Slashdot Mirror


User: AHuxley

AHuxley's activity in the archive.

Stories
0
Comments
11,974
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 11,974

  1. Not funding, quality of educated people on Could We Reduce Data Breaches With Better Open Source Funding? (marketwatch.com) · · Score: 1

    Its not a funding issue.
    If money solved all computer problems a few top US consumer OS brands would have been the most secure OS ever.
    They are not due the the low skill sets and the lack of education found in many of their workers.

    Consider how an open source project responds to a person who shows security issues.
    Do they have a person in place to accept the errors and communicate with the person who found the errors/bugs/backdoor/trapdoor?
    That they can communicate back that the errors are understood, that they will be fixed and when. Thanking the person who found the errors and keeping them informed until the users get a fully patched OS.
    Are all the errors are then worked and the results pushed out to the users?
    Do the errors get fixed and the errors get noted internally but no actual patch/update for end users is released over a longer time?
    Anyone looking can see the errors been accepted and listed online but nothing is done to secure the OS for the users.

    That is all in the skill of the person and people who work on open source projects.
    Some people are just responsive to errors and fix them for the users as a matter of pride, merit and skill. On time, every time as they care about their project and work hard.
    Other open source projects are very happy to communicate, accept errors but have internal difficulties to actual patch their code so end users are protected in time.
    Some projects just accept bug reports and sit on them as a part of a project to be fixed by someone later.

    How to avoid this?

    Stop looking to show a project has many different people working on it. If they cant keep up with error reports they are not helping in any way.
    Find the best people to fix complex issues. Accept help from people based on merit and skill only. If a person cant code to a very good standard don't let your quality project become their educational support project.
    The low skilled persons inability to learn/study and code to a very good standard is not your projects problem. Find much better people who can fix problems and who can work hard on the project long term. Find people who can show they know how to study and who actually have the needed advanced skills.
    Stop just accepting people with few skills due to factors well outside actual needed skill sets.
    The project will be well like by well educated people once they see the dedication, hard work and quality of code, error reporting support.
    That is what matters. Good people who can code to a very advanced level.
    Let the people with no or few skills find other projects to slow down. Keep them from altering your quality project.

  2. Re:Redundancy on Dutch Utility Plans Massive Wind Farm Island In North Sea (theguardian.com) · · Score: 0

    Roast that one thick cable with power as needed every year.
    Hope nobody thinks to investigate why the power really failed.
    Recover the evidence that points to too much power for too long.

  3. Re:Still losing money per Amazon box. on Trump Wants Postal Service To Charge 'Much More' For Amazon Shipments (reuters.com) · · Score: 1

    Re "But that's not how it works in reality. Business pay out of their operational funds as a cost. They don't put aside the full expected pension for every employee at the time of hire."

    What if the workers all know too much about things that should not have happened legally?
    If the US gov upsets the postal workers and their pensions the postal workers could start talking to the media about all kinds of police and federal investigations done to "sealed" private letters over the decades.
    Best to keep the postal pensions in place, fully funded and the decades of color of law investigations won't have lawyers asking to have convictions examined.
    What was done to every interesting letter can stay well hidden.
    If the US gov forgets to look after the pensions, some postal workers might feel free talk to the media about what they had to do to so many letters for federal investigators.

    Should the US gov stop their pensions a worker could feel released from that old security clearance? No pension, no need to keep the inner workings of past federal investigative methods hidden.
    An author might be very interested in past recollections about how state and federal investigators used the postal service.

  4. Re:Now I know who to kill for my liver transplant on 300,000 Users Exposed In Ancestry.com Data Leak (threatpost.com) · · Score: 1

    Re "plus the ability to pin a crime on anyone in a (half-decent) DNA database."
    The other issue is that of low and mid ranking DoJ doing DNA work and the resulting random US wide federal database results.
    Say a person did something bad in the 1970's. DNA is fully recovered from a stamp, letter related to the crime in 2017.
    Put the new results of advance DNA recovery into some federal database and see if anyone related is in the US federal criminal/mil/federal DNA system.
    Get some new names and start searching federal databases. Who was who in 1970's and if that interesting person is still alive.

    Suddenly the investigative team is looking some part of the extended family of a well respected state/federal judge in 1950-70's. That family has now advanced up the US political power structure a generation or two later.
    The crime was was never expected to be reopened.
    The investigative team induces FBI database search protections that protected lists of powerful names from been investigation by low ranking bribed officials.
    Enter the wrong name and the police who went searching get investigated.
    By using the private sector until the actual names are discovered, its much more easy to keep case work from been questioned internally.
    DNA is wonderful to solve a decades of working class crime. A much more powerful family may not like their past been openly investigated.

  5. Re:Now I know who to kill for my liver transplant on 300,000 Users Exposed In Ancestry.com Data Leak (threatpost.com) · · Score: 1

    1+ for federal law enforcement needing DNA from kin without going anywhere legal near their suspect.
    Dont want to go into local small town courts, gov, look at paper records in fly over country? Mentioning names and looking for records? That town worker might gossip about the DoJ asking for paperwork on well respected locals.
    Do it digitally and get the DNA needed from one person near the suspect. No need to drive and fly out too many times to get records and risk questions by locals.
    Just one time to get the actual sample from kin without anyone knowing. Keeps the secret of who is been looked at a more of secret as nobody has done any data requests on that name.

  6. Re:Redundancy on Dutch Utility Plans Massive Wind Farm Island In North Sea (theguardian.com) · · Score: 1

    Re "Power cables like this are a tad too thick for "snip"."
    Too much power is pushed down one cable for too long, well past any manufacturer design limits.
    So the owners can make a profit or support unexpected energy demand for longer.
    The nice "thick" then fails due to owner induced over use beyond any limits set by the manufacturer.
    Thats why redundancy is always needed.
    Governments and the private sector don't read what the manufacturer said about only using their product within set limits for a set time.

  7. Re:The Dutch have done this for a while. B-) on Dutch Utility Plans Massive Wind Farm Island In North Sea (theguardian.com) · · Score: 0

    So now the UK and other parts of the EU could have to pay back the Dutch for the costs of an artificial island and to keep the power generation in profit.
    Nice to own a new island and have a other nations submit to contracts making them dependant on your "green" energy at a nice profit.

  8. Re:They're coasting on fumes on 'Star Wars' Franchise Crosses $4 Billion, Eclipsing Disney's Lucasfilm Price (hollywoodreporter.com) · · Score: 4, Insightful

    But some General and Vice Admiral got to lecture the audience and cast.
    The really bad casino people and freedom for the "horses".
    Can an entire franchise be supported by more and more virtue signalling?

  9. Re:Ask a subjective question, get a subjective ans on Facebook's Uneven Enforcement of Hate Speech Rules Allows Vile Posts To Stay Up (propublica.org) · · Score: 1

    They should have kept their US branding globally.
    Freedom of speech, freedom after speech sells around the world.
    People who need to interact with their own governments can use boring national sites.
    Keep social media fun, free and full of different news.
    Thats what attracts people and profits. Users can all get 100% censorship in their own nations for every day.
    US social media does not need to report users to they own nations police for enjoying US freedom of speech.

  10. That depends if the comments are for federal gov, state or local government officials.
    Once the private sector inserts itself between gov and the citizens it has to allow freedom of speech given its role in been a portal for local, city, federal gov.
    Social media activist SJW cant just ban users for trying to petition their Government for a redress of grievances. The government selected a social media site to be their digital portal.
    That reduces the ability to say they are 100% private sector and can ban account, users, comments, remove news.
    Then its like been banned by a government for freedom of speech by a private sector site that allows comments about government policy.
    Terms of service stop when accepting government interaction starts.
    A lot of comments also have to be kept for FOIA and as part of the official record. Gov officials cannot just ask a social media SJW to remove all negative comments to m make their gov, city, state look better. Each and every comment could be considered part of the a citizen interacting with their government.
    If social media wanted to keep its own private sector restrictive "Terms of service" SJW rules then do not become a local and national portal for government.

  11. Re 'This is the end game. Bets?"
    Big federal governments, state and local governments like social media to get in their virtue signalling.
    Buy enough ads and social media SJW will report accounts an users to any government to show support for a nations laws and culture.
    Communist governments, dictatorships and theocracies know if they buy ads they can gain influence on social media policy.
    SJW like social media as they can report and ban users.
    So social media will always have its supporters and be assured of ad funds from big brands and investors.

    The average user who gets banned by big government supporting SJW will take their daily usage to sites that support freedom of speech and freedom after speech.
    Big US social media brands with all the SJW censorship will ensure US Social media becomes really boring.
    Daily news about big gov, products, services, big US brands. A few SJW supported news links. An ad to visit some nation ruled by a monarchy that invested in US social media.

    Social media will remove all movie reviews, book reviews, history, art, culture, political comments.
    Social media will be like paying tax. Some site that has to be used to interact with gov, big brands, ads. SJW will watch and report on every comment, question, link, new account.
    All very boring and full of SJW.

  12. Use more SJW and help support big government on Facebook's Uneven Enforcement of Hate Speech Rules Allows Vile Posts To Stay Up (propublica.org) · · Score: 4, Insightful

    The US university system graduates so many SJW every year. They would enjoy the feeling of power to censor the internet for a social media company.

    Just list all the terms, music, art, culture, music/movie reviews, cartoons, blasphemy to be de ranked, banned and removed.

    SJW can also report users, accounts, art work, history to EU and US law enforcement too.
    Just hire a lot more SJW and let them censor social media.
    Social media's got what governments crave. They crave censorship. It's got social justice.

  13. Who in the DoJ really wants another drive out to the tri state area to talk with a safe, boring, normal, loyal US contractor?
    Win a French company wins, everyone win. A few flights to the EU over the use and upgrade of that software.

  14. All the SJW will correct this on How Climate Change Deniers Rise To the Top in Google Searches (nytimes.com) · · Score: 0

    Just use the SJW to de rank the search results and the internet will be good again.
    Any other trending topics that SJW can correct back to more political correct results?
    Feel free to list what other topics and search results SJW can derank....

  15. Re "use that access?" in some fictional way?
    If someone was thinking of a fictional movie script and what to do with control of CCTV looking at and into every US gov, court building?
    Get CCTV from all US federal, city and court buildings 24/7.
    The face, face of passenger licence plate of every DoJ, other federal agency, state/city police officer, city investigation, court worker, state/federal funded task force member, police informant, undercover police office.

    Police and security will do field interview if they see DSLR near their building.
    They just don't think all the city, private sector CCTV could be used to track all law enforcement officials because that software and hardware is so gov/mil restricted.
    Bonus if can get voice print and cell phone details too :)
    That would make a great fictional movie plot. Building security always watch for stranger with DSLR not what all the CCTV can see. CCTV is always used by good people.

  16. With NATO distracted by looking for Russian bear in forests, people think the security services in NATO cant still collect it all domestically.

  17. Re:How CIA, MI6 can win any Russian election on Russia Is Accusing the US of 'Direct Interference' In Its Elections (businessinsider.com) · · Score: 1

    But the CIA anthropologists really have a good plan this time. Its all in the speeches around Russia and been seen doing sport. A healthy, positive candidate that can sway the vote for sure. The NOG funding is all in place. The stickers, T shirts, slogan and music are all ready.
    Its not a color revolution using existing political leaders this time.
    Its about creating a new political party in Russia to win next elections. Not using existing political parties. A new face and new party.
    New ideas for a new Russia.

  18. But they could have got a free trip to the EU. Thats the point of using French software. The visits to the EU to keep up with what the FBI wants and needs.
    Whats the point of using a French company if the code gets audited in the USA?
    Get a few months in France to observe the audit.
    Work in a fact-finding mission to Germany, Italy and Ireland to see what French software they use with their police.
    Then to the UK to understand why not to trust any French software.

  19. Hire more SJW to hide news on Mark Zuckerberg's Real Campaign: Save Facebook (axios.com) · · Score: 0

    Just release more SJW all over social media. Just let them ban anything they don't like.
    Music, art, cartoons, blasphemy, comments about illegal migration, history, book reviews, movie reviews.
    SJW will report all reviews, comments, links. Ban accounts. Remove the comments, links.
    Social media will be so simple to use then as only a few trusted accounts will be allowed to comment.
    Only having a few sites to link from will make news so much more simple to control too.
    A perfect brand trusted by big governments, political leaders. The big brands ads and users who like big government and lots of ads.
    Positive movie reviews on all movies. Only selected books get reviews. Only linking to a few pre approved news sites.
    People will enjoy and really want to return to that kind of hard working social media brand.

    Please work hard and show us what SJW want to ban on social media.

  20. Re:The system should be air-gapped regardless on FBI Software For Analyzing Fingerprints Contains Russian-Made Code, Whistleblowers Say (buzzfeed.com) · · Score: 1

    If its air gapped how can the FBI track people in real time?
    The FBI wants the face on CCTV, the face of a driver and their passenger, social media, cell phone collection, voice prints. Any face doing a first amendment audit in real time.
    Such an upgraded networks needs to be ready for a field interview, chat down.
    For some reason the FBI thought it would be great to share the keys to all US persons of interest with the French.

  21. Re:Analyze the code... on FBI Software For Analyzing Fingerprints Contains Russian-Made Code, Whistleblowers Say (buzzfeed.com) · · Score: 3, Interesting

    Re "Who wrote it doesn't matter, so long as it does the job it's supposed to."
    US code only worked with modern quality digital images and file formats.
    The French used Russian code that could accept fingerprints from old paper files.
    The FBI did tests and accepted the French innovations that allows for the accurate importing of old US paper records. The French outsmarted their US competitors by knowing what the FBI wanted.

  22. Re "obscure the auditing process of what they bought, not improve"
    Could the French be the only people the FBI could really trust if the project was to sensitive too let US workers near?
    Say the US domestically was doing police collect it all and got in a US company with its staff and their own in house legal team.
    The US workers might see an integration of voice prints, private/gov/mil CCTV, social media images, private sector databases, passenger/driver faces, fingerprints, US driver's license images, cell phone and internet use into one nice new domestic database.
    Someone in the USA on that project might talk to the media about that.
    If the US gov uses French experts such domestic integration can be passed off as a way to track other nations embassy workers and foreign diplomats around the USA.
    The cover story protects the project and the FBI wins nation wide database integration nobody in the USA knows about.
    Any US company who was in competition should be asking questions about why they did not get consideration.

    Then someone smart just has to use the word "Russian" when the FBI just wanted to keep domestic database integration a total secret from US criminals and police under investigation.

  23. US competitors could FIOA an audit and find out why their good quality software was not selected for FBI use.
    Think of the trade implications if the USA used secure US software and did not allow EU software equal access to make code for the US gov.
    France would be upset at the USA for not considering French software.

  24. Re "code is audited"?
    Who knows the ways of the French programmes really well?
    The English.
    They live next door to France and are subjected to their computer programmes every year.
    People working for the FBI should take the French code over to the experts in the UK.
    A few months of intensive code work to find the Russian code litter in the French code while staying in the UK should get results for the US.

  25. Do people working on the Linux in the USA know Russian code changes are been made to their Linux outside normal working hours?
    Have the ip ranges of such intrusion attempts from Russia been investigated?
    Was the Linux altering code submitted between 9 and 5 Moscow time?
    Did the comments to this new Russian code contain any strange languages? Could Russians have been using Linux code comments to communicate with networks deep in the USA for years?
    Changes to the Linux could be a direct communications network between Moscow and its generations of cyber spies in the USA?