A Slashdot story last week discussed how 90% of all SSL VPNs use weak, obsolete encryption. And one comment said, “So? A weak VPN is better than no VPN.”
I guess Matt Weeks is as sick as I am of tech support scammers, because he developed a way to fight back, in the form of a Metasploit module that exploits a software defect in the AMMYY remote access tool that these scammers sometimes use. Metasploit is a tool that penetration testers use to demonstrate–with permission–how hackable a computer network is. In this case, the would-be victim is penetration testing someone without permission. Run the module when the scammer connects to the would-be victim, and he or she gets a command prompt on the criminal’s PC. At that point, the would-be victim can break their computer, perhaps by deleting critical files, corrupting the Windows registry, or something else. Anything you can do from a command prompt would be possible at that point.
I’m anything but heartbroken that this threat exists, although I’m not going to do this myself. Let me explain. Read more
On Slashdot, a newcomer to the IT field asked a really good question: What do you do to avoid seeing things you’re not supposed to see?
Clearly, some people do it better than others, but it seems to me it’s a fact of life that eventually you will see things you’re not supposed to see. How you handle it is the bigger problem. Read more
A rather hastily written and sloppily edited piece showed up on Slashdot yesterday morning that caught my attention, because it was about the Amiga 2000. The Amiga 2000 is a dear machine to me; in 1991, our family upgraded to one from a Commodore 128. I still have both machines, and there isn’t much that I know today that I didn’t first experience on one of those two machines.
Although I think the piece was little more than a used computer store’s effort to unload some hard-to-move inventory, I do agree with the premise. For a machine that had a tremendous impact on the world as we know it today, the A2000 is criminally unknown. Read more
I saw a story yet again about the tech worker shortage, and the backlash against H1-B visas. Reading the comments on Slashdot, I increasingly got the feeling the shortage is a mirage. The people are out there, but the matchups with job openings aren’t happening.
My experience may be anecdotal, but it mirrors this. Read more
I went looking for a resource-friendly browser that would run well on a 1 GHz-ish Android tablet. Everything I read said that Baidu was the lightest browser on resources. Since Baidu is a Chinese company and very low-end Android tablets are common in China, this makes sense.
I’ve never been one to shy away from alternative browsers on low-end systems on other platforms. Usually I sacrifice some rendering quality, but I frequently found that preferable to waiting around for minutes for bloatware to load and pages to render at glacial speed.
So I tried out Baidu, in spite of criticisms of its user interface and annoying defaults. The annoying defaults, it turns out, are easy enough to turn off, and I found the user interface, though out of style, makes it easier to use. It has forward and back buttons, unlike most other browsers on Android, and tapping those buttons is far more responsive than gestures on high-end browsers. I’m willing to give up 8 pixels of vertical space for that. Read more
I saw an assertion on Slashdot today that Millennials aren’t interested in information security, in spite of the average salary in the field being six figures. I’m not sure I agree with the article’s assertion that 24% of those polled being interested translates into disinterest, though. How many of them are interested in other white-collar professions, like medicine or accounting or law?
I also disagree with the article’s definition of information security. The article asserts that information security is working for “The Man,” namely, the government, and information security isn’t just for governments anymore. Read more
Slashdot posted a link to a New York Times piece that asserts that the full extent of Amazon’s existence hasn’t been felt yet, but it asserts that book pricing is becoming whimsical.
My experience disagrees with that. The market will stabilize. I think the cost fluctuations are because the market hasn’t stabilized yet.