WIRC is not inherently insecure (or secure.. it's just a chat protocol), and is a popular means of talking with other admins for example. I use it for development purposes every day.
There's absolutely nothing to stop $virus_of_the_week using port 80 instead of port 6667. You're solving nothing by blocking a port like that.
Limit sshd so it can only send the WOL command... or even better just have the router listening on a port for a command. No need to expose the entire CLI for a simple operation.
You don't need external router access for that. Setup a port that when given a specific string, like 'wakeup' automatically sends a WOL to the computer, and does nothing else. Worst a hacker can do then is wake your computer up.
To avoid dictionary scan attacks I rate limit SSH via iptables to 15 attemps every 5 minutes per IP. The average dictionary scanner quickly gets on the blacklist and ends up being ignored until it goes away. In theory they could come back over 2-3 days very slowly, but I've never seen that happen. And our passwords are all complex enough to avoid dictionary attacks anyway.
I've had the same problem with ssh keys.. I frequently need access from external sites where there's no possibility using such a key.
It probably is (most cheap routers are) but it doesn't matter. Default firmwares for consumers routers don't have shells, let alone root ones.
This affects 3rd party firmwares.. DD-WRT and the like, that offer shell access. Further it requires that you open that access to the world (which isn't the default on any version I've seen).
I have an 885, which is basically the same model.. it keeps going flat due to the crappy design of the charger - doesn't fit on the base and has to have a book sat on top of it to charge. So it's not perfect (if you bought yours in the last 6 months I heard they fixed that little design flaw.. but IMO it should never have left the factory with an issue like that in the first place).
OTOH a smartphone will keep going flat because - well that's what smartphones do.. they're not designed to be away from power for more than a few hours. So it's about even.
I can see broadcast TV dying, once the internet gets fast enough to handle the realtime traffic (it's *nowhere near* that now - when everyone in your street can stream at least 1080i in real time without any congestion on the network.. then it'll start to happen).
There's already a device out for about a year now.. the IR2BT have one under my PS3. It takes the IR and relays it to bluetooth, exactly the way the logitech one does.
That's Logitech - the hardware is great.. Logitech have screwed up the functionality so far in the name of making it 'simpler' I've not dared plug mine into the PC for months.. every upgrade breaks something that was working perfectly well so far (the last upgrade I used broke the ability to select certain channels when they removed the ability to send multiple commands on one button, meaning I have to do that manually now).
Their software is also hosted on their website via some bastardized java/javascript/native code combination and it was designed by someone that really hates their customers.
For me Science Fiction means any narrative or story set in a world at a higher technological stage than us.
Some of the best scifi is just us, with something thrown in to upset the applecart. eg. the early Asimov robot books were just 20th century earth plus positronic brain. Stuff like Stargate SG1 started like that too.. just us plus wierd alien device. Arthur C Clarke was the master of this, with books like Rendezvous with Rama (which was and still is one of my favourite books... just don't mention Gentry Lee or I may get violent).
Nobody checks signatures.. that's why many countries went to pin entry.
Of course pins are just as bad..
1. If someone gets your pin they can reproduce it 100% accurately every time, unlike a signature. Since a pin is only 4 characters it's trivial to remember. 2. Many transactions don't use the pin - the local supermarket auto checkout doesn't require a pin, only the card. Also all the cities car parks are the same. 3. When you're paying for something how do you know they aren't skimming the card (90% of shops still take the card off you an scan it through the till, even though apparently they're not supposed to any more) and storing the pin in a computer under the till?
IMO the pin should be a string of beetween 10 and 20 digits. Much harder to for someone to shoulder surf. All transactions should require the pin, otherwise the transaction isn't valid.
I had this conversation with my own ISP and it was something like:
1. They won't take the IWF list unless forced 2. If they are forced to pay for it they won't use it 3. If they are forced to use it they'll provide workarounds
The IWF won't tell *anyone* what's on the list - not even ISPs that are supposed to be using it, and not the websites that are potentially blocked. It really wouldn't surprise me if there were a few on there for political reasons.
You think you've got it bad. At least NatGeo makes sense.
In the UK we've had to suffer a whole list of these name changes.
We had a repeats channel... UK Gold. Not great, but it was well known and to most people made sense as a name. This changed its name to.... Dave. (yes seriously they thought that was a good name for a channel). They stripped out half the programmes and left endless repeats of the same two or three series. Not content with having a +1 channel, the same execs who came up with the first name decided to name the second one 'Dave Ja Vu'. How we laughed. Not. The History channel, UK history, just changed its name to 'Yesterday' and started showing endless repeats of the Antiques Roadshow, thus ensuring it's entirely lost its previous audience base.
Our Scifi channel isn't as bad as yours, as it hasn't attempted to show wrestling yet. It's well known for crappy B movies though.
TVs in store are deceptive. They have the colours the store lighting set just right to make the set look great *in that environment* - but tell you nothing about how they'll look in a normal house with normal lighting.
As this is the UK failure within 6 months is considered to be a manufacturing fault and covered under SOGA, and the manufacturers guarantee is normally at least a year and often 2-3 years.
So these extended warranty statistics.. do they discount all failures before the manufacturers warranty ran out? I highly doubt it.. because if something electronic is going to fail it will generally fail early or last for years.
As stated above, when a laptop is older than that it's probably cheaper to buy it on ebay anyway. The extended warranty never really makes sense.
Slashdot Mirror
Their first demo is Crysis. They say they're going to compete head on with the console makers
This is 100% aimed at gamers. It'll fail.. for reasons pointed out by many people.
In other words they were playing over a carefully setup gigabit LAN.
Hell, *I* could set something up that would work acceptably in that environment given a day or twos notice. Can I have my million of VC money now?
They're demoing Crysis on it... Over a (presumably) gigabit LAN with little or no contention... and the press are, as usual, falling for it.
Over the internet it has epic fail written all over it.
WIRC is not inherently insecure (or secure.. it's just a chat protocol), and is a popular means of talking with other admins for example. I use it for development purposes every day.
There's absolutely nothing to stop $virus_of_the_week using port 80 instead of port 6667. You're solving nothing by blocking a port like that.
And that will help how exactly?
It's just as easy to expose web/ssh to the internet and set an easy password on m0n0wall. Stupid users will always be stupid users.
Limit sshd so it can only send the WOL command... or even better just have the router listening on a port for a command. No need to expose the entire CLI for a simple operation.
You don't need external router access for that. Setup a port that when given a specific string, like 'wakeup' automatically sends a WOL to the computer, and does nothing else. Worst a hacker can do then is wake your computer up.
I remember that VMS password generator from college... It gave you a list of passwords, all incomprehensible line noise, and asked you to pick one.
The problem with a password that complex is even you won't be able to guess it next time around.. perfectly secure, but not exactly useful.
To avoid dictionary scan attacks I rate limit SSH via iptables to 15 attemps every 5 minutes per IP. The average dictionary scanner quickly gets on the blacklist and ends up being ignored until it goes away. In theory they could come back over 2-3 days very slowly, but I've never seen that happen. And our passwords are all complex enough to avoid dictionary attacks anyway.
I've had the same problem with ssh keys.. I frequently need access from external sites where there's no possibility using such a key.
It probably is (most cheap routers are) but it doesn't matter. Default firmwares for consumers routers don't have shells, let alone root ones.
This affects 3rd party firmwares.. DD-WRT and the like, that offer shell access. Further it requires that you open that access to the world (which isn't the default on any version I've seen).
You don't need ssh to the router to do that. ssh to a machine behind the router.
I struggle to think of a legitimate reason to allow remote access directly to a router, to be honest.
Does it matter? Small amount of energy in -> large amount of energy out = profit!
I have an 885, which is basically the same model.. it keeps going flat due to the crappy design of the charger - doesn't fit on the base and has to have a book sat on top of it to charge. So it's not perfect (if you bought yours in the last 6 months I heard they fixed that little design flaw.. but IMO it should never have left the factory with an issue like that in the first place).
OTOH a smartphone will keep going flat because - well that's what smartphones do.. they're not designed to be away from power for more than a few hours. So it's about even.
I can see broadcast TV dying, once the internet gets fast enough to handle the realtime traffic (it's *nowhere near* that now - when everyone in your street can stream at least 1080i in real time without any congestion on the network.. then it'll start to happen).
There's already a device out for about a year now.. the IR2BT have one under my PS3. It takes the IR and relays it to bluetooth, exactly the way the logitech one does.
That's Logitech - the hardware is great.. Logitech have screwed up the functionality so far in the name of making it 'simpler' I've not dared plug mine into the PC for months.. every upgrade breaks something that was working perfectly well so far (the last upgrade I used broke the ability to select certain channels when they removed the ability to send multiple commands on one button, meaning I have to do that manually now).
Their software is also hosted on their website via some bastardized java/javascript/native code combination and it was designed by someone that really hates their customers.
There's actually only two or three, and a Harmony will do most of them.
For me Science Fiction means any narrative or story set in a world at a higher technological stage than us.
Some of the best scifi is just us, with something thrown in to upset the applecart. eg. the early Asimov robot books were just 20th century earth plus positronic brain. Stuff like Stargate SG1 started like that too.. just us plus wierd alien device. Arthur C Clarke was the master of this, with books like Rendezvous with Rama (which was and still is one of my favourite books... just don't mention Gentry Lee or I may get violent).
Go and learn some english kid. There are not two negatives in that sentence.
Nobody checks signatures.. that's why many countries went to pin entry.
Of course pins are just as bad..
1. If someone gets your pin they can reproduce it 100% accurately every time, unlike a signature. Since a pin is only 4 characters it's trivial to remember.
2. Many transactions don't use the pin - the local supermarket auto checkout doesn't require a pin, only the card. Also all the cities car parks are the same.
3. When you're paying for something how do you know they aren't skimming the card (90% of shops still take the card off you an scan it through the till, even though apparently they're not supposed to any more) and storing the pin in a computer under the till?
IMO the pin should be a string of beetween 10 and 20 digits. Much harder to for someone to shoulder surf. All transactions should require the pin, otherwise the transaction isn't valid.
Not by law.. a debit card has no more protection than a cheque.
The bank *may* choose to reimburse you for such thing, but you're far safer using a credit card.
I had this conversation with my own ISP and it was something like:
1. They won't take the IWF list unless forced
2. If they are forced to pay for it they won't use it
3. If they are forced to use it they'll provide workarounds
The IWF won't tell *anyone* what's on the list - not even ISPs that are supposed to be using it, and not the websites that are potentially blocked. It really wouldn't surprise me if there were a few on there for political reasons.
You think you've got it bad. At least NatGeo makes sense.
In the UK we've had to suffer a whole list of these name changes.
We had a repeats channel... UK Gold. Not great, but it was well known and to most people made sense as a name.
This changed its name to.... Dave. (yes seriously they thought that was a good name for a channel). They stripped out half the programmes and left endless repeats of the same two or three series.
Not content with having a +1 channel, the same execs who came up with the first name decided to name the second one 'Dave Ja Vu'. How we laughed. Not.
The History channel, UK history, just changed its name to 'Yesterday' and started showing endless repeats of the Antiques Roadshow, thus ensuring it's entirely lost its previous audience base.
Our Scifi channel isn't as bad as yours, as it hasn't attempted to show wrestling yet. It's well known for crappy B movies though.
TVs in store are deceptive. They have the colours the store lighting set just right to make the set look great *in that environment* - but tell you nothing about how they'll look in a normal house with normal lighting.
As this is the UK failure within 6 months is considered to be a manufacturing fault and covered under SOGA, and the manufacturers guarantee is normally at least a year and often 2-3 years.
So these extended warranty statistics.. do they discount all failures before the manufacturers warranty ran out? I highly doubt it.. because if something electronic is going to fail it will generally fail early or last for years.
As stated above, when a laptop is older than that it's probably cheaper to buy it on ebay anyway. The extended warranty never really makes sense.