Too many licensing issues and agreements with other companies. At least that's the excuse IBM gave against open-sourcing OS/2. Damn, linux would be amazing with a modernized WPS:(
It's ridiculous that I cannot watch the stuff that my DVR recorded on another device (unless I buy another DirecTV receiver). More ridiculous that everything shows up as a UPnP service on the home network, I just can't actually view any of it.
There have been many times I was going away for a weekend, or on flights, where it would have been nice to catch up with everything the DVR had recorded.
Most home users have their APs on their private network. Behind that hardware firewall that at least gives them some protection. Advocating that people who don't understand the risks of an open AP, especially one that is not segregated, is really poor judgement on the EFF's part.
I run mine wide open, on its own interface from my firewall. I then also use a captive portal for guest access. To get INTO my network, you then have to use a VPN client. Screw the WEP/WPA games.
Luckily, real engineers, and not computer programmers, are the ones that design the systems themselves, and the mechanical failsafes typically cannot be programmed or overridden by software. Still, the security nightmare that is SCADA needs to be fixed.
Mine too. It's nice having control over your own data. Friends think I'm crazy. If only my phone would use ical and ldap directly for contact and calendaring, I wouldn't have to have that friggin' google account either.
... to run your own servers. It's sad that even business these days is trusting the likes of google and yahoo with their corporate private communications.
If you are going to switch back over to http, you might as well not bother in the first place. HTTP, being stateless, one need only sniff that session ID, and they are now in. That so-called webmasters think they are guarding access by only encrypting/authenticating the login amuses me.
Gee, maybe they just shouldn't collect so much? Rather than shotgun everything, why are they not being more judicious with what it is that they are monitoring?
I've been routing my outbound through dyndns's mailhop service to deal with comcast's blocks. Inbound still seems to be ok, and I hope it remains that way, as I prefer to do my own filtering and blacklisting.
'alpha geeks' don't use ftp, they use scp. My girlfriend, an artsy mac type, uses ftp to upload videos because the site admin there apparantly isn't too bright either.
Windoze admins who are now in charge of linux boxen. I'm now cleaning up after a bunch of them at my new job, *sigh*
- root logins everywhere - passwords stored in the clear in ldap (WTF??) - require https over http to devices, yet still have telnet access enabled. - set up sudo... to allow everyone to do everything - iptables rulesets that allow all outbound from all systems. Allow ICMP everywhere, etc.
Indeed. If the authorities suspect activity, make the law so that the ISP must *THEN* begin keeping logs about *THAT* particular machine. Notice I say machine here, and not person. Also, even with a lease reservation, you can't be 100% guaranteed that you are seeing traffic from the machine that you think you are.
It's been targeted for years. Just not on the desktop. Linux's largest problem is MISCONFIGURATION by incompetent admins (and there are a lot of them as it gains in popularity... I inherited a bunch of that responsibility recently). Windows exploits, OTOH, are largely attacks against problems with the software itself. The only thing a competent admin can do in that situation is wait for the patch, or hope there is another mitigation.
Only a threat if you are dumb enough to install it in the first place. Dumb users == owned equipment. That's always been the case. No technology is going to fix stupid behavior. This is why antivirus is useless. If antivirus is detecting things, then IT'S ALREADY TOO LATE! We want to PREVENT the infection, and proper hygiene and common sense in synergy with proper technological controls is the only way that is going to happen.
Failing proper crypto on the device, Remote wipe is your friend. But that won't stop any forensics tools either, unfortunately, since they don't do a secure wipe. Luckily most local police don't have those tools or the skills to use them. Yet.
So, major corporations, focused mostly on profit, care more about device security than the owners of those devices? Interesting.
I'm just glad I can short-circuit Sprint's broken agps with a simple iptables rule on my Palm Pre. Voila! A GPS that works quickly and properly. No hacking required. Open platforms FTW.
Slashdot Mirror
Too many licensing issues and agreements with other companies. At least that's the excuse IBM gave against open-sourcing OS/2. Damn, linux would be amazing with a modernized WPS :(
... they already provide first?
It's ridiculous that I cannot watch the stuff that my DVR recorded on another device (unless I buy another DirecTV receiver). More ridiculous that everything shows up as a UPnP service on the home network, I just can't actually view any of it.
There have been many times I was going away for a weekend, or on flights, where it would have been nice to catch up with everything the DVR had recorded.
Most home users have their APs on their private network. Behind that hardware firewall that at least gives them some protection. Advocating that people who don't understand the risks of an open AP, especially one that is not segregated, is really poor judgement on the EFF's part.
I run mine wide open, on its own interface from my firewall. I then also use a captive portal for guest access. To get INTO my network, you then have to use a VPN client. Screw the WEP/WPA games.
Luckily, real engineers, and not computer programmers, are the ones that design the systems themselves, and the mechanical failsafes typically cannot be programmed or overridden by software. Still, the security nightmare that is SCADA needs to be fixed.
Educate Yourself
or control your own server, perhaps?
Mine too. It's nice having control over your own data. Friends think I'm crazy. If only my phone would use ical and ldap directly for contact and calendaring, I wouldn't have to have that friggin' google account either.
... to run your own servers. It's sad that even business these days is trusting the likes of google and yahoo with their corporate private communications.
If you are going to switch back over to http, you might as well not bother in the first place. HTTP, being stateless, one need only sniff that session ID, and they are now in. That so-called webmasters think they are guarding access by only encrypting/authenticating the login amuses me.
Gee, maybe they just shouldn't collect so much? Rather than shotgun everything, why are they not being more judicious with what it is that they are monitoring?
yes.
I've been routing my outbound through dyndns's mailhop service to deal with comcast's blocks. Inbound still seems to be ok, and I hope it remains that way, as I prefer to do my own filtering and blacklisting.
I flamed a headhunter for doing that once. Thanks for the client list!
'alpha geeks' don't use ftp, they use scp. My girlfriend, an artsy mac type, uses ftp to upload videos because the site admin there apparantly isn't too bright either.
Kind of like that whole blog / forum thing that took over the more elegant usenet...
Windoze admins who are now in charge of linux boxen. I'm now cleaning up after a bunch of them at my new job, *sigh*
- root logins everywhere ... to allow everyone to do everything
- passwords stored in the clear in ldap (WTF??)
- require https over http to devices, yet still have telnet access enabled.
- set up sudo
- iptables rulesets that allow all outbound from all systems. Allow ICMP everywhere, etc.
Indeed. If the authorities suspect activity, make the law so that the ISP must *THEN* begin keeping logs about *THAT* particular machine. Notice I say machine here, and not person. Also, even with a lease reservation, you can't be 100% guaranteed that you are seeing traffic from the machine that you think you are.
No. It's why you run your own MTA with mimedefang/spamassassin, and some sendmail tricks like greet_pause, and bad_rcpt_throttle.
Wireless transceivers in addition to all of those plugs in him? Perhaps being "The One" means he has the one on the right frequency.
Yup. Looks like Mozilla is taking the "Evil Bit" seriously, and creating their own "Good Bit".
Cute.
The very model of a modern major general!
It's been targeted for years. Just not on the desktop. Linux's largest problem is MISCONFIGURATION by incompetent admins (and there are a lot of them as it gains in popularity ... I inherited a bunch of that responsibility recently). Windows exploits, OTOH, are largely attacks against problems with the software itself. The only thing a competent admin can do in that situation is wait for the patch, or hope there is another mitigation.
Only a threat if you are dumb enough to install it in the first place. Dumb users == owned equipment. That's always been the case. No technology is going to fix stupid behavior. This is why antivirus is useless. If antivirus is detecting things, then IT'S ALREADY TOO LATE! We want to PREVENT the infection, and proper hygiene and common sense in synergy with proper technological controls is the only way that is going to happen.
Failing proper crypto on the device, Remote wipe is your friend. But that won't stop any forensics tools either, unfortunately, since they don't do a secure wipe. Luckily most local police don't have those tools or the skills to use them. Yet.
So, major corporations, focused mostly on profit, care more about device security than the owners of those devices? Interesting.
I'm just glad I can short-circuit Sprint's broken agps with a simple iptables rule on my Palm Pre. Voila! A GPS that works quickly and properly. No hacking required. Open platforms FTW.