Slashdot Mirror


User: Bert64

Bert64's activity in the archive.

Stories
0
Comments
12,200
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 12,200

  1. Re:Heartbreaking on RIM PlayBook Tablet Jailbroken · · Score: 1

    Giving even less incentive to root the device...
    There are some things on Android you can't do without root, but for most users the ability to install unofficial apps is all that's required.

  2. Re:Heartbreaking on RIM PlayBook Tablet Jailbroken · · Score: 5, Informative

    The original OS has been rooted, at last year's pwn2own contest for instance...

    There is incentive to root Android, iOS and the new Blackberry OS since it's QNX based, because once rooted you can install unofficial apps and all these systems are unix based so there is plenty of unofficial code you could install...
    The older blackberry os is completely proprietary, even if you rooted it you'd have nothing to install on it.. Also the average blackberry users are corporates, not the kind of geeks who would want to root their phones.

  3. Re:You know why Apple's winning? It's not about sp on NVIDIA's Tegra 3 Outruns Apple's A5 In First Benchmarks · · Score: 1

    But how long will it stay that way?

    Years ago, the big proprietary server vendors made the lions share of the server market with their highend risc systems, while intel sold many more lowend cpus at a much lower margin...

  4. Re:You know why Apple's winning? It's not about sp on NVIDIA's Tegra 3 Outruns Apple's A5 In First Benchmarks · · Score: 1

    Microsoft got ahead by being cheaper and generally more widely known (better and more widely marketed) despite being inferior... They stay there via inertia and lock-in..

    Google are much the same, many people consider android to be a cheaper alternative to iOS, but its available on more devices, from more places, on more networks and promoted by more companies.

  5. Re:See. Patents/Copyright spur innovation. on Patent Expires On Best Selling Drug of All Time · · Score: 2

    Drug development as a whole is a conflict of interest when done by for-profit companies...

    A cure is far less profitable than an ongoing course of drugs that simply alleviates the symptoms.

    Research should be performed by non profits, government, universities, charities etc... For-profit companies should only be dumb manufacturers, competing on price.

  6. Re:Nuts, fish oil statins on Patent Expires On Best Selling Drug of All Time · · Score: 1

    Some people are allergic to nuts, a choice between high cholesterol or death....

  7. Dont need patents then... on Patent Expires On Best Selling Drug of All Time · · Score: 1

    Since Pfizer is able to make so much profit on an unpatented drugs, seems patents are not needed after all.

  8. Re:Dear Kids... on Duqu Attackers Managed to Wipe C&C Servers · · Score: 1

    Well you should only be running the services you need...
    If you need a service and have a firewall, then you will allow it through...

    It's ridiculous to run unnecessary services and then use a firewall to hide them.

  9. Re:It'd better happen quick then on Is the Time Finally Right For Hybrid Hard Drives? · · Score: 1

    Not exactly...
    What the retailer offers is irrelevant, they can make additional offers but they cannot take away your statutory rights under the law... They will often try to claim otherwise, but this is only because most people aren't aware of their rights and capitulate.

    Some good reading is available at:
    http://www.moneysavingexpert.com/shopping/consumer-rights-refunds-exchange

    In particular, within 6 months it is the responsibility of the retailer to prove that the goods were not defective when bought... A lot of retailers will argue, but soon capitulate if you quote your rights and threaten to take them to the small claims court.

  10. Re:It'd better happen quick then on Is the Time Finally Right For Hybrid Hard Drives? · · Score: 1

    Well, the post i responded to stated it cost him "£20" to send it back, suggesting that he is in the UK, therefore my reply was based on UK laws.

  11. Re:It'd better happen quick then on Is the Time Finally Right For Hybrid Hard Drives? · · Score: 2

    Ignore the returns policy, send it back to the retailer... Your contract is with the retailer, not the manufacturer. Know your rights!

  12. Re:It'd better happen quick then on Is the Time Finally Right For Hybrid Hard Drives? · · Score: 1

    I have a 100MB DEC SCSI disk from an old vax which still boots, its from the late 1980s and was running 24/7 from manufacture until about 2001, since then it's been used occasionally but spent most of its time turned off.

    I also have 4x 4GB SCSI disks which were used in the late 90s in a server, before i got hold of them in 2000 and built a 4 disk raid0 array which i ran continually with very poor cooling until about 2004. As far as i know those disks still work, although i have had no reason to access them in a while, and the server to which they were connected is long gone.

    On the other hand i bought a 3TB drive 3 months ago, which now hangs the machine when you try to write to it...
    I've been through 3 disks on my laptop in the past 5 years too...
    And i have a pair of 250GB sata disks in a desktop which while still working, are warning of a large number of bad sectors.

  13. Re:I've noticed this too on Europe's Largest IT Company To Ban Internal Email · · Score: 1

    Emails don't typically traverse lots of different servers...
    They usually go direct from servers controlled by A, to servers controlled by B... The only exception is when there are third party filtering services in between which have been explicitly employed by either party.

    Also as you said the logs will just show that an email was sent from A to B, it won't show the content so it would be trivially easy to create a fake copy of the content using the legitimate headers.

  14. Re:You laugh but... on Printers Could Be the Next Attack Vector · · Score: 1

    That's interesting.. I always thought the deskjet printers were pretty dumb compares to the lasers...

    Out of interest, do you have any experience of the HP 9100C, its a network based scanner basically a replacement for the network scanjet models, only unlike the scanjets (which are x86 based), they seem to be mips based, about 16mb ram, 3gb hdd and running vxworks...

    The default firmware is a bit limited, they can scan to email but not at full resolution, but anything more complex requires a proprietary server for them to connect to, and this is only supported on older windows boxes... Someone made a custom firmware for the older x86 based scanjets which allowed scanning to smb or nfs, full resolution scans to email and all manner of other features not present in the stock firmware. Wonder how much effort it would be to make a similar firmware for the 9100C, especially considering how cheap the units are these days on ebay.

  15. Re:Ignoring the real problem on Printers Could Be the Next Attack Vector · · Score: 1

    Assuming an attacker has got into the network, one of their goals is to stay there...
    Who would suspect the printer as a jumpoff point?

    Also, who's going to check a printer for malware before installing it? You could intercept shipment of a printer before it was delivered, load malware on it and wait for them to connect it to the network... You could even contact the victim offering them a really good deal on a printer, wouldnt be hard to convince them to connect it to the network.

    It makes a lot of sense to isolate printers on their own vlan, behind a print server that all print jobs must be routed through... More control, and more protection from compromised printers (and also makes it harder for malicious users on the main network from messing with the printers directly).

  16. Re:Doesn't need to be in the print job on Printers Could Be the Next Attack Vector · · Score: 1

    Only, very few companies ever bother to password protect their printers because they refuse to consider the risks...
    The worst offenders are the larger printers that have a full blown windows box inside, because its a windows box it needs to be managed the same as any other with regular updates and AV... But since its a "printer" it doesn't get managed in the same way all the other windows boxes do, it gets plugged in and never touched ever again.

    Other types of printer are no better, just windows boxes are the most likely to become worm fodder...

  17. Re:NExt??? on Printers Could Be the Next Attack Vector · · Score: 1

    Aren't the HP Jetdirect boxes based on LynxOS?

  18. Re:attachments? on Europe's Largest IT Company To Ban Internal Email · · Score: 1

    Or you use a file delivery server, which your company owns and controls (i know this sounds like an advert, but i had to build something like this recently)...

    You upload a file to it, it gets encrypted and stored there and you need a unique code and password to access it...
    You can also email a file to it, the attached file is automatically imported into the system...

    You might pre-agree the password, or send it out of band, or not bother at all if the file isnt private...

    You send the URL to the recipient, he visits it, enters the password and the file is downloaded in his browser over HTTPS...

    The server logs that the user retrieved the file, and can optionally alert you via email that its been downloaded...
    Files which remain unretrieved for a user-specified period of time expire and get deleted from the server, you can also be notified of this happening...
    You can specify how many times a file can be downloaded, after that it gets securely erased from the server.
    There is also a two server mode, for people on slow connections... You have a server on your lan (lets say you have slow upload, or a dsl line with very mismatched up/down speeds) and a faster server on the internet... You upload to the local server, and so long as you don't specify that the file is urgent it doesn't get forwarded on to the remote server until a predefined time (ie at night when noone is at work, or in the background at a very slow rate so as not to lag your line)...

    I have such a system online, although i am still in the middle of developing it..

    https://sdm.ev6.net/file.php

    if you want me to put a test file on there, drop me a mail to sdm [at] ev6 [dot] net

  19. Re:Secure information much? on Europe's Largest IT Company To Ban Internal Email · · Score: 1

    And XMPP doesn't require exchange, doesn't require a windows client, has multiple different implementations and can intercommunicate with other XMPP servers over the internet in much the same way that email does.

  20. Re:SCO are wishing they did this on Europe's Largest IT Company To Ban Internal Email · · Score: 1

    Which is why you should run your own IM server, and if you want to communicate with external parties participate in open XMPP syndication... That way it works just like email.

  21. Re:I've noticed this too on Europe's Largest IT Company To Ban Internal Email · · Score: 1

    The fact that something so arbitrary as a signature has any value whatsoever, regardless of how its transmitted is utterly ridiculous.

    Also how do they tell if something is sent as a pdf or faxed, most modern fax receivers are basically a modem which converts the received fax data to pdf and emails it anyway. You could argue either point and it would be extremely difficult to prove either way.

  22. Re:Useless people prefer to talk. on Europe's Largest IT Company To Ban Internal Email · · Score: 2

    Another disadvantage of the instant aspect, is the intrusiveness of it...

    If you send me an email, that email will sit there patiently waiting for me until i have the time to look at it...

    On the other hand, if you call me on the phone you are demanding that my attention immediately be taken away from whatever i might already be doing, and diverted to you.

    IM sits somewhere between, in that you *can* ignore the messages and get to them later, but many people become irritable when you don't respond quickly.

    I would rather that an intrusive method like phonecalls be reserved for important matters which actually require an immediate response, everything else can be dealt with more slowly and allow me to fit it in efficiently alongside whatever else i might be doing.

  23. Re:I've noticed this too on Europe's Largest IT Company To Ban Internal Email · · Score: 5, Insightful

    Both of which can be trivially faked, but then lots of legal matters hinge on something as ridiculously arbitrary as a signature - a random mark on a piece of paper which is even easier to fake.

  24. Re:I've noticed this too on Europe's Largest IT Company To Ban Internal Email · · Score: 1

    Skype is very expensive for calls to real phones compared to the many SIP providers out there unless you want the inconvenience of talking at a computer (and then SIP is free too)... They keep their call rates high because users are locked in to their service.

  25. Re:I've noticed this too on Europe's Largest IT Company To Ban Internal Email · · Score: 1

    The problem here is that Skype, ICQ, Facebook and MSN are centralised services controlled by someone else... You are entirely at the mercy of that organisation to continue providing the service and to provide compatible clients for the platforms you use.

    Email on the other hand is a standard, you can choose to use a service provided by someone else or to use your own, and you have a choice of different clients for virtually any device imaginable... And the system is decentralised, just because client a's email system is down doesn't mean you can't talk to client b.
    Telephones are also a standard, and work in much the same way... You have a choice of telcos to use, a choice of equipment to use and an outage at one telco doesn't cut you off from the world completely.
    With these being standards, when you buy the service from a third party you can also opt for a provider who offers service level guarantees etc, so they have an incentive to keep the service reliable and you have some comeback if it isn't.

    There is also the question of audit trail, some organisations are required to keep logs of business communication which really necessitates using your own local servers to keep those logs...

    Of course there are standards for all of these things, such as XMPP for instant messaging (which is decentralised and works in a similar way to email)... We run our own XMPP server and use it for internal communication, it also has the capability to talk to third party XMPP servers.
    We can keep track of what has been said if necessary, we can ensure that internal communication never leaves devices under our control and we can ensure that communication with external companies goes direct to a server under their control (after which point its their responsibility rather than ours)...

    The idea of using third party IM services for business correspondence is absolutely insane, and auditors would have a field day with that.