site to be downloaded in bulk by freeloaders. Google has a secondary mechanism in place so it doesn't matter if an Android phone is rooted or not, app pirates have to crack each app one by one. It would be nice to see Apple do the same, so they can focus less on making their iOS devices locked down, and more on cool new features.

    So, when Apple does start using TrustZone, and having the apps run in the insecure world... you can thank the app pirates for that.

  16. Re:What good would the government do anyway? on Aussie Gov't Won't Help Fight Cyber Attacks · · Score: 2, Informative

    The only way I have seen that implemented report gathering for SCADA systems, where security was decent, was a setup akin to the following:

    1: The systems were on their own private network, airgapped from everything else.
    2: A machine polled them, and wrote the logs to hard disk accessible by a second machine in XML format with a header for files.
    3: The second machine would copy the logs through a serial port with the rx wires cut on one side. It was configured not to care about ACKs, just send data, don't expect anything back.
    4: The machine on the other end of the serial cable was configured to listen to what came through and write the data to files specified by the XML contents.
    5: These files were picked up and made available on an external Web server.

    If the machine that received the logs got compromised, the worst that could happen was that the input from the serial cable would be ignored and bogus logs written on that machine. It would be almost impossible to touch any machine in the internal network with the SCADA stuff without having physical access with this type of setup.

    Of course, the bottleneck was the serial port, but with the relative low amount of data being polled and written, it was not that big an issue, compared to getting the reports out on time.

  17. They nearly bagged the MP3 player... on Other Tech the Senate Would Have Banned · · Score: 1

    If anyone remembered the legal battles Diamond had to fight against the RIAA to keep the Rio PMP 300 in production, it is a miracle we have MP3 players at all.

    After the RIAA vs. Diamond fight, every player out there had some form of DRM [1], at the minimum something to keep people from copying music from the device to the computer. Some players had a proprietary application. Others encrypted the music with a key only that player had when it was copied.

    Eventually this was dropped. Creative put out versions of their software that allowed copying music from the player to a computer.

    Of course, Apple hammered the final nail in this coffin. Even now, you can copy music from your iPod or iPhone to your computer, although it either takes a third party application in some cases.

    Had the RIAA had their way, MP3 players likely would either never be around, or have been forced to have very Draconian DRM technology on them, probably like the early Network Walkmans Sony had where one had to check sounds in and out of a device (as opposed to copy), only three instances of a song could ever be copied, and there was no such thing as backups -- reinstall of a computer meant having to re-rip the complete music collection.

    [1]: Anyone remember the SDMI initiative, essentially required DRM on any and all players.

  18. Re:Meet the new boss, same as the old boss on Obama Wants Broader Internet Wiretap Authority · · Score: 1

    Exactly. Put backdoors in the encryption, and the people who are using the backdoors may be more than just law enforcement... it could be foreign intel services looking for weaknesses or just ways to find secrets to hand to their domestic industries, it could be criminals looking to pull off a multi-billion online heist, or others.

    We had this same argument in the mid 1990s with the Clipper chip. The bad guys could zero out the LEAF fields making it impossible for law enforcement to get the escrowed keys. Then shortly after Skipjack was declassified, it was broken. Think if this algorithm was at the core of our infrastructure today? The bad guys would be happily using it and decoding messages encrypted with it. The good guys would be wondering how their stuff ends up being leaked. Law enforcement will wonder why the keys used by the bad guys would be unobtainable.

    I'm glad those days are over.

    The ironic thing: Government is better off with unbreakable encryption than it is without. In fact government needs unbreakable encryption, so if a backup tape, laptop, or USB flash drive "walks off", it is "just" a hardware theft, as opposed to a severe data loss and compromise in addition.

  19. Re:If they are worried... on IBM Warns of China Closing the Supercomputer Gap · · Score: 1

    This was one of the stupidest (IMHO) moves IBM could have done. Before they jettisoned the PC divisions, their salespeople could approach a customer and have a complete solution. The backend databases would be on DB2 running on a zSeries or pSeries server, the System X machines to run Active Directory or Lotus Notes, and black PCs and Thinkpads which had a reputation of top notch quality.

    Essentially a one stop shop. Yes, it was expensive, but a business could pay for it and have just one single point of contact, perhaps two they need to worry about if something in production goes TU.

    Now, Thinkpads are not considered executive machines from what I personally seen. What do I see corporate brass running around with if they have a choice of the cream of the crop? Macbook Pros and BootCamp.

    I just wish they didn't cede the desktop market to Dell/Windows because now, due to out of sight, out of mind, Joe Sixpack doesn't even think of IBM anymore unless one of their commercials runs.

  20. Re:I'll miss them on Blockbuster Files For Bankruptcy · · Score: 1

    On the other hand, having brick and mortar stores meant they were spending money in the communities for rent, employing people, and so on, better that than just having everything offshored or at some large nondescript warehouse. Companies like Amazon and Netflix slurp money away from communities never to be seen again. At least BB would keep some locals employed and storefronts full.

    Maybe it might be a good thing. I'd like to see a "big box" video rental place that doesn't just have a back wall of the same movie, but perhaps more esoteric stuff, such as films from local artists, documentaries, a good cheesy horror collection, a large anime collection, a decent Chinese kung-fu movie with funky subtitle collection, and so on. For security, get some of the newer Clear-Vu cases that require more than a youtube video to defeat the protection, and one could start a decent rental business, perhaps giving the customer a return envelope for the DVD so they don't have to come back to that location, just drop the envelope in any mailbox.

    I'm sure something like this would sell. BB didn't change with the times, but I'm sure people still want to rent a movie somewhere physical, without having to wait for it to arrive in the mail or wait for an intermittent Net connection to try to stream it.

  21. Re:I Won't on Blockbuster Files For Bankruptcy · · Score: 1, Informative

    If given a choice between late fees versus streaming and bandwidth overage charges, I'll take the late fees. Same with scratched media versus looking at a circle of 8 dots blinking during the high point of a movie while the thing rebuffers.

    As bandwidth shrinks in the US, the real victor for Blockbuster leaving the arena will be cable companies and pay per view because broadcasting is cheap for them, as opposed to streaming which takes up bandwidth.

  22. Re:That's Everyone on In France, Hadopi Reporting Begins, With (Only) 10,000 IP Addresses Per Day · · Score: 1

    You are assuming a judge has basic TCP/IP awareness. I can see the plaintiff/prosecution demanding charges against everyone whose MAC is stated in that minute of DHCP handshaking and the judge convicting/finding guilt on that, especially with the guilt/innocence being preponderance of evidence. It wouldn't be hard for a plaintiff to prove someone is more guilty than not if their MAC shows up during the time interval, especially if the plaintiff says that MAC addresses are easily forged/changed.

  23. Re:Realistically though... on In France, Hadopi Reporting Begins, With (Only) 10,000 IP Addresses Per Day · · Score: 1

    They will do what the Hurt Locker law firm did in the US, and try thousands of people in one court case. "Of course, since the ISP provided the names, they must be guilty." will be the main argument, and I wonder how many judges will not automatically find guilt just based on that alone. I am cynical and think quite few.

  24. Re:Carte blanche on In France, Hadopi Reporting Begins, With (Only) 10,000 IP Addresses Per Day · · Score: 4, Insightful

    What happens in France with this bill will echo throughout the world. If it is successful, politicians in the US and UK will follow suit and start allowing entities who have no law enforcement duties to be able to demand millions of names daily from ISPs.

    Of course, a conviction in a criminal case or a finding of guilt in a civil case would be a rubber stamp by a judge -- Plaintiff says "ISP said this is who it is, this evidence cannot be faked" Judge drops the gavel and moves to the next case.

    Then we will find that abuses have started happening. Advertisers would have been using the mechanism to pull RL names of people who visit their websites so they can sell that information.

    We will then start to see law firms performing one lawsuit (because it is easy to try) with 50,000+ defendants (think the Hurt Locker legal wrangling.) This will become commonplace as precedent sets in showing that a name popping up on the IP list is an automatic guilt finding.

    Blowback? Anonymous VPN services will start to become a lot more popular when Joe Sixpack sees his friend Jim Riverhead get hounded by bill collectors daily for a multimillion judgement for downloading an album.

  25. Re:Heh on Copyright License Fees Drive Pandora Out of Canada · · Score: 2, Informative

    I have a good amount of iTMS bought stuff (just because it is easy to grab a band's new release while at work.) The only DRM on the tracks is the fact that they are stamped with the account ID they are bought under.

    Some people might call AAC DRM, but most "MP3" players are able to play this format these days. Most of the Sansa players can play AAC formatted files, Zunes can, most Android phones are able to play this format.

    Now, if you are talking video, or iTunes in some other countries which still is FairPlay encumbered, I'd agree with you. However, here in the US (and likely in Canada), music tracks purchased on iTMS are free and clear.