Slashdot Mirror


User: Antique+Geekmeister

Antique+Geekmeister's activity in the archive.

Stories
0
Comments
7,305
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 7,305

  1. Re:Security patches on IE7 Released and Available for Download · · Score: 4, Interesting

    Oh, it's much worse: did you notice this part from the Webmaster checklist?

              HTTP content cannot be included in an HTTPS page (see the Internet Explorer Blog article).

    Now expect the sound of thousands of admins whining as their critical mixed-content webpages fail to load, and the sound of millions of dollars of new servers and SSL accelerators to support SSL encryption of all the dancing bears on web servers that are signed into with HTTPS, but have all their image content on HTTP.

    And oh, yes, expect the sounds of millions of tech support people with Indian accents getting phone calls from irate Americans and asking the inevitable question "Have you rebooted your computer, sir?" I hope Microsoft will pay for the new fiber-optic cable to support all the tech support calls.

    This is going to be fun to watch, especially for web pages designed with old pieces of Microsoft design garbage like FrontPage.

  2. Re:Simple Child Care on School Bans 'Tag' · · Score: 2, Interesting

    Thank *YOU*, bullies of America, for pretending it's the lawyers' fault for taking away your excuses to kick the tar out of other kids in so-called "tag", "dodgeball", and "touch football" that too often led to serious fights because they were considered "safe" and no one could be bothered to supervise them.

    The problem isn't the games. It's the failure, or refusal, to supervise and keep the games within the most basic rules. I've supervised touch football, and played it, and learned harsh lessons when I was a kid about how bullies would twist it into a chance to take out their aggression on other kids, without repercussion. My players played clean or sat out the game: one dirty player's parents even tried to get me suspended for interfering in their drive for him to win, but I'd already gotten the head coach to notice the problem and he backed me up at the meeting.

    We didn't win championships, but what we won we won fair and square.

  3. Re:Makes sense on Google Gets Slack with Software Updates · · Score: -1, Troll

    Great, another "pkg" variant. No, wait, it's an "apt" variant. No, wait, it's a "yum" variant. No, wait, it's an "autoyast" variant, etc., etc., etc., etc., etc.

    It's often a sing of overpaid Perl script kiddies that they tend to write their own versions of tools for which there are dozens already available and working, rather than perfecting one of the more robust and tested ones. I've had to clean up after that kind of mess. It's nice if Google's works well, but what features does it actually have that make it superior to any of dozens of other such systems used privately and publicly?

  4. Re:Sue/address the IRC networks, first. on Is the Botnet Battle Already Lost? · · Score: 1

    I'm quite certain you're mistaken. Many IRC netwrks discuss illegal matters, such as cracking into computers, or topics they don't want monitored, such as sexual "bragging" even when the idiots involved get about as much real sex as a roll of nickels does. They have every reason to use illegitimate servers, and they're extremely cheap and easy to set up.

  5. Re:People concentration and location really to bla on More E-mail, Fewer Mailboxes · · Score: 1

    Mailslots tend to leak heat and air conditioning, let in flies because they're badly secured, etc. Security cnsiderations aside, that's a good reasn not to want a slot in your front door.

  6. Re:Rats first and Captain last on Novell Moves Away From ReiserFS · · Score: 1

    Don't bother. "Journaling" is fine when it protects your file system, but when it actively imperils your filesystem due to mis-handling of hardware failures, it's not worth using. The big advantage ReiserFS had for a long time was being able to handle 50,000 files in a single directory, such as might occur in an active news spool or very clogged Maildir mail directory. But ext3 has been able to deal with that since the introduction f "htrees" in the 2.6 kernel: there's simply no reason to risk your filesystem with ReiserFS anymore, unless the very modest performance benefits is wrth risking your data.

    ReiserFS, like db4 for databases, has lost its original core developers and has become increasingly unstable in its search for new features.

  7. Re:Information overload on Airport To Tag Passengers With RFID · · Score: 1

    True. That's why such information needs to be coupled with things like vehicle sensors and door sensors, and why excessive idleness in certain areas or for certain classes of tag should itself be a flag in the system. A janitor taking half an hour in the men's room to clean it is unsurprising: a passenger sitting there for 45 minutes? That might be worth sending a security person to take a look and make sure they're OK. The much more useful data from this is probably for queue handling: knowing automatically that the queue at gate 5A has just come to a standstill and there are 100 people in line, 5 minutes before a flight is due to leave from there, could be very helpful indeed to re-assign security staff and speed up the lines, or a lack of people at another line could get security to send the backed up passengers to the other line. That sort of informationn is very valuable to the airport staff. It's also potentially quite handy for lost luggage tracking: by spreading out the sensors at the baggage handling areas and baggage carousels and even possibly the car parks, it should ease the tracking of accidentally removed or of casually stolen baggage, giving much better lists of when the baggage was last detected and where. That's a big problem that justifies spending some money, and as long as the readers are being put in for passenger tracking, we may as well get some useful information out of them.

  8. Re:Luggage? on Airport To Tag Passengers With RFID · · Score: 1

    Those aren't really for security, although they may have been sold to the people funding airports on that basis. They're for luggage tracking: barcde tags with RFID in them have gotten common, and it's easy to put a bar code reader on the doors to the planes and recrd what went in and out, and such readers on baggage carusels. It's not cheap, and it's fairly easy t destroy or confuse or to duplicate most such tags, but it's considerably more reliable and faster than having to find a bar code and get it through a reader, especially for a cart full of luggage.

  9. Re:Mail filters? on Stopping "PattyMail" Email Bugs · · Score: 1

    Why not keep a list of the spammer's email addresses?

    More seriously, it's trivial to route such a request through gooogle.com or some other common web caching service. The mere existence of the download is usually the big clue as to who requested it and when: getting their IP or hostname is just an added bonus.

  10. Re:Joke's on them... on Cisco Patents the Triple Play · · Score: 1

    I think the current management of SCO can show prior art.

  11. Re:SmoothWall on pfSense 1.0 Firewall Released · · Score: -1, Troll

    True. Trying to do live CD's on FreeBSD is like trying to put a transmission on a horse: with the effort of adding all the necessary bits and wedging them into the out of date bits of FreeBSD, you could have worn out the transmission twice on another, better supported OS.

  12. Re:Oh please on IT and Divorce? · · Score: 1

    I ran into that: I was hired expecting a 70 hour work week for 3 months during a big project, then easing back to 60 with 20 of them at home, but a really nice salary to go with it. Over time, it became clear that even then, not enough time was allocated to do projects, and all of them suffered and wound up having to be repaired and recovered, which is often more costly in time and shipping and physical resources than doing it right in the first place.

    It was deadly. Every engineer left the company in the same week.

  13. Re:Get rid of pics in emails on Stopping "PattyMail" Email Bugs · · Score: 1

    What makes you think that most PDF readers don't support pulling in image URL's, which also makes web tracking possible?

  14. Re:Here's a start: on Stopping "PattyMail" Email Bugs · · Score: 1

    Excuse me, the "HTML Formatted" option ate my quoted HTML. I meant to say:

            Never seen a URL written as '', have you?

  15. Re:Here's a start: on Stopping "PattyMail" Email Bugs · · Score: 1

    Never seen a URL written as '`, have you? Plus your filter will corrept digitally signed messages of web pages sent for debugging. And I assume they don't teach handling mixed case text until the second floppy of your "Learn Perl at Home" course.

  16. Re:Get rid of pics in emails on Stopping "PattyMail" Email Bugs · · Score: 1

    Ban all HTML email. While actively encouraged by tools like MS Outlook, it's burdensome to handle, hides abuses like this, and well over 90% of it is spam and email worms. Being HTML email is an almost certain sign that the message is unwanted.

    The occasional webcard can be sent by a text announcement and a cut&paste URL.

  17. Re:Wrong Approach? on Security and the $100 Laptop · · Score: 1

    You might have to actually pay security experts. Inviting crackers to attack systems is much cheaper, even though they will mostly be incompetent.

  18. Re:Perspective from a damaged party on Perspectives on Spamhaus's Dilemma · · Score: 1

    There is almost no way to tell a "forwarded email" from a forged email, unless you are using something like SRS. And mail forwarding is becoming increasingly abused: if you can't do basic spam filtering locally, spam runs that wind up getting forwarded will seriously impinge on the receiving server.

  19. Re:Perspective from a damaged party on Perspectives on Spamhaus's Dilemma · · Score: 1

    Please learn to read your logs. From my experience over the last 5 years, almost all of thse "aol.com" and "hotmail.com" addresses are forged, and many of them are being forwarded through careless providers like the ones hosting your mailing list.

    From your own description, your provider is not doing the basic steps to block such abuses: that's all it takes to stay off Spamhaus's blacklists. It is unfortunate that other providers dump mail rather than bouncing it, but be realistic: bounce messages to such forged addresses are usually undeliverable, and rather than being forced to carry the spam, the bounce, the report that the bounce failed, and the continuing message failure notices, it's much easier to just ignore the message in the first place.

  20. Re:PGP Fone on Swiss to Use Spyware to Listen to VoIP · · Score: 1

    Me, too. Now that the RSA patents have expired, it shouldn't be as awkward to publish. Hosting the signatures is still a difficulty: an automoted key retrieval utility is vulnerable to fake keys being published and used for a man-in-the-middle monitor, much as Skype connections can be chained end-to-end by Skype and the audio traffic monitored in the middle, with Skype's cooperation.

  21. Re:Perspective from a damaged party on Perspectives on Spamhaus's Dilemma · · Score: 1

    I do sympathize with your plight. Because your upstream provider is incompetent, you cannot fully use the service they are selling you, and changing will be burdensome. But because they are incompetent and allow so much spam to be sent from their network, they are doubtless placing an unreasonable burden on the rest of us.

    But be very clear. Because your service provider is forwarding so much spam, it's simply not worth the burden for services like AOL and Hotmail to carry your few messages of legitimate email along with the volume of spam doubtless being forwarded. Your service provider is, in fact, doing something very wrong. Your service provider is allowing such abuses, which are very expensive and painful for everyne else who receives such spam. Get over it, and go find a competent service provider.

  22. Re:do Linksys Routers/Firewalls help? on The BBC's Honeypot PC · · Score: 2, Informative

    It helps a lot: but the firewall itself may be vulnerable. Check it for available updates.

    A lot of Windows machines get zombied pretty fast these days, by fascinating web security vulnerability hacks when the owners go web browsing even for legitimate materials and the hacks are installed on "owned" servers. These zombies then open up a port to designated controller machines on the outside for control by remote entities such as spammers using the machines to send the spam from unblocked netwrks. It's a serious issue that won't be shown by this kind of passive honeypot.

  23. Re:Yawn... on The BBC's Honeypot PC · · Score: 1

    You've apparently never worked in a larage university or corporate environment: the local firewalls are extremely lax, and even if the external firewalls or filtering are robust, there are just too many unmaintained and personal machines, and too many services that are being randomly connected, to rely on any local or departmental firewall for protection.

    The worst are the computer science professors, who think that because you installed updates for them when they bought the machine last year that they are secure, or who send their passwords via email to their collaborators overseas. I've actually seen this done, and caught the email when it bounced to mem as the postmaster.

  24. Re:better question... on The BBC's Honeypot PC · · Score: 1

    Leaving such a firewall on would have crippled numerous Microsoft demos where you just turned on the box and suddenly had access to lots of network resources. Explaining to sales staff that such demoware is begging for trouble and should be scrubbed to bare metal between uses is often quite difficult: they're reluctant to break what worked last time, even though they've just connected it to a public network at a blackhat conference and are guaranteed to be infested with the latest round of worms and viruses.

  25. Re:IMDB on Netflix Prize Competitor Already Beats Netflix · · Score: 2, Funny

    You're right. Those belong in historical fiction.