Slashdot Mirror


User: Em+Adespoton

Em+Adespoton's activity in the archive.

Stories
0
Comments
4,889
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 4,889

  1. Re:No on 2.4 Million Ontario Voters' Private Info Compromised · · Score: 1

    The data WAS encrypted, so your argument is useless. The poster just chose the wrong links, as the ones linked fail to mention that the data was encrypted.

  2. Re:In Other News, Phone books missing on 2.4 Million Ontario Voters' Private Info Compromised · · Score: 1

    The TFA didn't say the stick wasn't encrypted -- it just failed to mention the fact that it was... and yes, it was. Other articles available on google go into much more detail.

    And yes, there is no excuse for unencrypted PII on USB drives.

  3. Re:Yes, but you have to *pay* for those on 2.4 Million Ontario Voters' Private Info Compromised · · Score: 2

    So, your issue is not that private or personal information was leaked, but that the Canadian government was not adequately reimbursed for the leaked data?

    I'm not really understanding your position on this matter. Are you for or against the release of this information?

    If you are for it's availability, why do you feel that a fee associated with public information is appropriate?

    If you are opposed to the release of this information, why would you be amenable to its release simply because a fee was paid?

    I think he's meaning to point out that as you can purchase this information relatively cheaply, it doesn't really matter whether or not it was leaked.

    Of course, Canada still isn't the US, and the data was encrypted, so nobody likely got their hands on the sensitive data.

  4. Re:So what? on 2.4 Million Ontario Voters' Private Info Compromised · · Score: 1

    Well sure, those kinds of things have happened... though I'd be surprised if 2.4m people worth of paper records were lifted all at once. I'm not-so-surprised with electronic records on a thumb drive. That can fall out of your pocket in the parking lot.

    ...of course, the drives were encrypted, so this isn't much of a story. Since it could fall out of your pocket in the parking lot, they took precautions.

    Strange thing, is I don't see this mentioned in the linked articles or anywhere on here.

  5. Re:Sounds BAD! on The DHS's Latest Investment: Terahertz Laser Scanners · · Score: 1

    We do have an idea though... this is about mass spectroscopy. There's only so much you can tell from mass spectroscopy, as all that will highlight is specific chemical compounds, and their relative densities.

    While the FP rate may be very small, there ARE NO COMPOUNDS that are used only for illegal purposes.

    So, while this new machine may have a perfectly stellar 100% TP and TN rate with regards to detecting specific compounds, the way the device is actually used WILL produce FPs. There is one assumption: that's that the device will actually be used in security checks, and not by highly paid technicians in a lab, where the entire situation is understood by the operators.

    And this is beside my original point you responded to, where I was talking about the nature of matter and statistical analysis -- both of which are facts, and don't depend at all on which device this is we're talking about and whether or not it has been tested.

    There are certain aspects of this device for which we have no idea, such as what exactly it does and how. As for how it will be used and how it obeys the laws of physics, we've got a pretty good idea.

  6. Re:Ridiculous on The DHS's Latest Investment: Terahertz Laser Scanners · · Score: 1

    If this technology is as accurate as it is made out to be ....

    Accuracy and sensitivity aren't the same thing. Maybe the detector isn't a binary detector (bad stuff detected vs clean) but instead gives a level reading for a number of compounds? If the level reading hits a certain level of a certain combination of chemicals, it gets flagged?

    That's how I'd set such a thing up. Of course, this doesn't stop security from detecting at the lowest level, but since this is theatre in the first place, they'd most likely calibrate the device to a level that gives them precisely the number of people to detain as they can comfortably handle. It just changes who gets selected slightly.

  7. Re:Sounds good. on The DHS's Latest Investment: Terahertz Laser Scanners · · Score: 1

    Nah; just need to automate this by putting it in said hallway, and have the detector trigger the microwave radiation unit that causes your skin to feel uncomfortably hot. The individual hit by this will do the rest, as they struggle out of any clothing that is triggering the heat wave.

  8. Re:Sounds good. on The DHS's Latest Investment: Terahertz Laser Scanners · · Score: 2

    You have no idea if this laser backscatter machine gives false positives.

    No idea? I'd say that given standard statistical distributions, the machine is GUARANTEED to give false positives, unless it doesn't give any positives at all. Given that we live in a universe filled with entropy and this is a fairly advanced device, a 0 FP rate indicates an unacceptably high FN rate.

    So the real question is to do with process and granularity of information provided, not FP rate.

  9. Re:Sounds good. on The DHS's Latest Investment: Terahertz Laser Scanners · · Score: 1

    Of course not. But most likely they will mainly be used to detect what taxpayers carry any residue of money, at which point they'll get a 'pat down' to remove any excess cash burdening the traveller.

    Time to cut out the middle man; these machines are expensive and the producers have to be paid.

    This isn't too far off... if this thing is used to detect narcotics, given that 90% of US bills have detectable traces of cocaine on them, leave any money exposed while being scanned, and you're likely to get a much more thorough examination and possible confiscation of your money.

  10. Re:Controls on religion on UK ISP Asks Religious Groups To Set Parental Controls · · Score: 1

    Religion is unsafe at any dosage. Sure, some can handle it, but you never know in advance who's going to go psychotic on the first exposure.

    So if we're going to get mandatory filters I certainly hope any and all religions will be among the pages filtered. After all, we must protect the children.

    Funny... s/Religion/Role Playing Games/g

    or, s/cults/religions/g

    or, s/leadership/religion/g

    s/barney/religion/g ?

    tickle-me-elmo?

    alcohol?

    political office?

    censorship?

  11. Re:Hpw about on UK ISP Asks Religious Groups To Set Parental Controls · · Score: 1

    Stop hating paedophiles just because you aren't one.
    Hate their actions, not what they are.

    Extremely good comparison you made :)

  12. Re:Hpw about on UK ISP Asks Religious Groups To Set Parental Controls · · Score: 1

    I'm glad you stopped so promptly :)

    Religions don't hate people... people hate people.

    And yes, the comparison of a religion to a gun is somewhat intentional. They both have a specific purpose and can be abused, either intentionally or unintentionally.

    Now where can I pick up a concealed carry permit for my religion?

  13. Re:It's like this. on Does Grammar Matter Anymore? · · Score: 1

    OK: the average car driver knows enough about their car to fill the gas tank when the gas gauge goes low, change the oil when the oil light comes on, and possibly change a tire when it goes flat. They're happy with fuel injection, automatic transmission, and all the other complex parts and car terms are totally meaningless to them because they have no need to use them.

    Now look at a Formula 1 pit boss. When he thinks about how a car operates, he doesn't think "put in gas, put it in drive, press the go pedal" -- he thinks about the exact tires, fluid levels, fluid compositions, gear ratio, etc. required for the terrain about to be driven. Ask him to change the tires on a car, and he'll most likely want to know what tread, rubber density etc. is wanted, or at least want to know where the car will be driving so that he can make the tire choice himself.

    And this is for personal commuter cars, too. His knowledge of how cars work doesn't turn off just because he's not at the racetrack.

    That good enough? ;)

  14. which to be honest is everything that's actually important on your computer; non-userland stuff can just be re-installed from scratch if needed.

    I keep seeing this meme which seems to be promoting the idea that userland infection >= system level infection by claiming (mostly correctly) that the only important files to the user are in the users own directory.

    You have backups of /home right? So what is the problem with restoring it. Losing /home is NOT the worst thing that can happen to you. Having a virus that you can not detect is. Let's see how happy you are when your files start getting corrupted and keep getting corrupted and you have no idea why. System level infection is far worse than userland so can we let this meme die now please?

    OK, now let's look at what I said and what you said.

    Me: Most of what is actually important to you is accessible from userland
    You: There's a meme right now about how the only important files to the user are in the user's own directory

    See the difference?

    What I was pointing out is that malware can do most of what it needs to do these days without ever leaving userland. For those tasks like setting up a rootkit, hosts poisoning, cross-user spreading, etc. that DO require more privileges (but which are a small piece of the attack space these days), there's always social engineering and privilege escalation.

    The reason the "meme" is here is that it's not a meme -- these days, organized computer criminals are mostly using malware to exfiltrate data, hold data hostage ("ransomware"), run botnets, send spam, and mine bitcoins -- and NONE of these operations require root. The argument is a direct response to the longstanding "I run linux, and I set up my privilege separation properly, so I'm safe from malware" "meme" which turns out to be mostly beside the point these days.

    It's kind of like saying "drunk driving is not an issue for me because I drive a tank, and no drunk driver is going to damage my tank" -- completely missing the point that you shouldn't (just) be worried about your vehicle (the OS) being damaged by an attack, but the contents of that vehicle, even when they're somewhere else.

    Sure, rootkits are a problem. Securing your OS is a sensible part of layered security (just like securing your hardware). But someone stating that they're safe from malware attack while their userland security is virtually nonexistent is disingenuous at best.

    System level infection is only far worse than userland if you've got a system level infection. If you keep getting userland infections, it doesn't really matter whether it's because the entire system is compromised or just that there's a hole in your userland security that keeps getting exploited remotely. The end result is the same (even if the potential damage from a system level infection is greater).

    As an aside, I actually find that the main issue on Linux is not userland infection at all -- it's service-based infection; MySQL injections, compromised LAMP installs, etc. Same rule goes, as Apache is basically just another user: the attacker gains full access to this space, and can snarf the data, use the service for their own purposes, store their own stuff there, and generally use your computer service as if it was their own.

  15. Re:It's 'Diplomatic *Corps*' on SOPA Provisions Being Introduced Piecemeal From Lamar Smith · · Score: 1

    You're arguing about corps being French-only, when the previous word in the sentence is attaché? It even uses a diacritic foreign to our language....

    Let's face it: the French had perfected the art of diplomatic screwing before the USA was even a country.

  16. Re:Oh, Lamar Smith... on SOPA Provisions Being Introduced Piecemeal From Lamar Smith · · Score: 1

    There are more ways to promote a candidate than throwing money at them (really!)

    Slacktivists could do a really good job of "adjusting" google search results to promote Morgan and demote Smith, for example. A few people with large pipes could donate bandwidth to the robocall and email campaigns (yeah, I know....)

    With how pervasive technology is in our lives, the possibilities (even the legal ones) are limitless for promoting a politician. The real hurdle is getting all the talent organized.

  17. Re:What's next? on No, You Can't Claim 'Negligence' In a Copyright Case · · Score: 1

    You fail at step 1: public performance doesn't fall under the same rules as private performance.

    Now, if the recipient of the phone call recorded the call, there'd be infringement. But first you'd have to figure out who they were.

  18. Re:Sounds like claiming "negligence" was a stretch on No, You Can't Claim 'Negligence' In a Copyright Case · · Score: 1

    A teenage son is the ward of his parent -- so the parent is de-facto liable.

    With roommates, there's no wardship, so intent must be proven (or disproven for civil suits).

    One of the GOOD things to come out of criminalizing copyright is that the burden is now solidly on the accuser to provide proof instead of on the defendant to prove innocence.

  19. Re:Negligence on No, You Can't Claim 'Negligence' In a Copyright Case · · Score: 3, Insightful

    It's the difference between putting a photocopier on the street outside your house and putting a photocopier in a library. In one, you have no oversight and no idea of the intended use; in the other, you have some assumption as to intended use and have set guidelines, but still have no reasonable expectation of control over use.

  20. Re:I don't believe it. on Steve Ballmer: We Won't Be Out-Innovated By Apple Anymore · · Score: 3, Interesting

    MS brought us the optical mouse, the original tablet PC, smartphones that were document-compatible with the desktop, MS Bob, and thousands of other innovations; some of which caught on, some of which vanished into the mists of time.

    The problem is not that MS doesn't innovate with technologies, it's that they don't innovate in sales, marketing or production. They seem unwilling to be the pig in any enterprise, and would rather be the chicken.

    Remember, when a CEO talks innovation, they're usually not talking technical innovation. Where does Apple innovate? In design and marketing.
    This is actually a problem, because all those things you mentioned, from SCP, Xerox, NCSA and Winternals/Sysinternals are cases where MS took a risk on producing and marketing someone else's innovation. With stuff coming out of their own labs, that rarely happens (the MS optical mouse being one of the few exceptions) because there's no push (someone can say "see that great product X over there? We could buy that and make money off of it!" but the MS culture wouldn't get people behind "Lab Y has come up with this really neat tech -- if we give it to this design team, they might be able to produce a wonderful product we can make money off of!").

  21. Re:Simple solution on FTC To Revisit Robocall Menace · · Score: 1

    I've also had quite a few from someone claiming to be Wells Fargo but who can't confirm any account details of mine. I tried calling the main wf number and they didn't know anything about who called me. I'm not even sure what to do with that sort of thing.

    That's wire fraud and fraud over state lines, so it's the FBI's responsibility. They have a phone number and an email address where you can report it. I believe the Secret Service is also interested in these ones (although I can't recall why).

    However, unless someone actually fell for it and collectively lost over $10,000, they're not going to do much. If this HAS happened, your additional data point can help nail the guy.

  22. Re:Doesn't matter on FTC To Revisit Robocall Menace · · Score: 1

    Google Voice can let you do this... it automatically filters known-spammy CIDs, and can allow pass-through to your phone(s) (land-line and/or cell and/or voip app) only for numbers on your whitelist. You get an email for all other callers that leave voicemail, with an added bonus that you can have the message as text for a quick skim instead of having to listen to a bunch of junk messages.

    Of course, this means that you're giving Google access to your voice data, so you lose any semblance of privacy.

  23. Never. Netcraft has confirmed it... BSD is dead.

    Netcraft still exists?

  24. Re:Blah on Web Exploit Found That Customizes Attack For Windows, Mac, and Linux · · Score: 3, Insightful

    They don't even support Linux properly. Even if it's actually effective on Linux, you'd have to explicitly agree to run the exploit and then type in your password to install the stupid thing. And that would only work if you're in the sudoers group or logged in as root; otherwise, it's no go. What kind of malware is that???

    Interesting note: although example screenshots were given for the malware on Windows and OSX, there were none for Linux. Maybe it does not work at all on Linux, and the code people are foaming over is just a leftover fragment for identifying the client OS.

    Same argument goes for Windows and OS X -- and the argument is wrong. You can have software that happily installs in your home directory and has full access to userland files -- which to be honest is everything that's actually important on your computer; non-userland stuff can just be re-installed from scratch if needed.

    From what I've seen, the stuff normally dropped on Linux systems tends to be shell scripts and the like, and they don't tend to look like much in screen shots.

  25. Re:I'm postponing buying toothpaste on Why Were So Many "Crazy" Higgs Boson Stories Published? · · Score: 1

    Other dentistry techniques I've had used by various dentists over the years:
    --Digital X-Rays (they use MUCH less radiation, and provide an instant result)
    --Digital oral modelling (combining digital X-Rays with an oral sonogram -- it does your mouth in 3D with cutaways and density indicated -- and can time lapse between visits and forecast projections on tooth movement and gum recession/decay)
    --Sonic cleaning. Really... why use a pick when you can use an audio beam (or at least a water pik) to get things clean?
    --Tooth whitening (this is purely cosmetic, but we've got the tech to do it)

    The metal probe will always be the dentist's tool of choice however, as they know exactly how strong it is compared to tartar, plaque and enamel. Why invent something better when this already works perfectly?

    What we really need now though is a few nanotech mouth rinses. After all, we know what plaque is made of and how it bonds, and so should be able to create a rinse that will break it down and remove it -- and another one that will prevent plaque and tartar from building up in the first place. This could be done at home, and you'd have two less reasons to go to the hygenist.

    To hijack the thread, the area I'd REALLY like to see advances in is dermatology and allergens. We've had scientists studying the skin and the blood for years now, and still have only the most rudimentary understanding of how they work and interact with the rest of our system. We know what they do, but not how to fix them when they behave abnormally (and even struggle to identify what's going wrong).