Slashdot Mirror


User: LordLimecat

LordLimecat's activity in the archive.

Stories
0
Comments
10,208
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 10,208

  1. They actually do, but if you want to insist that Microsoft (and technicians everywhere) knows less about what a "full format" does than you do, you can believe that.

    I would wonder, of course, why-- if it were the case that the full format "sets up the file structure"-- I can do a quick format on
      * A "Mac-ready" drive
      * A freshly purchased drive
      * A drive which has been DBAN'd
      * A drive which has had "dd if=/dev/urandom of=/dev/sda" run on it

    and it works with exactly the same performance as a full format, if the full format is doing "extra things".

    There are a lot of articles out there by tech journalists which repeat the meme that it somehow makes a difference, but it doesnt; Im willing to bet that if you were to zero out your drive, install windows, plant a single 100MB video on that drive, and then full format it, that I could recover that video file 95% intact within 30 minutes.

  2. Re:By Design on Misconfigured Open DNS Resolvers Key To Massive DDoS Attacks · · Score: 1

    If there exists a better solution, I'd like to hear about it.

    BCP 38, which does the source address checking where it can be done-- at the first hop controlled by the provider and router of the IP address, the ISP. They know what IPs should be coming in from which ports, since they provide the ports and IP addresses (port in this case meaning PoP / physical connection).

  3. Re:By Design on Misconfigured Open DNS Resolvers Key To Massive DDoS Attacks · · Score: 2

    that anybody can spoof source IP addresses

    Its absolutely realistic, and that statement is only true because ISPs are lazy.

    Look, Im verizon. I know that my DHCP servers in a neighborhood are providing 98.142.30.0/24 to those folks. Hey look, a packet claiming to be sourced from 132.29.42.27, I wonder if thats legitimate or if my border routers should just drop it?

    There is NO scenario where a wired internet connection should be spoofing IP addresses, because the ISP will NEVER be able to deliver return traffic to that person. I have heard that there are possible justifications for spoofing in the mobile space, but lets be realistic; 99% of bots are not mobile, they are on static lines where ingress filtering would put an immediate stop to amplification attacks.

    Your idea that DNS servers now need to fire off ICMP traffic to verify source address- what happens when the IP is legitimate, its just someone else? Now on top of your large zone file that youre going to hit them with, youre dumping ICMP traffic too-- you just made the amplification attack stronger.

    TCP/IP (and ethernet) operate on the assumption that nodes are not lying when they write their source MAC and IP addresses. It is technically possible for a node to do so, but guess what-- it is trivial to implement layer 2 and layer 3 ACLs to stop that crap at the first hop.

  4. From the horse's mouth:
    http://support.microsoft.com/kb/302686

    When you choose to run a regular format on a volume, files are removed from the volume that you are formatting and the hard disk is scanned for bad sectors. The scan for bad sectors is responsible for the majority of the time that it takes to format a volume.

    If you choose the Quick format option, format removes files from the partition, but does not scan the disk for bad sectors. Only use this option if your hard disk has been previously formatted and you are sure that your hard disk is not damaged.

    If you installed Windows XP on a partition that was formatted by using the Quick format option, you can also check your disk by using the chkdsk /r command after the installation of Windows XP is completed.

    There is no difference between running a quick format followed by chkdsk /r, and running a full format.

  5. Re:Article is garbage on Misconfigured Open DNS Resolvers Key To Massive DDoS Attacks · · Score: 1

    Youre not understanding how the spoofing works, and "the way out being clogged" is irrelevant when youre getting 100-1 amplification off of large numbers of bots.

    The attacking computers are claiming that their source address is that of the person they want to attack; they request a large DNS file; the DNS server sends its gigantic response to the victim (who has been impersonated).

    The DNS server CANNOT realize that the source IP was forged without sending additional traffic. The ISP however CAN, since they know what IPs should reside at each edge of their network, and all they have to do is block those forged addresses, and every single amplification-based DDoS goes away.

  6. Re:Why are people not being alerted? on Misconfigured Open DNS Resolvers Key To Massive DDoS Attacks · · Score: 3, Informative

    Because the DNS servers are doing nothing wrong.

    The problem is that people can spoof source addresses (because ISPs arent stopping it). Fix this issue, and youll still have to worry about any of a million other scenarios where a small request gets a lot of data back.

    All you have to do is make sure source addresses are filtered when they hit the ISP, and the huge majority of these issues (as well as being able to cloak where an attack came from) go away.

  7. Re:By Design on Misconfigured Open DNS Resolvers Key To Massive DDoS Attacks · · Score: 2, Insightful

    Can someone explain how a DNS server can check source address validity? Is it going to fire off more packets to that source address (worsening the DDoS) or what?

  8. Re:Accidentally, or not? on Misconfigured Open DNS Resolvers Key To Massive DDoS Attacks · · Score: 3, Informative

    A DNS server has no way of verifying whether the source address is valid. Only the ISP who provides access to the originator of the traffic can do that.

  9. Except, we have historical records which indicate that it was NOT interpreted by man in the process of copying. As part of a term paper I am currently studying Eusebius' church history, and he has several comments which reinforce the view that the Bible has remained 99% static since the NT was drafted, and we have records going further back vouching for the OT.

    The claim that there is no authority but man's behind it assumes that christianity is wrong, there is no God, etc, which seems to me to be begging the question.

  10. Jesus rooted marriage in the creation of two genders, and the rest of the bible had plenty to say on the topic. You will note that Jesus affirmed the pentateuch as being fully authoritative as the word of God, and that both Leviticus and Deuteronomy speak of incest and homosexual intercourse in moral, not ritual, terms.

    Arguments like this suppose that if Jesus doesnt specifically say something is wrong, he must have been OK with it. Jesus never condemned prostitution, either, but its pretty clear from his teachings that the prostitutes who followed him were counted as children of god IN SPITE of their sin, not because of it.

  11. If you are implying that "homosexuality as a disqualifier" isnt in the bible, you will find you are very incorrect.

    For example, 1 Timothy 3:12 (on qualifications for overseers) mentions "the husband of but one wife", and that phrase isnt isolated. A number of time a lists of sins-- some sexual-- are mentioned, and homosexuality is mentioned in them (some will debate in perhaps one instance that the term is "effeminate", but again-- these are not isolated passages).

    Most fundamentally, when speaking on divorce, Jesus points the pharisees straight back to creation, and ties marriage, gender, and sex together as an indication of what the "norm" is. "Male and female he created them", for the purposes of becoming "one flesh" in a commitment that is not to be "put apart [by man]"; theres not many ways to read that that would allow for anything other than sex, in marriage, between a single man and a single woman.

    My church (and probably most other evangelical churches) would likewise disqualify anyone who was engaged in adultery or incest, for roughly the same reasons.

  12. Re:Slavery? on The Man Who Sold Shares of Himself · · Score: 1

    That sounds correct; thanks for fact checking.

  13. Re:Slavery? on The Man Who Sold Shares of Himself · · Score: 1

    Then move to virginia. You will establish residency in 12 months, and benefit from a state with some of the best schools in the country (primary, secondary, and university) and a great job market. Average rent in the DC metro area with 2 roomates hovers around $7200 / year, but you can easily halve that if youre willing to tough it for a while.

    So for an extra $15k (4 years of rent), you pay $30k for school rather than the 80k for school you are recommending (plus, I would assume that rent isnt free in florida, either). That sounds like good sense, to me.

  14. Re:Hammered on When Your Data Absolutely, Positively has to be Destroyed (Video) · · Score: 1

    If its a laptop drive, a quick thwack with the handle of a screwdriver will result in the platters shattering in a satisfying manner. I might recommend covering the platter with paper, unless you enjoy shrapnel going every which way.

  15. Formats (in Windows) do not delete anything except perhaps the file table. Even a "full format" just does a normal format, after full disk surface check (which is why it takes so long).

    And Id assume he didnt mean "low level format", because those generally make your drive unusable.

  16. Do you have evidence that any of the failed SHA-3 candidates are crackable? Because security is about a whole lot more than "addressing confirmed threats".

    Magnetic domains remain on overwritten harddrives, this is indisputable. The only question is whether anyone has the capability to recover data from them; but assuming "nah, its too difficult" seems to be making a whole lot of assumptions about tomorrow's technology.

  17. Information of some kind is left on those hard drives, and I do not know that anyone has proven one way or the other that the information can be used to recover the original data.

    But last I checked, "Good security" wasnt "theres definately a side-channel here, but I think we can ignore it because noone's abused it YET".

  18. Re:Slavery? on The Man Who Sold Shares of Himself · · Score: 1

    He cant. The only case I am aware of something like that could happen, is that those debts could affect his estate; Im not an expert but I expect creditors would be first in line ahead of your family, regardless of what your will says.

  19. Re:Slavery? on The Man Who Sold Shares of Himself · · Score: 2, Insightful

    In state tuition-- at least in virginia, and quick research indicates this is not unusual-- does not generally require years of debt @ 7%. I borrowed from my parents, and paid it off in ~15 months, if I recall, having taken jobs waiting tables and made roughly ~1/2 of the money back. This was from a technical school which cost for 1.5 years roughly the same as it would have cost for 4 years at an in-state college.

    Right now, a virginia resident could attend UVA, VA Tech, JMU, GMU, or W&M for ~ $6000 / semester. You could do your Freshman and Sophmore years at VCC (community colleges) for ~ $1600 / semester; your entire degree would hit roughly $30,000, over the course of 4 years. As a waiter, I was able to pull in $15,000 / year, at a fairly standard restaurant. Working summers even as a maintenance guy would pull in ~$2000 (2002 dollars), so worst case you are ending your school career with $22,000 in debt, and more likely (if you can pull your weight as a waiter) something like $15,000 of debt.

    You CANNOT tell me it is an impossible feat to get a degree and pay your debt off, unless you are insisting on a school choice that is completely irresponsible.

  20. Re:Slavery? on The Man Who Sold Shares of Himself · · Score: 2

    I never had to take out a student loan. Might have had something to do with going to in-state schools, and working part time.
    I believe my parents took roughly the same course.
    And I have a fairly good job.

    Part of the problem is this ridiculous mentality that you cant get a job if your degree wasnt from Georgetown. Sure, you can.... youll just have substantially less debt and perhaps a slightly lower salary. But hey, if you want to gamble on years of debt on the off chance your salary will be a few thousand per annum higher, go for it. Just dont complain that anyone caused the problem but you.

  21. Re:Slavery? on The Man Who Sold Shares of Himself · · Score: 1, Troll

    You're complaining that people borrow huge sums of money voluntarily, interest free for several years, and that there are societal and legal restraints which obligate them to repay it?

    "Entitlement mentality", not servitude.

  22. Utterly irrelevant, but this

    cannot be both pink and invisible at the same time; it has to be visible to have a colour

    Is not true, unless you define "color" to mean "perceived color". I tend to think, however, that something pigmented green remains green whether or not I can see it.

  23. God filled his book with logic traps to trick the people who want to believe in him?

    If you cant figure out when figures of speech, symbolism, metaphor, and literalism are being used in literature, I might wonder whether you ever finished school, and if you did how you got through English Lit. It requires advanced techniques such as "recognizing context" and "recognizing genre".

    Yes, the terrible truth is that reading the bible as with any other work beyond a 4th grade level requires some degree of critical thinking and reasoning power. Its your call if you want to claim that that places it out of the reach of the average person, but I tend to believe it does not (unless they are being intentionally dense in an attempt to ridicule).

  24. So those statements like "fuck christians"-- bigotry, or not? The statements saying "Christians are stupid" or whatever, do they fit into your classification?

    Im sure if i spent enough time digging through the muck of slashdot comments I could come up with countless examples towards christians, and strangely few from them. Yet of course the bigotry is on our end, right?

  25. No, he means that GP was acting in the hateful manner he was so eager to accuse us of.