bakuun - Slashdot User

Comment Obligatory XKCD comic (Score -1, Redundant) 327

by bakuun on Tuesday September 11, 2012 @06:11PM (#41306215) Attached to: Opus — the Codec To End All Codecs

Comment Re:Spying? Really? (Score 2) 162

by bakuun on Tuesday September 11, 2012 @03:21PM (#41304051) Attached to: <em>Arma III</em> Developers Arrested In Greece For 'Spying'

So if I was there as a tourist, would I get arrested?

Or is somehow putting your island into a video game now sedition or something?

TFA is pretty slim, but I'm having a hard time imagine what law was broken.

TFA is not thin at all. It states that the men were caught with photographs of military installations. I would wager that most countries have laws against photographic military bases, and I'm not surprised that Greece do. This was just a really stupid thing to do.

Comment Re:So are they talking about (Score 1) 65

by bakuun on Sunday August 26, 2012 @07:32AM (#41128401) Attached to: Gartner Says Application Development Is a $9 Billion Industry

It must be "apps", as in software for mobile devices. Last year, Microsoft alone had revenue of $ 74 billion. Granted, they do hardware and the like as well, but the 9 billion figure is still ridiculous if were to refer to all software development. Because of this, it is unfortunate that the summary says "software application development", whereas the articles only mentions "application development".

Comment TED talk by Rob Reid (Score 2) 312

by bakuun on Thursday August 23, 2012 @06:32PM (#41102655) Attached to: New Judge Assigned To Tenenbaum Case Upholds $675k Verdict

This story made me think of the excellent TED talk by Rob Reid, on copyright math. It's hilarious! http://www.ted.com/talks/rob_reid_the_8_billion_ipod.html

Comment Re:Completely broken. (Score 1) 287

by bakuun on Saturday July 21, 2012 @06:00AM (#40722395) Attached to: Unbreakable Crypto: Store a 30-character Password In Your Subconscious Mind

Ok, so there is a one-in-three chance of guessing the correct sequence, yes? Even if the whole operation would be quadrupled, as you said (choose the correct sequence, then again another three times), you will still have a 1-in-81 chance of guessing (3^4). This is by no means enough.

You mention allowing no more than three of four attempts, but this won't really work well either. You can't reliably do it by IP - it is easy for malicious users to jump between IPs (using e.g. botnets or different proxy servers), and if you do it by user account (e.g. ignoring IP, allowing only x number of attempts for the username before locking it down) you will have created the best possible scenario for denial-of-service attacks. Anybody would be able to lock anybody else's account trivially.

I agree that research is a good thing and that sequence-based login is kind of interesting, but the flaws really need to be covered as well. That is critical in any scientific field. As it is now, this method is completely unusable.

Comment Completely broken. (Score 3, Insightful) 287

by bakuun on Friday July 20, 2012 @07:48AM (#40709697) Attached to: Unbreakable Crypto: Store a 30-character Password In Your Subconscious Mind

A few readers have commented that the system will need to know your unhashed password. This is clearly bad, but there are even worse flaws.

A 30-character password sounds awfully strong (60^30 combinations if upper/lower-case chars and numbers are used). However, from the article: "Authentication requires that you play a round of the game — but this time, your 30-letter sequence is interspersed with other random 30-letter sequences". This means that the number of characters is irrelevant, really. What matters is the number of "30-letter sequences", and since you need to play them all, they will need to be limited. How many? 10 would probably too many to play, but will still only be the equivalent of a single-digit password. This system will be trivial to crack with brute-force guesses.

Even worse, repeated "login attempts" will reveal which sequence is the correct one - simply check which sequence repeats between tries.

Comment Re:What exactly am I suppose to replace it with? (Score 1) 329

by bakuun on Wednesday July 04, 2012 @04:42AM (#40539433) Attached to: Google Killing Off Mini, Video, and iGoogle

Who said anything about Google password? Netvibes have their own account registration process. You can log in with your FB if you have one, but that's all OAuth, so you won't be giving them your credentials in that case either.

Comment Re:Not so fast...YET (Score 5, Insightful) 135

by bakuun on Sunday June 17, 2012 @10:17AM (#40351263) Attached to: SPDY Not As Speedy As Hyped?

You're not going to see the potential of SPDY before we have environments (browsers, CPU and your internet speed) that can take full advantage of it. Only in the most recent version of Firefox did we see SPDY support.

SPDY does not depend at all on CPUs or your "internet speed". It does depend on the browser (with both Firefox and Chrome supprting SPDY now) and, critically, the server. That last is also why the article author did not see much of a speedup - most content providers don't support SPDY yet. Going to non-SPDY servers and believing that it will evaluate SPDY for you is absolutely ridiculous.

Comment There are many similar systems... (Score 5, Interesting) 164

by bakuun on Wednesday May 30, 2012 @12:26PM (#40156425) Attached to: All Researchers To Be Allocated Unique IDs

... - one of them, for example, is ResearcherID at http://www.researcherid.com/ . None of them have really taken off so far, and there is nothing to say that this one will. I am skeptical.

Comment Re:Zero Because: (Score 1) 280

by bakuun on Tuesday May 29, 2012 @05:54AM (#40140449) Attached to: % of my digital storage that is solid-state:

I chose to interpret "storage" as "not temporary". All my long term storage is on ZFS arrays that do use ssd's for caching. Cameras and phones have sd cards but I don't count them. Camera cards are used until its backed up. Androids memory was copied from the backups for use, deleted once I don't care about it anymore. My OS is on an SSD, but its not used for storage, its used for running my OS. Dedicated game drive is also SSD, not used for storage, used for running games. Only place I store data is a ZFS array, if it isn't ZFS, its only temporary.

That sounds like a nice setup. I'm curious, though - while efficient, are you at all concerned about the life span of your SSD cache drives? Having a limited number of write cycles, I would have imagined that using them for a cache layer would cause them to fail quite quickly.

Comment Re:Lesson learned (Score 2) 108

by bakuun on Saturday May 19, 2012 @11:35AM (#40051399) Attached to: Apple Commits To 100% Renewable Energy Sources for NC Data Center

If you protest you get your way, even when it doesn't make fiscal sense.

Fiscal sense is not the only type of sense worth pursuing.

Comment Incorrect title and summary (Score 1) 146

by bakuun on Saturday January 14, 2012 @11:59AM (#38697856) Attached to: India OKs Censoring Facebook, Google, Microsoft, Yahoo

The title states "India OKs censorship...", but the article "only" states: "A trial court in New Delhi on Friday ordered that summons be served in the criminal case to officials at all 21 companies at their foreign headquarters’ addresses." As far as I can see, no decisions have been taken, and nobody has been told to start censoring anything. The fact that they are calling in representatives for these IT companies is worrying, certainly, but it does not mean that anything else has been decided.

Comment Re:Yeah right (Score 1) 326

by bakuun on Wednesday November 09, 2011 @02:51PM (#38002496) Attached to: Comcast Begins Native IPv6 Deployment To End Users

It doesn't matter whether you're on ipv4 or ipv6 if you want to have a firewall (on a NAT or not). The only difference security-wise is that ipv6 gives better security through the higher number of ip addresses. Currently, bots performing port scans in the ipv4 space have a reasonably chance of hitting something if they choose a random ip address. That problem doesn't exist in ipv4: the sheer number of possible ip addresses means that servers connected at difficult-to-guess ipv6 addresses are very unlikely to be located by these scattershot approaches.

Comment Re:What squeeze? (Score 3, Informative) 273

by bakuun on Thursday October 27, 2011 @06:42AM (#37853694) Attached to: In light of the squeeze in hard drive prices ...

The floodings in Thailand have hit both harddrive manufacturers directly (Western Digital, Hitachi), and component suppliers hard. They think it will take months until things have normalized again. As a result, hard drive prices have gone up quite a lot lately.

Comment "Sony Chief Information Security Officer" (Score 0) 68

by bakuun on Wednesday October 12, 2011 @09:08AM (#37689132) Attached to: Sony Targeted Yet Again; Thwarts Attackers This Time

Ouch. That's not a particularly nice title to have these times...

Slashdot Top Deals