Slashdot Mirror


User: mysidia

mysidia's activity in the archive.

Stories
0
Comments
13,354
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 13,354

  1. Re:epic FAIL on Samsung Keylogger Stories a False Alarm · · Score: 1

    We believed someone who used a 3rd rate antivirus and didnt verify with a kernel debugger? FAIL on all our parts especially the "security researcher" who so thoroughly researched this one

    This is so big a fail... I declare April fools came early this year.... and fooled even the security researcher this time.

    Or maybe it's part of a 3-day countdown type event.

  2. Re:WTF? on Samsung Plants Keyloggers On Laptops · · Score: 1

    It turns out to be all bogus

    April fools came early this year, I suppose, and fooled Slashdot and others.

  3. Maybe it's right on Boston College Says Using WiFi Is a Sign of Infringement · · Score: 1, Redundant

    Included on the list is using a wireless router in your dorm.

    It actually says....

    Using a wireless router in your room; others may share illegal material through your router, giving the appearance that you are the guilty party.

    Think about this for a moment. For the average person who does not take reasonable measures to secure their wireless AP against unauthorized access, this is true.

    The average newbie/non-geek who just buys an Wireless AP+Router combination device and plugs it in, will be operating in open wireless mode.... that means other students can connect and use their internet connection.

    This has a potential to result in claims of contributory infringement, when other students connect to the open AP and upload MP3s to peer to peer networks or perform other infringing activities.

  4. Re:That's how you sell an autobiography on Paul Allen Rips Bill Gates In Autobiography · · Score: 1

    At least he's not pulling a Paul Ceglia and suing gates claiming rights to greater ownership of Micro$haft....

  5. Re:WTF? on Samsung Plants Keyloggers On Laptops · · Score: 2

    but I am less sure if they have broken any actual laws. Maybe some digital eavesdropping provisions that are only allowed to be done by governments have been breached but I can see Samsung weaselling out of that one.

    Wait... Google did this on ACCIDENT (while collecting WiFi access point SSIDs).. and still got slapped with required biannual privacy audits and other penalties.

    Imagine if Google had said that was intentional and tried to defend the practice like the report says Samsung people did?

  6. Re:WTF? on Samsung Plants Keyloggers On Laptops · · Score: 1

    American corporate CEOs are above the law.

    Maybe so... but Samsung is not. They just made my decision of a new major electronics purchase easy, though... I was debating Samsung vs another model.

    After this charade; I will not be buying the Samsung.

  7. Re:WTF? on Samsung Plants Keyloggers On Laptops · · Score: 1

    Worst idea since Sony's rootkit. They should be prosecuted over crap like this.

    I think this is even worse than Sony's rootkit.

    Sony's junk wasn't a keylogger. And your PC didn't come with it preinstalled

  8. You want academics? on Wikipedia Wants More Contributions From Academics · · Score: 1

    We want to have pride in our work and receive credit for it. Give us editorial control. Get rid of WP admins, or give us an ability to reject/block admin actions on articles we write. No group of individuals should have authority to override our editorial control of our article. The WP admins as a whole have generally proven that as a whole they really cannot be trusted that much anyways.

    List major contributors to every article as major 'authors' on the actual article page. Make that actually mean something.

    Give us a way to write an article and approve edits to our article, before they take effect. When someone wants to submit a change to our article, there should be a 24 hour waiting period, the people who are listed as authors should get 5 days to "object" and repudiate, strike down, or accept only part of the change.

    If none of the authors object within the 24 hours, and at least one other person approves within 30 days, then let the change go through.

    If noone takes any action within the 15 days, and at least one other person on the site who is an author of at least one article on the site vets the change and says it's good, then provisionally accept the change, and after expiration of the period give the contributor instant edit privileges for further changes thereafter; Subject to immediate cancellation of the change if another author of the article objects before the close of the 30 day period. If another author accepts before the close of that 30 day period, contributor gets no special privileges added.

    If an author submits a change it's instant. Removing or adding an author otherwise should require unanimous consent of all authors except the requesting person and the person being added/removed; with outside participation in the vote allowed, but not counted. Except a vote where at least 50 outsiders who are approved authors of at least one other article can add authors if there is at least a 75% majority agreement, or block removal of an author if there is at least a 30% minority agreement.

  9. Re:Lesson... on $110,000 Fine Is First Under MA Data Privacy Law · · Score: 0

    My wife worked at a number of restaurants where amazingly the claimed tips by servers always hit the 8% mark, nothing more, nothing less. The justification made by her coworkers was that some nights they make less than the 8% so averaging it out was "OK" to them.

    Well, that's interesting... But then again, they can rationalize why they break the law all they want,

    doesn't make it legal. Workers who receive tips are not allowed to "guess" at the amount of tips, the reporting standard required is the exact amount.

    But I expect if they keep that pattern up, they'll eventually be audited anyways, possibly charged with fraudulent reporting. It's just a question of the IRS trying to fry the bigger fish first.

  10. Re:Lesson... on $110,000 Fine Is First Under MA Data Privacy Law · · Score: 1

    You seem to be under the impression that cash tips are generally logged properly such that taxes can be properly paid.

    Failing to log and properly report the tip income is a crime (tax fraud), and unethical. I believe tips are generally logged properly. If you find reason to believe you have found some organization or person who is an exception, to logging tips properly, file IRS form 3949-A, with the appropriate information.

    The law and the stiff penalties for intentionally disobeying it or negligently failing to keep the required records should be enough to ensure people log and report their tips properly. The IRS also has some special rules for food establishments.

    As an employer, you must ensure that the total tip income reported to you during any pay period is, at a minimum, equal to 8% of your total receipts for that period..
    When the total reported to you is less than 8%, you must allocate the difference between the actual tip income reported and 8% of gross receipts.

  11. Re:Mmm, ironing. on Newspaper Plagiarizes Blog, Taunts Real Author · · Score: 1, Informative

    No, attribution is not required for fair use.

    If there is a source, Attribution/credit of the source is required for it to not be plagiarism.

    The article is not about copyright law; it's about professional misbehavior by journalists.

  12. Re:Hmm.. on Man Accused of Selling US Military Drones On EBay · · Score: 1

    Does having to file a flight plan with the FAA before use count as an infringement on your right to bear arms?

    You gotta be a pilot, but you could fly your B2 in VMC conditions under visual flight rules, no IFR, and then you don't have to file a flight plan, or even deal with ATC (outside of busy tower-controlled airspace). Of course that is risky... in terms of your own safety, should you have a mishap and splash down, you might not get rescued, since ATC doesn't know you're overdue and missing.

    Something tells me the FAA won't be messing with you too much in flight while you're wandering around in a fully armed B2. However.. the USAF may have a thing or two to "talk" to you about....

    Anyways, the flight plan requirement has nothing to do with bearing arms in this case -- that's just about being airborne in complex machine that requires careful planning and extreme care to operate safely.

  13. Re:What the hell? on Browser Power Consumption Compared · · Score: 0

    Wrong. If I write crappy software that hits your laptop's disc every 10ms, is the laptop the inefficient part? The hardware guys need to invent better speculative laptop disc caching technology? Of course software can consume too much power.

    No... the OS guys (or the OEM/admin that prepared the software install) are responsible for causing a mechanical disk to unnecessarily be hit every 10m by the browser's predictable activities.

    If the browser is genuinely inefficient and performs many unnecessary operations, the browser will also be slower. Hitting the disk every 10m incurs a performance penalty.

  14. Lesson... on $110,000 Fine Is First Under MA Data Privacy Law · · Score: 1

    When visiting a bar or restaurant, bring cash.

    Or pre-paid debit card you keep with only a small amount loaded on it.

    Minimize the use of CCs and checking/loan-account-linked cards

  15. 1000mSV really is high.... on Things Get Worse at Fukushima · · Score: 2

    Radiation levels inside reactor two were recently gauged at 1,000 millisieverts per hour — a level so high that workers could only remain in the area for 15 minutes under current exposure guideline."

    10000 mSV = 1Sv

    Very bad for the workers... well beyond what could cause cancer in 1 hour. the 1000 mSv reading is no doubt an average, or "what they've seen" so far. Spontaneous spikes are possible.

    Symptoms of acute radiation (dose received within one day): 1 – 3 Sv (1000 – 3000 mSv): Mild to severe nausea, loss of appetite, infection; more severe bone marrow, lymph node, spleen damage; recovery probable, not assured.

    3 – 6 Sv (3000 – 6000 mSv): Severe nausea, loss of appetite; hemorrhaging, infection, diarrhea, peeling of skin, sterility; death if untreated.

    6 – 10 Sv (6000 – 10000 mSv): Above symptoms plus central nervous system impairment; death expected.

    They're saying 15 minutes under current exposure guidelines. But in reality, workers could die if there's a sudden jolt to 100000mSv/hour.

  16. Re:Before everyone freaks on Things Get Worse at Fukushima · · Score: 1

    Bury the whole damn thing in concrete, and be done with it. This crisis would have been resolved two weeks ago if TEPCO wasn't more interested in repairing and reusing the reactor than the public safety.

    Leakage into the air is not the only concern -- leakage into the ground would be catastrophic to the environment and the people.

    Burying the whole thing in concrete is insufficient and can make things worse, to prevent leakage, and if they allow temperature to rise in the interim things may get dramatically worse.

    They need to entomb the reactor properly. Which includes encasing the underground portion in concrete. It will take months to entomb the reactor, if they start now.

  17. Re:A+++++++ on Man Accused of Selling US Military Drones On EBay · · Score: 1

    A- Seller said it was a UAV... opened package, and instead, it contained an office chair.

  18. Re:I had one of these when I was a kid! on Man Accused of Selling US Military Drones On EBay · · Score: 1

    What's puzzling is he's charged against importing arms...

    But this type of unmanned vehicle doesn't seem to contain any weaponry or armament whatsoever......

  19. Re:minor on McAfee's Website Full of Security Holes · · Score: 1

    Yes. Slashdot's source code is "disclosed." Do you call that a threat?

    First of all, no it's not. Slashcode's source code is disclosed, because it is an open source project. And Slashdot has code in common, but they aren't 100% equal.

    Second, that's intentional disclosure, meaning the code has probably been reviewed to ensure it doesn't contain anything sensitive. There's a big difference between what goes in an intended disclosure and accidental leak.

    Is XSS minor? Yes, this particular variety is the minor end of the spectrum. There are far more serious problems which are very common with web apps (injection, authentication, etc.).

    No. At minimal the XSS issue is Severe, possibly Critical, given the abuse potential.

    Just because more serious problems are known does not mean that what you see is minor. That's like arguing an intruder can install a keylogger, grab your bank account numbers, and format your hard drive, so if they only manage to break in and capture your SSN, address, and some photos, or hijack your machines a while to launch a DDoS and send a few hundred thousand spam messages, you have a minor intrusion, (whatever the hell that means).

  20. Re:Oh on Why Mac OS X Is Unsuitable For Web Development · · Score: 1

    That would just exhaust your allocation of resources on the dev server, and you'd need to call an admin to fix your account (and scold you for such a dumb error)... Your point?

    Oh, and as a developer you won't have sudo or root access to any servers or workstations, whether the machine is development/production or not.

    That would be a violation of corporate policies required for compliance with security regulations. In most organizations, system administration and firewall administration are arms lengths groups from software development.

    And anything running a web application, for test, or otherwise, requires special protections, such as network isolation, due to the unique security risks that applications under testing pose to the organization.

  21. I am suddenly reminded.... on The Simpsons Reviewed For Unsuitable Nuclear Jokes · · Score: 1

    About criticism being mounted when the motion picture version of The two Towers was coming out... E.g. waybackmachine.org/../twotowerprotest.org

    We believe that Peter Jackson and New Line Cinema's actions are in fact hate speech. The movie is intentionally being named The Two Towers in order to capitalize on the tragedy of September 11. Clearly, you cannot deny the fact that this falls under hate speech.

  22. Re:minor on McAfee's Website Full of Security Holes · · Score: 1

    These are all minor security problems... some of which are so minor one could debate whether they should even be classified as security problems at all.

    You think source code disclosure and XSS are MINOR security problems? Really?

  23. Re:Boycott rogers.. on ISP's War On BitTorrent Hits World of Warcraft · · Score: 1

    OR the lack of negative consequences....

    There are positive consequences like a less-congested network; not as much bandwidth/new hardware might need to be purchased.

    The reduction / delay of new costs may exceed the small dip in revenues from a few lost WoW players (in the vast minority among ISP users).

    More likely the complaints go to Blizzard, and blizzard eventually laments the consequences of having chosen BitTorrent for update distribution (as they should, as they should).

  24. Re:Oh on Why Mac OS X Is Unsuitable For Web Development · · Score: 1

    You're entirely correct with "Don't run the server-side of the web application on your development workstation." but mounting production server storage from your dev machine is frankly almost as bad.

    Who said anything about mounting the production server application directory and working on that from your dev machine?

    I'm talking about remote-mounted development (pre-test) application developer working directories on dev servers; where each developer mounts their own separate working directory for their dev instance.

    As for deployment to production, that's not even something under discussion or related to this topic.

  25. Re:Oh on Why Mac OS X Is Unsuitable For Web Development · · Score: 4, Insightful

    Personally, I consider a Mac to be pretty much the ultimate web dev platform, because it gives you easy access to all browsers on all major platforms, and gives you some of the best tools (yes, better than emacs, and even better than vi) to develop with. There are many imperfections, but it's better than all the other options.

    Author is bitching because he thinks the Mac is not an ideal platform to run the application.

    With that I agree. Don't run the server-side of the web application on your development workstation.

    Instead: save the files directly to a remote folder on an actual webserver running the target OS, by remote mounting the filesystem (or automatic synchronization), and run the application on the remote server, for testing during development.