In the early 90's, I was tasked with looking at a 286 in a warehouse that wouldn't run for more than a few minutes before crashing angrily.

I turned it on, observed that the PSU fan was caked with dust and not spinning, unplugged the hard drive, and gave the PSU some brisk percussive maintenance. It belched a thick cloud of brown crud, and the fan worked again.

Reassembled, and it worked for years.

Crying baby monitor ? Really ? :|

Deaf people have babies, too.

Rooting isn't so bad on an S5, either: Downgrade the phone to a version that towelroot works on (using odin). Install towelroot, safestrap (in that order). Flash a rooted Lollipop ROM of your choosing using Safestrap.

Being able to understand and complete the rooting process for a given device is something that I do before I even consider buying it.

Wrong. The LGPL license of free Qt allows you to keep the source code to your program secret.

I think it was GPL in the long past but they changed at least 10 years ago.

Agreed at the poor state of the TFS, and TFA.

It appears to be a Google Earth for stars. And there is an HTML5 web client, which amused me for a few minutes.

There's better options than PBKDF2, like scrypt. Also, both require you to chose some parameters; PBKDF2 with a salt of String.Empty, hash algorithm of MD5, and iteration count of 1 is... just an MD5-hashed password. Obviously, those are terrible and stupid parameters, but if people were *good* at choosing secure options then this whole thread wouldn't exist. At least scrypt *only* has the work factor, and it's pretty straightforward.

There's generally no way to send the user a secure (i.e. encrypted) message. All you can do is make the token short-lived and hope that nobody is intercepting server-to-server email traffic (and that the user's email account is secure, both from malicious clients and from server-to-client interception). It sucks, but until email encryption of one sort or another becomes more ubiquitous, it's the only workable option.

Don't ever store passwords (reversibly) encrypted. Don't even (just) hash them; hash functions are way too fast (and yes, fast is bad here). There should be no way for anybody to get the password out of the info stored in the database, even if they know all your keys.

Use a slow key derivation function instead. PBKDF2 is popular, because it's easy to understand and widely supported; it's basically just taking a value (the password), salting it (you are using a strong, cryptographically random, per-user salt... right?) hashing it, salting the resulting digest again, hashing the salted digest, and repeating the last two steps over and over (tens of thousands of iterations are common). At the end of that, you compare the resulting digest to the value stored in the database; if they match, the user is authenticated. Obviously, don't try implementing this yourself; even simple crypto should always be written by an expert, and you should use the resulting library. There are lots of places to find it, though.

Alternatively, you can use the purpose-built algorithms like scrypt or bcrypt. These are more complex (and less widely implemented) than PBKDF2, but they also offer more advantages against brute forcing, such as requiring a lot of RAM during the computation so you can't build a massively parallel hash-cracking machine (a commodity GPU can do billions of hashes per second in parallel; these algorithms make those parallel attacks harder).

Really? Of course they will send you a reset password in email. The other option is that or a link.
Ideally it is only good for a single use and you then enter a new password.
How else would you do password recovery?

Because they edit it and select it.

I'm glad to see someone besides me on /, isn't terrified of Facebook.

I use it and I think it's relatively harmless as long as you understand, as Rasperin says, it's a loud speaker. I expect everything I post on FB will be available to everyone, everywhere, forever. I long ago, many years before Facebook was a thing, figured out that if I never posted anything online I wouldn't want my sainted mother to see, I'd never have anything to worry about*. I speak my mind freely, but I would have no problem if my mother, my wife, my boss, my kids or my pastor were to see anything I've posted.

* Now, of course, that doesn't mean some day in the near future agents of the Ministry of Love won't show up at my door to conduct me to a re-education camp for my political views, but at least I know my mother won't be ashamed of me.

Really Slashdot editors....
Try 1979 at a Ford plant in Detroit.
http://nl.newsbank.com/nl-sear...

Really it is a new low when the editors on slashdot can not be bothered to use Google
.

"Honestly, things which 10 years ago would have been the domain of crackpots is now 100% fact."
No. I keep hearing this but you guys must have lived on another planet. The fact that all governments sucked up just about all international communications dates back to the invention of the telegraph and maybe back to the mail.
Any idea that they were not monitoring all clear text transmissions over the internet frankly I find just dumb. As far as meta data that was always up for grabs.
False flag operations? That is in the realm of tin foil hats and crackpots. Frankly the rest of it is just common knowledge to anyone with a brain.

Why don't we have a -1 crackpot mod.

In other words he has no idea what he is talking about and should be ignored.
Frankly as should this story.
Come on an anthropologist says nuclear power unsafe....
This is click bait of the level of the National Enquire. For SHAME SLASHDOT!