Slashdot Mirror


User: AKAImBatman

AKAImBatman's activity in the archive.

Stories
0
Comments
11,370
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 11,370

  1. Re:Cancelation times on Trouble for Tivo and NetFlix Partnership? · · Score: 4, Informative

    It's not Tivo that has the long hold times. It's NetFlix. From the summary:

    Netflix may also be feeling some economic pressure.

    Just an FYI.

  2. Re:Whose fault? on 20,000 Zombie PCs -- $3000 · · Score: 1

    I agree that some of the phishing scams are pretty slick (some with genuine Verisign certs, no less), but every online financial signup I've got through has stated explicitely that they will never ask for the types of personal information that phishing scams rely on.

    Consider this: PayPal send you legitimate emails to inform you when you need to update a credit card. EBay has sent legitimate emails stating that they need you to change your login name to something other than an email address.

    Both examples could be easily faked by a phisher. At the very least he'd get your username and password. (And by extension, your personal info.) Worst case, he'd get you to enter credit card and account numbers.

  3. Re:globalized economy. on Paul Samuelson Challenges Outsourcing · · Score: 1

    Excellent! You've pointed me to the issue I was trying to dig out of my brain. Basically, international trade goes both directions. Thus the net loss of economic wealth is zero. In the case of outsourced work, the money only flows one direction!

    Someone give this guy some mod points. :-)

  4. Re:Whose fault? on 20,000 Zombie PCs -- $3000 · · Score: 2, Insightful

    Have you seen these emails? They're damned convincing. Even the site you go to looks like the real thing, and all the links go back to the real thing. If you don't know enough to understand that you should only do business on THE EXACT DOMAIN that you've done business with, there's little you could do to realize that it's not legit.

    Things get even worse when someone registers a domain like "ebay.it" or "citlbank.com". Even many close examinations would fail to note the problem in the URL.

  5. Re:Stupid as usual on Longhorn Will Have Ability to Ban External Storage Devices · · Score: 1

    Plugging a laptop into the ethernet port: Couldn't add stuff to the network like that.

    But I'm willing to bet that taking the machine off the network for a few minutes and plugging it into the same hub as your laptop or portable storage device, would allow you to upload anything you wanted from the target computer.

    As you said, popping a hard drive in and out shouldn't cause too much concern. And if you were a bigger company, everyone wouldn't always be in view. Thus the company does have to trust the employee. :-(

  6. Re:Stupid as usual on Longhorn Will Have Ability to Ban External Storage Devices · · Score: 1

    I'm going to assume that you had a closed network. (If it was open to the internet in ANY way, you'd have the ability to SSH, FTP, or HTTP POST it to yourself.) So, in your situation, what procedures were in place to stop someone from temporarily adding another hard drive, connecting a laptop via the Ethernet port, or simply adding another mass storage device to the network?

  7. Re:globalized economy. on Paul Samuelson Challenges Outsourcing · · Score: 4, Insightful

    Actually, he said that if you believe that shipping wages elsewhere won't reduce the wages here, then you believe in the tooth fairy. He's not against international trade, which he claims is another thing entirely.

    I'm still wrestling with how it actually does compare.

  8. Re:Stupid as usual on Longhorn Will Have Ability to Ban External Storage Devices · · Score: 1

    But now there is a way of limiting their access to the sensitive information. So now less trust is required to do the same job which makes it easier to find someone to do it.

    They still have access to the data, right? So how are you trusting them any less? They could email the data, upload it to an FTP server, burn it to a CDRW, attach a serial hard drive, add a PCI card, post it to a website, copy it over an SSH connection, attach a laptop, etc.

    I thought this was a change to their OS? You wouldn't call this a fix then?

    Nope. I have to trust the user of the system. But why should an email attachment manage to breech all the trust I've given him? Or an RPC client? Or a bug in Internet Explorer? Making use of authentication tokens would prevent chunks of code from being exploited in these fashions. e.g. It would be impossible for any part of the Internet Explorer code to access the hard disk, except for the "Save", "Open", and "cache" areas. Each of those would be restricted to only the disk areas they should have access to. (e.g. Cache can only read/write the cache area of disk.)

    THAT is a fix. Stuff like no USB keys is a workaround.

  9. Re:Stupid as usual on Longhorn Will Have Ability to Ban External Storage Devices · · Score: 1

    Ask yourself this then: How likely is it that the lack of USB devices is going to stop you?

  10. Re:Stupid as usual on Longhorn Will Have Ability to Ban External Storage Devices · · Score: 1

    Who says you need a network? Perhaps you simply crack the case and add a hard drive. Or plug in a new PCI card. Or transfer it out a floppy disk at a time (embezzel information). Or perhaps use the CD Writer that came equipped on the system.

    There's lots of ways to steal data, not just the network and USB devices. It comes down to the fact that access == trust.

  11. Re:You miss the point on Longhorn Will Have Ability to Ban External Storage Devices · · Score: 1

    Your typical pro Linux, MS bashing troll.

    Ahem. I take offense at that statement. Read my journal. I don't even *like* Linux. FreeBSD/Solaris OTOH. ;-)

    Speaking of which, your blog suggests that you're not the most objective yourself.

    On the actual topic, you can't keep someone from stealing something they have access to. That's just how security models work.

    Access == trust

    There's no way around it. I can't count how many times administrators have tried to lock down systems I needed to use, just to have me bypass the restrictions to get some work done. For example, admins often lock out regedit. Doesn't do a lot of good. I just download a third party regedit program and go about my business. (Because I have to have ACCESS to the registry in order for the computer to run.) Total time wasted? About 10 minutes.

  12. Re:Stupid as usual on Longhorn Will Have Ability to Ban External Storage Devices · · Score: 1

    Unfortunately, trust is trust. If someone has access to your data, you are implicitly trusting that they will not misuse that data. If faced with a situation where I wanted to steal data, I could find a few hundred more effective methods than using a USB key or iPod.

  13. Re:Stupid as usual on Longhorn Will Have Ability to Ban External Storage Devices · · Score: 1

    Actually, I was referring to running "insecure" programs and such. :-)

    The copying data part is at the end.

  14. Re:Stupid as usual on Longhorn Will Have Ability to Ban External Storage Devices · · Score: 1

    If they can read them, then they can upload them somewhere else. They don't NEED an iPod or USB key. Kapesh?

  15. Re:This is a good thing for IT managers on Longhorn Will Have Ability to Ban External Storage Devices · · Score: 1

    The engineers answer? Epoxy glue in the USB slots. Not the best choice.

    Umm... didn't the engineers realize that they can just crack the case and remove the USB ports? They're usually mounted to the case with simple screws, and plugged into the motherboard with a standard female connector.

  16. Stupid as usual on Longhorn Will Have Ability to Ban External Storage Devices · · Score: -1, Flamebait

    As usual, Microsoft continues to push the blame elsewhere instead of fixing their damn OS! If users didn't have rights to do "bad" things, then USB keys and iPods wouldn't be a concern. Yet Windows continues to insist on letting users run with privileges that only administrators should have.

    If Microsoft is really worried about security, then they should get their eggheads in Microsoft Research (I swear that place exists just to keep smart people out of the market) to explore options like "token" security models.

    Oh wait! They've already got it! They just don't use it! Just like the 500,000 other features that SMART PEOPLE who work for Microsoft put in the VMS-like kernel, but Microsoft as an entity chooses to ignore.

    Honestly, I'd love to see an independent study done to see if these "security enhancements" from Microsoft are having any effect. My guess is that they don't, because most exploits make use of various "bugs" or "features" that cut right through the paper mache that fronts as Microsoft "Security".

    As for "copying large amounts of company data", what ever happened to employee trust? i.e. You should only hire someone you can trust to do job you put them in, because there's no getting around giving them access to sensitive information. It's like telling the company accountant that they can't have access to the financial records, because they might embezzle money!

  17. Re:Actually, this is an old business model. on Altnet Sues Record Industry Over File Hash Patents · · Score: 1

    Umm... no; if you make the job more desirable (by way of greater compensation, for example,) you attract a greater number of applicants and more competetive applicants.

    As it is with children, it depends on the problem. If the problem is a lack of resources or incentive, then they should be given that. If it's simply laziness or defiance, then they should be punished and/or restricted in a fashion befitting to their deeds.

    Sometimes a combination works best. e.g. If the number of junk patents falls below 5%, then the patent examiners get a bonus for every percent below. If it's above 5%, then their funds are penalized for percent above.

    I personally have no idea what they sort of wage they make in the patent office

    About $50,000 to $100,000 depending on your government rated level. They actually pay quite well, but as I understand it, have difficulty in hiring enough practitioners to keep up with the work load.

  18. Re:Lots of issues on Atari To Release Old Games and New Console System · · Score: 1

    ou may think it wouldn't take much R&D to develop an SNES-equivalent console

    It doesn't. I've been looking into the issue and here's what I found:

    - Fully featured, ARM-based boards are cheap and easy to acquire. Most fit in 2"x3".

    - Linux or NetBSD can be leveraged for controlling the board.

    - USB can be used for a simple interface for controllers. This would even allow PC style controllers to be plugged in.

    - "Smart cards" are very cheap and easy to acquire on the market. Their only drawback is the relatively low amount of data they can hold. (8K - 1MB)

    - Controllers parts and the case be easily manufactured using eMachineShop for the plastics. Pad2pad can be used for the controller circuit boards. Microswitches or rubber button paddings can be obtained from a variety of manufacturers.

    In short, a guy in his garage could develop such a console in a few months time. The problem with NES consoles is that they're cutting edge. When the SNES was new, they had to build custom hardware to produce something cheap enough for the features they needed. Similarly, Nintendo also had to spend a lot of money on new low-power display technologies for the GameBoy line of consoles. Sega had a handheld console more powerful than the gameboy years ago, but it failed due to size, battery life, and fragility.

  19. Shakespeare? on Your Car Is Reading Your Email · · Score: 5, Funny
    On the dashboard-mounted touch screen, a push of the Play button produced a reading of the new e-mail, a test message sent that morning with text from "Macbeth."

    "Tomorrow, and tomorrow, and tomorrow," the voice said.


    I'm not sure I could take a Shakespeare quoting car! Next thing you know, you'll be hearing:

    To be, or not to be!

    Whether 'tis nobler in the engine to suffer
    The grinding and torture of outrageous driving,
    Or to take wheels against a sea of backfires,
    And by opposing end them?

    To putter out: to run out of gas;
    No more; and by running out of gas to say we end
    The engine-grinding and the thousand natural shocks
    That metal is heir to, 'tis a consummation
    Devoutly to be wish'd. To putter out, to run out of gas
  20. Figures on Satellite Pics Going Dark? · · Score: 1

    See, this is what happens when one semi-stable entrepreneur goes and tries to blow the lid off of the entire Stargate program. Now the government is going to make sure that no one ever sees a satellite photo of the X-302 or X-303 (much less Anubis's invasion fleet)! *grumble* ;-)

    On a serious note, this is a very scary thing. The whole point of having NASA and a commercial space program, is that the general knowledge of all mankind is supposed to be increasing. How are we supposed to enhance our knowledge if it's kept secret?

  21. Re:Components on When Emulation Isn't Enough · · Score: 1

    Not to be rude, but you're basically repeating what I said. If you want USB, you need a PIC. If you don't want USB, you can jury rig something with the gameport, but you'll have to write a driver.

  22. Re:PIC's are *not* worth $16 on When Emulation Isn't Enough · · Score: 1

    $16 is a lot of money for a few parts, considering you can buy an entire USB gamepad with 4 buttons for a few dollars these days.

    True, but since you're getting a "kit" with only one PIC, this company can get away with this outrageous charge. Most PIC manufacturers charge just as much for "development kits", and only sell the PICs cheaper in large quantities. Of course, if you're sneaky enough you can get some free samples. ;-)

  23. Re:Components on When Emulation Isn't Enough · · Score: 1

    None of this new fangled USB bullshit that these kids today are into.

    You have to admit, though. A USB connector is a lot more like a game console connector than a gameport or parallel port connector.

    And is it just me, or does it seem like cheating to buy a prebuilt kit to solder onto your controller?

    Not really. As I said, this "kit" is really just a couple of electronic parts. The real magic is the PIC chip which they probably built using a standard PIC software package. The beautiful thing about modern technology is that you can rely on pre-built stuff to get projects done faster and easier than you could 10 years ago.

    Of course, if you really want a challenge, go ahead and pick up a few switch components and use eMachineShop to manufacture your own controller design. Molded high-impact plasttic is where it's at. :-)

    Hmm... you know, with manufacturing being as easy as it is these days, it's a wonder that the Phantom game console is still vapor. Some guy in his garage could whip out a similar product in the span of a few months. Sure, it might lack some of the polish of a "professional" system, but it would at least get done!

  24. Re:Whoops on Genesis Capsule Crashes; Chutes Blamed · · Score: 1

    I guess Q would have had to stitch up an asbestos tux.

    Don't forget the neoprene gentleman's gloves! (I used to dig around in hot oil vats using neoprene gloves. Didn't even feel the slightest amount of heat!)

  25. Re:Oh well on Genesis Capsule Crashes; Chutes Blamed · · Score: 2, Funny

    Maybe this wasn't really a failure, but God's way of telling Darl that he should drop his frivolous lawsuit?

    I thought that involved a gigawatt laser and three metric tons of Jiffy Pop?