Slashdot Mirror


User: LordLimecat

LordLimecat's activity in the archive.

Stories
0
Comments
10,208
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 10,208

  1. Re:It would be fair... on Unlocking New Mobile Phones Becomes Illegal In the US Tomorrow · · Score: 4, Interesting

    Im not clear here, unlocking is specifically for joining a new carrier, correct? TFS indicates that fulfilling your contract would allow you to unlock your phone, and if you havent fulfilled your contract Im not seeing how you could have unlocked your phone anyways without breaking contract.

    From TFA

    Other people just like the freedom of being able to switch carriers as they please.

    Which you cant do, nor should be able to on contract-subsidized phones, until the contract term is complete; however you could always

    .... pay full-price for a phone, not the discounted price that comes with a two-year service contract, to receive the device unlocked from the get-go.

    Can someone clarify what the actual issue is?

  2. Re:Copper owner owes a refund on German Federal Court Rules That Internet Connection Is Crucial To Everyday Life · · Score: 1

    I have never seen a residential phone / tv / internet subscription which came with any sort of substantial SLA.

  3. Re:A strange game.... on North Korea Announces 3rd Nuclear Test, Anti-US Aims · · Score: 1

    And what pray tell are the dire consequences of the vote that they approved? Has it materially affected N Korea's fortunes?

    If not, tell me exactly what the significance of China's vote is other than PR?

  4. Re:A strange game.... on North Korea Announces 3rd Nuclear Test, Anti-US Aims · · Score: 4, Insightful

    There could be many motives behind that, and it does not necessarily mean that China is upset about the launch.

    There could, for example, be value in privately encouraging an aggressive stance towards the US while publicly declaring a more neutral stance. For one, it doesnt burn all your bridges at once.

  5. Re:Oh be honest ... on CTO Says Al-Khabaz Expulsion Shows CS Departments Stuck In "Pre-Internet Era" · · Score: 1

    Look, its very simple. Intent matters as you mentioned, and there are mitigating factors, but at the end of the day this guy accessed systems in an unauthorized manner which generally falls into "attack" territory. The above can be used as defenses, but youre already in trouble at that point.

    The very simple answer is that this guy made a bad decision, though perhaps he did not know better. Now he does, and hopefully will not repeat the mistake. We could discuss all day whether he should be allowed or could be allowed or whether the laws are right, but in the world we live in scanning a company that does not want to be scanned (as in this case) can very easily land you in trouble and pretending otherwise wont change things.

  6. Re:Oh be honest ... on CTO Says Al-Khabaz Expulsion Shows CS Departments Stuck In "Pre-Internet Era" · · Score: 1

    He was not in the least authorized to run vuln scans. IANAL but most experienced network guys you will talk to (including the nmap guys) will tell you, dont do it without explicit approval.

    Unless youre a lawyer, probably best not to post things like you did, lest someone take it as actual advice and end up in a whole heap of trouble.

  7. Re:Generally considered? on CTO Says Al-Khabaz Expulsion Shows CS Departments Stuck In "Pre-Internet Era" · · Score: 1

    Fuck that. What he did exposed the incompetence of Skytech,

    In a way thats generally considered illegal, yes.

  8. Re:oh get real... on CTO Says Al-Khabaz Expulsion Shows CS Departments Stuck In "Pre-Internet Era" · · Score: 1

    Running penetration tests on random companies' resources without prior authorization is a really bad idea, and perhaps this guy is lucky that expulsion is as far as it went.

    "Hackathons" refer to coding sessions, which is a completely different usage than how it is being used here.

  9. Re:oh get real... on CTO Says Al-Khabaz Expulsion Shows CS Departments Stuck In "Pre-Internet Era" · · Score: 5, Insightful

    From the article:
    Two days later, Mr. Al-Khabaz decided to run a software program called Acunetix, designed to test for vulnerabilities in websites.....
    A few minutes later, the phone rang ......It was Edouard Taza, the president of Skytech. He said that this was the second time they had seen me in their logs, and what I was doing was a cyber attack.

    Yea, see, this is why insecure.org has warnings to not run nmap against resources that you do not own: It is generally considered nefarious, ill-advised, and possibly illegal. Yes, pen-testing other people's stuff will land you in trouble. Should he have been expelled? Maybe not, since he was clearly trying to expose a vulnerability, but he should have known better and hopefully now he does.

    Probably also should not have signed that NDA and then gone on to break it, but then Im no lawyer. Probably should have just said "yea, I sign nothing till i have representation".

    If you do not have a job / contract with someone to pen-test, act as a "tiger team", check for physical security breaches, etc, DONT.

  10. Re:I consider that a pretty good analogy... on CTO Says Al-Khabaz Expulsion Shows CS Departments Stuck In "Pre-Internet Era" · · Score: 4, Insightful

    You know, we blame civil engineers when their buildings collapse,

    You dont, however, blame them when someone helpfully demonstrates that by taking out support pillar 3A with TNT that the building suffers catostrophic failure. I mean, yea, maybe you blame them a little, but generally you get pissed at the guy holding the detonator.

  11. Re:Redundancy on Researchers Achieve Storage Density of 2.2 Petabytes Per Gram of DNA · · Score: 1

    Correction: Was assuming a 9-disk RAID 0. I think the actual failure rate for 9-levels of nested RAID0, RAID1'd, would be
    99.99999999921383102043346279157%.

  12. Re:Redundancy on Researchers Achieve Storage Density of 2.2 Petabytes Per Gram of DNA · · Score: 1

    Something tells me you dont understand how RAID levels are designated.

    Hint: Noone in their right mind would run something named "RAID 1000000000", unless they didnt care in the least whether their data was retrievable.

    Hint 2: It has an array failure rate of ~14% over 3 years, assuming standard drive failure rate of 5% over 3 years. ( 1 - ( 0.95 ) ^ 9 ) ^ 2

  13. Re:Latency and bandwidth? on Researchers Achieve Storage Density of 2.2 Petabytes Per Gram of DNA · · Score: 1

    I think a hard drive would fare at least as bad in that scenario.

  14. Re:That is an ignorant response. on Mega Defends Its Security Practices · · Score: 1

    If a company says "get a court order or get bent", im not clear what recourse the gov't would have. They can ask nicely, and a company can comply, but that probably wouldnt go over too well with the CA if that ever leaked out (read: would utterly sink the CA).

  15. Re:Libel? on 'Bankrupt' Australian Surgeon Sues Google For Auto-Complete · · Score: 1

    Its a problem, but its not Google's problem. Take it up with the bankrupt Guy Hingston, not with public records or their keepers.

  16. Re:Well... on 'Bankrupt' Australian Surgeon Sues Google For Auto-Complete · · Score: 1

    Your complaint is that potential employers make bad assumptions and leap to conclusions based on what other people searched for on google.

    Explain to me again why this is google's fault or problem?

  17. Re:Well... on 'Bankrupt' Australian Surgeon Sues Google For Auto-Complete · · Score: 1

    Google isnt doing anything except saying "most people searching for 'Guy Hingston' also search for 'Guy Hingston bankruptcy'". This is a fact, and not one that google created or oversaw.

    As far as I am aware the telling of true facts is constitutionally protected, and regardless its not even a human saying it, just some statistics-bot in the search engine.

  18. Re:Well... on 'Bankrupt' Australian Surgeon Sues Google For Auto-Complete · · Score: 1

    Also, a manned e-mail address for general complaints and/or suggestions would help too. Currently, google is very hard to reach.

    You know what the classic solution to "Company X has poor customer service" is?

    Stop using their products.

  19. Re:easy to be forgotten on 'Bankrupt' Australian Surgeon Sues Google For Auto-Complete · · Score: 1

    Im just not clear where all of these rights keep coming from, it seems like a new one is invented every year. What gives me a right to be forgotten? Why dont others have a "right to remember"?

  20. Re:Well... on 'Bankrupt' Australian Surgeon Sues Google For Auto-Complete · · Score: 1

    Google is letting people see what other people searched for. That information is indeed correct. People are then forming invalid conclusions (that if someone searches for X, X must be a fact), but Im not clear why that would be Google's fault.

    I can see the concern, but I dont see any basis for pointing a finger at Google.

  21. Re:JavaScript local file access APIs on Mega Defends Its Security Practices · · Score: 1

    To be clear, the webserver is serving web pages just fine; its your browser / JS engine that is failing to interpret them properly.

  22. Re:That is an ignorant response. on Mega Defends Its Security Practices · · Score: 1

    Its not clear whether the US govt could MITM ssl (at least to me)-- DoD certs arent installed by default and Im not aware of any other gov't controlled root CAs that are generally installed by default.

    If Im mistaken, would be interested to know specific root CAs they control.

  23. Re:That is an ignorant response. on Mega Defends Its Security Practices · · Score: 3, Informative

    I mean any basic network now uses switch over hubs now, So traffic is routed more cleanly to the host system with less spots for you packet sniff

    Well, except for ARP poisoning, mirror ports, and in-line sniffers, sure.

    Who actually reads data packets anyways nowadays?

    You might be suprised. What do you suppose DPI is? You might be interested to know that even low-end firewalls like SonicWalls have a module for MITM-ing SSL on a network where you control cert installation. And rogue WiFi APs arent exactly rare.

    And as for "who", I might start with "China, a lot of middle-eastern countries, and probably a couple of US 3 letter orgs under certain circumstances". This stuff isnt hypothetical.

    I generally agree with your point-- that you cant just slap SSL on it and call it secure-- but you would be suprised how common packet inspection is.

  24. Re:put up or shutup time on To Open Source Obama's Get-Out-the-Vote Code Or Not? · · Score: 1

    AFAIK, the south had no constitutional basis for secession. You can argue the merits of their cause, but at the end of the day what they did was, from the perspective of the US Gov't, an illegal rebellion.

    Might be wrong on this, but if so please provide sources.

  25. Re:Let the bashing begin! on Microsoft Surface Pro Arrives Feb. 9 · · Score: 1

    Tablets 15 years ago were massively prone to breakage, had awful touch interfaces, had awful touch hardware, and were generally bad at everything they tried to be.

    How many people have you seen with iPads and keyboards? What do you suppose those keyboards are for, if not "office-y" stuff? You dont think having the full MS Office available for surface (and built in by default) will have an effect here?