Slashdot Mirror


User: budgenator

budgenator's activity in the archive.

Stories
0
Comments
10,671
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 10,671

  1. Re:Encryption use != evil on PGP Ruled as Relevant For Criminal Case · · Score: 1

    Where I'm from if you leave the keys in the car and it's unattended, you've broken the law and can be fined, if the car is stolen and some 13 year old hooligan kills somebody, the victims can sue you as well as the parents of the hooligan because you've created an attractive nuisance.

    Not uses encryption and reasonable time-outs on your 'puter can be used to show a lack of "due diligence" and can get you some substantial fines if the data on your machine is stolen. An unattended lap-top is easily considered an attractive nuisance, perhaps you should consult with an attorney about these issues. I just read in yesterdays WSJ about a company that paid for a years worth of credit monitoring for people at $129.00 a person in regards to a stolen lap-top and personal data lost.

  2. Re:25? Already blocked. on FTC Recommends ISPs Disconnect Spam Zombies · · Score: 1
    Your not getting the point, sending Email through a connection provider's SMTP, it marked with the IP address assigned by the connection providers DHCP IP pool as the orriginating address, then it's stamped with the connection provider's SMTP server. In an era increasingly aware of phishing scams, broadband zombies spewing spam and god only knows what other evils are out there in the wild, it's more important than ever that the IP address of the sending SMTP server match the IP address range for the domain name. I agree for the vast majority of users out there, routing traffic to any mailserver other than the connection providers smtp server is unnecessary, but some people absolutely need this ability for working. Connection provider's can be incredibly draconian about policy enforcement and completely clueless about the need for a variance because of specific user requirements.
    I actually had a conversation that went like this

    me: do you block outbound port 25 connections?
    aol: sir we do not block any port at aol
    me: why can't I connect to my website's SMTP server?

    ... after a half hour of back and fourth still talking to the same person ...

    aol: yes sir we do block port 25 connections
    me:ARGUHHG

    I have not figured out which is more agrivately, the clue tech support and the connection provide or the clueless boss that chose them so he could IM his daughter easier.
  3. Re:25? Already blocked. on FTC Recommends ISPs Disconnect Spam Zombies · · Score: 1

    He is ISP Internet Service Provider, hosting a server with a domain name is a service, the service often includes web server, Email smtp, and pop or imap, people who are paying for the service sometimes need to send Email. When the service provider that is providing merely an internet connection email and DNS service blocks port 25, then he cannot send his Email. If your responding to a customer's billing question about your online store do you want the Email to come from customer-service@example.com or HotPatootie69@comcast.net?

  4. Re:Passwords are useless. on Write Down Your Passwords · · Score: 1

    I use four, one high level off-line, one high level on-line, one low-level, and one for the morons that that refuse to allow special characters

  5. Re:Ok. on Write Down Your Passwords · · Score: 1

    a few years ago, we held the domain poiuyt.com, and you'd be amazed at how many times user qwerty got and email confirming that the password for qwerty@poiuyt.com was qwerty or poiuyt! I used to take great delight in going to the various websites and changing their passwords on them. every once in a while I still try them on p()rn sites to see if any work. qwerty and poiuyt seemed to be more popular uid and passwords in asian countries the with anglophones but not by much.

  6. Re:a fix on Virus Hold Computer Files 'Hostage' for $200 · · Score: 1

    software firewalls are actually nice to see what's trying to get out, what's trying to get out is sometimes more important than what's trying to get in. An arguement could be made that all firewalls are software, just some of the hardware is dedicated to the firewall software and some is shared.

  7. Re:Don't deal with eBay, PayPal, or WAMU on Honeynet Revealing Actual Phishing Techniques · · Score: 1

    scams associated with eBay, PayPal, during the last/current resession, eBay was reported to account for 25% of the retail activity (not online retail but retail period) in the US which means a lot of eBay and PayPals accounts to hit by random emails

  8. Re:New Phishing Technique ... on Honeynet Revealing Actual Phishing Techniques · · Score: 1

    Well partner today's your lucky day, all of the free p()rn you can stand, from all of the best sites like goatse.cx, tubgirls and even lemonparty is yours for absolutely free! All we need is a valid credit card number, expiration date purely for age verification and your valid E-mail address!

  9. Re:It can be quite difficult to resist on Honeynet Revealing Actual Phishing Techniques · · Score: 1

    I know if someone sends you something you didn't order in the US, it's a gift, but it's not safe to assume the gift rule in other countries. By sending you something they are possibly making it appear that it was a legit order when that is not the case. If the clowns on the Infomercials can make money by sending trash, refunding the purchase price and keeping the "Shipping and Handling Fee" and then abandoming the goods on site, then selling stuff with stolen CC details should make money too.

  10. Re:Internet Darwinism on Honeynet Revealing Actual Phishing Techniques · · Score: 1

    At work, the security guys put together a phishing test. It looked exactly like our normal web page, they made is sound official by calling it some kind of Task Force, and then they emailed everyone a link to the password checker. It supposedly tested your password for security difficulty. You enter your ID and password and it would email you back the results.
    It occured to me that the phishers need some kind of transaction processing, which should deposit any money into their account; and transaction processing involves a fee, such as 30 cents per transation + 1.5% being fairly typical( or at least a bandwith fee at the hosting provider). So if they are asking for user id's passwords and credit card numbers and such; why not just write a fairly simple perl script and send them a few million? Might save the FBI some investigating, they'd just have to follow the smoking router to the source.

  11. Re:a fix on Virus Hold Computer Files 'Hostage' for $200 · · Score: 1

    The thought of that give me the willies, guess we're going to have to move a copy of anything important to a samba directory and chmod it 000! Of course just running
    1. non-admin,
    2. using a non-IE browser,
    3. using an anti-virus scanner,
    4. an anti-spyware scanner,
    5. a software-firewall,
    6. and a hardware firewall
    should help for those out there that think Linux/BSD/OSX is too complicated for a desktop.

  12. Re:a fix on Virus Hold Computer Files 'Hostage' for $200 · · Score: 3, Informative
    according to TFA
    Stewart managed to unlock the infected computer files without paying the extortion, but he worries that improved versions might be more difficult to overcome.

    so it's already been either bruteforced or cracked. My hunch is that a encryption program carried in a virus would be rather simplistic.
  13. Re:DHS on The Problem with DHS's Plan to 'Buy American' · · Score: 1

    It's also in your interest to insure the availability of replacement equipment/parts in time of war. DOD generaly purchases military equipment from North American companies or Nato located companies.

  14. Re:Wrong idea! on Exporting Knowledge Via Students · · Score: 1

    The "real reason" we were attack is because many ideologies can't exist with introspection. Having an "enemy" is good way to divert attention outward, you can rationalize all of your problems as being caused by your enemy. (boy is this comment going to start a flame-fest or what).

  15. Re:Xen on Windows Cheaper to Patch Than Open Source? · · Score: 1

    My best guess is that at a certain level of "mission critical"-ness, you just can't just trust anybodies patches not to break something; if you think the wailing you hear when a patch breaks a file server for the teenagers MP3's is bad; wait until you hear the wailing when a server processing 57 Million dollars a day worth of sales gets trashed!
    There are a lot of mission-critical applications in the windows world that were developed on win95-ME systems that had no security in the Unix/Linux sense of security, and as security is actually being slowly retrofitted to WinXP, they are very brittle any changes to the OS can break a must-have application. Not doing significant testing on each patch in an enterprise environment is career-suicide.
    The right way to do this is to install the patches to a test system, then when everything checks out OK, load them onto your own server for everbody else to update from automatically. Of course budgets are tight, manpower is short, so your mileage may vary.

  16. Re:maybe they're both right on Windows Cheaper to Patch Than Open Source? · · Score: 1

    I didn't see that in the paper, I didn't wade through all 28 pages of it but the exec summary said costs are about the say, and that using best practices would reduce costs significantly for both. One of the resons I didn't wade through it is it takes forever to render, and looks like shit probably because they didn't embed the microsoft only fonts, so I suspect either the article wasn't really targeted toward Linux user's, or the mircosoft lackeies are more clueless about marketing/advertising/FUD than I give them credit for.

  17. Re:Economics on Critical Shortage of IT Workers in Coming Years · · Score: 1

    I never understood why knee-jerk liberals who hate big-mega-corp business and love big-government; and litmus-test conservatives who hate big-government and love big-mega-corp business, never see that they are not 180 degrees apart but about 3 degrees apart.

  18. Re:The Malaise of the Middle Classes on Burnout and Depression Among IT Workers? · · Score: 1

    I have little doubt that we are in the midst of what people centuries from now will regard as a dark age in clinical psychology.
    You would probably be wrong, today with tools like PET Scans and Functional MNR we are actualy beginning to see the chemical/physiological differences between healthy brains and mentally ill brains, drugs are increasingly targeting the chemical disturbances in the mentally ill brain.
    Eventualy this will lead to better diagnosis and more accurate medication.

  19. Re:No surprise, Sherlock... on Government Use of WiFi Not Secure · · Score: 1

    Graphic sucks up microwaves much better than lead, just paint everything with graphite pigmented paint.

  20. Re:If this were 2003..... on Government Use of WiFi Not Secure · · Score: 1

    Maybe here should just buy a couple of FBI agents a beer and get them to play "Mr. Anderson and Mr. Smith" with somebody and make a couple of references to the PATRIOT act. Somebody using unauthorized access methods should be good for a few grins and giggles around the water cooler.

  21. Re:why are they using local 802.11b at all? on Government Use of WiFi Not Secure · · Score: 1

    Thanks for making the TIGER database publicly downloadable. I've found lot's of cool ways to do things with it

  22. Re:It is the US government on Government Use of WiFi Not Secure · · Score: 2, Informative

    also requires said "toilet seat" be an
    1. integrated structural part of the airframe,
    2. not release toxic gases on contact with combustion,
    3. upon catastrophic failure not pose a physical hazard to the aircrew,

  23. Re:My rights? on RFID Bracelets to Track Inmates in L.A. County · · Score: 1

    Both are about the civil rights of human beings
    The basic problem I have with civil rights is that the civil authority that granted them, can capriciously remove them; it's much better to have inalienable natural rights. That way if congress goes on a nut and screws us over, the courts hopefully can overturn the offending law.

  24. Re:Why, back in MY day... on Dvorak on the LinuxWorld Fracas · · Score: 1

    BAH Young'ums, My first computer was a COSMAC ELF, hand wire-wrapped, had a RCA 1802 processor running at 1.5 MHz (half color-burst freq). thing had a whooping 255 bits of 500nS static ram, the processor was static logic too. you programmed it by toggling in the machine code byte by hand; you could disconnect the clock and single-step the processor!

  25. Re:Dvorak's 1996 impression of his Amiga on Dvorak on the LinuxWorld Fracas · · Score: 1
    he is just discrediting himself even more with this kind a provocative, tabloid journalism
    I disagree, with this quote,
    In the olden days, O'Gara would have been given a medal for generating readership.

    he apears to be defining himself as a tabloid hack.