If his account was actually hacked, he would no longer have access to it.
C'mon slashdot, I expected better than this from you. Some bullshit blog says this, OK fine, whatever, they don't know shit about technology. But I thought we at least pretended to know what the fuck we were talking about on slashdot.
Is a checkin without human interaction something that is in use generally?
I have not encountered it, but it isn't really any less safe, all the person at the counter does is slap a sticker on it and put the bag on a conveyer belt. Any inspection they do of the bag is only caused by the fact they have to look at the bag to move it, the same thing chukers in the back will be doing anyway. Only a random selection of bags are searched between the counter and the plane, and you find a lovenote from the inspectors in your bag when you claim it.
You can make anything hack-proof. Just take it offline - this is what Sony has done. If you're online, you're providing a service. That service needs provide access to resources to users. If the attackers are after the resources vital to providing the service, the service has to be secure and have strong autnenticaiton/authorization systems.
Basically, they could have the most secure servers in the world, 100% hack proof servers as long as they're not running PSN, and the servers can't do anything that isn't vital to running PSN. But if the vulnerability is in PSN, once they start serving PSN they're no longer secure.
VMs can add boundaries to some infrastructure, PSN could possibly use better boundaries in its design, but VMs wont provide it.
Come on you guys, this is just crap meant to get site hits and nothing else. Do you really, honestly think a multi billion dollars worldwide company thats been around as long as sony would be running old software with no protection? Idiots.
Yes, we do. Because we've either witnessed it first hand or heard the reports of when it happens time and time again.
To get large and old, a company doesn't have to do anything other than keep costs significantly below revenue for a sustained length of time. Its possible to do that by without the boys in the basement being on top of their game.
I do pay for my own services. And if my neighbor is too cheap to pay for theirs, I don't care. Let them have at it.
Whats all this talk of 'leeching'? Who really cares? I don't need to hoard the portion of my monthly bandwidth allotment that I never use. If I've got it, someone should be using it.
I don't know what your experience is, and I certainly don't mean to disparage senior citizens here, but I'd be hard pressed to think of a group that is more *out of touch* with technology than the GOP.
There is hope. They've started trolling for sex on Craigslist, its a start.
They almost certainly had that info on separate systems. Why else the "Billing address, password questions, and credit card info may also have been taken." disclaimer. If the information had been on the same system they would have been sure..
Not necessarily. If the exploiters were just using the exploit to download as many games as they wanted, they may have overlooked or not cared about the billing data sitting on the same system. Sony doesn't know for sure that they accessed it, just that they could have. The "may" means the attacker could have accessed it, they just don't know for sure.
This is exactly the attitude I was afraid of. If sony was even mildly competent at security, nothing that could be done client-side from a console could be used to escalate privileges as radically as these people have.
Just because I can write software for my computer doesn't mean that I can exploit steam as thoroughly as PSN has been. The guys at sony don't have a lick of sense when it comes to network security. This is not geohot's fault.
This is not about "old media", this is about knowing that the person you contract with to provide a service is actually providing you that service (in this case license rights).
Is it just me, or is it hilarious that he's bitching about competing products that don't inter-operate while advocating for linux? Don't get me wrong, I like me some linux, but there are such big incompatibilities that we have different distributions (which is not a bad thing! I'm just putting it out there). Hell, I even remember seeing on slashdot (maybe reddit?) a link to a post from one of the Debian PERL guys that amounted to "Don't use the CPAN installer, let me know and I'll get that package in a.deb lickity-split".
Yes, OS X has more than one package manager. But of the three, I know that at least two of them have fundamentally different philosophies on how the package management on mac should work. Of course they're not going to inter-operate when one tries to use the apple-supplied utilities when they exist and the other is shipping its own version of the dependencies.
This guy has unrealistic expectations and seems to ignore the realities of the current state of the computer world to trash OS X with an argument that boils down to "I tried to do development in an environment that isn't the same as production. I was so upset to find out that my development environment was different than my production environment that I wrote this blog post trashing the development environment I chose!"
In this day and age developers need IDEs to test out CSS.
I thought you were being sarcastic at first. I do it all the time, as a ":w" in vim followed by an F5 and it isn't an annoyance at all. If it was, I'd write a script using IO notify to automatically force firefox to refresh on filechanges, but as it turns out, I don't need that kind of constant feedback.
Whats so new about "this day and age" that we "need" to have immediate feedback? Is it that the days of "I know enough about my tools and code that I'm reasonably confident of what the output will be, so I don't need to waste the time constantly double checking the output" are over?
This is very much in violation of the spirit of Open Source.
This is lawyer speak for "they're not doing what I want, and have no obligation to". The "spirit of open source" argument is bullshit anyways, open source is more than GPL. I release under BSD, and it is against the spirit of that license when some prick repackages it under GPL but I gave up the right to complain when I slapped the BSD sticker on it.
I know this is a bit of a tangent, but how prevalent is the use of VPNs in china? What is your reading on how many people who want to get around the great firewall, are actually trapped by it?
Actually it was pretty damn direct. I posited my assumption rather than ask for conformation. Don't worry about not understanding my first post, being bad at English makes it easier to identify shills such as yourself, and for that we thank you.
How is this surprising? Western are not communist country they are democracy. They will not hesitate to bring military actions against other people in order to bring them back into line (read headlines news now!). You do business with the devil (to get oil) and somewere down the line your going to pay
The nice part is we can openly question our governments for doing so.
I'd say that's a bit of a false comparison. I'd be surprised if moot has even 1/4 of the business ambitions with his website than Zuckerburg does with his.
I'm not sure I agree, the GNU in the name commands seriousness, and dedication of the project.
Like the dedication to GNU/Hurd where they'll give up as soon as something better comes along?
It doesn't command seriousness or respect. gcc and linux both have gnu in their name, but most common users never see it. When I see GNU in a name, I don't think there are smart people are behind it because of the name, there are smart people behind plenty of non-gnu open source projects too, I just see shameless self promotion.
Frankly, outside of Free software communities, the GNU folks are acknowledged to do good work, but their brand is a bit of a laughingstock.
Its aims are going to be crushed by its terrible name. GNU Free Call is a mouthful that even I, knowing what the acronym means, don't like the sound of. If they want adoption they should quit their self-promotion-in-the-name and re-brand, even "GFC" would be a million times better.
Not the point. The point is that they should, and Stallman is trying to make that happen. I am not saying he is going about it in the best way (I'd would say that Eben Moglen is, more or less).
I'd go even further, listening to Stallman's bullshit makes people who care about freedom not care so much about software freedom.
It is not entirely true that you can't share files across apps: your contacts, photos, videos, music, ebooks (including PDFs) are accessible by any app that bothers to use them.
Thats cute. My android device just looks at the file-type and just asks me which of the applications that support it I want to use. Its got apis for the common data to share, but they know they can't be prepared for everything and a benefit greatly from their solution.
Slashdot Mirror
If his account was actually hacked, he would no longer have access to it.
C'mon slashdot, I expected better than this from you. Some bullshit blog says this, OK fine, whatever, they don't know shit about technology. But I thought we at least pretended to know what the fuck we were talking about on slashdot.
Is a checkin without human interaction something that is in use generally?
I have not encountered it, but it isn't really any less safe, all the person at the counter does is slap a sticker on it and put the bag on a conveyer belt. Any inspection they do of the bag is only caused by the fact they have to look at the bag to move it, the same thing chukers in the back will be doing anyway. Only a random selection of bags are searched between the counter and the plane, and you find a lovenote from the inspectors in your bag when you claim it.
You can make anything hack-proof. Just take it offline - this is what Sony has done. If you're online, you're providing a service. That service needs provide access to resources to users. If the attackers are after the resources vital to providing the service, the service has to be secure and have strong autnenticaiton/authorization systems.
Basically, they could have the most secure servers in the world, 100% hack proof servers as long as they're not running PSN, and the servers can't do anything that isn't vital to running PSN. But if the vulnerability is in PSN, once they start serving PSN they're no longer secure.
VMs can add boundaries to some infrastructure, PSN could possibly use better boundaries in its design, but VMs wont provide it.
Come on you guys, this is just crap meant to get site hits and nothing else. Do you really, honestly think a multi billion dollars worldwide company thats been around as long as sony would be running old software with no protection? Idiots.
Yes, we do. Because we've either witnessed it first hand or heard the reports of when it happens time and time again.
To get large and old, a company doesn't have to do anything other than keep costs significantly below revenue for a sustained length of time. Its possible to do that by without the boys in the basement being on top of their game.
I do pay for my own services. And if my neighbor is too cheap to pay for theirs, I don't care. Let them have at it.
Whats all this talk of 'leeching'? Who really cares? I don't need to hoard the portion of my monthly bandwidth allotment that I never use. If I've got it, someone should be using it.
I don't know what your experience is, and I certainly don't mean to disparage senior citizens here, but I'd be hard pressed to think of a group that is more *out of touch* with technology than the GOP.
There is hope. They've started trolling for sex on Craigslist, its a start.
They almost certainly had that info on separate systems. Why else the "Billing address, password questions, and credit card info may also have been taken." disclaimer. If the information had been on the same system they would have been sure..
Not necessarily. If the exploiters were just using the exploit to download as many games as they wanted, they may have overlooked or not cared about the billing data sitting on the same system. Sony doesn't know for sure that they accessed it, just that they could have. The "may" means the attacker could have accessed it, they just don't know for sure.
This is exactly the attitude I was afraid of. If sony was even mildly competent at security, nothing that could be done client-side from a console could be used to escalate privileges as radically as these people have.
Just because I can write software for my computer doesn't mean that I can exploit steam as thoroughly as PSN has been. The guys at sony don't have a lick of sense when it comes to network security. This is not geohot's fault.
This is not about "old media", this is about knowing that the person you contract with to provide a service is actually providing you that service (in this case license rights).
Is it just me, or is it hilarious that he's bitching about competing products that don't inter-operate while advocating for linux? Don't get me wrong, I like me some linux, but there are such big incompatibilities that we have different distributions (which is not a bad thing! I'm just putting it out there). Hell, I even remember seeing on slashdot (maybe reddit?) a link to a post from one of the Debian PERL guys that amounted to "Don't use the CPAN installer, let me know and I'll get that package in a .deb lickity-split".
Yes, OS X has more than one package manager. But of the three, I know that at least two of them have fundamentally different philosophies on how the package management on mac should work. Of course they're not going to inter-operate when one tries to use the apple-supplied utilities when they exist and the other is shipping its own version of the dependencies.
This guy has unrealistic expectations and seems to ignore the realities of the current state of the computer world to trash OS X with an argument that boils down to "I tried to do development in an environment that isn't the same as production. I was so upset to find out that my development environment was different than my production environment that I wrote this blog post trashing the development environment I chose!"
In this day and age developers need IDEs to test out CSS.
I thought you were being sarcastic at first. I do it all the time, as a ":w" in vim followed by an F5 and it isn't an annoyance at all. If it was, I'd write a script using IO notify to automatically force firefox to refresh on filechanges, but as it turns out, I don't need that kind of constant feedback.
Whats so new about "this day and age" that we "need" to have immediate feedback? Is it that the days of "I know enough about my tools and code that I'm reasonably confident of what the output will be, so I don't need to waste the time constantly double checking the output" are over?
posting to kill a mis-clicked comment moderation
This is very much in violation of the spirit of Open Source.
This is lawyer speak for "they're not doing what I want, and have no obligation to". The "spirit of open source" argument is bullshit anyways, open source is more than GPL. I release under BSD, and it is against the spirit of that license when some prick repackages it under GPL but I gave up the right to complain when I slapped the BSD sticker on it.
Basically, quit bitching.
My VPN services are being attacked as well.
It's real and it's real bad.
I know this is a bit of a tangent, but how prevalent is the use of VPNs in china? What is your reading on how many people who want to get around the great firewall, are actually trapped by it?
Beating around the bush?
Actually it was pretty damn direct. I posited my assumption rather than ask for conformation. Don't worry about not understanding my first post, being bad at English makes it easier to identify shills such as yourself, and for that we thank you.
How is this surprising? Western are not communist country they are democracy. They will not hesitate to bring military actions against other people in order to bring them back into line (read headlines news now!). You do business with the devil (to get oil) and somewere down the line your going to pay
The nice part is we can openly question our governments for doing so.
So how much do you make as an internet shill for your government? If language skills at your level are good enough to get the job, I'd be a shoo-in.
http://www.youtube.com/watch?v=k5QqYVurImY&feature=player_embedded
Why would you pay for news? Perhaps because you value journalism?
Pretty much, this is why I'm subscribed to the local paper even though I just read the copy at work.
At that price its cheaper for home delivery of the print edition 7 days a week.
>Remind me, which one is the billionare?
I'd say that's a bit of a false comparison. I'd be surprised if moot has even 1/4 of the business ambitions with his website than Zuckerburg does with his.
I'm not sure I agree, the GNU in the name commands seriousness, and dedication of the project.
Like the dedication to GNU/Hurd where they'll give up as soon as something better comes along?
It doesn't command seriousness or respect. gcc and linux both have gnu in their name, but most common users never see it. When I see GNU in a name, I don't think there are smart people are behind it because of the name, there are smart people behind plenty of non-gnu open source projects too, I just see shameless self promotion.
Frankly, outside of Free software communities, the GNU folks are acknowledged to do good work, but their brand is a bit of a laughingstock.
Its aims are going to be crushed by its terrible name. GNU Free Call is a mouthful that even I, knowing what the acronym means, don't like the sound of. If they want adoption they should quit their self-promotion-in-the-name and re-brand, even "GFC" would be a million times better.
Not the point. The point is that they should, and Stallman is trying to make that happen. I am not saying he is going about it in the best way (I'd would say that Eben Moglen is, more or less).
I'd go even further, listening to Stallman's bullshit makes people who care about freedom not care so much about software freedom.
It is not entirely true that you can't share files across apps: your contacts, photos, videos, music, ebooks (including PDFs) are accessible by any app that bothers to use them.
Thats cute. My android device just looks at the file-type and just asks me which of the applications that support it I want to use. Its got apis for the common data to share, but they know they can't be prepared for everything and a benefit greatly from their solution.