Slashdot Mirror


User: SuiteSisterMary

SuiteSisterMary's activity in the archive.

Stories
0
Comments
6,159
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 6,159

  1. Re:People need to realize on Microsoft Hack a National Security Threat · · Score: 2
    Of course, the good old Mac OS has no root level access
    Actually, if you think about it, you'll find that ALL the MacOS has is root level access.... :-)
  2. Re:People need to realize on Microsoft Hack a National Security Threat · · Score: 2
    I will point out that this conversation is quite civil, and I like it that way. Thanks for that. :-)
    Points 4 and 5 have nothing to do with security. They had to do with good computing in general - always have a backup. I will ignore them.
    I'm sorry, my good man, but that line demonstrates that you actually do not have any idea what 'computer security' really is. Two of the central tenents are data integrity and availability; you're just a fucked if a lightning storm takes out your harddrive as if a hacker does. Now, I'll point out that we're not talking single user operating systems in a non-networked environment; that's a contrived example that's against the slashdot article. They're specifically talking about using Windows OSs in a multi-user 'secure' environment. I'd really suggest that you find the O'Reilly book I mentioned, and read it. We're not really on the same wavelength here; I talking building a moated fortress, while you're locking your car door. :-)
  3. Re:People need to realize on Microsoft Hack a National Security Threat · · Score: 2
    Especially if the system cannot tell the difference between a living person and one very recently dead.
    Actually, I believe you can check for that by running a small electric current along the scanner surface; living flesh will alter the current differently than dead flesh. But I'm not so sure. :-)
  4. Re:People need to realize on Microsoft Hack a National Security Threat · · Score: 5
    We'll consider a default Window ME install to be very useable, but rather insecure. Now, add a small filesystem layer that encrypts and decrypts everything to and from the hard drive. Replace the usual login password with something that checks an individual's physical traits(such as DNA or maybe fingerprints). Make sure that it's checked as soon as possible. I'd replace the BIOS with whatever checks for the DNA/fingerprint. We'll also assume this workstation isn't physically connected to any other.
    Spoken like somebody who has no idea what computer security is. I'll start with a few of the basics, just to get you started. For more information, in a fairly simple format, find O'Reilly's "Computer Security Basics."
    1. There's no access controls. Great, you're checking DNA. What stops me from walking in and yanking the power? Or buggering off with the box itself for later decrypt?
    2. What sort of user protections are there? You named Windows ME, so we'll use that. No ACLs, no auditing, nothing of the sort. A 'secure' system audits, generally through hard copy (which can't be invisibly altered) every, and I mean EVERY action.
    3. This thing has a floppy drive, and a CD-ROM, so I won't even get into the idea of walking in with a linux boot disk and a parallel port ZIP drive and copying the drive for later perusal and decrypt. See point 1 above.
    4. You failed to mention any sort of backup scheme, as well as disaster avoidance/recovery. That means I can deny the system to you with a flick of the circut breaker in the basement/closet.
    5. Also, this being Windows ME, anything beyond the most basic of fault tolerence is impossible.
    6. You failed to mention any sort of human protections; DNA/Fingerprints are very easy to get ahold of. I can convince you to put your finger on it, one way or another. Do you have a 'duress' password you can supply, which will trigger a silent alarm, but not tip off the intruder?
    7. Again being commodity hardware, this thing probably isn't TEMPEST shielded.
    8. This being Windows ME, it doesn't support process isolation, etc etc. I can write a two line program, in Visual Basic, that will grind the machine to a smoking halt.
    9. If it's not connected to anything else, in any way, that obviously precludes a network, or the Internet. Suddenly it's not so usable.
    10. This being Windows ME, you have NO way of doing a code audit, and no way of guarenteeing the swift and competant fixing of any bugs.
    11. I won't even get into the inherant stupidity of trying to use WinME for anything, including games. Before you saying anything else, please do read up on the subject at hand. Start with the O'Reilly book referenced above, then a few others I can name, "Practical UNIX and Internet Security" being first on the list.
  5. People need to realize on Microsoft Hack a National Security Threat · · Score: 5
    It's not that difficult folks; just remember the golden rule:
    Security and ease-of-use are mutually exclusive, and are usually inversely proportional.
    And remember, neither Linux nor BSD, nor any other OS you can probably name, are secure. Security is a) more than just the ability not to be hacked, and b) more than the OS. A truly secure OS doesn't have the concept of root, for example, and requires hardware support for quite a few of the security features. In other words, by definition, any OS you can a) buy off-shelf at the mall, or download freely (as opposed to 'a free download) or b) that runs on 'commodity' hardware, isn't secure. It might be 'secure enough for my purposes,' but that's it.
  6. Re:Cartridge-based games on Nintendo Buying Sega? Or Not? · · Score: 2

    Actually, every revision of the PS hardware since launch has had new parts; they're only engineered, however, to be smaller, cooler, and require less power. But if you can find a first gen PS, and a last gen PS, pop the covers off and look. The last gen is pretty much empty; that's why they just went ahead and chopped the case by 2/3rds.

  7. Re:They are right. You are wrong. on Getting Fired For Not Taking A Promotion? · · Score: 2
    You are demonstrating what can be considerd a lack of ambition.
    Bullshit. The problem is that the entire corporate hierarchy has at least two complete duty jumps. Observe the ranks:
    1. 1: grunt programmer. Codes.
    2. 2: developer. Codes well.
    3. 3: senior developer. Codes lots.
    4. 4: manager, development. No coding.
    5. WTF, you say? That's right. You did your job SO WELL that you're not allowed to do it any more. Some reward, eh?
  8. Re:Four times on Getting Fired For Not Taking A Promotion? · · Score: 2
    One place wondered aloud why I'd stayed there so long.
    When one of my previous employers shut down our office and canned our product line, we were all sent to an outplacment company. I went along for the free food. :-) One of the things that was mentioned was that the average technical job lasts for 2.5 years; and should change after no more than 5. The situation is completely reversed from even 20 years ago; back then, being FIRED was a permanent black mark. Now a days, it's a paid vacation followed by a better job.
  9. Re:Up or Out on Getting Fired For Not Taking A Promotion? · · Score: 2
    This is actually codified in the military (at least the US military)
    The term for this is 'excessive time in grade.'
  10. Re:Although it's not true.... on Nintendo Buying Sega? Or Not? · · Score: 2

    They're starting to rethink, mainly because they're getting pasted. Take a look at the entire history of Nintendo games; it's always been about control. The 'seal of approval,' Nintendo manufacturing carts themselves, etc etc. Nintendo generally reserves the rights to refuse publication of any game they don't like. Sure, they might be relaxing the whip a bit, but it's still there. But just for fun, lets take a look at a current roster of games. Zelda; yawn. Perfect Dark; Goldeneye with better textures. Mario Tennis? Please. Pokemon this, that and the other; wow. Hell, here's a perfect example: Dreamcast's "Seaman" versus Nintendo's "Come here, Pikachu!" Same genre (voice controlled games) but wildly different executions, styles, and design philosophies.

  11. Re:Peter Principle on Getting Fired For Not Taking A Promotion? · · Score: 2

    Before anybody asks, the Peter Principal pretty much states than in any heirarchical organization, people tend to rise to their first level of incompetence; that is to say, they will continue to be promoted until they reach a level that they cannot handle, and instead of then being taken down one notch, to where they'd probably be happy and productive, they're left there, where they're lost and confused, yet have power.

  12. Although it's not true.... on Nintendo Buying Sega? Or Not? · · Score: 2

    ...it would be very sad indeed. Sega is constantly putting out games that are unorthodox, to say the least; Space Channel 5 and Jet Grind Radio are two examples off the top of my head, that Nintendo would never touch; it's all Mario these days for them.

  13. Re:Attention all hard drive manufacturers: on More About Copy Control on Hard Drives · · Score: 2

    Of course it wouldn't work; but it's just as silly and unenforceable as the idea it's against. "This encryption system works on the honor system. Tell the system when you're writing copyrighted material so it can encrypt it!"

  14. Re:just ponder... on Ask An Ordinary Teenage Slashdot User · · Score: 2
    take off a couple of hours for exercise and interaction
    That assumes that the world wants to interact with you. Nice sentiment, but not always the case in real life.
  15. Re:Attention all hard drive manufacturers: on More About Copy Control on Hard Drives · · Score: 2

    Sorry, I might have had a brainfart. Whichever law they're trying to pass that'll make EULAs completely and utterly binding.

  16. Attention all hard drive manufacturers: on More About Copy Control on Hard Drives · · Score: 2
    By the provisions of the DMCA, I hereby give notice:

    1. By selling me any hard drive, you agree to use no technology, methods, or algorithms, in hardware, software, or any other medium, to affect any data which may or may not be saved to said hard drive, including the prevention of further copying (many people have more than one hard drive) moving of data (defragmenting, amoung other things) or any fair use operations (such as backing up).
    2. You also agree that I may reverse engineer any such technologies in said technology, with an eye to circumventing them as I see fit, and will, in fact, supply me with any and all documentation, materials, SDKs, or other such things to assist me in said circumvention.
  17. Re:Hmm.. SCSI? on More About Copy Control on Hard Drives · · Score: 2

    If this is only on EIDE not SCSI, then I'd say this might, just might, be a plot by SCSI manufacturers to increase their own sales, because it'll be the death of IDE.

  18. Re:and apache doesn't? on Caveat Emptor: Egghead.com Credit Records Nabbed · · Score: 1
    Nah. Had it have been, say, a Linux/Apache box, people would be saying
    Well, what do you expect? Linux is weak. They should have been using *BSD!
  19. Re:hrm on Caveat Emptor: Egghead.com Credit Records Nabbed · · Score: 2

    All ye need is the registered name and address of the card holder, the card number, and the expiry date. And if one bit is in a database, likely all bits are.

  20. Re:differences between the Japanese and US version on Princess Mononoke Released On DVD · · Score: 2

    Miramax is owned by Disney, and is used to release stuff that would sully the Disney name. Kinda like Hollywood Records; serves the same purpose for Disney for music.

  21. Avoid Solaris/86 like the plague it is.... on What Debugger Is Best For Multithreaded Apps? · · Score: 2

    ...and be aware that there are many, many bugs in Solaris' threading libraries.

  22. Re:Red Storm Rising on Warez and Abandonware · · Score: 1

    Actually, if you go look on the microprose FTP site, you'll find a patch to remove floppy protection. I remember getting it from their support department when I bought RSR an the copy protection wouldn't work with my uber 386 laptop.

  23. Re:The end of alphanumeric paging... on Peep: The Network Auralizer · · Score: 1

    My network monitoring software already has the option to use a voice modem to play sounds at me over the phone. Pity it doesn't work properly with Windows 2000.....

  24. Re:Half sounds like so much on Red Hat Closes SF, Office, Lays Off Staff · · Score: 3

    So something, once designated 'critical' will be critical for eternity? When I decide to drive to the store, my car is 'critical' to my 'plan.' Then, I notice the time, and the store is closed. My car is no longer 'critical' to my plans, because the plans have changed. Oh, look, a grocery store has opened in the bottom floor of my apartment building. Now I can sell off my car. Doesn't mean my finances are down the toilet. :-) A poor analogy, but an analogy none the less.

  25. The Internet is destroying English. on Is The Internet Destroying Spanish? · · Score: 5
    Forget other languages; the Internet is destroying English at a steady clip. If I read one more email that looks like:
    r u coming over 2night?
    or even one with proper sentance structure, and real words, but no capatalization or puncutation, I'll scream. Happens about once a week. :-) Let alone the jargon, acronyms, 'isms,' 'izations' and creating brand new verbs, such as 'Lets dialouge about this!' that are made up on a regular and daily basis.