Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×

Comment Affirmative action == discrimination (Score 2) 410

The notion that because an individual is a member of a group which has been or is being disadvantaged compared to other groups, that individual deserves to be favoured above members of other groups, is ridiculous. It's dangerous, unfair and unjust nonsense. It's discrimination, pure and simple. There's no such thing as "positive discrimination".

Every individual deserves to have the same chance as everybody else, and should be judged on their merits alone.

Comment Re:Cut off your nose to spite your face (Score 1) 86

Eventually it emerged that NSA had strengthened DES against secret cryptanalysis techniques that weren't generally known at the time. Many of the people that refused to use DES ended up using encryption schemes that were vulnerable to the secret techniques because they assumed the worst and were wrong.

An excellent illustration of the downfalls of security through obscurity. The NSA could have known that would happen and that their secrecy might decrease the average security situation due to people not using the actually more secure crypto. They should have been transparent about why they tweaked the S-box values. People shouldn't have to assume anything, best or worst.

And now of course the NSA have demonstrated that they cannot be trusted at all and nobody should ever accept magic numbers from them ever again...

Comment Re:Your first action after purchasing a router (Score 1) 236

by Captain_Chaos (#46813567) Attached to: Intentional Backdoor In Consumer Routers Found

The link also quite conveniently mentions the following tidbit: "OpenSSL was updated immediately in the DD-WRT SVN repository. It can take a view days until we can provide updated versions for all routers."

Yes, it actually says "a view days" instead of "a few days". A typo is one thing, but that is spectacular... Did they dictate it to their computer or something?

Comment Fuck the law (Score 1) 310

I don't understand why, in cases like this, so much attention is given to the question whether it's lawful or not.

Who cares?! Of course it's lawful, the governments of the world have made sure to have enough overly broad "war on terror", "won't somebody think of the children", "national security" laws on the books to make it possible to find a legal loophole justifying anything. Fuck the law.

Surely the question should be whether it's moral or not?
Education

Vint Cerf: CS Programs Must Change To Adapt To Internet of Things 163

Posted by samzenpus from the get-to-learning dept.
chicksdaddy (814965) writes "The Internet of Things has tremendous potential but also poses a tremendous risk if the underlying security of Internet of Things devices is not taken into account, according to Vint Cerf, Google's Internet Evangelist. Cerf, speaking in a public Google Hangout (video) on Wednesday, said that he's tremendously excited about the possibilities of an Internet of billions of connected objects. But Cerf warned that it necessitates big changes in the way that software is written. Securing the data stored on those devices and exchanged between them represents a challenge to the field of computer science – one that the nation's universities need to start addressing. Internet of Things products need to do a better job managing access control and use strong authentication to secure communications between devices."

Comment Re:Oh come on ... (Score 1) 126

by Captain_Chaos (#46575281) Attached to: Adam Carolla Joins Fight Against Podcast Patent Troll

Are the USPTO that incompetent?

It's been explained to me that this is standard MO for the USPTO. They never check patents before a cursory glance, and only when it is challenged do they actually look into the merits of it. Apparently this is because they just don't have (anywhere near) the amount of manpower they would need to keep up with the vast number of incoming patent applications.

Anyone know how true this is?
Communications

Spoiled Onions: Exposing Malicious Tor Exit Relays 65

Posted by timothy from the just-tell-me-I'll-pass-on-the-message dept.
An anonymous reader points out this recently published study (PDF) on detecting malicious (or at least suspicious) Tor exit relays. From their conclusions: "After developing a scanner, we closely monitored all ~1000 exit relays over a period of four months. Wed discovered 25 relays which were either outright malicious or simply misconfigured. Interestingly, the majority of the attacks were coordinated instead of being isolated actions of independent individuals. Our results further suggest that the attackers made an active effort to remain under the radar and delay detection." One of the authors, Philipp Winter, wrote a followup blog post to help clarify what the paper's findings mean for Tor users, including this clarification: "First, it's important to understand that 25 relays in four months isn't a lot. It is ultimately a very small fraction of the Tor network. Also, it doesn't mean that 25 out of 1,000 relays are malicious or misconfigured (we weren't very clear on that in the paper). We have yet to calculate the churn rate of exit relays which is the rate at which relays join and leave the network. 1,000 is really just the approximate number of exit relays at any given point in time. So the actual number of exit relays we ended up testing in four months is certainly higher than that. As a user, that means that you will not see many malicious relays 'in the wild."

Slashdot Top Deals

The opposite of a correct statement is a false statement. But the opposite of a profound truth may well be another profound truth. -- Niels Bohr

Close