Slashdot Mirror


User: Antique+Geekmeister

Antique+Geekmeister's activity in the archive.

Stories
0
Comments
7,305
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 7,305

  1. Re:It's my flashBIOS chip... on Stallman Calls For Action on Free BIOS · · Score: 2, Informative

    Except turning on and off the hardware, enabliing multiple CPU's, managing the interrupts, affecting reboot behavior, manipulating power-on or sleep or suspend behavior, turning down the CPU clock when things over-heat, reporting the temperature, reporting the CPU voltages, and everything else you need to know at the basic hardware levels.

  2. Re:Does Anyone KNow on Stallman Calls For Action on Free BIOS · · Score: 2, Interesting

    There are huge amounts of secret cruft that Intel can hide, and sell development tools and licenses only to licensed motherboard developers for. That's a lot of money Intel wants to protect, and the motherboard vendors play the game the same way that employees refuse to discuss salaries because it is "unprofessional", even though it's usually an open secret.

    Unfortunately, the LinuxBIOS project seems to be dead as open source: none of the source code can be downloaded anonymously from Sourceforge, the alleged CVS tarballs haven't been there in months if not years, and the last available tarball is from 2000.

  3. Re:Why, indeed! on John Gilmore's Search for the Mandatory ID Law · · Score: 1

    I agree, Gilmore is a pretty strange man with an excellent point. I'm glad he has the money to not have to travel by plane for work, and the notoriety to make a point about this.

  4. Re:In many ways development/operation is similar on Project Management Methodology for IT Operations? · · Score: 1

    It can also shock the consultant serious drinking. "What do you mean, you don't know where your source code is?"

  5. Re:I know this one, my boss taught me. on Project Management Methodology for IT Operations? · · Score: 1

    Schedule daily staff meetings where the manager will change the requirements every day, run overtime, and use the time that the technical staff could actually compare notes with each other to solve things. *THAT* will help!

  6. Re:it will be bypassed... on Microsoft to Disable Online Windows Activation · · Score: 1

    Keep an eye on the "trusted computing" initiative, which is actually hardware-based authentication and encryption/decryption tools. It is exactly designed to foil this kind of cracking, and to do it at the kernel or even the BIOS level before the operating system is allowed to load.

  7. Re:RAR is very popular on New Virus Attacks Via RAR Files · · Score: 1

    bzip2 is more aggressive, but computationally more expensive while compressing. It's also less easy to recover from slightly corrupted downloads of bzip2 files than gzip. gzip also works better for in-line compression.

  8. Re:Good news! on New Virus Attacks Via RAR Files · · Score: 1

    Maybe because tar and tar-gzip for compression is so much safer and superior in both performance and features?

  9. Re:Open Standards are Best for Economic Growth on BSA Wants EU Open Standard Policy Reconsidered · · Score: 2, Interesting

    Open Standards are not the same as Open Software: there are numerous "Open Standard" compliant tools and operating systems that do proprietary, broken, unfixable things that customers or code developers cannot fix because of the closed source. Solaris tried this, although they seem to be learning.

  10. Re:Cool, but... on 5 Simple Steps to a Quieter PC · · Score: 5, Informative

    Ouch. That's probably the 60-cycle noice of the first transformer, and it's a bear to deal with after the hardware was designed.

    Try plugging something in constant use into it that draws a little bit of current, like your nearby clock or lava lamp.

  11. Re:Wow on Court Docs Reveal Kazaa Logging User Downloads · · Score: 1

    I actually use that technique to get people to say things, online, so I can point to the statement later and say "this supervisor said to do that" so I can cover my ass, and let the supervisor know that their behavior has been recorded. It can help: it can also get you fired for reasons the company will not admit, so it has to be used carefully.

  12. Re:Woah on Court Docs Reveal Kazaa Logging User Downloads · · Score: 1

    No, the Internet was supposed to survive the outages of nuclear warfare, not guarantee complete anonymity. Complete anonymity will be used for theft, guaranteed.

    Kazaa is just showing how the transfer of data can occur with only apparent anonymity, and showing that they were willing to base their business models on both collecting the data (for advertising and sales) and hiding the data (to avoid responsibility for clients they absolutely knew were committing theft).

  13. Re:Do you think there would be so many on University Of Calgary To Offer Course On Spam · · Score: 1

    The group of people who write the more competent spamming tools are quite small, and their software is borrowed and stolen by others to use. Better paying jobs for competent programmers would have only a small effect on overall spam, since it takes only a few competently written tools to flood the world's email systems. Changing the email systems and the policies to prevent the abuse is the issue, not the software.

  14. Re:So let me get this straight. on University Of Calgary To Offer Course On Spam · · Score: 1

    There is no "theory", or no formal one, of how spammers operate. There is a perceived economic opportunity, and they try to use it. A marketing or economics class would be useful to understand the behavior and business models of spammers.

  15. Re:Uhhh... on University Of Calgary To Offer Course On Spam · · Score: 0

    It is a course on fighting spam. It's useful to understand the common techniques and how they're written in order to try to defeat them. While sophisticated analysis techniques, such as Bayesian and Markovian analysis, are quite useful for writing filters, it's quite important to know how it's generated to get at the spam before it's wasting your mail server's time and computational power to run the filters. Over half of all email is currently spam, that's a huge load on the mail servers to try and analyze and filter. Some modest upfront filtering techniques, like blacklists and SPF and controlling outgoing mail to only come from authorized servers, help a lot without the computational burden.

    Unfortunately, Slashdot's announcement has mischaracterized both the course and the article about the course, with predictable flaming results.

  16. Re:Recording Legality. on Skype For Mac OS X and Linux · · Score: 1

    I did a bit more looking. Skype apparently uses 256-bit AES encryption, which is not sufficient for protection against high-end decryption systems. (See relevant security papers for why this is too short for computers over the next few years, if not computers this year). But this key is too short: it should be at least 512, preferably 1024.

    It's enough for preventing casual monitoring: the reports here on Slashdot of people monitoring such conversations were of installing a monitoring tool on the user's computers, not of a man-in-the-middle attack, which I had not realized. But Skype also gathers statistics in their central location about who calls what other users when. You'd better bet that information can be subpoenaed, without your knowledge, since that's been the standard for central phone service monitoring for years.

    Also, anytime you work through a central office, without control over the source code you're running, you leave yourself open to re-routing of the call or even deliberate re-broadcast of the call from the clients at the whim of the central office.

    I'm not saying Skype is a bad service. I'm just saying that we've seen better encrypted software for VOIP published repeatedly, for years, and there are political and fiscal reasons it has never taken off.

  17. Re:Oh well... on Can-Spam Increased Spam · · Score: 1

    It won't work. Too many machines are now being zombied to send spam from scattered hosts. The blackholing of careless providers is understandable, but there's no way a major ISP can control all the machines in their network.

    The blocking of outgoing port 25 to all but a provider's own mail servers is helping, as are efforts like SPF that allow an ISP to publish a description of the only hosts that are allowed to send from that domain. This will help against the zombie and forgery issues that plague anti-spam efforts now, especially against the email worms and email worm bounces that count towards the spam totals.

  18. Re:Recording Legality. on Skype For Mac OS X and Linux · · Score: 1

    There is no "reasonable expectation of privacy" for your work telephone from monitoring by your employers. There's also little expectation of privacy from anything that allows "monitoring for quality assurance".

    Properly encrypted, end-to-end VOIP was done many years ago with PGPphone, a Mac based application that could run over a 14.4 kbaud modem line and used RSA to encrypt the conversation. It *could not* be decrypted without either end's private keys. Unfortunately, because of encryption regulations which are deliberately vague andn confusing, there are currently no broadly available such commercial tools with robust end-to-end encryption.

  19. Re:a touch of psychology, a brickbat of capitalism on ISP Responsibility in Fight Against Spam · · Score: 1

    Wrong. There's not enough money, or time, for most folks to play the shopping game for services like this. And the client, or vendor, is the one who sent you the email that you or your ISP just bounced unannounced. And you, or your company, will take the fiscal and social hit for ignoring these emails.

  20. Re:a touch of psychology, a brickbat of capitalism on ISP Responsibility in Fight Against Spam · · Score: 1

    Wrong. The client may not have enough control over their systems, or their upstream net block, to redirect things to get past your blocks. They're a legitimate emailer, and you've ignored their legitimate contacts. Not opening the bill does not mean you don't owe the money, and when your electricity gets turned off for not paying the bill, you're the one who goes out of business. Similarly, blanket blocking legit email from them this way will cause your customer, or your vendor, to react: they will drop you as a customer, and depending on the circumstances, they may sue you and win.

  21. Re:Not caring? on ISP Responsibility in Fight Against Spam · · Score: 1

    That happened some years ago with agis.net, and continues to this day with UUnet and its other top tier providers. They refuse to act against their customers that host spam, deliberately or inadvertently.

    BBN used to have a very aggressive anti-spam policy, but it didn't survive the buyout.

  22. Re:Diabetes and Airlines on American Airlines Information Gathering · · Score: 1

    You have my sympathies, sir. I've never had a problem with my diabetic supplies of syringes and needles and insulin bottles and a glucometer. In fact, I have walked through Logan airport security 3 times since 9/11 with a six inch throwing knife in my packpack which they failed to detect. (It's a costume prop: solid steel, but it has no edge on it. I forgot it was stuffed in the bottom of my bag.) Every airport I came *back* from, detected it and made me stow it in my checked in luggage or ship it back by mail. But airport security remains a complete crap shoot, especially in Boston. Many of the staff mean well, but they are too underpaid, overworked, under-educated, and sleep deprived due to double and triple shifts to do their job well.

  23. Re:ECHELON on Why Did The FBI Retire Carnivore? · · Score: 1

    Oh, please. The extent and nature of the Carnivore sniffing was, and is, such that it is far more suited to political message interception than any actual criminal or terrorist activity. Do any of you assume that this program is ending just because they've announced it? They announced it was ending 3 years ago at various security seminars. All that's ending is the name "Carnivore", which was an extremely poor choice and too easily construed as dangerous. There are still locked rooms in various co-location centers and major network hubs in which no one but federal authorities are allowed, the staff of the facility are not allowed to enter or to record visitors, and the visitors who enter there do not have to show a warrant or court order in order to monitor backbone traffic. It's allegedly for programs like Carnivore, but since no warrants are shown or records kept that are visible to the public, it can be used for arbitrary political purposes. If you rent co-location space at any of the major backbone facilities such as UUnet's Virginia facility, keep a very close eye on where cables lead to rooms that no one on staff is allowed to discuss or enter.

  24. Re:A gift to Microsoft on Google Cans Comment Spam · · Score: 1

    That's what VP's are for, to get the note from one department, think of how it can be abused, send back orders down the other department to alter the system accordingly, but everyone gets to play innocent when people notice and complain. Remember, "That's not my department", says Werner von Braun.

  25. Re:The good, the bad and the ugly on MelbourneIT Lapse Permitted Panix Hijack · · Score: 1

    Haven't you ever worked for a government run company? There are procedures for this sort of thing! The change will be the CEO getting a new cell phone, one that takes pictures of his stock portfolio to send to investors and has a different number to prevent this kind of upset of his chain of command.