Slashdot Mirror


User: Bert64

Bert64's activity in the archive.

Stories
0
Comments
12,200
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 12,200

  1. Re:But how .. on In UK, 12M Taxpayers Lost With USB Stick · · Score: 1

    You can often find much more useful information by buying old enterprise class servers from ebay... Things like sun servers etc.
    The people selling them often don't know how to erase the disks on a sun sparc server, and such machines were often used for storing important databases...
    Another good one, is that a lot of companies use really outdated dos software to erase disks, crappy dos programs that can only erase the first 8gb of the drive leaving most of the data intact.

  2. Re:bet carried on In UK, 12M Taxpayers Lost With USB Stick · · Score: 1

    It was a private contractor working for the government who lost the data, because it is the government's data and not their own, these contractors don't care... They take much better care of their own internal data.
    Because of the way government contracts are handed out in the UK, they aren't worried about losing it. They will get paid even if they're fired, the contract will go to another of a small handful of contractors and eventually roll back to them anyway.

  3. Re:It would be nice if the summary was accurate! on In UK, 12M Taxpayers Lost With USB Stick · · Score: 1

    The data was encrypted using what?
    In order to have any confidence, we need to know what was used to encrypt the data... Let's not forget the story a couple of years ago about a usb device that promised users it used 256-bit aes encryption, when infact it used a simple xor routine. In order to trust encryption, you need to be able to see the source code for it and ensure that the algorithm is implemented securely, and is used securely.
    For all we know, they could have used the default 40-bit encryption in msword which is trivial to crack.

  4. Re:How it came to be lost? on In UK, 12M Taxpayers Lost With USB Stick · · Score: 2, Informative

    I don't like the idea of SecurID...
    RSA provides the key, a foreign company, so now you are beholden to a foreign organisation not to lose your keys or hand them over to a hostile party...
    I would only trust a system like that where I could generate and input the key material into the device myself. Quite a few companies are turning away from securid for this reason.

  5. Re:How it came to be lost? on In UK, 12M Taxpayers Lost With USB Stick · · Score: 1

    Actually, incidents like this are being used by the case against a government database...
    If they lose information as often as this, then having a bigger database containing more information for them to lose seems an even worse idea.

  6. Re:'Passcodes' not data on In UK, 12M Taxpayers Lost With USB Stick · · Score: 2, Insightful

    I carry a memory stick attached to my key ring, which includes encrypted copies of SSH and PGP keys, the passphrase to decrypt them is memorised...
    Anyone who stole it would be more interested in stealing the car for which the key is on the same ring, or breaking into the house using the keys and stealing stuff...
    Or they could just take the unencrypted episodes of tv shows from the usb key.

  7. Re:How it came to be lost? on In UK, 12M Taxpayers Lost With USB Stick · · Score: 1

    If the source code allows access to the system, then that means there are fundamental security holes in the code which are easily identified by having the source code...

    As you pointed out, having access to the source code of Linux doesn't enable me to break into any of the millions of linux systems connected to the internet, including slashdot.

  8. Re:How it came to be lost? on In UK, 12M Taxpayers Lost With USB Stick · · Score: 1

    Chances are they bought that system from a vendor who wined and dined some upper management types, and they trust the "knowledgeable" vendor that their system is secure without any input from anyone who's both knowledgeable and unbiased, this happens far too often and people get lumbered with complete garbage...
    And they're probably right about being unable to submit any problem reports, they bought that system, paid a lot of money for it, and are now stuck with it. Even if you did submit a problem report, what do you think they'd do about it? Personally i doubt it would even be read...

    Resetting someone else's password by calling the helpdesk is a common problem that can be exploited in many large companies because the helpdesk have no idea who works there... You need to decentralise things like this, make it so a password reset has to be authenticated and approved by someone's immediate superior. This is slightly slower, but far more secure - chances are your immediate manager knows you and will be able to tell if a fake calls him up pretending to be you.

  9. Re:The end of DRM is good news for content owners on Doom9 Researchers Break BD+ · · Score: 1

    And yours plays mp3 files, so you are already half way towards the utility of an ipod, and you are already benefitting from a drm-free system.

  10. Re:Your secure edifice... on Doom9 Researchers Break BD+ · · Score: 1

    Worse than that, the normal users who *may* have bought your content will now find the pirate copy more appealing, some of them will move over to reap the benefits of the pirated copies.

  11. Re:Kudos to them on Doom9 Researchers Break BD+ · · Score: 1

    With the ability to copy blu-ray discs, the demand for burners will increase which should bring down the prices... Same thing happened with DVD.

  12. Re:The end of DRM is good news for content owners on Doom9 Researchers Break BD+ · · Score: 2, Insightful

    Yes, look at the success of the ipod...
    Does anyone still use portable CD players any more?

    I doubt it, big clunky device with a spinning disc inside that skips the music when it's jolted too hard, and only stores 80 minutes of audio unless you carry around a big stack of equally clunky discs for it.
    Compare that to an ipod or similar device, which can store hours of audio on a device little bigger than a credit card in some cases.

  13. Re:The end of DRM is good news for content owners on Doom9 Researchers Break BD+ · · Score: 3, Insightful

    What's to stop you putting that DRM-free file onto a 16 gram disc...
    Or onto a memory stick for that matter...
    Or a portable hard drive that will store a large number of movies...

    DRM-free gives you a lot of freedom, you can do whatever suits you best, your choices are not taken away from you.

  14. Re:As the article says... on Doom9 Researchers Break BD+ · · Score: 1

    Most bluray players will probably be software based, at least some of the toshiba hd-dvd players were linux based and quite hackable.
    Besides, if you can't play your bluray content on any computer then the number of people who might want pirate copies increases significantly... Even people who don't have an HDTV usually have a computer monitor capable of 720p at least. In my case, i travel a lot, and always have a laptop with me (travelling for work, need the laptop), 720p video looks much better on it than low resolution dvd does so i will watch the higher resolution video if i can get it. Sitting close to the screen makes the difference more obvious too.

  15. Re:Why this will never happen in other countries on German Foreign Ministry Migrates Desktops To OSS · · Score: 1

    The point with this migration, is that it proves what people have been saying...
    Short term migration costs can be higher, but long term costs are a lot lower, and that it works on a large scale. Based on this, more migrations will happen, if not in government then in the business sectors. In the current economic climate, saving money and reducing dependencies on companies that may not be there in a few years makes a lot of sense.

  16. Re:so.. on German Foreign Ministry Migrates Desktops To OSS · · Score: 1

    While i do fully agree with you, "replacing windows" is a simplified scenario and the scope of configurations is very narrow because as you pointed out, windows configurations do not deviate from "microsoft approved" designs...

    So what people really need, are simple ways to migrate from windows to linux and achieve equivalent functionality. Yes, this will lose many of the benefits of linux, but it's a start. Once linux deployment is far more widespread, more people will be motivated to learn it and companies will see the benefits of using more highly skilled staff to set things up properly.

    One step at a time...

  17. Re:so.. on German Foreign Ministry Migrates Desktops To OSS · · Score: 2, Informative

    What i always found amusing about windows policies, is that they're implemented in userland and trivially easy to bypass...
    As an example, the one that prevents you from using cmd.exe
    Take a copy of cmd.exe and run it up in a debugger, you will notice it checks a registry key to see if it's allowed to run, and displays an error if it's not. Well, hexedit the binary and break the check (just rename the key so it wont find it) and run the modified cmd.exe on a machine with a group policy that doesn't allow it... Running cmd.exe will get around the userland restrictions in explorer.exe that prevent you seeing certain drives too.

    Now how stupid is this? Surely a more sensible approach is a kernel level check?

  18. Re:so.. on German Foreign Ministry Migrates Desktops To OSS · · Score: 2, Interesting

    Well, stick with the custom repository, add your apps to it, and make sure that your update scripts also support retrieving a list of mandatory packages that need to be installed, so that anything new gets installed at the same time as any updates.

  19. Re:Faster than Vista! on Ubuntu 8.10 Outperforms Windows Vista · · Score: 1

    Having apps in the default install is good, so long as they can easily be removed and/or replaced...
    On Ubuntu it's a trivial case of apt-get remove or the equivalent gui tool, but try removing ie from windows...

  20. Re:Faster than Vista! on Ubuntu 8.10 Outperforms Windows Vista · · Score: 1

    On a Dell D800 (i think) with an Atheros card i had the opposite issue..
    Ubuntu 8.04 and now 8.10 worked out of the box and connected to my WPA2 network just fine...
    XP on the other hand, didn't even support the card and i had to go hunting around for drivers, and i had to update to SP3 before WPA2 would work.

  21. Re:Let's hope they come with better software on Motorola Moving to Android, Windows Mobile for Smartphones · · Score: 1

    So you have to carry the cable around with you all the time incase you need to recharge or such...
    Using standard cables means there will always be a cable or two at work you can use, and any friend's house or car you find yourself in is likely to have one too.

  22. Re:Don't waste your money on open source on Good Open Source, Multi-Platform, Secure IM Client? · · Score: 1

    Using a third party external server could open up legal implications... You really don't want your private internal correspondence going outside of the company network.

  23. Re:on a related topic ... saving audio ? on Good Open Source, Multi-Platform, Secure IM Client? · · Score: 1

    Asterisk will do it if you're using SIP...
    It can also compress the voice chat session using GSM compression or similar to save space.

  24. Re:GroupWise IM on Good Open Source, Multi-Platform, Secure IM Client? · · Score: 1

    Does it use standard protocols (XMPP, or maybe SIP)?
    Does it store it's user data (users/passwords, profiles, logs etc) in standard formats?

    I think it would be foolish to implement something proprietary, because it will restrict your movements in the future.

  25. Re:Finch on Good Open Source, Multi-Platform, Secure IM Client? · · Score: 1

    IRC clients have been text based for years, text based clients predate all these horrible gui based irc clients and are still widely used.