Slashdot Mirror


User: JWSmythe

JWSmythe's activity in the archive.

Stories
0
Comments
6,545
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 6,545

  1. Re:Would the real Andrea please stand up.... on Woman Hires Stripper to Impersonate Her At Reunion · · Score: 1

        Well, it's usually referred to as hung like a horse, so I guess I qualify.

        But hey, it's too late now.

  2. Re:I just figured out whyit failed on Ugobe, Maker of Pleo, Files For Bankruptcy · · Score: 1

        When writing in a local currency, language, etc, it is polite to translate everything to local style. That does include dates, and numbers. :) If they're going to mention something in US Dollars, it should be noted accordingly.

        I learned to always include a text month in dates, because when dealing with an international crowd, the first 12 days of each month tend to get confusing. :)

  3. Re:Crap on Ugobe, Maker of Pleo, Files For Bankruptcy · · Score: 1

        You'd be better off selling microscopic sized robots that can use materials found in the environment around them to build working replicas of themselves, and organize into larger autonomous creations.

        Your $200 is too much. One of mine can build armies! And I'll sell it for just $150. :)

       

  4. Re:Track an IP? on Chinese Hackers Targeting NYPD Computers · · Score: 1

        Actually, I'll argue both cases.

        People tend to feel they were personally violated by a widespread matter. I've heard people ask "why would someone want to steal my banking information? I only have $10 in there. I'm poor. Shouldn't they be going after people with money?"

        It's not about the person. It's about what they can get into. More like, it's about how many things can they get into. So a government/political agency/group got malware. It most likely wasn't a specific target, but rather the fact that their security wasn't as good as it should have been, and someone (could have been anyone) got in.

        Say I was Mr. Bad Guy Malware Author (tm). I'd write it. I'd get it out in the wild. If it collected information which was worth something, then it could be sold to interested parties. Are they really going after very specific state secrets that may exist on a handful of machines, or are they going after anything they can, and the worth while bits are being taken advantage of? Probably the later.

        Now, for the Pentagon being infiltrated by counterfeit networking gear, that's another completely conspiracy view. There was no way for the manufacturer in China to know that their counterfeit equipment would go through the supply chains and end up at the Pentagon. Hell, if I sell 100 routers, I don't know where they'll be once FedEx drops them at the destination. The counterfeit equipment is exactly that. It's someone who's figured out how to reproduce an expensive item for much less, and still sell it at the real item's cost (or probably slightly cheaper). They're making a buck. The items were slipped into the regular supply chains. That's not an impossible task to do, and it's really what you'd want to do, to move your counterfeit equipment. Any one of those pieces could have landed in a CCIE test rack, a crappy ISP, a small office selling cut rate widgets, or in this case, the Pentagon. The bigger question would be, why aren't they buying from Cisco directly, rather than through 3rd parties.

        But, was any privileged data released? The secure network should be (ummm) secure. I would assume not only just firewalled off from the real world, but actually physically disconnected. If that was so, how would the evil counterfeiter who snuck their counterfeit wares into the Pentagon, ever get any data back out? Oh ya, they wouldn't.

        The only downside to counterfeit parts is that they may not work as well. But sometimes they do. I've wondered about some of the parts I've bought before. Why does a new $1000 part cost $100, and is brand new? I don't ask. Maybe it was bundled and the bundle was seperated, so I'm just buying the surplus. Maybe it's counterfeit. Maybe it was a stolen shipment. Either way, I'm buying a part, and it works. It's not my job to research their supply lines, and I don't have the authority to do that, nor any power to do anything if I were to find irregularities. It would be like calling CDW up, and demanding they prove that the cut rate laptop that you are about to buy was actually purchased from the manufacturer. Their word isn't enough, you have to see receipts. Really, they'd just hang up on you, or laugh you out the door.

     

  5. Re:Obvious questoin on Chinese Hackers Targeting NYPD Computers · · Score: 1

        Oh, we have our ways. In the end, most of you will be happy telling us your passwords. the rest of you will be your little parts we cut, burnt, and ripped off to "encourage" you to talk.

        But don't worry, we've started using waterboarding to clean your wounds. Don't mind the fact that it's salt water. Or was that sulfuric acid? Oh, I can never remember, I disavow any knowledge of what the screams are in the next room.

       

  6. Re:Track an IP? on Chinese Hackers Targeting NYPD Computers · · Score: 1

      You know, I've only ever seen a couple episodes of that stupid show, with good reason.

      This just makes me want to cry.

      user@mybox~$ nslookup

    So here's my real world example from just now.  They were actually caught and automagically blocked for spamming, so I don't mind posting their info. :)

    user@mybox~$ nslookup 212.80.95.26
    Server:         x.x.x.x
    Address:        x.x.x.x#53

    ** server can't find 26.95.80.212.in-addr.arpa.: NXDOMAIN

    user@mybox~$ whois 212.80.95.26
    % This is the RIPE Whois query server #2.
    % The objects are in RPSL format.
    %
    % Rights restricted by copyright.
    % See http://www.ripe.net/db/copyright.html

    % Note: This output has been filtered.
    %       To receive output for a database update, use the "-B" flag

    % Information related to '212.80.95.0 - 212.80.95.63'

    inetnum:      212.80.95.0 - 212.80.95.63
    netname:      EL-CHA
    descr:        EL-CHA, s.r.o.
    descr:        Spojovaci 19
    descr:        250 65 Boranovice
    country:      CZ
    admin-c:      TC562-RIPE
    tech-c:       TC562-RIPE
    status:       ASSIGNED PA
    mnt-by:       TRANSGASNET-MNT
    source:       RIPE # Filtered

    person:       Tomas Charvat
    address:      Ivan Charvat, EL-CHA
    address:      Spojovaci 19
    address:      250 65 Boranovice
    address:      Czech Republic
    e-mail:       tc@el-cha.cz
    phone:        +420283981167
    fax-no:       +420241404772
    nic-hdl:      TC562-RIPE
    source:       RIPE # Filtered

    % Information related to '212.80.64.0/19AS29208'

    route:          212.80.64.0/19
    descr:          Dial Telecom, a.s.
    origin:         AS29208
    mnt-by:         TRANSGASNET-MNT
    mnt-by:         DIAL-MNT
    source:         RIPE # Filtered

    Ok, call Tomas at +420283981167, and find out who was on that IP.  Maybe it doesn't look so realistic when I can get you close to the problem child in one line in a shell.  If only I could write in VB, then I could make the GUI, and maybe have it control the trigger on a gun pointed at my own head, so I never have to see any more crap like this ever again.

  7. Re:Track an IP? on Chinese Hackers Targeting NYPD Computers · · Score: 2, Insightful

        No shit.... I cringe every time I see one of these stories. Not only are they stupid, but whoever is giving the statements shouldn't be doing computer forensics. My humble opinion, since I don't work for any of the places reporting this crap, is that they overheard an IT guy saying "Someone in China is trying to get in. That IP belongs to a provider [insert city in China]". I've actually made that mistake. Saying it, not believe it, that is. I see a brute force attempt, and someone asks, "who does that IP belong to?" "oh, it resolves to some place in China." Suddenly it's the Chinese attacking. A 5 second conversation usually takes 30+ minutes to explain, even though it took less than 10 seconds to set a firewall rule against their block by hand.

        I see these "oh my gosh, the Chinese are attacking" attacks every day. Well, not just China. They come from all over the freakin' world. But hey, China is the evil Communist nation bent on destroying the American economy by providing substandard underpriced merchandise. Oh ya, and they have nukes to kill us off when they're done.

        It's "the reds are coming" cold war US vs Soviets game all over again, except this time we have IP's, and we can even see where the block is.

        You know, from my own logs, the Americans are coming too. As are ... well ... just about every country that has a freakin' netblock. But with the population of China, they come in just above the United States, mostly because Americans will eventually take their POS computer to the store and ask why it's going so slow. Or more like they'll buy a second one and a hub, so they can have both online and transfer things from one to the other over the next year or two, and never consider that the "old" one is doing malicious things.

        The biggest ones I notice are brute force attempts against SSH (one of the few services I leave public). Next would be SQL injection attempts via HTTP. whoowhoo, it's obviously a foreign government conspiracy. If they can just crack my little web server, they'll have the secrets to .... well .... not too damned much. Anything interesting is already up on my sites. :)

  8. Would the real Andrea please stand up.... on Woman Hires Stripper to Impersonate Her At Reunion · · Score: 1

        I think the real Andrea was much cuter. Actually, much more like me. Too bad I never met her while I was out there, I think we'd actually have been good friends.

        I just went reading around a little bit. You can read a little about her on her site.

        I sympathize totally with her. I can count the people that know me from high school on one hand. But, folks have been coming out of the wood work that didn't have two words to say to me for all the years I was in school with them, and are adding me on the social networking sites. I guess they want to be famous because they have friends. Ok, I've obliged them. Still, the number that I've had actual conversations with since high school are in the single digits.

        I thought about going to my reunion. I was going to bring a beautiful close friend of mine, and ... well ... quietly express my disbelief of anything any of them said until we left. As it turned out, my class was populated with other people who could care less too. Only 3 RSVP'd, so they canceled the reunion. That's ok, I didn't feel like driving over 100 miles to see a bunch of people I could care less about anyways.

        I think she was a little too ambitious, but from watching the preview, she was definitely entertained. As I've learned, if I can't entertain myself, no one will be able to either. I would have loved to be in on her prank. It could have made it more convincing if her "boyfriend" was there to reinforce the con. err, I mean stunt. err, I mean social experiment. Nah, I would have preferred to be in her control room laughing along. :)

  9. Re:Swap/recharge my car on Developing Battery Replacement Infrastructure For Electric Cars · · Score: 1

        You know, the whole statement was very theoretical, since there aren't exactly an abundance of pure electric cars on the road yet. They could be though. The infrastructure could be built. Then again, they could have had hydrogen filling stations too, but those are of a pretty limited supply. I can't even find a CNG station, nor a place to convert a regular non-fleet car.

        I do like your comment, "...with battery swap stations literally everywhere you might want to drive is pretty far fetched." Well gosh darn Martha, I heard rumor that they got them new fangled Gass-o-lean stations all over the place these days. It's not like the old day when we'd have to ride our horse, and let it drink by the creek. We can take one of those Gass-o-lean powered auto-mo-beals and drive all over the place.

        I don't predict the future, but I can guess that things are bound to change. They always have, and they always will. And I would suspect sometime in the not so distant future, there will be a swappable power pack for personal transportation.

  10. Swap/recharge my car on Developing Battery Replacement Infrastructure For Electric Cars · · Score: 4, Insightful

        I was wondering when this would come up. I know way (way) back in the day when they were first almost seriously talking about electric cars, they seemed to indicate swapping the batteries.

        A battery swap makes a LOT more sense than recharging in the vehicle. Waiting for an hour or more for batteries to charge would really ruin a road trip, if you had to do it every 300 miles or so. Every 4 hours of drive time on wide open interstates would become 5 hours or more.

        Think of a cross country drive. 2500 miles between two places I've driven between a few times takes 41.6 hours, when average 60mph. I could usually average 60 by only stopping to buy fuel and go to the bathroom (same stop). Ya, even those stops really ruin your average speed. That would make it a 52 hour drive instead. I'd rather be at my destination for those 10 hours, rather than still driving. :)

        But, there would be other considerations. Does the battery swap location have sufficient batteries to handle peak demand? Like, on a holiday weekend, when everyone's driving electric cars, and they're all going out of town, a swap/recharge facility may be swamped, and not be able to have charged batteries fast enough.

        I worked in a warehouse for a while. The battery room not only recharged, but rebuilt the batteries as needed. All the heavy equipment in the warehouse used the same batteries (more or less). We had moments, particularly towards the end of the day, where equipment was being run hard, and they had simply run out of charged batteries. It was simple enough to move people over to doing things by hand if they couldn't use the heavy equipment. In the case of a car, towards the end of a busy day, customers aren't going to be satisfied with "Sorry, we're out of charged batteries. They'll be ready in 2 hours, but we close in an hour. Come back tomorrow, or plug in for the next few hours and charge it yourself."

        They will also have attrition to contend with. As batteries fail, they will be pulled out of service. This is a good thing as far as the car owners are concerned. We have the same situation with propane tanks right now. They have a life, where they must be reinspected before use again. There are plenty of places that take your empty tank, and hand you a full one. I've been BBQing for many years with propane, and never had to buy a "new" tank. I have been refused a full tank because they didn't have any though. It's not pleasant to hear that I can't BBQ when friends are already coming over, because I can't get a full tank. Luckily, I've always been able to find another location with available full tanks. It gets tight on holiday weekends though.

  11. Re:So I got a new sink..... on Should Network Cables Be Replaced? · · Score: 4, Informative

        Well, oddly enough I did IT work for a plumbing company. One of the things they did was "repipes" of residences. Usually they were done due to recurrence of leaks. Copper pipe corrodes from the inside because of chemicals in the water (like chlorine). Sometimes it was done where there was minimal water flow, when corrosion or sediment didn't wash away, but built up.

        So, if you got a new sink because you were changing the rusty faucets and then you found your water flow wasn't improved, you may be a candidate for repiping part or all of your home. It could just be buildup in the shutoff valve too.

        But to stay on topic......

        I've seen people run network cables over or under their carpet. They start getting degraded service as people walk on it. Yes, those need to be changed. Properly run network cables (in the walls, with no rat infestations to eat the cables) don't generally need to be changed, unless something else happened. And I have seen network cards that handle regular CAT5 at speeds over 100Mb/s with 1000baseTX interfaces. Sometimes you can just reterminate the cables because the "spare" 2 pairs were never wired right, assuming those extra wires are ok (i.e., the installer didn't yank the cable through and bugger it up.

        But, realize (to the OP) that there are limitations to GigE on a computer. Most of the time in the real world, you won't see 1000Mb/s. It's dependent on the switching hardware, PCI/PCIe bus, hard drives being read from/to, etc, etc, etc....

  12. Re:what's with the !pirates tag? on Brazilian Pirates Hijack US Military Satellites · · Score: 1

        During the cold war, if American civilians "borrowed" unused frequencies on Soviet communications satellites, they'd be patriots.

        It's amazing how things change in just a few short years.

  13. Re:Pirates on Brazilian Pirates Hijack US Military Satellites · · Score: 1

    Reverse in lineage:

        BBS's

        Group printed newsletters

        Social clubs

        Town hall meetings

        Campfires

        Grunts in caves (i.e., caveman days)

        Ahhh, how we've progressed.

  14. Re:Pirates on Brazilian Pirates Hijack US Military Satellites · · Score: 1

        But, what gave them the right to say "you can't use these frequencies". They're part of nature, so they can't be patented. Oh ya, our government is here to protect us, and say what we can and can't do.

        Gotta love the government.

        It's like driving (gotta include a car analogy). "It's a privilege, not a right". I can walk across the road, but for me to have my own motor vehicle, I have to pay a tribute to the government so I can drive MY vehicle on roads paid with MY tax dollars, and they can decide that I will continue paying taxes yet I won't be allowed to use it.

        So kids, remember, when you want to use a frequency for something, make sure you pay your tribute to the government for the "privilege" of doing it.

        Next thing you know, they'll start taxing people who's voices are too high. :)

  15. Re:Amazing on Brazilian Pirates Hijack US Military Satellites · · Score: 1

        I had a nice talk with someone who actually knew a lot about it a while back. We'll let that part go with that. He confirmed yes, there are some channels like that. Old, unencrypted, analogue channels that are only used for low priority or unclassified information. Anything sensitive is encrypted on more secure channels.

        Think back in the day, not like modern security. Who could set up to broadcast up to a satellite, and have someone else with a receiver on the other end? Not too many folks. It's not like you would happen to have a high gain antenna and a parabolic reflector in your back yard. Now you can get at least the antenna part off of eBay for just a few bucks, and improvise the rest at home. :)

        I'm disappointed they didn't post more details. What frequencies do they reflect? What do you use to track the satellites? What polarization is required? How much broadcast power is required? What equipment is used?

        (ya, ya, I know some of the answers, it would have just been more interesting with a tutorial attached).

       

  16. Re:Ninja on Brazilian Pirates Hijack US Military Satellites · · Score: 1

        No, no, that's the NSA that removes all traces that the ship or crew ever existed. Ninjas swoop in silently, make a bloody mess of their target, play air guitar, and disappear into the night. :)

        Now, a battle, Ninjas vs the NSA.. That'd be interesting.

        The Ninjas swoop in, make a bloody mess, then the NSA disappears the ship and crew.

        How would the NSA make a ship and crew (and Ninja remains) disappear? It is not for us to ask about their mysterious ways, we just accept that they do it well. That's what black ops budgets are for. :)

  17. Re:Sipping From a Firehose on How to Charge Your Cellphone Using Wasted Heat · · Score: 1

          I had bought 3 window units and a portable unit for one house I lived in. It saved us when it hit 105 outside (about 115 inside) Three rooms were reasonable. We'd run through the rest of the rooms to get to a cool room.

        One of them had a clock/timer and digital thermostat. The others were cheaper. They had digital thermostats, but no time controls. It didn't matter, we set the temp to a reasonable temperature (about 80), which made them comfortable enough. Window units aren't good for the power bill, but we couldn't get the owner to put in central air.

  18. Re:Do this maybe? on Encrypted But Searchable Online Storage? · · Score: 1

    Ok, canceling my plane ticket now. :)

        Why does my radio keep picking up those numbers. Oh wait, I don't have a radio. Why do I keep hearing them?

  19. Re:From the article :) on DHS Seeks "Ethical Hackers" To Protect Federal Net Infrastructure · · Score: 1

        I'd pass any drug test. There's only a decent supply of ibuprofen in my system right now. :) But for 58K/yr, that's not worth it. To match my current pay, I'd have to go in as an O6. If I enlisted, the best I can hope for is an E3. I'm not sure I'd want to get shot at for $9.50/hr (assuming 40 hour weeks). I asked a few recruiters the pointed questions, "Is there any way my pay can match my civilian pay rate?" The lovely answer is always "no".

  20. Re:Talking to the right guy on DHS Seeks "Ethical Hackers" To Protect Federal Net Infrastructure · · Score: 1

    ... and to keep quiet would mean the next guy could do something bad with it. What if I accidentally left a trail? What if it was something I wouldn't have thought of, like "foreign mac 11:11:11:11:11:11 showed up 15 minutes after this guest registered, and disappeared 15 minutes before he checked out." Regardless if I changed my MAC or not, it would leave a trail to me. Now if the next foreign MAC did something bad, regardless if it was mine, it could have been me, or someone I gave the information to.

        I'd prefer not to have the liability of knowing that I could have and didn't, but they may be able to finger me. Doing the right thing is your friend, and frequently covers your ass.

       

  21. Re:Civilans Need Not Apply. on DHS Seeks "Ethical Hackers" To Protect Federal Net Infrastructure · · Score: 1

        The question is, what is juicier in my opinion? Ok, I'll give one up. :) There is a stretch of road with a few traffic lights that I drive frequently. The speed limit is 45mph. If you leave the first one and get up to 55 pretty quick, you'll roll under the subsequent lights just before they turn yellow, and not stop. If you don't, you spend about 5 minutes going about a mile. :)

        And you thought it would be like, former President Bush sleeps with a pink teddy bear. :) Nope, I don't know that one for a fact. hehe.

  22. Re:Talking to the right guy on DHS Seeks "Ethical Hackers" To Protect Federal Net Infrastructure · · Score: 1

        You did the right thing.

        I did something similar. We were having a weird line problem, so I did a tcpdump connected directly to the uplink. I should have only seen myself. Instead, I saw all kinda of other customers. I was lucky that I had one of their techs on site trying to help with the problem. I was logging everything, so I could review the logs, rather than try to read the dump in real time. I went back through and evaluated it a few different ways with them. It wasn't cc processing, but it could have been anything coming from the other companies. The tech on site said "hmm, you shouldn't be able to see that." Their senior tech that we had on the phone said "oh my god, you shouldn't be able to see that!"

        The tech saw me delete the logs when I was done. It was more of an "Are we done? I'm getting rid of this. It's wasting a lot of space." More than likely, I could have gone through and collected email credentials for a whole lot of people, along with who knows what else.

        I know the PCI compliance though. Good times. :) The first few times I had some arguing matches because we (in a past job, not current) failed a few spots on the external network scans. Silly things like "machine doesn't respond to ICMP ping". Duh. I don't want it to respond to a ping. Another was "web server banner responds with version number." Does "webserver/1.0" really count? :) I learned not to argue the points, and just tailor our results to be a very clean pass every time.

        I always loved the self-assessment test. "is private client data stored encrypted?" It could have been plain text everywhere, but as long as you answer "yes", it's a pass. :)

  23. Re:airline flight systems, and nuclear launch code on DHS Seeks "Ethical Hackers" To Protect Federal Net Infrastructure · · Score: 1

        Nope.

        Know why?

        Because I'm not very good at being a bad guy. I know how to do it. I also know I'd get caught.

  24. Re:Civilans Need Not Apply. on DHS Seeks "Ethical Hackers" To Protect Federal Net Infrastructure · · Score: 1

        I wouldn't need to lie on the app. The only questionable things on there, I know they already know about. There was some ... well ... annoyances with a foreign citizen in a foreign country. He was mistaken, but he reported me to the FBI. Nothing came of it. I couldn't even get the FBI to talk to me about it, so I know they weren't interested. :)

        The rest of my file should be "FBI background check for this" "FBI background check for that". Not exciting stuff, but at least something to fill up the folder. They should have a stack of fingerprints and photos of me, and the background request applications. I've never been denied anything based on those background checks, so it's a boring file. I considered doing a FOIA to see what's in it, but it's not worth the trouble. They get enough BS FOIA requests, they don't need to bother with mine. :)

        Hell, I know they get flooded with "What's in Area 51" requests, and other BS requests like that, why give them extra work to do.

  25. Re:Civilans Need To Apply. on DHS Seeks "Ethical Hackers" To Protect Federal Net Infrastructure · · Score: 1

        I already applied. No response. I have to wonder if it's for the same reason that Intelius wouldn't let me run a background on myself. There's something mysterious in my file(s) that make me either interesting to talk to, or too boring. I try not to think too much about it. :)