I once encountered a forum where they prompted for a custom secret question. Great idea, I thought, and put in a properly clever one. And some lengthy time later, had to do a password recovery, and it started with asking me a fill-in-the-blank "What is your secret question?" At which point I abandoned the site, never to return.
292 posts • joined 9 Sep 2010
Yep, yep and yep. Sticking a device out there with a public IP and nary a clue about how to lock it down (or even that it should be locked down in the first place) is inviting disaster. That's why my company sells cellular connectivity with decent network options - like assigning private static IPs, and routing all the cellular traffic to the customer's datacenter - effectively pulling the device behind the customer's corporate firewall, no matter how the device is configured.
Of course, they should still be DMZing the devices within their WAN, but at least some schmoe on the internet can't root the device with a portscan and two minutes of websearching for a setup manual. Not that there's anything new about that: http://www.theregister.co.uk/2011/05/03/cop_car_hacking/
Well done that man!!
Well, she's been after the firearms and ammunition for quite a while, and has gotten nowhere at all with that.
Yeah, 2G (and sometimes 3G) latency is a big consideration in some corners of the machine2machine space, too. Mostly you get the pushing of tiny config or data files back and forth, and don't much care if it is measured in minutes vice seconds, but you sometimes run across folks trying to replace ethernet with 2G for their not-particularly-well-tuned client/DB app and then insisting that the cellular network is broken.
Many a pint will be hoisted in Sir Terry's memory, for all the brilliant writing he's given us over the years.
I always assumed it was because they were trying to make sure there were no bombs or drugs in the electronic device, neverminding that someone could rig a laptop to show a boot screen and even a generic Windows desktop with little trouble (as always, security is there to catch the stupid ones).
But aside from the hidden truecrypt partitions etc, how about a login or PIN that while showing inocuous data also automatically/silently activates audio/video recording until owner-stopped or device powered off? It'd make me actually eager to turn it on and provide a login for the nice officer folk.
Tthe State Dept email administrator is a BOFH. 'Nuff said?
Every fifth or sixth BOFH, there's a timely one that I can simply forward to certain individuals because it saves me from actually issuing relevant threats or looking like a... ummm... BOFH. This one is one of the most timely and helpful in recent memory.
Re: more advertising
Going back to... the first television show? The first AM radio broadcast?
They're just getting more clever and insidious (and one might add, annoying) about how they do that, but sending out interesting content in order to advertise stuff has been around for quite a while.
Well, there goes the FCC's perfect record this millenium of being completely useless.
And for goodness' sake, make sure the patch/upgrade doesn't gack the SSH service on the box.
Re: Highly Unlikely...
Sure, but wouldn't her next step before connecting to the internet unprotected (and in a place where her keystrokes assuredly would NOT be recorded) be to change her now-potentially-exposed login password?
It would be for me, and I'm probably not half as security-conscious as her.
“The odds of success are not great – perhaps 50 per cent at best,” the firm said in a statement.
How refreshingly blunt and honest.
Here's to a dry and stable landing.
Re: NORKs ought to fund assassination of POTUS, staring Jackie Chan and Lucy Liu
Sorry, wait - wasn't this sorta what Sony did with audio CDs a while back?
Re: >If I was Sony I'd release it free to download.
Yeah, but they embedded DRM in it and so no one would touch it.
Re: Wow. Just wow.
Unless "the damned door" was an airlock, I don't see how firing them does much good - they would then have zero disincentive to take/leak it to the media, right? To say nothing of potentially exacerbating the security issue - they'd then have external entities inside their network, and unhappy former-internal entities able to exploit that situation and make it substantially worse. Well, worse according to what they knew at the time, anyway - right now "worse" is where they're very definitely at.
Re: M2M services?
I'm not sure what you think it means, but unless you're Captain Cyborg, then it's probably not for you.
I'm glad the air traffic control isn't considered a critical system, or it'd be a bit embarassing not having this kit wired up with emergency generator backup power.
Re: The U.S. military first tested lasers
Moisture? Ermm, fair point... But limited power resources? You've not see a ship's shore power cables inport, or a sense of the electrical load of a SPY1 radar or hull-mounted active sonar? USN Missile cruisers and destroyers have three 2500kW generators. Nimitz-class carriers have eight 8000kW generators. I don't think the ships would even have to shut down all non-critical systems to get the laser going, unless they wanted to destroy the floating continent of Jupiter or something.
Have an upvote, purely for the enjoyment you provided me in the form of being able to watch BattleBots.
I eagerly await the immediate adoption of this by law enforcement agencies.
Wait, what do you mean they aren't interested?
Re: Too late
It's an interesting tactic. One wonders whether the US government would eventually apply Eminent Domain to intellectual property, the same way they do it to real (estate) property?
I do wonder how much a (slightly) misspelled last name impacts the automated data-trawling that FB and its advertisers perform?
(It isn't idle curiosity, mind, more of an experiment where the results are not visible to me.)
I foresee some Denial of Thermostat attacks coming soon. Then again, could Global Climate Change just be considered a DDoT attack? Via social engineering, no less?
I'll get my coat, yeah, even though I might not need it.
Re: The routers in question-
I was going to say Rosewill...
I can say that for Arkansas, the low end in practice is fairly close to "shouting is quicker". RFC 1149 is viable technology in some areas of the state.
Marketing, contests and prizes are all well and good, and I'm certainly fond of the free beers that this day typically produces, but can we start a movement whereby on this day ritual sacrifice of "most user-ish user in the office" becomes traditional? I mean, we don't have to *actually* remove their beating heart or chuck them into a volcano, I'd settle for a simple ceremonial gesture such as a good flogging in the server room where no one can hear them scream...
(Beer, because I can't bring myself to apply the Joke Alert icon here.)
Chairman Wheeler & cronies are probably going to try and let memories fade and then pull a fait accompli in a few months. *sigh*
From what I've seen, "common sense legislation" rarely involves common sense, and "bipartisan agreement" means the two major parties have figured out how to get what they want and it's only the commoners getting screwed.
Re: Rockets use liquid fuel?
I think the downvoters (and helpful explainers) are missing the JokeAlert icon?
Selling shares in a venture about to launch into space? Elon Musk is taking another page from DD Harriman's playbook.
And suddenly, the folks trying to shoot down drones with rifles and shotguns go from "whackjob tinfoil hat types" to "networking enthusiasts pursuing proactive layered defense strategies".
"Plus whoever holds Antarctica sits on top of the Earth and can control every single aspect of modern commercial logistics. You can't move anything much larger than a breadbox without sailing within reach of military assets in Antarctica."
Exactly! That's why Hitler stationed the Tirpitz in the fjords, to threaten the... wait, what?
I get that if you can't transit Suez or the Panama Canal, Antarctica would be particularly threatening toward the Cape of Good Hope or even moreso Cape Horn, but... between pipelines, smaller tankers, Arctic polar routes, and the Straits of Malacca, I think you're overstating the case a bit.
Re: Monitored house alarms.
Yes, I can point to a million SIMs (sorry, a listing of the MSISDNs won't fit in the comments block) that don't have a single user associated with them. I've seen a lot of clever people figuring out new and interesting uses for cellular data connectivity and hardly any of it involves a meatbag on the mobile end.
I dunno, it's got a number, a capital letter, and a bunch of lower-case, but my gut tells me 1Password is actually a fairly week password.
But if the 3G datalink is properly secured, then it's still a non-issue. The SIM cards can be provisioned onto a private APN, secured with username/password to get onto the cellular network, and the internet access restricted (inside the upstream network, not at the modem) such that only the head office is whitelisted and all other traffic gets dropped. The thief gets a non-functional SIM for their troubles and doesn't keep stealing more of them, and you don't have a wifi AP sitting out on the road just waiting for someone to take the time needed to crack into it.
Why bother when they can just scare legislators and MPs into passing regulations requiring legal access?
Re: OH Look! There's a great big..........
And just like that, Apple Maps secret mission is revealed. It was never intended to guide humans at all.
Re: Returning a favour would be nice
Yeah, I've used "asking a Ford automotive design engineer to change your oil" in the same vein.
I've actually been overjoyed with the rollout of Windows 8. Because it was nasty Vista-ish crap in the first place, I didn't see any reason to try to adopt it. And having hardly touched it, anyone coming to me for help about it gets what I have always replied regarding Apple questions: "Sorry, I have no experience with that one, if you've used it for a day you're ahead of me, but good luck and let me know how it goes."
And people smart enough to stay on Win7 or are running Linux themselves don't ask me for free support anyway, so I'm probably good at least until Microsoft comes out with Windows 9.
Re: Nothing new here...
Ummmm... shouldn't that be 127.0.0.0/8?
(Honest question, despite sounding like a CCNA pedant)
I'm actually a bit surprised that they actually said that, rather than go down the well-trodden path of lying and claiming that they would ever never fail to immediately disclose a vulnerability. I mean, we're talking about an agency that for quite a while denied it's own existence.
Okay, it's an overused meme at best, a but tip of the hat to the best use of the Yakov Smirnov line I've heard in months.
It's pretty bad when it is easier to build a rocket than it is to get that rocket a fair chance inside the federal/DoD "competition" for contracts.
Why would they off Feinstein? She's been their biggest supporter/apologist, current outrage notwithstanding. The senators sniff trouble, they'll put Rand Paul (or actually, a like-minded Democrat, since Sen. Paul is a Republican and so realistically isn't currently eligible) in as the Intelligence Committee chair, and watch how the CIA likes *that*.
I'm reading on Cradlepoint's site that yes, it does take external antennas. Most 3G/LTE routers nowadays do.
It is a better deal when you have a hundred sites, and can pool your usage - hopefully, you're not rolling on backup too often at any one site. I've seen a lot of this being sold, particularly when the remote sites are all hub-and-spoke'd to the core corporate LAN anyway.
Are we sure it wasn't just a test run for waterboarding in space? The problem with Guantanamo seems to be that prisoners can eventually be retrieved from there, so Martian extraordinary rendition would seem to solve a lot of problems for the US government.
Joke icon, sure, but one does wonder what John Yoo is up to these days...
To be fair, most people could hardly give a duck about this news.