Slashdot Mirror


User: guruevi

guruevi's activity in the archive.

Stories
0
Comments
7,550
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 7,550

  1. Re: In other news, SANITIZE YOUR DAMN INPUT. on BadBarcode Attack Forces Host System To Carry Out Commands (threatpost.com) · · Score: 1

    There thing is that these scanners can be programmed to accept only a number of characters but nobody bothers to do so. At my local grocery store they use Bluetooth scanners which are all using the same pin codes. The security in most of these places is laughable, the reason that nobody bothers to mess with the system and even if they did, the technical expertise would make it such a minority that it doesn't matter if one geek shoplifts their cart of groceries compared to the number of people that already just walk out the door with their groceries.

  2. Re: I am a Christian and I do read the Bible ! on Explosions and Multiple Shootings In Paris, Possible Hostages (cnn.com) · · Score: 1

    Yes, it means someone in the 4th century decided that a collection of books made up the 'new testament' while another set of books made up the 'old testament'. It's just an arbitrary line between a set of books that are loosely related. Christ himself (if he even existed) only seemed to have access to the pentateuch and "the prophets" (ignoring the psalms, lamentations, chronicles of the kings and judges) but both him and even the people that made up this division understood that the entirety of books was 'divinely inspired' and to be taken as a whole, even writers like Paul did. This includes 'apocryphal' books which are referred to in both the old and new testaments but no longer part of the 'official' canon (eg. the talking in tongues, snake handling even Jesus' love life and children)

  3. The "refugee crisis" is being used as a cover for a religious invasion. Sure there are a few from Syria but the majority of them (some estimates say 80%) are military aged males and not directly related to war zones.

  4. Re: I am a Christian and I do read the Bible ! on Explosions and Multiple Shootings In Paris, Possible Hostages (cnn.com) · · Score: 1

    Yes, do you? Look up the history, it's 66-odd books (depending on interpretation) that used to be part of multiple narratives until the council of Nicea.

  5. Re:New features every few months on PostgreSQL Getting Parallel Query · · Score: 2

    The biggest issue with parallelism is that a lot of stuff can't be parallelized in a way that makes sense. The way it is done (dispatching and gathering nodes) only makes sense if the query takes a really long time, otherwise there is a lot of overhead that destroys any type of speedup and could actually make everything else slower. Typically multi-threading in databases is done to speed up multiple independent queries, not a single query.

  6. Don't do it on Ask Slashdot: Automated Verification For Uploaded Files? · · Score: 1

    Don't accept foreign input and put it out as your own (on your web page). It's just a disaster waiting to happen. Misconfigurations or bugs could happen at any point.

    What you do is you take the input and verify that's the input you're expecting. Not just a PDF file or a PNG file but make sure you only accept PDF/PNG and then parse it and rewrite it in a way that takes out any and all foreign input. You're expecting text, only parse text, images, only parse images and parse anything within a jail with limited permissions. If the file is 'broken' or contains any scripts or anything else (it doesn't parse well enough) reject it.

    There are all sorts of manner (called magic) to determine files but they only take a look at the first few bytes and return based on a table. You could easily fool those things and they don't check whether the files are valid or not. Additionally, check for viruses

  7. $500 for a lease? on Uber South Africa Launches $500 a Month Car Lease Which Includes Replacing Tires · · Score: 1

    Seems a bit pricey. Unless it includes all mileage for a full-time taxi service, it's not all that attractive and if you do have a full-time taxi service, you might as well outright buy the car.

  8. Re: So how do we live? on Even the CEO's Job Is Susceptible To Automation, McKinsey Report Says (networkworld.com) · · Score: 1

    Amazon air will drive large chains like Walmart, Borders, JC Penney etc out of business. Basically your large mall stores will disappear. Instead you'll have boutiques like the Apple Store or Verizon store where you go and 'meet' the product, touch it, get your measurements etc to then purchase your customized version online.

    But on topic, full-information decision making (who to hire/fire, what to buy/sell and where it is cheapest) will lie with Watson-type machines while people will make the gambles of business (stocks, buyouts, investment) assisted by automated reports and customized news feeds.

    But we're at least 2 decades away from the first and 3-5 from the latter. We just don't have the investment in automation and programming required by businesses to go that way. Most businesses view IT as a necessary evil, a cost center instead of an asset that can drive and transform the business. We also don't have the necessary quality of AI research both as basic science or as education.

  9. Re:Seems like a much better business model on Proof-of-Concept Ransomware Affects Macs (vice.com) · · Score: 1

    They have had potential PDF/Font bugs resulting in buffer overflows etc. The core of OS X is Open Source so that's why you see all those bugs passing by. The problem is that besides theoretical attacks, no self-replicating virus that doesn't interact with the user has been created yet. Even Flash exploits have operated in browser jails since the Windows Vista era or been unable to go beyond "this program needs Administrator rights tor run".

  10. Re:That's special... on Proof-of-Concept Ransomware Affects Macs (vice.com) · · Score: 1

    The funny thing is that marketshare keeps coming up but Linux has had a greater marketshare for the last decade as far Internet-connected devices go. Mac has been increasing but there is no proportional increase in attacks on either Linux kernel or OS X or BSD/Solaris/...

  11. Re:Really? 30-40/night on China, Russia Try To Hack Australia's Upcoming Submarine Plans · · Score: 1

    What is a meaningful attack though? An attack that goes through is meaningful and if they let pass 40 attacks/night, they're doing a really bad job. Security is pretty much black and white, you either get compromised or you don't.

  12. Really? 30-40/night on China, Russia Try To Hack Australia's Upcoming Submarine Plans · · Score: 3, Insightful

    If China/Russia are actively hacking the joint, I must be running something really interesting because I get about 2000/night from Russia and China on my web servers. This is just some scaremongering from a company that has no IT or an IT without a clue.

  13. They should've asked someone who was alive then? on Hands-On With the Nintendo PlayStation (engadget.com) · · Score: 2

    I knew there were rumors of a Nintendo-Sony hybrid back then in the early 90's. It was going to be announced at a big con but never came to be.

    Here's a 2012 article on the subject: http://kotaku.com/5876374/the-...

  14. Re:Would have been better if the title was on Surry Nuclear Reactors To Extend Lifespan To 80 Years (richmond.com) · · Score: 1

    Those things were over engineered to begin with, they were built to withstand Cold War nuclear strikes to begin with. With a few safety upgrades and good engineering, these things can run a very long time before needing to be dismantled.

  15. Why? It's a trojan, not a virus. It doesn't auto-install on all of the platforms, it requires user intervention to install. It's like saying that VNC (also available for all the above platforms) developers should be hunted down. This is basically a VNC package that hides itself, nothing too bad.

  16. Re: 40 pounds? on Self-Driving Delivery Robots To Hit Sidewalks of London In 2016 (thestack.com) · · Score: 1

    My point was tongue-in-cheek but you would think the surveillance state would have made it easy to nab perpetrators. Instead, the cops aren't even checking these things because it's too time consuming. You just have to wonder where all the data goes then, if anyone is even listening.

  17. Re: 40 pounds? on Self-Driving Delivery Robots To Hit Sidewalks of London In 2016 (thestack.com) · · Score: 1

    It's in the UK, plenty of surveillance.

  18. Re: Ok, this takes the cake on How DMCA Rulemaking Has a Chilling Effect On Security Research (vice.com) · · Score: 1

    Exactly, this security researcher not publishing his research out of DMCA concerns is bullocks. There are broad exceptions in the DMCA to permit reverse engineering and research. Either he can do it or he is a scaremonger trying to get some attention. Anyone can reprogram an insulin pump with the right tools, whether or not it is viable remotely or long distance is another issue completely.

  19. Re: Using your advertised space != Abuse on Microsoft Cuts OneDrive Storage Limits, Citing Abuse (onedrive.com) · · Score: 2, Interesting

    It's definitely anti-competitive which MS is restricted of doing in the EU. You can't just offer unlimited until you get the market share or force competition out and then change terms.

  20. Re: Using your advertised space != Abuse on Microsoft Cuts OneDrive Storage Limits, Citing Abuse (onedrive.com) · · Score: 1

    In the US you probably can. In the EU EULA's like that haven't been upheld. In the EU you can't one-sided change any contracts even if the contract says you can. If you want to change contracts, both parties have to agree and you can't discontinue a contract outside it's terms by forcing someone to agree to new terms before continuing service. Hence most EULA's have to be accepted again when terms change however some won't allow you to continue if you don't accept them which is illegal on both sides of the pond.

  21. Re: Using your advertised space != Abuse on Microsoft Cuts OneDrive Storage Limits, Citing Abuse (onedrive.com) · · Score: 2

    It is false advertising to say it's unlimited and then institute limits on the existing contracts (accounts).

    You can't one sided make changes to agreed to terms and services.

  22. Using your advertised space != Abuse on Microsoft Cuts OneDrive Storage Limits, Citing Abuse (onedrive.com) · · Score: 5, Insightful

    Don't advertise as unlimited if uploading 70TB of data is too much. It's called false advertising and is against the law in European countries. Sadly, the US doesn't have good consumer protection laws.

  23. Re: MBA alert on GE CTO On Moving 9,000 Apps To the Public Cloud · · Score: 1

    And what do you think these 'leased point to point' connections are? They are terminated at your ISP and routed over other ISP's to the other end. If you're lucky they'll do it over an encrypted VPN. Did you really think someone rolls out cable for each leased connection? Or reserves a fiber across the ocean for your use only?

    The only way to be sure it is done correctly is to do it yourself. If you hand your stuff to others, they'll cut corners everywhere to make a quick buck.

  24. Re:I tried to give them money 3 times on HP Is Now Two Companies. How Did It Get Here? (cio.com) · · Score: 1

    Yes, 10 years down the line the company goes to shit. Carly, Hurd, Apotheker, Dunn, Meg... they don't care, they got the business to not crash and burn on their watch so they're "successful" and got the bonuses when they left.

  25. Re:How much of it do I have to trust? on Linux 4.3 Released As Stable; Improves On Open-Source Graphics, SMP Performance (lkml.org) · · Score: 1

    Most of them are related to drivers for a host of peripherals as well as other architectures and features your computer may not even have. So most code is largely untouched.

    Here is a neat comparison: http://www.informationisbeauti...