Slashdot Mirror


User: julesh

julesh's activity in the archive.

Stories
0
Comments
8,446
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 8,446

  1. Re:...and this is news how? on ATMs Susceptible to Windows Viruses · · Score: 1

    It was working fine when I used it last night, though. :)

    Seriously, I don't like the new generation windows-based ATMs. And not because they're insecure, or because they crash. Because they're _slower_ than the old ones they're replacing. The only good thing about them is the nice big easy-to-read colour display. But have you noticed that with the old ones, you'd put your card in and it would _immediately_ ask you for your PIN. The new ones seem to stop, read the data from your card, send a request to head office to validate the card (some of Barclay's ATMs display an image of the type of card you've put in at this point... is that pointless or what?) and *then* ask you for your PIN. Very annoying.

  2. Re:This story is missing something on ATMs Susceptible to Windows Viruses · · Score: 5, Informative

    I would hope that the lesson here has been learned: a mission-critical service (which ATMs are, these days) should be firewalled from everything that it reasonably can be, and should not be running unnecessary services.

    The ATMs should be running a custom application to drive the user interface which just pipes its data over an encrypted byte-stream protocol (maybe SSH, maybe something else, I don't know) to a central authorisation server. It should be able to accept a 'status query' request from a machine located in the branch that periodically checks that the ATMs are running and still have cash. These are the only services that are required. Everything else should be disabled. Everything else should be firewalled.

    As long as banks follow these security precautions (and I've worked at a UK bank before now -- they're pretty hot on security, as a rule) they should not be susceptible to virus/worm infection, except by a custom-written worm that exploits security flaws in the custom ATM software... and at this point it doesn't matter what OS you're using.

  3. Re:I have mod points, and wanted to mod this... on Nintendo Apologizes to SuicideGirls · · Score: 1

    But "Obviously wearing tinfoil hat" isn't one of the mod options.

    Actually, it should be. It should also not affect the score of the post, only the tag that it gets. Then you can set a bonus/penalty for tinfoil hat posts in your user preferences depending on whether you think you need one or not.

  4. Re:Fairly obvious what happened on Nintendo Apologizes to SuicideGirls · · Score: 2, Funny

    So, where can I get a nakedness-sensitive spider of my own? :)

  5. Re:Fear of powers on Dept. of Homeland Security Enforces Expired Patent · · Score: 1

    A competing toy could match on pictures or color patterns.

    That would make it more difficult. I have seen some cubes that have this (they have a picture on each side that you have to match together), and always thought that looked too tricky.

    Is it just me, or is the color scheme even the same?

    Does look it. And it's even got the 70's rounded edges on the colour stickers. OK, they've copied the physical appearance which might (or might not) count as a trademark violation.

    Of course, to stop anyone selling them, you'd need to get an injunction against them. That's the way the system works.

  6. Re:"All's well that ends well" on Nintendo Apologizes to SuicideGirls · · Score: 1

    Moderation -2
    50% Troll
    20% Insightful
    10% Interesting

    So... what are the other 20%?

  7. Re:Can someone repost? on Nintendo Apologizes to SuicideGirls · · Score: 2, Insightful

    And when the IT department works out that you're intentionally circumventing their monitoring and blocking of sites that frequently carry spyware and trojans, they're going to be _really_ pissed off with you.

  8. Re:WARNING NOT SAFE FOR WORK!!! on Nintendo Apologizes to SuicideGirls · · Score: 2, Insightful

    Huh? The ads I have on the page are for "Basecamp painless project management", "O'Reilly Revolution In The Valley", and a third one which isn't loading at the moment (i.e., we've slashdotted boingboing's ad server), but which I doubt is pornographic, given the tone of the rest of the site which is largely IT related.

  9. Re:Old storie on Dell Teams Up With SUSE · · Score: 1

    So? Are you suggesting /. should report everything immediately? Or that we should all be checking novell's web site daily to make sure we know if something like this is happening?

  10. Re:Fear of powers on Dept. of Homeland Security Enforces Expired Patent · · Score: 1

    Not if it is dictated by the function of the object, it can't. And I'd say that almost all aspects of the rubik's cube's appearance are functional.

  11. .eu domain on Two New TLD's Near Approval · · Score: 1

    What happens if ICANN don't approve the '.eu' domain? The EU, along with EURid, the company designated to manage the domain, have already announced that registrations will be available from October 2005. The EU has actually passed a directive, mandating that the domain _will_ come into existance. As one of the world's most powerful political organisations, I was just wondering what steps they would take to ensure this happened if ICANN happened to disagree...? :)

  12. Re:TLDs are BS on Two New TLD's Near Approval · · Score: 1

    In Australia, to get a .com.au domain name you need to be a "registered" business or the owner of a trademark. If the same is applied to .com TLD(non-mommercial entities should not use it), then most of the problems would disappear.

    Unfortunately, there are many countries around the world where it is legal, in fact perhaps mandatory for some kinds of businesses, not to be an incorporated company, which precludes registration of this kind. For instance, in Britain, firms of solicitors are not allowed to be incorporated -- they trade as sole traders or partnerships, for which there is no registration process.

  13. Re:Fear of powers on Dept. of Homeland Security Enforces Expired Patent · · Score: 1

    The question that has to be asked is - what trademark. Obviously not "Rubik's cube" because that's not what the product was called - it was called "magic cube". "Cube" perhaps?

  14. Re:Spam? on Latest Ballmergram Bashes Linux TCO · · Score: 1

    OK. Microsoft spam. Yep, that's a new one on me. :(

  15. Re:maybe the TCO is lower on Latest Ballmergram Bashes Linux TCO · · Score: 5, Informative

    Users are limited to 16 groups??

    32, I believe. Still, it isn't perfect, and we should perhaps look at ways to improve it.

    Only one group can have permissions applied to a file?

    Not true. All major Linux filesystems support POSIX ACLs now, enabling you to apply whatever permissions you like.

    And no group nesting allowed?

    What are the security benefits of allowing this? Personally, I am not aware of any, as I believe whether it is allowed or not the systems are actually equivalent -- it is merely an implementation detail that should be ironed out by any reasonably well written management system.

    You can mod this comment down, but you can't propose a security system like THAT to a company interested in protecting their assets. WAKE UP SLASHDOT.

    Even without ACLs, it is more than adequate for 99% of companies. Hell, most of them wouldn't want to spend the admin time required to manage anything more complex.

  16. Re:Spam? on Latest Ballmergram Bashes Linux TCO · · Score: 1

    You have to specifically request to receive it. In my book, this means it isn't spam.

  17. Re:Say it enough Times, It becomes Reality? on Latest Ballmergram Bashes Linux TCO · · Score: 1

    But their software _must_ be secure. I mean, it says right there that three years ago they decided to make it a top priority. How could they have failed to sort it all out in three years?

  18. Re:Best part of the article on Latest Ballmergram Bashes Linux TCO · · Score: 5, Funny

    Security
    About three years ago, we made software security a top priority


    s/three years ago/ten years too late/

  19. Groklaw on Latest Ballmergram Bashes Linux TCO · · Score: 3, Informative

    Also worth reading the groklaw article on this, which is available here.

  20. Re:Lack of RAD? on Gambas 1.0 Release Candidate Available · · Score: 1

    If you want to write something that actually does something, and you need to do it fast, then stick to CLI.

    For me, RAD is synonymous with GUI building. GUI building by hand takes time, and can largely be automated. This is where you have the largest benefits. I'm sure there are CLI RAD tools, but I'm not sure how they would work. I suppose something like automated SQL query builders would count. Command line parser builders, too.

    I'll freely admit that I don't like RAD, and that the VB model doesn't actually fit most of the work I do (90% of my apps have a very simple GUI that takes less than an hour to write by hand, connected to a complex back end that doesn't do much that can be reused from somebody else's components). I also have a number of tools that help me write GUIs faster than would usually be possible without a RAD environment.

  21. Re:At last. on UK Government Reports Linux is 'Viable' · · Score: 1

    You've missed the point. This is an instruction from top-level government to lower-level government departments that they ought to be considering open source solutions. It's an internal document. You don't have to trust it; the other government departments that it was written for do.

  22. Re:Interesting file formats... on UK Government Reports Linux is 'Viable' · · Score: 2, Funny

    The question is: why bother releasing in .DOC when there's an RTF right above it? Hmm..

    The RTF doesn't contain the metadata. We can't tell who edited it and for how long, and there won't be any embarassing edits to display in the revision history. Obviously they have to release the .DOC file as well, otherwise we wouldn't be getting our money's worth. :)

  23. Re:Not exactly tricky! on UK Government Reports Linux is 'Viable' · · Score: 1

    Well, they've had a public consultation that's lasted about a year, so probably it has occupied all of one medium-senior civil servant's time for this period, that'd probably be about GBP 60,000. Then there would be that civil servant's secretary, who probably earns something like GBP 30,000. On top of this, there would have been reports commissioned from research agencies, probably another GBP 100,000 there. Publicity, arranging a web server for the consultation documents, general administrative cost probably come somewhere in the region of another GBP 30,000. So, I'd guess somewhere in the region of a quarter of a million pounds.

    Just top of the head figures, of course, I have no information on how much money the government actually is wasteing.

  24. Re:How about just picking the best for the job? on UK Government Reports Linux is 'Viable' · · Score: 1

    That's actually what this is about. The government is publishing the results of their consultation on OSS. They're essentially telling all government departments: when you're buying a new IT system, make sure you consider an open source alternative. It's OK if that's not what's right, but you have to at least consider it. And, if you have two systems that can do the job equally well for similar prices, and one is open source, favour the open source one.

  25. Re:Lack of RAD? on Gambas 1.0 Release Candidate Available · · Score: 1

    So I can use Perl to implement a basic GUI with drop-down menus and buttons linked to dialog boxes and components that move and resize with the main window without actually writing a line of code? Because that's what I expect from a production-quality RAD environment.