Posts by Aodhhan

Stop ranting and blaming politicians for putting together laws which at least attempt to protect citizens. Start focusing your attention on law breakers.

Instead of bleeding out and worrying about the welfare of a prisoner, start demanding longer sentences and hellish conditions. Put money into building prisons so everyone stays their full sentence and you will see a drop in crime.

Its simple

If an O/S had to compensate, update and change for each and every type of peripheral on or soon to be on the market the O/S would never get released. It is a lot easier for each company to work on it's product than it is for another company to work on everyone elses. Get real.

Yeesh

1. It isn't on continuously

2. It uses frequency hopping

3. everything has a bad side; even aircraft

4. I think the Taliban has other things it would rather spend its money on, than electronics to counter this

5. There are a lot of odd-ball tones on a variety of frequencies... and we can even drop transmitters in enemy territory to confuse yet distinguish from those worn by troops

6. They will be worried about being led into a "trap"

... you get the point by now.

Where is the rest of the story?

How was the order for the material placed? All at one time, or multiple orders? I'm betting how it was ordered had an affect on how this turned out.

...and you can't complain about the condition.

NVIDIA is becoming as stupid as Sony

Guess my next video card will be some version from the Rambus Corp. They seem to have a pretty good record in these lawsuits; definitely plenty of practice.

nice phone

Anyone taking bets on how long it will take until the first vulnerability proof of concept is published?

I own an apple, and I use it to pwn yours!

13pp4rd h4x0r5

I love my 1TB's

Their fantastic, especially with todays drive management applications and options. Now... start increasing production on 10K-15K+ RPMs to bring the prices down on them.

Less than 10K rpm on anything over 500MB just sux.

Now-days... it is the hard drive slowing things down. Not processors or lack of memory.

You ding dongs

The fines are for PRIVATE SECTOR companies.

Do you actually read the entire article, or only those words containing less than 5 letters? ...and then jump on the bandwagon of another who bashes gov't?

For government organizations: Responsible individuals at least are fired. Many countries are passing laws which will land offenders in jail as well as compensation. So you may not get the governement entity, you can at least get the person who didn't meet compliance.

With the many options for encrypting data at rest at affordable prices, there really isn't any excuse. However, no matter how idiot proof you make something... someone will find a way to build a better idiot.

Still so many more patches to go

Why anyone purchases Oracle products is beyond me. As a contracted pen tester, it is a product which causes nightmares for me. Working ways to mitigate the holes without taking a bite out of a budget is a big challenge. Hurry up Oracle.... I'd like to take a vacation!

Too darn expensive

Absolutely fantastic servers, but there are cheaper alternatives. Anymore, the only time we use SUN is for our 'private' networks where we need extra security.

Forget throttling

How about slamming them with a huge fine and implement an independent audit to see if they have other legal or compliance problems.

Not everyone uses P2P applications to illegally distribute copyrighted material.

Fact of development

The more features an application has, along with ease of use, and flexibility in dynamic user programming.... the more likely someone will find a way to exploit the application.

It isn't feasible for most companies to test their software to death before realeasing it. Majority of software put out today has some sort of vulnerability waiting to be found.

If everything was so easy to fix... Oracle would have been able to fill up all their leaks years ago.

The issue isn't partisan

The original law is more than 30 years old. It has been used on both sides of the fence. Bush just pushed the envelope of it a bit more than others due to the WOT. You think Clinton didn't do any wire tapping and dancing before getting a court order... think again!

Fact is, you still need a court order to "spy" on the public in America. In an "emergency" (yeah, this can be debated), you get a week to petition for the warrant. Which is really what the friction point is.

Still... it is better than most countries which have no laws against the government spying on their citizens. Not only do most countries allow it, but there isn't any judical oversight. So don't be so quick to bash the American system. You are probably being spied on this moment if you aren't in the US... and cannot do anything about it.

MSFT should pay the fine then...

Stop selling any products or provide support to the European community. Give them a whole new light on how much the applications are worth.

Sony STILL sux

Perhaps they pulled it because they didn't get the code in this rootkit just right, and were afraid Mark Russinovich would make fools of them again... this time with their game console.

It's okay to have a PS3, just ensure you unplug it from your entertainment system after use and pull the power cord!

WTF?

A national ID card scheme seems a lot like ID papers used by the old Soviet Union to get from your house to anywhere else. What is next, you'll need to have a passport to live in your own country?

If there is already a blanket of checks run on individuals, what good would come out of this system? Work smarter not harder.

Sony sux

I haven't purchased a Sony product since thier digital rights root kit fiasco, which left individuals computers vulnerable. The way they handled it left a bad taste in my mouth which isn't going to go away any time soon.

Really....

You risk anything being made public as soon as you tell someone. Whether it be your best friend, spouse, family member etc. I bet you aren't as hard on them when they tell someone else one of your "secrets".

As soon as the government puts you in jail for a conversation of yours which isn't criminal, related to terrorism etc, then you have a gripe. Until then, get real and look at yourself.

@JonB

No, they NOW have to check all the data since there is no telling what these two have changed. It is likely they changed a lot more than just grades. Either way, they cannot take the chance. For instance, if they went in and changed the keys to some tests, it will cause problems in the future. Backups are of little use, since the majority of them will be comprimised as well. Ensuring the data is trustworthy again, will cost quite of bit of money and take time.

Also, don't tell me what they do and don't do. It's obvious you haven't taken a few things into account, and all you are doing is stating the obvious. It is rare for any system to have users re-check entered data, which is why it is a good practice to schedule audits of data from time to time.

Keep your clue for yourself. Just because something happens where you are doesn't mean it happens everywhere else. On most systems it doesn't matter hwo often you change the password or how complex it is if you have physical access.

Did this school do everything it could have to prevent this from happening? No.

Did they underestimate malicious inside users? Yes.

Was physical security and user security training poor? Yes.

Does this provide any excuse for the students who hacked into the system? NO.

If you let someone into your house, and they steal something when you are not looking, or damage something while they are there... are they not liable because you let them in? Does this mean your security is poor?

By the way, if physical security is so lax. Then keeping grades on paper are just as vulnerable. A student could break into a room where they are kept and make changes... Here's your sign.

What is the problem

The password protection on a PC is good...well, for at least the 70 seconds it takes to boot up a CD Rom or 15 seconds on a thumb drive.

You guys are just too hard on these people!

Extradition

First of all...

the death penalty can only be handed out for 2 things. 1st Degree Murder and High Treason.

Hacking into a computer system doesn't qualify for either.

Second...

He didn't access any classified information. The department of defense does not have their classified network accessible from the public internet. He only gained access to what is known as NIPRNet. This is an unclassfied DoD network which has connections to the Internet; obviously necessary for communications for non-DoD interests.

Third... There are many crimes you can do where you are in one jurisdiction, yet harm is done in another. When this is the case, the court where HARM WAS DONE (ie the US) has jurisdiction.

There are way too many things about this story which seem a bit outlandish, don't you think? If it doesn't pass the laugh test, then it probably isn't true. Don't believe everything you hear, especially if you hold a prejudice. Use your brain, be critical, and think. Those who don't are more idiotic and irresponsible than anyone they accuse.

Do you use any brain cells?

Just because you have a car, and you drive it around town... doesn't make you guilty of vehicular manslaughter. However, how you drive it could have adverse affects which could affect others.

The mother clearly created this account to do harm. I don't think the mother thought it would cause this much harm, however this is due to her own ignorance. A psychologist would have predicted this outcome, and if you think about it for a few moments, and all the depressive suicides you have read (or know) about, you can see this outcome was probable.

Did the mother pull the trigger? No. However, she was definitely an accomplice of sorts when she made the decision to create this account to cause harm; even if it was just emotional harm.

This mother herself should believe this is a serious act. After all, she believed the deceased girl herself caused harm to her daughter. What the deceased did, was no where near as costly or serious, and the mother believed she should be punished. It would be hipocritical to believe otherwise.

Another rise

Can you say, "The beginning of the Fourth Reich"?!

Looks like political rigging to me

Just as well... I'm not a big fan of VMWare ever since Microsoft released its latest version of Virtual Server.

Wrong direction

We need a system which will jam all these "tracking" applications.

With cell phones, auto systems and various other wireless items having features which track where you are located.... give me a product which will jam them all so nobody knows where I am at any given moment.

Soon everything from your drivers license to your watch will have some sort of RFID or wireless feature for tracking. Beware of SWAG, the new spy-ware.

F-Secure

The solution is for GPcode.b; this version is GPcode.AK. There is no solution for it.

Everyone who believes you can simply reverse engineer a solution for this type of encryption please take 3 steps back from your computer and never touch it again.

Even if you manage to learn part of the algorithm, you have no idea of the actual variables and values used...hence, you need a lot of computer time to plug them all in (ie brute force).

Yeesh

So many arm chair judges.

There are many types of crimes which can be committed from a far. Stop and THINK for a moment, and you just might come up with a few.

Jurisidiction normally falls with the court where the damage actually occured.

The fact he hacked into the Pentagon isn't the only issue. Its the fact he was caught hacking into a computer system at all. The Pentagon finds it easier to track hackers than small mom and pop operation.

The law doesn't require you to protect your property in any manner. So the administrators lack of skill in configuration means nothing. You don't need a fence on your property to prosecute someone for trespassing.

The next time you defend a hacker. Think about one getting into your system; Secretly downloading a bunch of child pornography on your computer. THen to be really mean, he contacts the authorities and lets them know you collect child porn... while he silently uses your email account to send some out to everyone on your contact list.

Oh darn... he's in Russia... so you are screwed!

Missing math

I still don't buy it, and the math is off due to missing variables.

Wattage doesn't create heat, resistance does.

Hotplates and processors are both built differently for different purposes. Processors are using the majority of their watt energy for processing, therefore the resistance heat isn't as efficient per watt. They are also built of material which doesn't hang on to the heat for a long period of time.

Where as a hot plate is using watt energy and creating as much resistance with it as possible. Therefore it is more efficient in creating heat with each watt. It is also made of material which is designed to hang on to heat as long as possible.

A brick holds heat better than a sponge or a block of silicone.

Now, reconfigure your tests using the above information, and you'll forget about wattage vs size.

USA isn't any better

See this report from OMB to the US House of Representatives last week. Addressing information security weaknesses within the TVA.

www.gao.gov/new.items/d08526.pdf

Nothing like incompetence.

Whining Millionaires

THe Greatful Dead allowed anyone to copy their music or make their own tapes at their concerts and circulate. They still made millions. They became so popular, people still purchased their albums, but also bought a boat load of merchandise. Has to be a million dollars worth of Dead Head stickers still on old cars.

I also get a kick at how liberal Hollywood and many musicians are except for the fact of copyright. If they weren't already making millions they would probably get more sympathy. However, I think the majority of people still purchase most of their goods instead of breaking copyright laws. With the exception of perhaps the 12-24 year old demographic. Yet Miley Cirus is still making a killing; some 18 million last year.

Point is... nobody wants to hear millionaires griping, whining and beoxching unless they are watching baseball. Get over it.

Scenario

So you don't have anything a hacker wants on your computer, so you dont care.

Do you have people who don't like you?

Doesn't take a lot to hack into someones computer, hide child porn, documents about stalking, plans to kill someone etc. Then call the police, and say this person tried to trade child pornography with you. Even take over his mailbox and send some things out in his behalf.

Bingo, you go to jail for something you didn't do.

Once you learn packet injection techniques, you can crack a WEP password in less than 5 minutes. A noob using Aircrack can do it in 1 to 3 days; depending on how often you use it and how many IV packets are available.

Spectral love

Because of solar scintillation, I doubt wireless will ever be used as a primary means of flight control. However as a backup means, it does make sense for controls which are already electronically controlled using servos etc.

Wouldn't do much for systems using pneumatic or hydraulic means. Since a cut in those systems lines would mean a loss of the medium itself.

Just how many aircraft are built with electronic servos actually moving the flight surfaces? I believe right now, most are still assisted via hydraulics.

Pull out

Microsoft announces it is pulling all products and support out of Europe beginning in September, because their analysts claim they cannot recoup costs of maintaining compliance without passing it on to the consumer.

Psych!! Not reallly, but what a scary thought. Courts should be careful just how far they go with things.

Think of the world

I welcome any product which increases a persons ability to think.

Take a couple e-feds and think about it for a bit ;)

You'll see... there are too many idiots in this world! They require all the help they can get.

Secured Products

Can't understand why anyone would use this O/S on a medium to large enterprise environment. It isn't listed as IA certified on the common criteria portal's Certified Product List.

Shame on any security engineers who actually let this product onto their network!