Slashdot Mirror


User: sexconker

sexconker's activity in the archive.

Stories
0
Comments
13,379
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 13,379

  1. Re:Why can't it be patched? on MS: Windows Phone 8 Wi-Fi Vulnerable, Cannot Be Patched · · Score: 1

    Or treat wireless like an internet connection, require VPN access over it

    How would a VPN help? This vulnerability affects the authentication with the access point. If you authenticate, get an IP, and try to open a VPN connection, it's too late.

  2. Re:Why can't it be patched? on MS: Windows Phone 8 Wi-Fi Vulnerable, Cannot Be Patched · · Score: 1

    because the root certificate being installed is for the internal domain and Microsoft doesn't have that certificate.

    please note: this is only for PEAP using domain credentials. not standard WPA2-PSK that just about everyone uses.

    The scary thing (if i read this correctly) is that someone could theoretically sit outside a business where a lot of WP8 users are, listen for a while to snoop the wireless details (SSID, AP's mac, whatever they want) and then set up a fake hotspot in the parking lot. As phones leave the building's wifi perimeter, they will try to re-auth to the fake hotspot and give away their user's credentials. The user can then turn their wifi gear toward the building, and log in as an insider with probably tons-o-access to the internal network and the crown jewels.

    Who cares if it's only a few businesses or that "most people" dont bother with it, the potential for targeted abuse is so huge that I don't see any sane enterprise keeping this turned on. They are better off just handing out "secret" WPA keys to their users than bothering with auth that basically ensures they are vulnerable.

    The only thing you get is the encrypted credentials. Is PEAP-MS-CHAP v2 vulnerable to any practical attacks?

  3. Re:Of course! And you never need more than 640K RA on Hybrid Hard Drives Just Need 8GB of NAND · · Score: 1

    Uh huh. So where do I store all my steam games, video files that I like to work on, etc.?

    On my NAS you say? Sweet, now if I could only get good speeds across that VPN link to my house from the airport or my hotel, or killing time in an unused training room on my break.

    GP was talking about laptops. Don't game on laptops. If I ever run into your slow-loading ass in a multiplayer game I will shit on your dick.

  4. Re:theres a thing that rhymes with "ion" on US IT Worker Files Hiring Lawsuit Against Infosys, Class Action Proposed · · Score: 1

    What battle is that? Let the morons from 2nd world countries take the shitty fucking jobs with their shitty fucking skills. I don't want those jobs.

  5. Re:Why use HTTP Compression? on BREACH Compression Attack Steals SSL Secrets · · Score: 1

    Browse the web without Javascript and with an ad blocker. It's like moving from dialup to broadband.

    While I loathe JavaScript on a professional level, I gotta say: It's time to give up the Lynx browser. There can't be that many interesting Gopher sites left!

    NoScript is your friend. Allow sane shit, block tracking and advertising horseshit.
    Then slap Greasemonkey on there and run your own scripts to replace ugly/shitty scripts.

  6. Re:theres a thing that rhymes with "ion" on US IT Worker Files Hiring Lawsuit Against Infosys, Class Action Proposed · · Score: 5, Funny

    it starts with the letter u. what am i thinking about, IT douchebags?

    I can't think of any English word that meets those requirements.
    You're thinking about "union", but "union" doesn't rhyme with "ion".

    Just like a typical union worker, you've:

    1: Failed to get the basics right.
    2: Demanded far too much time, money, and attention for your output.
    3: Managed to act like an asshole in the brief interaction you've had with other people on the matter.

  7. Re:Why use HTTP Compression? on BREACH Compression Attack Steals SSL Secrets · · Score: 1

    Open the Net panel of Firebug on this page and then refresh it a couple of times. Order the HTTP requests by Size. You will see that the HTML of this page is takes the vast majority of bandwidth. Images are simply a "304 Not modified", whereas the HTML is a "200 OK" of ~41KB at this time.
    So in case of Slashdot, HTML is the bandwidth bottleneck, not images.

    IN the case of Slashdot, there is no bandwidth bottleneck. It's the miles of shitty, shitty, Javascript that make everything turn to shit.
    Browse the web without Javascript and with an ad blocker. It's like moving from dialup to broadband.

  8. Traveling on Navy Version of Expedia Could Save DoD Millions · · Score: 2

    It's 2013 and we're still having trouble with the traveling salesman^w warlord problem?

  9. Re:Douglas Engelbart on Woz & Jobs 2.0: Leap Motion's Holtz & Buckwald · · Score: 1

    See kids, patents were generic, vague, and retarded back then too!

  10. Re:How much money [is] there in "slashvertisement" on Woz & Jobs 2.0: Leap Motion's Holtz & Buckwald · · Score: 1

    By $ I mean money. And by how many I mean "how much".

    Why didn't you just say that?

    He did. Quite explicitly.

  11. Doesn't Matter on GPS Spoofing With $3000 Worth of Equipment and a Laptop · · Score: 1

    Our navy still uses the stars and physical maps to triple check navigation.

  12. Re:More to the point... on Global Warming 5 Million Years Ago In Antarctic Drastically Raised Sea Levels · · Score: 0

    Actually, it's not the rate of change, it's the rate of change of the rate of change that's scary.

    You think that's scary? Pft. Compared to the rate of change of the rate of change of the rate of change, that's peanuts.

    Oh snap!

    The next ones are crackle and pop, FYI. And no, I don't give a shit that they're not "official".

  13. Re:All Jokes Aside... Still No. on MIT Uses Machine Learning Algorithm To Make TCP Twice As Fast · · Score: 0

    Nobody at MIT is going to be picking which algorithm gets used on any live device outside of MIT, their pockets, or their house, so I was obviously not talking about them.

    Any sys/network admin putting this on or in the path of critical live devices should be fired no matter how it preforms though. No admin worth having would push this live for the same reason they wouldn't overclock the database servers; performance is always a distant second to reliability.

    Al modern x86 servers overclock themselves automagically.
    Get real - shit working is #1. Shit being fst or cheap is number 2. Shit being reliable or secure is number 39057.

  14. Re:Can we discuss the fourth amendment now? on NSA Admits Searching "3 Hops" From Suspects · · Score: 1

    Nope. The real estate agent is 1 hop. They pull all his records. The daughter is 2 hops. They pull all her records. The mechanic is 3 hops. They pull all his records.

    3 hops. The fact that the mechanic serviced your car will be captured, even though they never made the 4th hop to pull your records directly.

    Nope. Each time you look at a new person it's a hop. The mechanic's records may have your name, but that's the 3rd hop and it goes no further with regards to people. They only look at the mechanic's involvement with other people that are within 3 hops of the suspect. They don't give half a shit if your name is on the mechanic's records because you're not in the 3 hop radius. What you're claiming is 4 hops.

    (This is if you believe them, of course).

  15. Re:Congress is "angry" on NSA Admits Searching "3 Hops" From Suspects · · Score: 5, Insightful

    The first paragraph of TFA is:

    The National Security Agency revealed to an angry congressional panel on Wednesday that its analysis of phone records and online behavior goes exponentially beyond what it had previously disclosed.

    If it's true that members of Congress are angry, that's favorable news! Maybe they can be persuaded to get off their butts and do something about this.

    They only thing they're angry about is the fact that people found out.

  16. Re:Can we discuss the fourth amendment now? on NSA Admits Searching "3 Hops" From Suspects · · Score: 4, Informative

    No, they shouldn't. And they don't, because that would take 4 hops.

    Suspect
    Real Estate Agent
    Daughter
    Mechanic
    You

  17. Re:Moderators asleep at the job on The City Where People Are Afraid To Breathe · · Score: 5, Insightful

    Shingles is a virus, Valley Fever is a fungus that gets inhaled. They are not the same.

    So what? Both are obviously true despite your claim that they can't be. Virus vs. fungus has no bearing on it.

    0) You can be infected with something.
    1) You can fight it off and become immune to it.
    2) You can later be reinfected by the remnants that still remain in your body - because the infectious agent has changed, because your immune system has failed/been overwhelmed, because your specific immunity has gone away, or because the mechanism of infection (or location in your body) is different (even if the infectious agent is unchanged).

  18. Re:Obligatory Linux evangelism on Ask Slashdot: Light-Footprint Antivirus For Windows XP? · · Score: 1

    I prefer DBAN personally. I have never seen a virus or malware that could survive a good hard cleaning with DBAN.

    You've never seen a virus that lives in firmware or BIOS?

  19. Re:all sites are dirty sites on Ask Slashdot: Light-Footprint Antivirus For Windows XP? · · Score: 1

    All sites that you can expect random casual users to visit do serve ads.

    No random casual user using a PC I've configured will see even 0.1% of all ads on the internet.
    Fuck ads. In all forms.

  20. Re:So what then? on Scientists Seek Biomarkers For Violence · · Score: 1

    1: Wikipedia, LOL
    2: I said documented/verified. If you trust the sort of historical records Wikipedia is basing their shit off of, you'd have to believe in leprechauns and mermaids.
    3: I also stipulated against rabies and wolves that were defending themselves.

  21. Re:So what then? on Scientists Seek Biomarkers For Violence · · Score: 1

    Dogs were created from generations and generations of primitively culling the vicious and dangerous wolves from the gene pool. I for one welcome our new french poodle overlords.

    Vicious and dangerous wolves? Wolves don't attack humans. In all of modern human history there has not been a single documented/verified attack by a wolf on a human where:

    1) The wolf was not attacked by the human first.
    2) The wolf was not rabid.

  22. Re:I don't even, what are they, what? on Microsoft Reveals Its 3D Printing Strategy For Windows 8.1 · · Score: 1

    I'm confused. Everything supports 3D printing. There's probably a Linux application for it. You just have the company write a driver, install 3D software that works with it, and hit print. The operating system is irrelevant. All they're doing is putting a big "sue me, I have the most money" sign on them with a picture of a 3D printed gun under it. Now they're just getting desperate. I thought 8.1 was a rush fix like Windows 7 from Vista but nope. Hopefully THIS TIME heads will roll and they'll replace clueless morons with reasonable design leads at MS.

    do you know what OS you have to boot to special mode to install drivers for almost any 3d printer - makerbots included? Windows 8. I guess the main thing is that they've included arduino drivers with the os...

    (the reason is that the arduino/custom arduino serial drivers are rarely signed..)

    Or you could sign your fucking drivers.

  23. Re: I don't even, what are they, what? on Microsoft Reveals Its 3D Printing Strategy For Windows 8.1 · · Score: 1

    The thing is windows is horrible at printing.

    No, the thing is printers are horrible at printing.

  24. Re:Please explain... on FCC Rural Phone Subsidies Reach As High As $3,000 Per Line · · Score: 1

    1. When having a phone became a 'right'

    2. Why people have to have phone that requires 90% or more of the country to pay for it because of where they choose to live

    3. Why I should pay more because someone wants to live in a rural area where they can't make any money and don't have phone service. And where storms can bring down phone lines causing thousands of dollars in repair costs for a phone they don't pay for.

    4. Why they can't move

    5. Why, after all of the above, if they don't have skills, can't live off the land, can't get a job, can't move, and are poor, we don't relocate them someplace else since they must already be living on the government dole. When you don't make your own way and don't contribute to society, you don't get to decide the rules that govern how you receive free money and other things.

    You're right. People should only have access to the resources and commodities that are naturally (via the land or free-market trade) present in their area. The government shouldn't get involved.

    People in every city ever will LOVE paying 50 times the current price for things like food and water!

  25. Re:Quantum Computing on NSA Backdoors In Open Source and Open Standards: What Are the Odds? · · Score: 1

    I am going to assume you mean evidence that government black projects have a history of preceding public sector 'innovations', not evidence of current top-secret projects that no civilian would have knowledge of anyway.

    In which case, here you go: http://en.wikipedia.org/wiki/Lockheed_SR-71_Blackbird

    You assumed incorrectly.
    The top researchers in the world have only shat out quantum computers that deal with a few qubits.
    Show me evidence of the NSA - or anyone else - having a useful quantum computer. Hell, could you even say who would have built it? How could they have built it? Who's research it would be based on?