Slashdot Mirror


User: networkBoy

networkBoy's activity in the archive.

Stories
0
Comments
4,983
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 4,983

  1. Re:Emusic is cool but there are many great others on Making Money Selling Music Without DRM · · Score: 1

    "If the RIAA doesn't like having its music sold at the rate of radio tunes in Russia, it's free to stop doing business with companies in Russia, free to stop accepting royalties, etc."

    Or free to raise the rates to everybody.
    This is the kind of case the RIAA does not want. They have yet to go after someone downloading unless they were also uploading the content (like most P2P networks). Once they've stamped out all other sources they will go after downloaders.
    -nB

  2. Re:This sounds like a really good idea on Company Makes Inconspicuous Secure Cellphone · · Score: 1

    "Note: if you use kiddie-porn as your JPEG, the encrypted content will be the least of your worries."

    Not always the case.
    Putting something moderately illegal in as a cover for something far worse is often a good cover.
    My TC volumes are set up this way, there is some content (not KP in this case) that could get me a year or two, and as such looks worth hiding. Hopefully they stop there.
    -nB

  3. Re:Can you hear me now?? on Company Makes Inconspicuous Secure Cellphone · · Score: 1

    +1 how true ;)
    -nB

  4. Re:Anonymous on Reporting Vulnerabilities Is For The Brave · · Score: 1

    If I wanted money I would sell the info to the black hatters. There is no way a bounty will pay more than them for an entire school's worth of admissions data.

    If I get nothing out of it, well then the risk ain't quite worth it.
    If I inform them of the risk, and get sued, then tough, I'll give it to the world for free along with my story and see what happens...
    -nB

  5. Re:Anonymous on Reporting Vulnerabilities Is For The Brave · · Score: 1

    While I do not seek money, I don't mind adulation. I see nothing wrong with wanting a letter (on company letterhead) or a PDF with corp letterhead stating:
    Thank you for submitting foo vulnerability on bar product, we will use this to improve our baz processes in the future.
    Or any other fluffy BS that shows I did something Cool&Good(tm). That is something I can place in my Awards & Recognitions file for the next resume or interview should it be pertanant.
    -nB

  6. Re:Next generation? on Biggest Obstacle of Nuclear Fusion Overcome? · · Score: 1

    http://en.wikipedia.org/wiki/Tokamak
    http://www.pppl.gov/projects/pages/tftr.html
    http://w3.pppl.gov/~dstotler/SSFD/

    There ya go. Top 3 links from google for reference (and play, the third one is fun).
    -nB

  7. Re:you are wrong on Biggest Obstacle of Nuclear Fusion Overcome? · · Score: 1

    Nah, that's not such a big obstacle... you can fix that simply by choosing a different name. For example, when everybody was having a snit about "Food Irradiation" [wikipedia.org], they simply relabeled it "cold pasteurization", and presto, problem solved.

    Oh how a [-1 short attention span] of the populace conspired with a [+1 marketspeek] to yield a [+5 ironic] post.

  8. Re:Cry Wolf on Lenovo Banned by U.S. State Department · · Score: 1

    "If you comprimise the chipset you can do almost anything."
    That ball would be in the chipset manufacturer's court as they manufacture the chipset. In this case they use intel's Centrino chipset.

    Are you familiar with "deprocessing" a chip? I would not put it past a government to build an "enhanced" clone for this purpose. They can even buy genuine chips to mask the mismatch in purchase vs sold units.

    2. Even if you could putting a lot of flash on something for no reason would be expensive.
    But is is for a reason: spying. The one reason no expense is too great either...

    Granted it is a conspiaracy theory, and whatnot, I was just attempting to illustrate that one musn't "phone home" to spy, and nothing has to be outwardly obvious, even with a fairly detailed inspection of the system. You would have to dso a destructive anaylisis of the machine to ensure it is clean, which means you can not screan _every_ machine, which means it is possible, thus the people for who parinoia is a job must consider it and act based on the possibility and probability.

    -nB

  9. Re:Intel wall starting to crumble on Dell to Use AMD Chips in its Servers · · Score: 1

    Not likely, and from what I've heard this was front page news on Intel's internal website. Intel is not going to lay down on this one. Dell is (was?) one of their last bastions of 100% pure supply chains.
    -nB

  10. Re:Cry Wolf on Lenovo Banned by U.S. State Department · · Score: 2, Interesting

    My concern would be a compromised firmware &&|| microcode in the chipset.
    With a large enough flash memory you could log a lot of information, all this can happen at the BIOS level. Then you try to acquire the notebooks upon refresh. Doesn't matter that the HDD is crushed, you have it in flash. If you comprimise the network stack you could (in theory) do packet inspection and store interesting packets. If you comprimise the chipset you can do almost anything. NOR flash cells are a compatible process with logic cells (NAND is not). So there is no reason that you can't make chipsets with a gob of flash memory hidden on-die. You could even obfsucate the existance of the array by placing random metal lines on higher layers, thus hiding the orderly row and collumn arrangement of a memory array.

    None of these techniques require the machine to phone home, none are externally obvious, none are electrically obvious (sniffing the hardware would not yield a result as all the parsing and storage happens on the same die). The only way to be partly sure is to deprocess every die on the system, and that could take some time.

    Every single system could be compromised and you simply reclaim the ones from waste that you can, chances are even if the unit is crushed, some of the chips you are interested in retreiving are intact.
    -nB

  11. Re:When the going gets tough... on Blue Security Gives up the Fight · · Score: 1

    specifically I think there are less than 20 companies world wide that could handle the attack, most of the others would have their link saturated, even if the servers did survive.
    -nB

  12. Re:Whole Disk Encryption vs. File/Directory on Handling Corporate Laptop Theft Gracefully · · Score: 1

    There is, in fact, a policy regarding private use of company assets. Basically as long as what I do is only step one and two and omits "3) Profit!", then I am fine. Thus I do not op the site in my sig from my notebook, but I do op: farmersreallysucks.com. That is protected speech, and allowed (on my breaks) to be operated on with company bandwith and assets. Even to that end we run an application called CNB that backs up the entire PC. There is a special folder that we can use to store personal stuff that this app ignores. I have my large encrypted volume in this folder so it is ignored. I also have a small volume that is my "little black book" and is backed up, but is only 10 megs, so it's not like it matters.

    Basically I work for an employer that is sane, and understands that a genuine draconian policy will not work, it's far better to have a very clear and mildly strict policy that is enforced with teeth. Besides I also consented to have all my e-mail, http, and ftp sessions logged and/or monitored as part of my employment.
    -nB

  13. Re:NO NO NO!! on Indie Game Devs Should Give Up · · Score: 2, Insightful

    True enough, I just don't want people to give up.
    I buy through allofmp3 for mainstream stuff often, but a good indie group, I buy the CD(or a good mainstream group for that mater, but I make an effort on the case of the indie).

    Maybe if there was some good disti method for indies that was low cost (say $3.00 overhead per title on average) then there would be more sales of small games. I know it would work for me. I rarely have time for games, but I can justify $10 for a game that I'll play for maybe 20 hours in a year. I can't do that for a $50 game that has a monthly subscription component.
    -nB

  14. NO NO NO!! on Indie Game Devs Should Give Up · · Score: 4, Insightful

    No, they should not.
    Creativity is vital, and an indi dev gets more lattitude than any shop dev would. Hopefully the big shops will be less afraid and buy indie title rights (funding the dev for their next title) and enhance it into mainstream.
    -nB

  15. Re:Whole Disk Encryption vs. File/Directory on Handling Corporate Laptop Theft Gracefully · · Score: 1

    But that is user habits, just like my ctl-alt-del when I leave my windows notebook for any length of time. Most users do not do this (and it sacres me).
    I use disk encryption on my notebook through IBM's TPM setup, and then I run container encryption on-disk for two reasons. First reason: I have top-security documents on my machine. They are encrypted, and I must access a server to obtain a decryption key every time I want to view them. The encryption is by authentica. I do not trust this encryption, thus I store the files in a true-crypt container. A seperate true-crypt container is used to store my personal information, saved web-pages, personal projects, my website backup, etc. This is because I also do not trust my employer. The notebook is theirs, but not all the data is.

    As to the pagefile, that is set to 0 and I have 2 gigs of RAM to cover system requirements.
    -nB

  16. Re:Encrypt the disks. on Handling Corporate Laptop Theft Gracefully · · Score: 1

    Then you have to assume that it was not a petty theft either.

    Your common grab and run theif will still simply format the drive and pawn the computer.
    -nB

  17. Re:The NSA should take aim at Qwest. on The NSA Knows Who You've Called · · Score: 1

    Even though it is not "tapping" it sure makes for one huge logfile:
    "1-555-555-5555 1-444-444-4444 11/01/2006 14:32:56 14:33:55"

    Even that string is 58 bytes and represents the minimum ammount of data "they" would want to collect:
    origin, destination, date, start time, stop time.
    I would kinda like to op that server farm.
    -nB

  18. Re:Longevity? on A 4.1 GHz Dual Core at $130? · · Score: 2, Insightful

    In fact on a given wafer the die's are sorted into "bins". Bin1 parts are top notch and are the 3.4, 3.6GHz pieces, while bin2 may be 3.2GHz, bin3 3GHz, and so on, till you get to the bins that == no good. The sorting is based both on speed and failure mode, such that in the passing parts they are sorted by speed, and in the failing parts they are sorted by failure (for analysis as to what the failure is, why it happens, etc.) so the failure can be fixed and the yield can be imporved.

    FWIW: I do not work on processors, I work on ASICs so YMMV in the proc world.
    -nB

  19. Re:Burial in Ancient Rock! on Radioactive Warning for Future Generations · · Score: 1

    Not that I disagree with you but:
    "hats like cutting off someone's head so they don't shoot themselves."
    That would, in fact, work. Absurd, but functional... the /. way.
    -nB

  20. Re:Stonehennge 2 ??? on Radioactive Warning for Future Generations · · Score: 1

    "Hippies will dance around it naked at the full moon...."

    Excellent!

  21. Re:Simple solution on Radioactive Warning for Future Generations · · Score: 5, Funny

    Na, just type:
    Warning, Lawyers buried here.

    No-one will ever dig it up.
    -nB

  22. Re:Wow, these are still around? on Self-Heating Coffee Cans Recalled · · Score: 1

    "And an alternative already exists ... Dewar flasks. Coffee put into one of those will stay hot all day and it's perfectly reusable."

    I call bullshit. Any commercial Dewar flask will keep coffee hot for only a couple hours. The really high end ones my keep it hot for a day, but I'm willing to bet that they get broken too easily (glass liner) in the hands of a regular joe.

    As a note of where I'm coming from: I play with LN2 and other cryo liquids, so if containing heat is different than protecting a liquid from heat feel free to ignore me.
    -nB

  23. Re:Defensive driving on VW Beetle Fitted with a Jet Engine · · Score: 1

    at least only till the radiator melts.
    -nB

  24. Re:Spot the dinosaur on Financials Indicate Microsoft Prepping for War · · Score: 1

    So is Windows
    -nB

  25. Re:How about having an open mind? on Wal-mart's Wikipedia War · · Score: 1

    Ditto. :(