Slashdot Mirror


User: Ol+Olsoc

Ol+Olsoc's activity in the archive.

Stories
0
Comments
16,205
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 16,205

  1. Re: Let me on Google Details Plan To Distrust Symantec Certificates (tomshardware.com) · · Score: 1

    How did you conclude it's the ISP? If Symantec and Arris enter into a partnership it's even possible you got bum router firmware from Arris.

    In a world where every device can be updated automatically at any time, any device can be updated at any time.

    But thanks for the correction.

    It wasn't the ISP. It was Arris and Symantec. But that was only confirmed by contacting Arris, and later Symantec.

    I wonder if slashdotters think that any webpage they go to is legit. If so, it brings some understanding to the number of security breaches like Equifax et al. Security like that is hard to find. Or not.

  2. As a security guy, I have found nearly all software designers, architects, "engineers", CS professionals, whatever they wish to call themselves to be little better than a gadget enthusiast when it comes to security. They are taught an attitude by many and reinforced by each other that knowing one level or area of information technology makes them competent at every aspect. It's like a physicist believing they are just as good as a chemist at chemistry because it's all physics in the end anyway.

    They are wrong. That's why an average system needs dozens of weekly patches. That's why modern software still falls victim to the same old exploits. That is why my field exists.

    So I should probably give thanks for security incompetence to be the norm among even the most veteran programmers.

    Okay, since all of the experts here on Slashdot are pillorying my for my stupidity, now that I have a security professional, I'd like a security professional's answer.

    You are sitting at a computer that has been functioning properly for a long time. Typical security procedures, an anti-virus, regular updates, firewall both on the computer and on the router.

    Now, instead of any internet access, when you open a browser, you get one screen only. An announcement that the router you are using's manufacturer and a sketchy internet security company have entered into a partnership to protect you.

    Three links on the page. Two do not work, or to be more precise a 400, with a bad certificate?

    Opening more tabs or windows gives you another screen like the first one. Bookmarks and typed URL's give you the same page. Nothing gets rid of the page that demands you click on a link to get internet access. Keeps coming back like Chucky.

    As a security professional, do you recommend clicking on the third link that they declare will give you internet access again? You will apparently get internet access again, but will you get anything else?

  3. Seeing browser hijack and concluding your machine was pwned isn't unreasonable. Injection by ISP is such sacrilege that it isn't something most techies would check as the first step.

    Exactly. https://en.wikipedia.org/wiki/... It is not unusual for a hijack to also install a keylogger, so at the time, this happened, I wasn't for certain that I wasn't totally pwned. Seriously unethical, and regardless, I had no internet access unless I either called Arris and got the shit turned off, or clicky clicky on a mysterious link that would install or do gawd knows what.

    What is a little surprising is self acknowledged experts who seem to think otherwise. I personally am interested in their motives.

  4. This isn't anything "on your computer," it's MITM javascript injection by your ISP. You didn't need to reimage your computer (and, in fact, that's unlikely to change anything), rather you need to opt-out, since they decided to opt you in. Also, you should probably either up your technical proficiency, or else stop "doing your own security."

    WTF, this is supposed to be a site for nerds. It says so right there at the top.

    Oh, dear, I'm getting a lecture. Lookie fellow, this transpired over time, and it was rather shocking that even McAffee, who don't have a lot of ethics to begin with, would hijack a browser.

    I'd have to first Know that McAffee and Arris had entered into this unholy matrimony, Then I'd have to not be suspicious of of links that gave me 1, bad certificates ( perhaps you as a self acknowledged genius like bad certificates) and the other link for the TOS, didn't show me anything.

    What they may or may not have had on my computer is irrelevant as week old smegma. If anything was there, it needed to go, The point is that all of my traffic was getting redirected and McAffee was then making a determination as to whether I could see it or not.

    So the computer gets re-imaged regardless, because I don't trust McAfee, and this little trick didn't make me feel warm and fuzzy either.

    But hey, you just click on the only link that would allow you to continue internet accss, and don't worry about the TOS that it doesn't allow you to see - sounds like expert level computer savvy to me. In the meantime, I've inherited 10 million USD, and need you to open an account in the Netherlands to deposit money for the unfortunate bribes that must be made to conduct business. So if you would please open the account, and deposit the amount of 10,000 dollars USA, you will be richly rewarded when the total amount of money comes through.

    Yours in Christ Jesus, Barrister Mutambo Ngumbo

    Sounds legit.

  5. Both the rough corncob and the dildo fromSeven is good!

  6. Let me on Google Details Plan To Distrust Symantec Certificates (tomshardware.com) · · Score: 3, Interesting
    Tell you about Symantec.

    I was working on the computer a few nights ago, I booted it up, and started my browser. Up pops a screen, that tells me that Symantec and Arris have entered into a partnership to keep me safe from Malware.

    Hmm, that's odd. I do my own security, and it works pretty well. And I want nothing to do with Symantec.

    I try opening a few other web pages in safari and then Firefox. Same thing happens.

    Crap - I think I've been nailed. Well, I have a good backup system. It will be a PITA, but whatever.

    So before I did that, I went back and looked at the browser hijack page. I click on the "why am I seeing this?" link. I get a certificate not valid. Shit. I click on the Terms of service link. Same thing. I try a few more random pages. Nothing works. And when you can't read the terms of service, something is really wrong. So I start to re-image the machine. This will take most of my evening away.

    I call Arris to tell them of the problem. And they tell me that this is a new feature they are rolling out to select customers.

    A few seconds while I absorb this. Then I tell them that anything that has anything to do with Symantec must be removed from my computer, and removed now! I told them their "service" presents as a browser hijack, I did not and would not sign any terms that I didn't accept when I bought the router, and if it wasn't gone immediately, I would box up the router, and return it to where I bought it, with a full explanation and review of the problem. So they then had to work with Symantec to kill what they had done.

    Sorry Symantec, take your browser hijack which won't let me access any websites unless I agree to terms that I cannot see, and bend over, and shove it up your anus as far as you can, using a pincone, then a baseball bat, and after that, a dildo covered with sandpaper.

  7. Re: The Russians. on What's Causing The Hurricanes? (yahoo.com) · · Score: 1

    Where did I blame the hurricane on the media? Where?

    Seriously? Re-read what you wrote in one of your sentences:

    Do you watch the media, or just read web sites that talk about it? They are bunch of whores. It's no wonder so many people stay behind.

    So what you are telling me is that if people die because they stay behind, it is the media's fault. After all if the media wasn't those bunch of whores, people would believe them. But since they are, people are willing to die for their beliefs.

    Look, I get it. you have need for a hate target, and you do not want at all to hear see or read about anything that does not fit with your world view.

    And just for your other question, I get my news from NPR, BBC, NBC, ABC, RT, MSNBC and Breitbart.

    You see, this is going to sound strange to you, but there is so much "news" in the world that any organization that presents news is going to have a bias, by simply choosing what to report in it's limited time and space to report it. Some of these sites and stations are obviously liberal, some conservative.

    I get my weather from NOAA, Accuweather, and TWC, but mostly NOAA.

    But what do you think about the Governor of Florida Rick Scott, who has been on the television frequently telling people to Get out? https://www.youtube.com/result... Is he a media whore? Or should he stand at a podium in an empty room and exercise his right to free speech, but in your utopia where people get tired of him ( as a whore of the media) they just stay there and die for their hatred of the media?

    And how long was it before the Hurricane was politicized? One second? Half a second?

    I well and truly don't give a damn Scarlett! If someone wants to blame the hurricane on Trump, or if someone wants to claim that gawd is punishing America for legalizing gay marriage, it's all just kooks to me. Trump, or Obama, or even gawd didn't cause the hurricane, it is weather. I do not allow kooks to determine my outlook or reaction unless one is threatening me with bodily harm.

    How long before it was "Oh here comes Trumps Katrina?"

    Once again, I have not a care to give. As noted before, there are kooks in this world. And one skates on terribly thin ice when listening to them. Because when we listen to them, we become kooks ourselves.

    How long before the global warming questions were raised? One quarter of a second?

    Once again, the idea in any sort of disaster is for safety people to keep people safe. It is possible that people might over react. It's also possible that the people who rescue people that are near their death might die themselves. But when you get a big hurricane, there might not be enough people to rescue people who need it. It was a big hurricane, covered the whole state, and you make the almost unbelievably irrational claim that people would stay there and that death as an acceptable outcome - because of "the media".

    A very close family member lost their house in Harvey and barely got out with their lives.

    And my sister who lives near Fort Meyers lost her place. What's your point? She listened to "the media" and bugged out. She's insured, and her and her pets are fine.

    Fuck off. You're an internet ass of the worst sort.

    Oh yes. I know myself. And I'm an asshole. If I might proffer some advice though, you might try not allowing others to dictate you you think and act. I don't. That is a big part of what makes me an asshole in many people's eyes. Once others can activate a core of hatred in a person, they can get you to act in ways that are counterproductive to your best interests. And when you think it is understandable that the media can somehow legitimately cause people to stay and very possibly die because of "the media", which is telling them - along with their governor - to leave, your core of hatred has been well and truly activated, and probably is in an advanced state. And you are being controlled by others. Have a nice weekend.

  8. Re:Deforrestation of the Amazon and more on What's Causing The Hurricanes? (yahoo.com) · · Score: 1

    You mean water. Or do you really mean hydrogen? From what should hydrogen get into coal? Hu? https://en.wikipedia.org/wiki/...

    Coal is 99% carbon and the rest is the dirt it was formed in. Perhaps you should read and try to comprehend the link you gave.

    Have the grace to at least admit when you are plain completely wrong. When you say it doesn't contain Hydrogen, to wit:

    "Coal does not contain hydrogen ... You should have figured that by now."

    We all make mistakes. Adults admit it when they do.

  9. Re:Deforrestation of the Amazon and more on What's Causing The Hurricanes? (yahoo.com) · · Score: 1

    Coal does not contain hydrogen ... You should have figured that by now ...

    Ohhttps://en.wikipedia.org/wiki/Coal Dude! you're going to get pilloried of that. I'll be nice and let you look at the link.

  10. Re:The Russians. on What's Causing The Hurricanes? (yahoo.com) · · Score: 1

    The weather has been screwed up ever since they let women in space.

    I heard it was the space shuttle smoke from the boosters.

  11. Re: The Russians. on What's Causing The Hurricanes? (yahoo.com) · · Score: 1

    Irma was the strongest in terms of number of days of sustained winds but NOT the strongest in terms of barometric pressure. But don't let those facts trip up the media's desperate need to push an agenda while throwing gasoline on every fire.

    Rush Limbaugh, is that you? Next time there is a hurricane, you are challenged to set up a chair on the beach and ride it out.

    After all, the whole thing is media hype. And the media's fault, so this is a triple dog dare you. If you won't, you don't have much conviction.

    By the way, the media wasn't let in on the 1900 Galveston Hurricaine, people were not told until the day before it hit. highest point on the island was 9 feet, and the storm surge was way over that. But no media hype your goal and your enemy, allowed 6000 people to die. But you probably think that's fake news, eh? Looking forward to your debunking of the media hype.

    What kind of asshole blames a hurricane on the media anyway?

  12. Re: While it charges.... on Leaks Reveal New Features In Apple's Next iPhone · · Score: 1

    I guess sometimes she feels like something smaller than what she's used to. Ayo....

    Boom! Well played, sir, well played indeed!

  13. Co-inky-dinks on How Proprietary Software Lets Companies Cheat (locusmag.com) · · Score: 4, Insightful

    I just posted on the thread about Equifax about how they identify more with hackers than customers. We have reached the bizarre and unsustainable state where in computing, the customer is simultaneously the customer, the product, and the enemy.

  14. Not going to happen on Equifax Breach Provokes Calls For Serious Data Protection Reforms (wired.com) · · Score: 1
    This will cost money - fail. This will require people who collect a salary - huge fail.

    People need to understand that the internet is not their friend. Places like Equifax identify more with the people who hack them than their customers.

  15. Re:While it charges.... on Leaks Reveal New Features In Apple's Next iPhone · · Score: 1

    You seem like the kind of asshole that trolls everyone. Not just ACs.

    Rarely, because AC's are much funnier when you troll them.

    And yes - I am an asshole, so it is no insult to me.

  16. Re:While it charges.... on Leaks Reveal New Features In Apple's Next iPhone · · Score: 1

    FWIW, I tend to skip a generation. Started on an iPhone 5, now have a 7.

    Ditto. Started with 3gs, kept it for 3 years and got a 5. Kept that for 3 years and got a 6s. The 6s battery kind of sucks, but I'll keep it until I really feel like I have to upgrade. You don't _have_ to upgrade every year or two.

    I try to explain this to people. You can have a lot more money in hand if you skip a generation of electronics, or keep your car longer, but I guess many people are like crows, and attracted to shiny objects.

    I've found the 7 to be a nice phone, even if it doesn't have the ancient headphone jack (guess I'm doing some trolling for AC's here) The 5 I traded in was nice too, but it was at one of those good deal times. My son is on our family plan, and he wanted a Samsung. And he paid more than I did even with his trade-in - oops, there I go trolling AC's again.

  17. Re: While it charges.... on Leaks Reveal New Features In Apple's Next iPhone · · Score: 1

    Right.

    So what you're saying is that what i-fanbois accuse a-fanbois of (bring unable to afford bdue to being poor, undoubtedly trotting out the "play store makes less money") is completely wrong.

    If you're either making it up, then you have a massive statistical anomaly on your hands. Most people don't upgrade every year (unless their carrier hides the true cost)

    I'm saying that there are fanbois on both sides, irrational people who need to hate because they need to hate, and just like anything else, their hatred serves some function.

    I don't hate any of them, but am astute enough tto know when people are acting like assholes.

  18. Re: 3x on Leaks Reveal New Features In Apple's Next iPhone · · Score: 1

    After blowing 600 to 1000 dollars, I'd feel hatred too

    That's because hatred is your core competency. I've never bought one computing device that ever did everything promised. But hey, if hatred makes you happy and helps you in your life, then by all means, hate hate hate. Try violence next, it is the natural progression.

  19. Re:3x on Leaks Reveal New Features In Apple's Next iPhone · · Score: 1

    You are expected to know this, because not to is blasphemy against the one great fashion.

    Expected by whom? Why do you care so much?

    Hatred of the other is a core competency of many humans.

    You can't just have an Android phone and enjoy it, your decision must reflect your superiority. You have to dehumanize the Apple user, expose them as having some terrible problem that causes them to purchase a terrible phone (does it even work, fam?) and declare them and the terrible product they use as your sworn enemy.

    Ford versus chevy, writ electronically.

    Meanwhile, I enjoy my iPhones, my Android tablets, my iMac, and my Linux machines, and even a Chromebook and Windows laptop. But actual daily use of a lot of devices and platforms can't stand against the need for hate, I've found

  20. Re:While it charges.... on Leaks Reveal New Features In Apple's Next iPhone · · Score: 1

    Well, they will need something to do while they are waiting to 'watch the battery fill up' when on wireless charging, since wireless generally charges at a fraction of the wires charge rates ;) They shouldn't have to watch and wait more than a few hours....

    Marketing beats technology, I guess. Horrible efficiency, and no other advantage other than fixing the first world problem of it being too much trouble to plug the phone in. The real answer to that problem is the venerable old charging dock. And it causes more problems, by putting components that should be in a charger - inside the phone.

    Which then creates conflicts with another marketing demand, longer battery life, as space is used by the second half of the charger now inside the phone.

    But hey, its a new iPhone! The media just cannot contain their gushing over any tiny change, because it just HAS to be revolutionary.

    While a nice meme, I read it as Apple "catching up"

    Still, a whole lot of people will no doubt suddently realise that their year or two old phone, that was working perfectly well last week is suddenly THE thing that is holding them back from climbing mountains on warm spring mornings with perfect model like looks, and rush out and purchase one.

    Most of my Android using buddies get a new phone once a year or less. Some complain about how much I spent for my iPhone, while ignoring that overall, they spend a hellava lot more than me.Apple versus Android, Chevy versus Ford. Its the same thing, except a lot of Android fans don't understand they are guilty of what they accuse Apple fanbois of doing.

    FWIW, I tend to skip a generation. Started on an iPhone 5, now have a 7.

  21. Re: Bobcat rental on An Intelligent Speed Bump Uses Non-Newtonian Liquid (businessinsider.com) · · Score: 1

    if people start destroying them or stealing them you can bet the regular old hard concrete speed bumps will be installed

    Finally, somone that has some understanding. You'll note that the assholes that drive like tools over the present ones can drive just as fast as they always do. I reccomend over 100 mph, you know, because speeding makes the wimminfolk really horny.

    But if these fools want to vandalize them, something more onerous might show up in their place.

  22. Re: Another failure of big government. on Equifax Breach is Very Possibly the Worst Leak of Personal Info Ever (arstechnica.com) · · Score: 1

    I suspect you're trolling.

    Equifax is a private company whose executives engaged in insider trading right after they discovered the breach. It will be another proof that our regulation light government doesn't have any teeth to deal with this appropriately.

    Ummmm - but her email?

  23. Re:Another failure of big government. on Equifax Breach is Very Possibly the Worst Leak of Personal Info Ever (arstechnica.com) · · Score: 1

    In what way is this a failure of big government?

    I'd actually assert that this is a failure of small government - in Europe where the government is bigger, there's regulations about what information these companies can store, how they must store it, and what the penalty is if they fail to do so.

    Its the cryptoconservative mantra. A problem? All problems are the fault of big government and liberals.

    It's actually entertaining after a while, as noted in my sig line, some idiot in here actually blamed peanut allergies on liberals.

    So while it is a remarkable exercise in tapdancing to stupid, but often laughable.

  24. Re:What the hell are they talking about? on Equifax Breach is Very Possibly the Worst Leak of Personal Info Ever (arstechnica.com) · · Score: 1

    In the US, they use your SSN as a kind of default key, tied with your birthdate and address and phone.

    They're really stupid here. The only people that should ever have had an SSN are those providing you with a pension or retirement plan.

    And it used to be that way. My SSN card even states that it isn't to be used for identification. But somewhere along the line, it became the defacto identification device. I had to chuckle one time when at our university swimming poo, I hade to give my social to get a towel.

    We so dum!

  25. We're number one! We're number one!