Slashdot Mirror


User: mysidia

mysidia's activity in the archive.

Stories
0
Comments
13,354
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 13,354

  1. Re:not relevant if reducible to mathmatics. on Patent 5,893,120 Reduced To Pure Math · · Score: 2

    But mechanical patents fall into the same category. Aren't all mechanical patents at it's heart, physics, which is any number of different mathematical fields? What about chemical patents?

    No, the patents are about applications of physics using specific machines.

    Mathematics itself is separate from physics; and physics itself is separate from machines built that work by applying physics in elaborate ways.

  2. Re:old news, or a hoax. on Hotel Tracks Towels With RFID Chips · · Score: 2

    It's not worth spending $30,000 to save 50 cents.

    Imprisoning people who cannot follow the law is not about making an economic tradeoff based on the offense they were caught committing. It is about protecting order and society, and removing threats from the streets.

    If they steal a total of 200 $0.50 candy bars a day, it will exceed $30k, by the way.

    If there is no robust punishment for stealing a $0.50 candy bar, then there is no deterrant against them stealing many frequently and many others doing it, since there is no deterrant to scare the on-the-fence folks from starting a life of crime.

    Moreover, stealing $0.50 candy bars, getting that as a habit, is quite likely to lead to other crimes. Law enforcement generally only has the benefit of knowing about the crime the person was caught committing. A fair portion of the people who steal $0.50 candybars today are likely the people who steal $30,000 cars 10 years from now.

    Anyways... it's indeed a total farce it costs $30,000 to keep someone in prison. Frankly, prisoners should be required to perform productive labor to fund their meals, rent, health care, comfort (eg air conditioning), and other amenities in prison.

    Anything beyond a 5-foot by 5-foot by 5-foot enclosed space with temperature kept above 40 degrees and below 85 degrees; 1 liter of water, an hour of sunlight a week, a half pound of gruel, a wash cloth, and a small trashbag to pee and poo into, are luxuries, and prisoners should be required to perform work for all luxuries that provides an amount of revenue to the state equal to at least 120% of the cost of those luxuries.

  3. Re:that could be entertaining on Hotel Tracks Towels With RFID Chips · · Score: 1

    All they'd have to do is incorporate the rfid detector with popup tire slashers, iron crossing barriers, klaxons and klieg lights. Locals could sit in lawn chairs across the street at checkout time and watch the show.

    Sounds like an excellent reason to take a cab (or airport shuttle) off the hotel premises when checking out.

  4. Re:old news, or a hoax. on Hotel Tracks Towels With RFID Chips · · Score: 1

    Theft is theft - but if every person always takes $8 in towels, they will simply charge people $8 more for the room.

    People have gone to jail for stealing $0.50 candy bars. If they know a guest intentionally stole a towel, that guest should get charged with the proper crime.

    However... there's a problem. How can you prove the guest stole a towel, without invading their privacy, insulting them, or accusing them of a crime with little evidence (and possibly major embarrasment for the hotel with cost much greater than $8)?

    RFID in towels might be an answer. At least you can inform them there's a hotel towel in their luggage (possible accident), without having to accuse the guest of any malice.

    You can just ask them to return it, bill them, or say "Sorry, we cannot return your room deposit until this is returned"

  5. Re:Well damn on Hotel Tracks Towels With RFID Chips · · Score: 0

    I think you can still do it... they just might add the cost of one 1 RFID-enabled towel to your room tab, at check out time.

  6. Re:Not on iPhone on Verizon Plans Location Warning Sticker · · Score: 0, Troll

    There is no way this is going to put on any iPhone Verizon sells.

    Yeah way... i'm sure they'll make a special one just for the iPhone though. It'll just look pretty and have a web2.0-esque theme with a picture of an iPhone with attached anal probe being jabbed into a naked guy's a***....

    (j/k)

    "Caution: iPhones contain software that may reveal your location to advertisers for the purpose of desplaying more irrelevent ads"

  7. Re:Isn't the point of a secondary network... on Amazon EC2 Failure Post-Mortem · · Score: 2, Informative

    ... to be able to handle loads if the primary fails?

    No. That's the point of the redundant elements and backup of the primary network.

    The secondary network they routed traffic to was designed for a different purpose, and never meant to receive traffic from the primary network.

  8. Re:That doesnt explain anything on Amazon EC2 Failure Post-Mortem · · Score: 0

    It could be that in the process of isolating the problem, they rebooted servers that (due to network problems) may not have been able to fully replicate their local changes.

    In other words.... someone executed an improper "problem isolation" procedure........

  9. 137 datacenters? Wow on US Gov't To Close 137 Data Centers In 2011, More By 2015 · · Score: -1

    That is one hell of a DMCA letter to turn off 137 datacenters. What was that, a takedown of http://.gov/ for containing content similar to .CN ?

  10. Re:I don't think it would matter even if they coul on GPS Maker TomTom Submits Your Speed Data To Police · · Score: 1

    (unless you are just inherently evil, like those convicted of sex offenses who were then added to the newly created 'registry' systems) .

    Or you're a taxpayer. The government can implement retrospective taxes and regulations and they have done so in the past.

    For example, congress can implement a "penalty", "fine", "tax", or "administrative fee" based on something you did in the past.

    So yes, they could pass a law that would cause fees or "fines" to be assessed to people who travelled above 45 in the past 2 years, but it's not a criminal act --- administrative fee, instead.

  11. Re:I don't think it would matter even if they coul on GPS Maker TomTom Submits Your Speed Data To Police · · Score: 1

    Murder has no statute of limitations. If someone commits murder, and it's found out about 90 years later, they can still be prosecuted, if sufficient evidence is capable of being found.

  12. Re:For those who won't RTFA; on GPS Maker TomTom Submits Your Speed Data To Police · · Score: 1

    The story is that the data was used by Dutch police to determine where to set up speed traps. The data was NOT used to go after any TomTom users for speeding.

    Naw.... they just setup speed traps where a couple people who happened to have Tomtoms were speeding.

    Didn't effect the Tomtom users at all ?

    (Other than providing police information about where to setup the speed traps to catch those Tomtom users who were speeding!)

    Talk about your own hardware providing information to be used against you......

  13. Re:Apple apologist on GPS Maker TomTom Submits Your Speed Data To Police · · Score: 1

    Sure, DUIs are unsafe, but speed by itself isn't a killer... {Yes, you said "contributed", I know...}

    I would be very pleased to hear of Tomtoms somehow detecting DUIs and reporting them 'anonymously' in real-time with precise GPS coordinates, and (preferably) pictures from front, rear, an outbound cameras.

    But I don't think the drivers driving while drunk would appreciate that Tomtom feature

  14. Re:That's ok on Feds To Remotely Uninstall Bot From Some PCs · · Score: 1

    I think he meant just the Microsoft files. And it's totally possible to enumerate all other signatures, because the certificate is digitally signed by Microsoft, and readily available from a CA...

    Not all Microsoft files are digitally signed in XP/2000/2003; e.g. Explorer.exe. And malware can make explorer run it by inserting itself as an 'explorer plugin' / context menu / extension.

    Ever run sigverif on a windows system? Most files malware might want to modify are unsigned by MS/anyone else.

    And just because the file isn't made by MS doesn't mean it is unimportant.

    Malware injecting code into a flash plugin, web browser, or a multitude of systray apps the average user has, can run just as quickly as malware that injected code into explorer.exe can.

  15. Re:That's ok on Feds To Remotely Uninstall Bot From Some PCs · · Score: 0

    I don't know what it is about penis enlargement advertisements that make people throw out common sense and respect for others out the window.

    Characterizing the problem with botnet nodes solely as "penis enlargement advertisements" in that manner is like saying "I don't know what it was about burning graphite and CO2 release at chernobyl that make people throw out common sense and respect for others"

    The issue is not a "lack of respect for others" by people receiving spam, whatever the hell that means.

    There's a lack of respect for the technology and the community by people operating the computers that wound up sending spam.

    And the spam is theft of services from everyone else, theft of mailbox resources, and goes generally far beyond simple annoyance.

    In fact, Spam reaches the level of danger... phishing, scamming, and spread of exploit code/ malware/other unwanted sneaky software through spam are extremely common.

  16. Re:That's ok on Feds To Remotely Uninstall Bot From Some PCs · · Score: 0

    while we are at it, why not burn down houses that have been broken into? you know, because the back door was left open...

    No... burning down houses would be akin to destroying hardware; which I don't suggest.

    If the house is found unprotected with druggies congregating inside; then I fully expect authorities to cordon it off, remove utilities, and generally render the building uninhabitable until the investigation is over, and the owners will be required to fix the security issues, before habitability, utilities, etc, can be returned.

  17. Re:Options on Feds To Remotely Uninstall Bot From Some PCs · · Score: 1

    That and nuking the site from orbit. It's the only way to be sure.

    You're right.

    Clarification: With limited information about the physical wearabouts of the machine: the only method relatively certain to work without many lost innocent lives or massive amounts of destruction of physical property.

  18. Re:That's ok on Feds To Remotely Uninstall Bot From Some PCs · · Score: 0

    Easy... easy... You know, I wonder how the situation would be seen if China would start to disable US computers only because they are used for serving content that don't fit their policies. I mean, for them that content might be as "aggressive" and "dangerous" as a botnet.

    If that "content" includes a backdoor on their server that lets any random third party in, I see no problem with that.

    If the content is important, someone will have mirrored it and present it elsewhere in a form without a self-pwnage backdoor.

  19. Re:That's ok on Feds To Remotely Uninstall Bot From Some PCs · · Score: 4, Informative

    it's very, very easy to check offline (from a separate host) that a hard drive with a Windows partition on it has legitimate files as released by MS. Digital signatures and all that jazz.

    No. The System filechecker is trivially defeated, even when checking offline.

    The trouble with 'digital signatures' is there are multiple valid signers, and you can't enumerate a priori which ones are valid. The tampering of tampered with files does not even necessarily occur on the files you see on the physical medium offline while rootkit is not loaded.

    Lots of Windows systems have a boatload of legitimate non-Microsoft application files and non-Microsoft system drivers for hardware are almost universally present. And what the registry contains is really quite important, especially when malware involves loading a program that contains a rootkit.

    The loader may be found as an application, small file, or binary blob in the registry somewhere. The actual payload activated by the malware loader, may not even reside as files on the NTFS volume; as anything running as system user may be able to read code from raw disk sectors (even NTFS disk sectors that are not actually linked to files you can scan/access).

    Try as you might, it is basically impossible to enumerate every possible registry content that will cause malware hooks to load into memory and run payload at system boot.

    Verification of the content of all known system files does not verify the integrity of the system.

  20. Re:That's ok on Feds To Remotely Uninstall Bot From Some PCs · · Score: 4, Informative

    A bit draconian, are you?

    Maybe. Apparently you aren't one of the guys they send massive amounts of unwanted spam to?

    So sure. Let's say you render a couple hundred thousand machines unbootable by wiping their partition tables, MBR, or whatever. They wake up the next morning, and do they love you? Can they do business? Can they read x-rays? Will their their stuff work?

    The problem is the malware/rootkit leaves their stuff seeming to work; and it's invisible to them, so they don't even bring someone in to look at it, let alone repair it.

    Your average organization with malware crawling around has no IT management, there's no active directory, group policy, or technical restrictions against employees running software -- everyone runs as admin, any anti-malware/antivirus software is hopelessly out of date, and they're probably still running Windows XP at the moment.

    You're not going to be able to "turn off the port", because there are way too many of them, they don't have static IPs, and WHOIS is basically useless. Their ISP won't even tell you (or law enforcement) who their technical contact is (if they have one) without subpoenas.

    The most expeditious way for anyone to handle this is to nuke from orbit by reversing the behavior of the malware author's backdoor. Make the software shout about its presence instead of hiding.

    Make the breakage of the machine VISIBLE so the repair company has to be called, and money has to be spent, so the SMB cannot continue to ignore their workstation infection, even when informed of it.

  21. Re:bill Microsoft for the expense, not taxpayers on Feds To Remotely Uninstall Bot From Some PCs · · Score: 1

    Whoa... hold it there. If you start that precedent about OS vendors being charged for security issues...... that would put open source companies, incl. Redhat in quite a pickle.

    No platform can claim to be completely free of security issues. And any platform that reaches critical mass is going to have infected/compromised systems doing naughty things (like SSH brute force attacks en masse).

    The number of non-Windows botnet nodes is far from zero.

  22. Re:The remote wipe move will require consent on Feds To Remotely Uninstall Bot From Some PCs · · Score: 1

    Nobody is going to trust an agency to do this. Doesn't matter if that's just or unjust, the only just that matters is that it's just not going to happen.

    But they trust completely anonymous massive numbers of third parties (that include spammers and ID thieves) not to do whatever the h**** they want, using any open vulnerabilities they find?

    How about the agency outsources it to private industry; and requires all exploits and payloads utilized to be open source, fully documented, and subject to review by any member of the public....

  23. Re:Lemme guess how they're going to get consent... on Feds To Remotely Uninstall Bot From Some PCs · · Score: 0

    Hey... anyone know where I can buy stock in the company that sells Virus Remover 2011 and Antivirus 2011?

  24. Re:That's ok on Feds To Remotely Uninstall Bot From Some PCs · · Score: 0

    Not if it leaves the machine in an unclean or unusable state. If you thought anti-American attitudes are bad now, imagine the FBI disabling a couple hundred thousand key machines abroad-- just to get rid of a virus.

    Disabling is the normal course of action taken on an infected machine. In fact, the only method certain to work.

    SOP when discovering a backdoored machine spewing spam, participating in a DDoS, running a backdoor, or botnet node, should be: to if possible, use the malware's infiltrated command and control or the published backdoor to render the backdoor or the system useless to further the attack as quickly as possible.

    The simplest and most strongly recommended method is to to prepare a text message to alert the operator that the computer is infected, make various modifications to ensure the OS becomes unbootable, and overwrite the MBR with boot code to display the alert message and halt, every time, instead of booting.

    Removing the infection is the operator's responsibility. Any security consultant worth their salt will inform you, the only acceptable, reliable way of removing the infection, and bringing the computer to a state where it is acceptable to ever connect to the internet again: is to perform a clean install of the OS, and full update of the OS, due to the fact that malware can modify any file on the system, kernel itself, etc.

    Such modifications are generally undetectable, and even if they are, a clean install is required to a verifiable OS in order to be able to accurately validate the integrity of backed up files prior to restoring them.

  25. Re:That's ok on Feds To Remotely Uninstall Bot From Some PCs · · Score: 1, Insightful

    They could, but it would be a dick move. As much as I'd like to think so, it's just not true that everyone at the FBI is a dick.

    I disagree. These systems are infected. If the FBI knows about that; if they have gained control of a botnet, backdoor codes or other piece of malware, they should be free to immediately take all available actions to uninstall or disable known infected computers.

    There's definitely no right to be running botnet code.

    I say we need a law authorizing ANYONE to uninstall worm software/viruses from any computer by any means made available by the malware, at will, without alerting the user, anyone else, or requiring anyone's permission or approval; so long as the only method used to uninstall is provided by the malware (or backdoor), the only command executed is cleanup/uninstall, and no financial or other gain is obtained (other than cleaning up the internet/reducing spam).