Slashdot Mirror


User: gweihir

gweihir's activity in the archive.

Stories
0
Comments
19,136
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 19,136

  1. Re:One kind of employee on Google Has Toughest Interview Process For Developers, But Not the Worst (getvoip.com) · · Score: 1

    I don't think so. Look at what they do today: They still only have search and ads, the rest is just toy projects, or failed or a massive nightmare like Android due to bad management practices. They will hire problem solvers, but as soon as you also bring experience and larger insights to the table, their process fails. I did not get hired by them in 2008, (apparently partly due to economic reasons, as I had applied on the request of a friend that wanted me for his team) and in retrospect, I think that was a good thing. They kept pestering me for a few years afterwards, until I told them that sure, I would interview with them again and that my daily rate for that was $1500. That finally got the message across.

  2. Re:Criminals running out of fresh ideas? on "DDoS-For-Bitcoin" Blackmailers Arrested (softpedia.com) · · Score: 1

    You must be one of those nil-whits that think harsher penalties, putting everybody in prison that does not agree with your world-view. etc. actually works. It does not. Ignoring reality is a sure way to make things worse though.

  3. Smart move driving people to pirate instead... on Netflix Decides To Crack Down On VPN Users (netflix.com) · · Score: 2

    Or maybe not so smart, because then they pay nothing. This way the pay for the content. Partitioning the world for the purpose of selling content separately is just artificial scarcity and, at best, an anti-capitalist thing to do.

  4. Re:Criminals running out of fresh ideas? on "DDoS-For-Bitcoin" Blackmailers Arrested (softpedia.com) · · Score: 3, Insightful

    As long as the old ones are working well because security costs money and hence universally sucks...

    Do not forget that DDoS is only possible because so many people run poorly secured computers. If it were expensive to hack computers, DDoS-based extortion would not pay off. These people are like the flea that settle in when hygiene is poor. They are a symptom, not the real problem.

  5. Re:This is why the immigration push on More People In Europe Are Dying Than Are Being Born (phys.org) · · Score: 1

    Not when there is no way to make a living at that "safe" place. And once on the move, it is far easier to keep running. Also remember that the politicos need to stop them at the outer EU border. Stopping them at the German or Swedish border makes things even worse.

  6. Re:This is why the immigration push on More People In Europe Are Dying Than Are Being Born (phys.org) · · Score: 2

    The real problem is that unless you want mine-fields and are prepared to gun down people en-mass, there is no effective way of stopping this. Just look at what these people are running from.

  7. Re:Undocumented features?! on OpenSSH Patches Bug That Leaks Private Crypto Keys (threatpost.com) · · Score: 2

    This must be a combination of somebody really messing up (allowing experimental and enabled code into a production release) and somebody asking for it, either because of stupidity or because of malicious intent.

    No reason to dump OpenSSH, the project has an excellent security track record. And they found this and patched it very fast. But they have some explaining to do and they need to make sure something like this does not happen again.

  8. Re:LibreSSL? on OpenSSH Patches Bug That Leaks Private Crypto Keys (threatpost.com) · · Score: 1

    Not comparable.

  9. Re:Wait WHAT? on OpenSSH Patches Bug That Leaks Private Crypto Keys (threatpost.com) · · Score: 2

    Only two options: 1. extreme stupidity coupled with completely unprofessional behavior or 2. malicious intent. This is just far too nice and works too well with the recently discovered backdoors in Firewalls (which are devices you would use SSH to log into) to be an accident IMO. Finger-pointing with evidence is pretty much a must at this point.

  10. Strikes me as an intentional vulnerability on OpenSSH Patches Bug That Leaks Private Crypto Keys (threatpost.com) · · Score: 0

    I.e. as an intentional attack against the OpenSSH project. First, nobody in any halfway professionally run project deploys experimental code to to production, especially when said code does nothing because the server-side implementation is missing. Activating it per default is also extremely suspicious. And second, the last backdoors found in firewalls are in devices that you typically would use SSH to log in to, i.e. these devices could attack their users, extract the users private keys and then check for password-less SSH being possible to other devices these users control.

    What the OpenSSH project needs to be doing now is explain in detail who put that code in there, how it came to be deployed and how it came to be on by default despite it clearly being an experimental feature. They need to identify at least one person or one contributing entity of either extreme stupidity or of malicious intent. And then they need to take steps to make sure this does not happen again.

    OpenSSH has an excellent security track record, lets hope this is an isolated incident. Because if OpenSSH falls, most of the Internet infrastructure falls right after it.

  11. Corporate greed and stupidity is the only problem on Why Sharing Ransomware Code For Educational Purposes Is Asking For Trouble (betanews.com) · · Score: 5, Insightful

    Most people that find vulnerabilities want to tell the manufacturer. But after a long history of being ignored or even being threatened, many have reverted to giving the corporations responsible a fixed, short time to fix things, because otherwise nothing happens. Giving time more time just makes them drag their feet, because fixing vulnerabilities costs money. Those complaining here are at the very root of the problem. I should also point out that this corporate fuck-up has been going on for a few decades now.

  12. Nonsense on Are Phone Numbers Doomed To Die? (fortune.com) · · Score: 5, Insightful

    Quite a few people are not on Facebook, Twitter, etc. It would also be _hugely_ unprofessional to do any job-related communication over such a venue.

    This is just the usual bullshit from people that get starry-eyes when fantasizing how the future will be, but have no clue how reality actually works. Basically the only old global communication channel that has vanished is the telegram. And there are services in many countries that will print out an email and deliver it to the target address for a fee. So, really, complete nonsense.

  13. Not "shaken", more surprised it took that long on SSH Backdoor Found In Fortinet Firewalls (arstechnica.com) · · Score: 2

    Seriously, any actual security expert has been expecting things like this for a long time. The only explanation that makes sense for so few of these being found is that most vendors do not go looking in the first place...

  14. Re:self driving cars on Preparing Countermeasures For Terror Attacks Using Drones (remotecontrolproject.org) · · Score: 1

    And then they are out of a job and purpose in life. Made obsolete by technology. I feel sad for them.

    Yes, that is about the level of respect that idea deserves. Sure, somebody will do it eventually, but the danger here is "car", not "self driving" and society has decided to accept it a long, long time ago.

  15. Re:Explosives are Stupid on Preparing Countermeasures For Terror Attacks Using Drones (remotecontrolproject.org) · · Score: 1

    The concentrated stupid of your posting is the only danger here. From the document you link:

    Orally, potassium chloride is toxic in excess; the LD50 is around 2.5 g/kg (meaning that a lethal dose for 50% of people weighing 75 kg (165 lb) is about 190 g (6.7 ounces)). The oral toxicity of sodium chloride (table salt) is about the same, 3.75 g/kg. Thus potassium chloride is harmless for alimentation (and even good for health, see previous paragraph). But intravenously, without the step of digestive absorption, this is reduced to just over 30 mg/kg.

    That still means you have to pump a 75kg person (not large) full of 2.25g (almost all 10ccs in solution) to get a 50% death rate and that is without medical attention and you have to hit a vein (because that is what "intravenously" means). Not a credible threat. I also would also very much expect the target to indeed start screaming and panic if stuck with a large needle without warning. The countermeasure is simple though: Just rip out the needle immediately.

  16. Re:who really cares? on Preparing Countermeasures For Terror Attacks Using Drones (remotecontrolproject.org) · · Score: 1

    Our war on terror has been a fiasco.

    I disagree. The purpose of this "war" obviously was never to be won (because it cannot, just like the now over 100 years of the "war on drugs"), but to keep the fear in the US population and the west in general alive. This serves several purposed. For one, a population in fear is easy to govern. It also serves to blow up the budget for organizations like the DHS, the TSA, the NSA, etc. All these organizations are primarily in love with power and money, their actual duty, namely to server the US population, comes a distant second if they remember it at all. And the "war on terror" has one other desired effect: It keeps validation for the actual terrorists up. It keeps them motivated, it allows for easy recruitment (David vs. Goliath Effect, nobody likes a bully) and it keeps them funded. Because the worst thing you can do to a terrorist organization is to not take them seriously and the absolute, unmitigated best thing for them is to style them as some sort of great threat. That makes them feel really important and bad-ass.

    Now I submit that the people that orchestrate this "war" on terror do not all know this, but they will either be dumb or they will understand very well what they are doing. Both kinds are a serious danger to western values, as exemplified by, for example, universal snooping and reduction of freedoms. In comparison to the severe damage these people have done and continue to do, all the things the terrorists have managed look puny and unimportant.

  17. Re:who really cares? on Preparing Countermeasures For Terror Attacks Using Drones (remotecontrolproject.org) · · Score: 3, Insightful

    And that is exactly what reality looks like: Terrorism is not a relevant threat in the west, unless a power-hungry political class, a press serving them and a population that does not get it makes it one. The mechanism at work here is that a population in fear is easy to rule, as a population in fear is dumb.

  18. Re:That it - vacinate everyone to save 4000 people on Gardasil Cleared of Anti-Vax Nonsense (slate.com) · · Score: 0

    Ah, yes. Classical social-Darwinism. Still as repulsive and despicable as ever. You probably also think anybody who smokes, drinks alcohol and eats fat or sugar should be barred from medical care.

  19. Re:No one asking the obvious. on Gardasil Cleared of Anti-Vax Nonsense (slate.com) · · Score: 1

    The root cause is people having sex. If you think you can stop that, then you are utterly retarded.

  20. Re:vaccines are not a perfect solution on Gardasil Cleared of Anti-Vax Nonsense (slate.com) · · Score: 1

    Nice side-fact: Driving to the doctor for any reason has death as a possible side-effect. The question is always about the probabilities and 95% or so of the population is not able to estimate them. If the start do to amateur medical statistics, chances are they will do much more harm than good.

  21. Re:Better safe than sorry on Gardasil Cleared of Anti-Vax Nonsense (slate.com) · · Score: 1

    I suggest you stop eating and breathing as well. That will make the rest of us much, much safer.

  22. Re:Why would you not want to upgrade to Windows 10 on 'Get Windows 10' Turns Itself On and Nags Win 7 and 8.1 Users Twice a Day (infoworld.com) · · Score: 1

    Because you are not very smart and have overlooked a couple of important drawbacks of Win10?

  23. Re:Why would anyone tolerate this bullshit!? on 'Get Windows 10' Turns Itself On and Nags Win 7 and 8.1 Users Twice a Day (infoworld.com) · · Score: 1

    You forget that you are the product. The Win10 downgrade being free made that amply clear.

  24. Re:Mod parent UP! on Linux Kernel 4.4 LTS Officially Released · · Score: 0

    Baseless insults that ignore reality will not make you systemd-fanatics any friends. Even though ignoring reality is how you have operated the whole time, others may actually have some real understanding of what is going on.

  25. Re:cannonball run, anyone? on Coast-To-Coast Autonomous Tesla Trips 2-3 Years Out, Says Elon Musk (google.com) · · Score: 4, Interesting

    "Self stealing", indeed. Nice! I predict that it will take far longer than 10 years to make this sufficiently secure.