Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×

Comment This is news? (Score 1) 175

by inject_hotmail.com (#41764945) Attached to: UK Gov't Official Advises Using Fake Details On Social Networks
Seriously, this is a revelation? Not to mention the only person "angered" was some douchey MP that likely has investments in social networks and online advertisers. Why else would she promote using real information? She (Goodman) is actually claiming that using false information promotes crime. Gawd.

Anyway, I was intelligent enough to refuse to provide real personal information to BBSes (all local public network for the neophytes out there...never mind the Internet...a global public network) since I started online in the early 1990's...and I was very young (under 13). If someone provides enough information to a social site to permit a theft of identity...they deserve it.

Perpetual naivete is ignorance, and widespread ignorance is social decay (how ironic)...for which I have little sympathy.

Comment Re:Exactly as they want you to think (Score 1) 186

by inject_hotmail.com (#41550951) Attached to: MPAA Boss Admits SOPA and PIPA Are Dead, Not Coming Back
Sometimes one simply can't cast a vote with one's wallet. How many dollars did you choose not to spend on Halliburton's supply of rotten food to the troops?

This is the problem with government. It is forcing an agenda upon us. THAT is what lobbying is all about, and what the constitution is supposed to protect us against. When 'we the people' don't get a chance to provide input on a decision in ballot or wallet form.

Comment Re:They're stupid (Score -1) 1025

Clearly you've made up your mind based on something someone told you at a very young age. No amount of discussion is going to budge your pro-vax mentality, but stop for a moment. 30 years ago I would have believed that vaccination was a little bit more about public health than what it is today. You do know that the authorities want to administer Gardasil to boys, right? The flu shot contains mercury (it's good for your baby, "they" say)? They are also recommending lithium be added to drinking water, as well.

Don't be afraid to re-evaluate your beliefs from time to time. Culture, attitudes, environment...life...changes, and so should you.

Comment Re:The Biggest Easter Eggs Are All Over Your Face! (Score 0) 98

by inject_hotmail.com (#41097967) Attached to: Revisiting the Macintosh ROM Easter Egg
Why? Everything he/she said is true. Just because you don't believe it or believe that it doesn't happen "to anyone" does not make the OP crazy or an idiot. The OP is informed and is attempting to share knowledge. I don't understand why you (or anyone else) wouldn't appreciate that enough at least to refrain from disrespecting him/her. Obviously you don't have a clue as to how espionage works, or the fact that it even occurs on a daily basis. You'd likely be similarly in disbelieve to hear the monolithic amount of information China has collected on every aspect of North American life.

Comment Re:Willing to bet.. (Score 1, Insightful) 1706

I don't think you have a full appreciation for the situation. If the attacker believes/knows that the victims are armed, it's reasonable to believe that the attacker will choose not to attack due to the fact that the attack could be answered by his/her own death. Most attackers know that most populations are unarmed, therefore an attack can be executed with relative impunity.

I'm willing to bet (just because I don't have any links to proof) that home invasions in the deep south either a) don't happen, or b) result in the invader's death and that the same in 'anti-arms' areas results in the opposite.

There was a mass shooting at a community barbecue in Toronto this passed weekend. 2 people killed, 23+ people shot/injured. If, say, 3 of the 50+ (could have been 100+) people that were present were lawfully armed (it's illegal for non-LEOs to carry in Canada), I believe the death toll and number injured would have been much lower...if the incident would have happened at all.

If the number of armed 'victims' out numbers the attackers, there's little chance of success. No one ever robbed a gun show or a police station.

Comment Re:Less is More (Score 1) 158

by inject_hotmail.com (#39673983) Attached to: Mosh: Modernizing SSH With IP Roaming, Instant Local Echo
The thing is, there's no way to 'untrust' those protocols. With my GSM example, A5/0 is classed as an 'encryption level', but in fact is in-the-clear. With TLS, and a man-in-the-middle attack, there's no way to know if the MITM has renegotiated the encryption to be in-the-clear. There's no way to turn off support for in-the-clear. The worry about SSH is that with older crypto protocols, a weakness may be found, and that protocol will still exist in all versions off SSH. If the attacker/MITM can force a reneg of the protocol to use the compromised version, then it's as good as not using encryption at all. None of the above offer an option to disable all older protocols. This is a problem in my and the AC's eyes.

It could be that you mean to say "just use another program that supports only fresh crypto"...that is a viable option, but less attractive to one who has used SSH and finds its features very useful.

Comment Re:Less is More (Score 1) 158

by inject_hotmail.com (#39646203) Attached to: Mosh: Modernizing SSH With IP Roaming, Instant Local Echo

As with TLS, I'd like to see any future revisions of these secure protocols trim more fat.

Dude, SSH is half a meg. Calm down.

I think buddy's point is that SSH should deprecate support for old crypto libs because no one uses them anymore, and they are sort of an Achilles Heal...look at how easily GSM can be subverted because it supports old cypher protocols (and even one that is "No Encryption" encryption!)...anyway, point is: get rid of the stuff no one uses anymore, use only strong crypto with no option for in-the-clear, to reduce the potential for security issues. Our good friend AC just isn't so verbose about his idea...

Comment Re:Firewalls (Score 2) 158

by inject_hotmail.com (#39645973) Attached to: Mosh: Modernizing SSH With IP Roaming, Instant Local Echo

You open a SSH connection (client->server:22). This port is allowed on the firewall, it lets you through. But then the server decides to listen on UDP:(random port) and tells the client, back through the (encrypted) initial connection, which UDP port to contact. So you initiate a SSP UDP session on that port. How does the firewall knows it should let you through? Since the port number is communicated on an encrypted session, it doesn't have access to that information. So how does this work in a secure environment? The paper doesn't mention any mean for the server to communicate with the network which port its listening on.

My guess is as good as anyone else's, but I surmise it does a bit of packet trickery. Once device A (behind firewall) is connected to device B (may/may not be behind firewall, but at least one port is open, 22 by default in this case), device A can create an SSH tunnel...they really are rather neat and VERY useful as a means of security. For example, I have webmin running on a server, but its port (10 000) is blocked by the firewall. Once I connect to SSH I can redirect packets to a certain IP:Port combo (device A's IP:Random Port#) to the servers local address (127.0.0.1) and new UDP port, and voila: hidden/secure/direct connection. One can even make a tunnel in the other direction, so that the server can connect to a remote device in the same manner, and any application won't realize that it's even connecting to anything outside of its network.

Whomever thought of and implemented SSH tunnels is a master genius. I would shake his/her hand if I ever saw them.

Slashdot Top Deals

I program, therefore I am.

Close