Slashdot Mirror


User: Bert64

Bert64's activity in the archive.

Stories
0
Comments
12,200
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 12,200

  1. House of cards... on RSA Admits SecurID Tokens Have Been Compromised · · Score: 1

    Serves them (rsa's customers) right for not understanding what it is they were buying into...

    A system where someone else generates and retains a copy of all the keys, requiring you to have blind faith in that party to keep them secure... Did noone else see the serious flaws in such a system?

    In order to build a secure system, look at encryption...
    How encryption works is well known, the major algorithms are public knowledge, and are tried and tested. And yet the keys, when used properly are known only to the party who owns them...
    You don't run a closed proprietary encryption algorithm, and you don't trust a third party to supply you with crypto keys... That is, unless you're a fool.

    If you use such a system, you are placing blind faith in the third party who supplies that system... That party might sell you out to government agencies or for commercial reasons (ie highest bidder), might get hacked, might be infiltrated by a rogue employee, might leave a disk full of data on a train etc...
    Because they are an external entity you have no control over them, you probably even gave away your right to sue them when you agreed to the license terms on their software... You are utterly beholden to a company you have no control over, basically they own you, and anyone who owns them also owns you.

  2. Weak crypto on Cheap GPUs Rendering Strong Passwords Useless · · Score: 1

    All this is talking about NTLM password hashes, the algorithms used by modern unix systems are a lot tougher and even with modern GPUs, still very slow to crack...

    More importantly, NTLM password hashes are plaintext equivalent, so you can use them without having to crack them at all (google for pass the hash), so cracking them is only for amusement value anyway.

    So the problem is not so much GPUs, its more to do with windows systems having extremely weak methods of storing passwords.

  3. Re:Most polluting laptop ever! on Solar Powered Laptops · · Score: 1

    Only nuclear isn't very popular right now, so countries are actually shutting down nuclear plants rather than building more...

  4. Re:Most polluting laptop ever! on Solar Powered Laptops · · Score: 1

    Detachable with a decent length of cable, or a dock you can put your battery in to charge it...
    I could leave a solar panel on the dashboard of my car all day, but i wouldn't leave a laptop there or its likely to be stolen. Anywhere you could leave a solar panel to charge is by definition out in the open, and would be an attractive target for thieves.

  5. Single source... on France Bans Facebook and Twitter From Radio and TV · · Score: 1

    What we really need are decentralised systems, as we already have for email and to a lesser extent IM with jabber...

    While it's almost certainly against the rules to talk about gmail because thats promoting google's business, to talk about the general concept of email is just fine because its an open standard that covers thousands of different providers.

    So, have a decentralised equivalent of facebook and twitter, then everyone else would be far better off... No single point of failure, no single company having too much power etc.

  6. Re:The right tool for the right job on UK Government Ditches Cloud Concept, Consolidates Data Centers · · Score: 1

    Cloud computing makes a lot of sense when you have your own dc, there is no reason you would need to outsource it to a third party provider...

    An organisation like HMRC doesn't require the same resources all year round, immediately before the deadline for filing tax returns they have a significant increase in load, plus they process all the tax data in bulk.

    It actually makes sense for the government to build their own cloud infrastructure, and share it out across multiple departments, but government has never really been big on efficiency.

  7. Re:Cloud Services Means Outsourcing IT on UK Government Ditches Cloud Concept, Consolidates Data Centers · · Score: 1

    The government are already doing outsourcing on a HUGE scale...

    Cloud computing is for more efficient usage of resources, and this works best when you have a large number of users with disparate requirements and usage patterns. But there's no reason you can't build a cloud type system in your own private server room with a small number of systems and still realise some benefits from doing so.

  8. Re:Cloud Services Means Outsourcing IT on UK Government Ditches Cloud Concept, Consolidates Data Centers · · Score: 1

    Thats how things start out..
    Then you get corruption, which results in the performance targets being lowered to accommodate powerful vendors, and additional arbitrary requirements being added to ensure smaller vendors cannot bid for the contracts.
    Private corporations by their very nature are ruthless beasts, give them any slack and they will abuse it.

  9. Re:Cloud Services Means Outsourcing IT on UK Government Ditches Cloud Concept, Consolidates Data Centers · · Score: 1

    Government services may well develop inefficiencies because the people running them don't particularly care about efficiency as it doesn't affect their pay packet. But that's not to say that private companies do any better...
    Sure there is more of a drive to improve efficiency, but only in so far as it increases profit. Another far more common way to increase profit is to cut corners.
    Also there is not always a level of competition, if a private company can eliminate the competition then they will rapidly increase prices and reduce service quality, whereas a government service is likely to remain consistent.

  10. Re:Cloud Services Means Outsourcing IT on UK Government Ditches Cloud Concept, Consolidates Data Centers · · Score: 1

    Governments very rarely think about things long term... The UK gov has gotten themselves horrendously locked in to IE6 for instance, someone thinking long term could have easily seen that coming.

    Most government IT in the UK is already outsourced, mostly to foreign companies. Their data is hosted on severs owned, produced and managed by foreign companies, sitting in data centers owned by foreign companies, running software controlled by foreign companies.

    The "cloud" idea is a very good one, the idea of powering up more servers dynamically to handle load spikes, and powering hardware off during idle periods, as well as having distributed storage of data ala google so a single location failure is not a huge problem. There is no reason why the government couldn't embrace such a model, and scale it out across a large number of government departments.

    Obviously being government data, you would need to ensure that any other users sharing the infrastructure were at the same clearance level.

    The smart thing, would be for the government to build their own cloud architecture for hosting their own data, no third parties holding the keys.

  11. Re:Patents can be avoided and new servers created on Skype Protocol Has Been Reverse Engineered · · Score: 1

    Actually the idea is that you have the option to run your own server... Make it work like email, some people will spend the effort to have their own server while others will simply use the server provided by someone else.

  12. Server User on Ask Slashdot: Verifying Security of a Hosted Site? · · Score: 1

    One thing to check is the userid that your application code (php, jsp or whatever it is) runs under... Many shared hosting providers run all this stuff under a single shared user, which means that user needs to be able to read things like your database config including password... So if someone compromises another customer, they now have the ability to read all your files...

  13. Re:Not very effective on World IPv6 Day On June 8 · · Score: 1

    Cisco routers should support it, i have a 1701 and an 1801 both running ipv6 over adsl...
    Ofcourse you do need the correct IOS image.

  14. Re:What the story really means on UK Government Ditches Cloud Concept, Consolidates Data Centers · · Score: 1

    If thats their reason, then its all FUD....
    Everything is already outsourced to various providers, all they can currently do is yell at a vendor when things break. They are dependent on all manner of single source hosting providers, consultants and software developers.

  15. Re:Great Opertunity For Google on Google WebRTC: Can It Replace Skype? · · Score: 1

    As i understand it, FaceTime is primarily based on SIP...

  16. Re:I subscribed to io.com, way back when on A Piece of Internet History Lost: IO.com Sold, Services To Shut Down · · Score: 1

    I run a 400mhz Sparc, with 256Mb ram and 7gb of disk space... It quite happily handles 50+ users even today, running a mix of irc sessions, esniper, text based mail clients (mutt/pine) and some development.

    That said if people are actually interested in a shell service like io.com then i'm sure we could operate something similar.... Most shell accounts commercially available these days seem to almost exclusively cater to script kiddies on IRC just wanting to run large numbers of eggdrop bots...

  17. Re:What? on A Piece of Internet History Lost: IO.com Sold, Services To Shut Down · · Score: 1

    1, 99% of users would have no use for shell accounts... Especially today, when broadband is prevalent so people can leave things running on their own machine... Shells were most useful when it was too expensive to keep a dialup connected 24/7.

    2, 99% of users have no use for usenet, and a lot of the 1% only use it for warez, which isnt exactly what it was intended for (or is really suitable for)...

    3, Quite a few ISPs still run mirror sites, and they are actually more useful today than they were way back when... In those days, your dialup could download at 2-3KB/sec and you could achieve these speeds from almost any site, these days i have 50mbit/sec from my isp, but due to over subscription of their peering links i rarely get more than 20mbit downloading, yet i can achieve the full 50mbit/sec rate from their internal mirror site.

    4, lowest common denominator service... back in the days, 99% of isp customers were clued up people so you could have a useful conversation with them and resolve problems quickly... These days, 99% of isp customers are technically illiterate and won't understand technical explanations, nor be able to follow complicated instructions... Also most ISPs are now run by businessmen rather than geeks, who will happily lie to customers about the true nature of a problem. Back in the days if i couldn't connect, i would call the isp and they would give me a simple response like "router X has failed which links the dialup pool to the backbone, we expect it to be back online in 2 hours"... Being capable of understanding this information, i realise theres nothing i can do and just get on with something else for 2 hours... Recently someone i knew called their ISP to complain about being unable to connect, they had her reboot multiple times, install redundant software, mess with settings, reinstall redundant software for about 4 hours before she gave up... I went to check on it 2 hours later and it worked immediately, turns out the ISP was suffering an outage at the time but company policy was not to admit to any problems and so they wasted my friends time and made her feel it was her fault.

    6, economies of scale... i run a small isp, and would love to provide all these services... however doing so would cost more than the big mass market players, and most people would not pay extra even for a better service.

  18. Re:Linux on What's Killing Your Wi-Fi? · · Score: 1

    Have you filed a bug report? That's probably a rare enough setup that few people have tried to do it.

  19. Re:So Mac Users should expect this? on Mac OS Update Detects, Kills MacDefender Scareware · · Score: 1

    Time to breach is even less relevant because the order of people attempting is randomised...

    On the other hand, if someone finds a bug in OSX there is really only one target for the exploit, whereas with windows there are many different versions which may require modified exploit code (wildly different hardware/drivers, home/pro/ultimate/etc, different language versions)... And Linux actually takes this even further.

  20. Re:So Mac Users should expect this? on Mac OS Update Detects, Kills MacDefender Scareware · · Score: 1

    Malware almost always comes out the day after the update, that way you have a one month window before anything is likely to be done about it.

  21. Re:Linux on What's Killing Your Wi-Fi? · · Score: 1

    You've had unlucky experiences, or your trolling...

    On all of the machines i've tried in the last couple of years (atheros, broadcom, realtek and ralink chipsets), wireless has worked out of the box under Ubuntu (and in some cases i have used gentoo successfully with wifi), whereas Windows hasn't always supported the wireless card out of the box (which makes downloading the drivers a pain), and other weird problems like the drivers supporting wep but not wpa (i thought it was up to the os rather than the drivers to dictate encryption support).

    The performance has generally been better on the linux drivers too, not to mention that most linux drivers support rfmon mode while i'm not aware of any windows drivers that do.

  22. Re:Analog Video Senders make great jammers on What's Killing Your Wi-Fi? · · Score: 2

    Get an STB which supports streaming over IP such as a dreambox or a custom built linux box...
    Then you have a choice, ethernet, powerline adapters, wifi (still using 2.4ghz but in a cleaner way) etc. You can change the channel remotely on them too.

  23. Re:Analog Video Senders make great jammers on What's Killing Your Wi-Fi? · · Score: 2

    Your microwave should not leak any signals/radiation... The inside of a microwave is basically a faraday cage (look at the metal mesh which runs through the glass on a typical microwave door).
    If it does leak radiation, then its faulty and you really should get it repaired or replaced ASAP as it can be quite dangerous (wifi cards are typically under 1 watt of power, a microwave could be up to 1300 watts and the full force of one will cook you quite quickly).

  24. Re:so just how many on Germany To End Nuclear Power By 2022 · · Score: 1

    Well, the British dambuster raids aren't likely to happen again any time soon...

  25. Re:How About ... on Amazon and Barnes & Noble Jostle Over Battery Life Figures for Nook, Kindle · · Score: 1

    Exactly, i have no problem charging a device daily while i sleep... But i want to be sure that even under heavy use, that device will last the whole day should i choose to make such heavy use of it.