Slashdot Mirror


User: mysidia

mysidia's activity in the archive.

Stories
0
Comments
13,354
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 13,354

  1. Re:Change the nature of the action on Retrieving a Stolen Laptop By IP Address Alone? · · Score: 1

    That's a brilliant idea, but it would take a really dumb thief to give their real address, rather than the address of some temporary 'drop point' in a different city :-)

  2. Re:Change the nature of the action on Retrieving a Stolen Laptop By IP Address Alone? · · Score: 1

    P.S. Or if you really want to be a vigilante, drop an e-mail message containing a trojan horse inside your mailbox, that the laptop will download, to enable lojack-like functionality.

    Only you know your exact computer config and what it might take to get code to be run. Probably this requires exploiting some unknown vulnerability in Thunderbird though, and requires the person to actually read the message (Difficulty level: Mad Supergenius Level III)

  3. Change the nature of the action on Retrieving a Stolen Laptop By IP Address Alone? · · Score: 5, Insightful

    It's not just theft of the laptop,

    They have illegally used Thunderbird to gain access to your e-mail account.

    That means they have gained access to both the laptop and your e-mail account without authorization.

    Maybe you don't need to stop with the police. File a suitable civil action, and get a court order to compel the ISP to reveal the information.

    Not just theft of property, but gaining access to 2 computer systems without authorization, aka 2 accounts of computer fraud and abuse, AND 1 count of theft/conversion.

  4. Re:A movie comes to mind. on The Verizon Wireless HTC Eris 'Silent Call Bug' · · Score: 1

    It's a frequent enough problem that in the US, many 911 systems are answered by an IVR and you have to press 1 or say "EMERGENCY" before you are connected with an operator. Some cell phone manufacturers did something very stupid. They decided to block all DTMF tones after 911 was dialed, which makes it impossible to answer the IVR prompt.

    If you can't hear the IVR when calling in, you won't know what to say.

    They might respond if they think it's not an emergency, for the purpose of apprehending the person who maliciously prank called an emergency number.

    In the US, the police are not obligated to respond to a 911 call at all, even if they think it is a real emergency. That would be up to the policy of the individual police department, their leadership, their schedule, availability, etc

    Maybe they think there's a bigger emergency, too hungry and on lunch break, etc.

    Police can say 'we knew it was an emergency and this individual was being assaulted by someone who broke into their home, but we were too busy catching people speeding and giving out traffic tickets'

    At the end of the day it is up to the individual to protect themselves, and ensure they have a backup plan to find what assistance they can when authorities don't respond, if there is an emergency.

    In short: get a fucking gun, or other protections in place, and get properly trained on how to use it effectively and safely, and how to properly secure it and ensure it cannot be stolen.

    There is also no right to even police protection. Warren v. District of Columbia. "a government and its agents are under no general duty to provide public services, such as police protection, to any particular individual citizen."

    Not to say calling 911 in an emergency isn't a thing to do very quickly. But shall we say... don't just dial 911 and bank 100% on authorities coming promptly, or coming in time, use all reasonably safe means available that would be effective at mitigating a serious emergency, without creating a bigger one.

    Oh yeah... and don't expect anyone to come if you give them dead air, without at least some sort of signal besides dialing in

  5. Re:Two oddities on Long-Term Liability For One-Time Security Breaches? · · Score: 1

    A record "encryption key" column in a database is fine as long as that encryption key is (A) generated in a sufficiently strong manner that it cannot be guessed, for example a SHA256 hash of a strong shared key salted with a pseudorandom value and the record id, and (B) accompanied by an initialization vector generated from truly random data, and (C) the encryption key in the enc. key column is itself encrypted using a strong public crypto, and (D) the secret key is not stored in the database, is preferably controlled using a hardware crypto device, and only the application that needs the sensitive fields will be granted access to the particular fields associated with that particular application.

    (Each application having its own API key and public/private key pair to submit requests to the security server to decrypt certain fields of certain records)

  6. Fascinating on Brazil Forbids DRM On the Public Domain · · Score: 3, Interesting

    <p>
    How long will it be before US sanctions and pressure from other governments still controlled by the **AA pirates  forces them to fall in line and adopt more conventional DMCA rules?
    </p>

  7. Re:Even if the Linux folks didn't, I did on Claimed Proof That UNIX Code Was Copied Into Linux · · Score: 3, Funny

    Are you sure it hasn't already happened again?

    // hello.java
    /** This application greets the world.
      *
      * @Deprecated Earth has been destroyed by global warming, this is superceded by the goodbye  class
      */
    @Deprecated public class hello
    {
            public static void main(String args[])
            {
               System.out.println("Hello World!");
            }
    }

  8. Re:We've come a long way on The Verizon Wireless HTC Eris 'Silent Call Bug' · · Score: 1

    I assume our ancestors (the ones that lived) didn't live in caves that had that issue, or they didn't wander deep enough into the cave that it would be an issue.

  9. Re:Hail Eris on The Verizon Wireless HTC Eris 'Silent Call Bug' · · Score: 5, Informative

    Wikipedia:

    Eris (Greek , "Strife") is the Greek goddess of strife, her name being translated into Latin as Discordia. Her Greek opposite is Harmonia, whose Latin counterpart is Concordia. Homer[*] equated her with the war-goddess Enyo

    [*] Homer the ancient greek poet, not Homer Simpson

  10. Re:We've come a long way on The Verizon Wireless HTC Eris 'Silent Call Bug' · · Score: 1

    Better to have something that works 80% of the time pretty much anywhere, than 99.9999% of the time in only one scenario.

  11. Re:We've come a long way on The Verizon Wireless HTC Eris 'Silent Call Bug' · · Score: 1

    Our ancestors used to live in caves which do not have the issue of leaking roofs :)

  12. Voice is so 90s on The Verizon Wireless HTC Eris 'Silent Call Bug' · · Score: 1

    If 911 won't accept a SMS message, who would WANT to call them?

  13. Re:A movie comes to mind. on The Verizon Wireless HTC Eris 'Silent Call Bug' · · Score: 1

    Or they ignore it because you don't say anything they think you are one of those persons who has a cell phone in their pocket and are too clueless to learn how to use the "lock keypad" function, just another accidental dial-in.

  14. Why do we need a proof of concept of this? on Google Chrome Extension Steals Login Details · · Score: 1

    It's not like anyone doubted this could be done. It is pretty obvious that passwords can be stolen by browser extension mechanisms. Why do we need to be giving bad guys a cookbook?

    Do we publish proof of concepts of mass murder techniques, money laundering techniques, and drug dealing techniques?

    Who and why is it considered ethical to publish instructions for password stealing in the general media?

  15. Re:Okay telemarketers - your move! on When Telemarketers Harass Telecoms Companies · · Score: 1

    What about all the people whose computers are part of a bot net? The ISPs can't even manage to figure that one out. You have to be realistic about it. By the same token, it would be reasonable then to cut off anyone's internet access if their computer is infected by any spam spewing trojan, etc.

    It's not the ISP's job to police their customers computers for malicious code. But they can and do disconnect customers who are spewing spam or conducting other TOS violations, and it's the user's responsibility to fix the underlying problem.

    Your ISP is not going to remove malware from your computer or clean up your infection for you, for free.

    You can't just say "fuck it, if you aren't smart enough to be a computer expert, then you get no access or pay the 50 cents per minute charge." Not only because it is stupid, but because the government doesn't have the legal authority to force ISPs or telcos to charge that.

    Of course the government does have the authority, it's called a tax.

    There is no legal right to access computers or to use VoIP-to-pstn gateway services, just like there is no legal right to drive a car.

    You do not have to be an expert to avoid getting running malicious code on your computers; you just have to have basic training on how to use your equipment, and ensure your systems are securely configured.

    As far as secure configuration of your systems -- you can either do that yourself, if you have the proper training, and take full responsibility for it; or hire an expert to maintain the security of your computer systems.

    Or refrain from using VoIP-to-pstn gateway services with computers; there are secure appliances that can be used with them, and if they get compromised due to a flaw, you have a device manufacturer to hold liable.

  16. Re:Perfect on Dell Says 90% of Recorded Business Data Is Never Read · · Score: 1

    Sorry, every DOS and Linux install already has an unlimited amount of write only memory, it came with the computer.

    In DOS, it can be accessed using the NUL special file.

    The Linux character device is called /dev/null to write to the included write-only memory.

  17. Let's ask more pointless questions on Has Any Creative Work Failed Because of Piracy? · · Score: 1

    Has a large shopping center ever failed due to shoplifting?

    Has a country's economy ever completely failed due to counterfeiting?

    Has a beach ever failed, due to people stealing water from the ocean?

  18. Re:Actually Yes on Has Any Creative Work Failed Because of Piracy? · · Score: 2, Interesting

    That sounds a lot like Hollywood Accounting, if you ask me.

    Mr. Melies obviously did not make some very good decisions in picking his business partners.

    I guess there's some question of whether the usefulness of Thomas Edison's "inventions" make up for the evil he did legally.

  19. Re:Fuck China on China Censors HIV/AIDS Awareness Documentary · · Score: 1

    And the US government bought enough big guns and heavy artillery to make sure they could quell any insurrection by US citizens wielding said guns 100x over.

    What could in theory cause such an insurrection? Dissatisfaction with US government policies, and lack of adequate representation of workers and small business, while adopting adverse pro-government, pro-corporation, pro-union socialist-fascist policies, and intentionally taking no action against crisis situations such as BP oil spell, in attempt to exacerbate them allowing further promotion of anti-USian agendas.

  20. Re:Fuck China on China Censors HIV/AIDS Awareness Documentary · · Score: 1

    China is not the least bit open about their censorship.

    There are just some things they censor that they don't mind the public finding out that they censor.

    Obviously they don't mind the public knowing they have some censorship programs.

    They also have little control of foreign nationals such as the director of that NGO reporting the fact they censored it, without creating a diplomatic incident.

    Buth there ARE things China censors and doesn't want the public to know that they've censored anything, they hide behind the media and state secrets all the time.

  21. Re:Okay telemarketers - your move! on When Telemarketers Harass Telecoms Companies · · Score: 1

    Spammers are like viruses, they are out there in large numbers and plentiful, and it's your responsibility to make sure you do not enable them to hijack you.

    The owners are directly responsible for the hijacking.

    Because the "spammers" are always nowhere to be found.

    And the owners failed in their duty to maintain secure computer systems, and not provide their resources to assist spammers.

  22. Re:Okay telemarketers - your move! on When Telemarketers Harass Telecoms Companies · · Score: 1

    If they don't sign the treaty, then they cannot connect calls in at all. Countries don't need approval from other countries to impose tarrifs on overseas call connections.

    Also, unless they call multiple times every day, $0.50 is not expensive. And could be offset by a reduction in the cost per minute of calling. As for migrants, they make the call out of the US, instead of into the US; I assume the US does not have a problem of unreasonable telemarketer regulations.

    The $0.50 could also be waived for countries that have taken effective steps to prevent telemarketers from evading US law.

    Actually the price is nominal compared to infrastructure costs, and only gets large when a large number of calls are made (as in abuse).

    Connecting a call requires use of control traffic which uses extremely limited/scarce control channel capacity, whereas keeping an existing call connected just uses a small generally fixed amount of media path capacity which is usually much more plentiful.

  23. Re:Okay telemarketers - your move! on When Telemarketers Harass Telecoms Companies · · Score: 3, Interesting

    Then whoever provided the VoIP access account, whichever customer signed up for it (or the provider, in case of a fraudulent customer) will be on the hook for paying all those $0.50 charges to the government, as soon as it's shown that the caller identity was fake.

    As in, the law should state $0.50 is due for each VoIP call connected to a PSTN gateway, and it can only be waived, if the provider can prove their customer is in the US, and the caller id they send shows their working US phone number.

    If the account becomes compromised, and that fact is discovered, then those fees are due to the government retroactively.

    That way, there is a financial incentive, for organizations to take reasonable measures to secure their voip-connected systems.

    Preventing the PSTN from being disrupted or made useless for its critical purposes certainly trumps orgs wanting the convenience of easy connectivity without taking basic due diligence steps to secure their networks

  24. Re:End of the world. on Black Hole Emits a 1,000-Light-Year-Wide Gas Bubble · · Score: 1

    Expanding at ~1,000,000 km/h

    I think 12994504922 would be a vast underestimate. Right now it's expanding at ~1,000,000 km/h. It is unlikely that the rate of expansion is constant.

    It is likely to run into other matter in the universe, and changes in temperature that can reduce the rate of expansion, long before it reaches earth.

    Also, the universe itself is expanding at approximately 255,000 km/h, and an accelerating rate.

    It is possible that long before it reaches earth, the rate of expansion of the universe will be so high, that it can never reach earth.

  25. Re:Okay telemarketers - your move! on When Telemarketers Harass Telecoms Companies · · Score: 1, Interesting

    Laws against certain types of telemarketing just pushed it offshore.

    This seems like an extremely good argument for high international call connection charges.

    Say $0.50 to connect a call overseas.

    And a requirement that VoIP providers must verify the nationality of their customers, and apply the charge to every call connected from an overseas customer.

    Then the telemarketers should stop going offshore.