Comment Re:Its not zero day ... (Score 1) 93
Only in the USA. Everywhere else (even Canada) it means real cheese sliced into
Only in the USA. Everywhere else (even Canada) it means real cheese sliced into
Just say no devices at all. It fair, even-handed and realistic. Make an exam that doesn't put such a premium on mindless calculations (for example allow them to submit an expression such as 112*121/11 instead of computing the result). More emphasis on brain and mind, less on fingers.
Oh, and the can use their mind as a dictionary too.
Sheesh.
OK smartie, here's what I was referring to:
"The supplied UNIX passwd command in BSD Subsystem is broken for firmware 1.1.3 and 1.1.4.
Attempting to change the password under firmware 1.1.3 or 1.1.4 will result in your device continuously rebooting.
(The reboot fix involves holding both the Power button and the 'Home' button down for at least 30 seconds, then [upon seeing a triangle icon], plugging the device into iTunes for restoration.)"
See: http://www.macosxhints.com/article.php?story=20080224231344798
For newer (current) firmwares it fixed, but some people still run the old stuff.
MS has a lot of good developers (whatever you may think or their products or policies). Maybe he figures it will hurt them (aesthetically) to look at something lame?
I think SLL encryption as used by most serious places will be sufficient. The Royal Bank of Canada had a bad certificate for their main investment site for a while, but barring such foolishness the SSL and attention to warnings will probably be fine in terms of the actual network traffic. I think the biggest risk, however, is that there could be a key logger at a public site and these are easy to find and install, and a pain to circumvent unless you have control of some key parts of the process.
If you are really hard core, as a backup in case of theft you can mail yourself an encrypted USB key at a hotel/hostel/post office you are willing to put on your itinerary, but getting the timing right will be tricky unless you have somebody stateside to send it.
Great idea if you don't do much. If you have multiple banks or other equivalently-important accounts then it's very tricky. If you use long secure non-algorithmic passwords and won't be able to visit the bank to re-init them, the keeping them recorded in encrypted form would be my choice. That way if you can't recall them all, or briefly forget one, you can recover them so long as you remember at least the master password.
One reason why people might still be using the original password, and why this is all a hassle, is that the normal UNIX passwd program cannot be used on the iPhone.
I believe one needs to manually edit a file called
To do nothing is to be nothing.