Follow Slashdot stories on Twitter

 


Forgot your password?
Close
typodupeerror
×

Comment Re:Key theft != cracking encryption (Score 3, Interesting) 268

by Eric Smith (#42353565) Attached to: ElcomSoft Tool Cracks BitLocker, PGP, TrueCrypt In Real-Time

Doesn't work with BitLocker and a TPM chip. The key is kept in protected memory on the chip and only authenticated code can use it.

I don't think that's true. The passphrase (perhaps hashed?) pay only be in the TPM chip, but the actual cryto key used to decrypt disk sectors is in main memory, because the main CPU is used to do the decryption. There's nowhere near enough bandwidth to and from the TPM chip to let it do the actual disk encryption/decryption. There's not even enough bandwidth to ask the TPM for the key each time you want to do a disk transfer, and erase it from memory after the disk transfer is completed.

This means that software that extracts the encryption key from memory probably can't turn it back into the passphrase that the user enters, but if you have a copy of the disk and the key, you don't actually need that passphrase.

The TPM is not a high-performance device and doesn't do anything but give out the keys on (authenticated) request. What the software does with those keys is up to the software. If someone has privileged or physical access to the machine while the keys are in use, all bets are off.
Businesses

Ask Slashdot: How To Make a DVD-Rental Store More Relevant? 547

Posted by timothy from the information-kiosks-and-great-snacks dept.
smi.james.th writes "Here on Slashdot, the concept that older models of business need to be updated to keep with the times is often mentioned. A friend of mine owns a DVD rental store, and he often listens to potential customers walk out, saying that they'd rather download the movie, and not because his prices are unreasonable. With the local telco on a project to boost internet speeds, my friend feels as though the end is near for his livelihood. So, Slashdotters, I put it to you: What can a DVD store owner do to make his store more relevant? What services would you pay for at a DVD store?"
Microsoft

Microsoft Complains That WebKit Breaks Web Standards 373

Posted by timothy from the this-pot-is-extra-black dept.
Billly Gates writes "In a bizarre, yet funny and ironic move, Microsoft warned web developers that using WebKit stagnates open standards and innovation on the Web. According to the call to action in its Windows Phone Developer Blog, Microsoft is especially concerned about the mobile market, where many mobile sites only work with Android or iOS with WebKit-specific extensions. Their examples include W3C code such as radius-border, which is being written as -WebKit-radius-border instead on websites. In the mobile market WebKit has a 90% marketshare, while website masters feel it is not worth the development effort to test against browsers such as IE. Microsoft's solution to the problem of course is to use IE 10 for standard compliance and not use the proprietary (yet open source) WebKit."
Software

US Air Force Scraps ERP Project After $1 Billion Spent 362

Posted by samzenpus from the on-second-thought dept.
angry tapir writes "The U.S. Air Force has decided to scrap a major ERP (enterprise resource planning) software project after spending $1 billion, concluding that finishing it would cost far too much more money for too little gain. Dubbed the Expeditionary Combat Support System (ECSS), the project has racked up $1.03 billion in costs since 2005, 'and has not yielded any significant military capability,' an Air Force spokesman said in a statement. 'We estimate it would require an additional $1.1B for about a quarter of the original scope to continue and fielding would not be until 2020. The Air Force has concluded the ECSS program is no longer a viable option for meeting the FY17 Financial Improvement and Audit Readiness (FIAR) statutory requirement. Therefore, we are canceling the program and moving forward with other options in order to meet both requirements.'"
The Military

Designing DNA Specific Bio-Weapons 227

Posted by samzenpus from the poison-just-for-you dept.
Hugh Pickens writes writes "The Atlantic reports that experts in genetics and microbiology are convinced we may be only a few years away from the development of advanced, genetic bio-weapons able to target a single human being based on their DNA. The authors paint a scenario of the development of a virus that causes only mild flu in the general population but when the virus crosses paths with cells containing a very specific DNA sequence, the sequence would act as a molecular key to unlock secondary functions that would trigger a fast-acting neuro-destructive disease that produces memory loss and, eventually, death. The requisite equipment including gene sequencers, micro-array scanners, and mass spectrometers now cost over $1 million but on eBay, it can be had for as little as $10,000. According to Ronald Kessler, the author of the 2009 book In the President's Secret Service, Navy stewards gather bedsheets, drinking glasses, and other objects the president has touched—they are later sanitized or destroyed—in an effort to keep would-be malefactors from obtaining his genetic material. However no amount of Secret Service vigilance can ever fully secure the president's DNA, because an entire genetic blueprint can now be produced from the information within just a single cell. How to protect the President? The authors propose open-sourcing the president's genetic information to a select group of security-cleared researchers who could follow in the footsteps of the computer sciences, where 'red-team exercises,' are extremely common practices so a similar testing environment could be developed for biological war games. 'Advances in biotechnology are radically changing the scientific landscape. We are entering a world where imagination is the only brake on biology,' write the authors. 'In light of this coming synbio revolution, a wider-ranging relationship between scientists and security organizations—one defined by open exchange, continual collaboration, and crowd-sourced defenses—may prove the only way to protect the president.'"
Privacy

Australian Government Censors Draft Snooping Laws 150

Posted by samzenpus from the all-the-better-to-see-you-with dept.
coolstoryhansel writes "Stating that release of the draft legislation is not in the public interest [PDF] because it would prejudice decision making processes already in train, the Attorney General's Department has denied the release of the draft laws that would see wide-scale dragnet surveillance implemented along with an expansion of law enforcement powers for the purposes of 'national security'. Serkowski, speaking for the Pirate Party who lodged the FOI request labelled the Department response as 'disgraceful and troubling' saying the decision is 'completely trashing any semblance or notion of transparency or participative democratic process of policy development.'"
Facebook

Mark Cuban Blames Himself For Losing Money On Facebook IPO 186

Posted by timothy from the you're-too-kind dept.
McGruber writes "In a blog entry, American business magnate Mark Cuban explained who he blames for his losing money in Facebook stock: 'I bought and sold FB shares as a TRADE, not an investment. I lost money. When the stock didn't bounce as I thought/hoped it would, I realized I was wrong and got out. It wasn't the fault of the FB CFO that I lost money. It was my fault. I know that no one sells me shares of stock because they expect the price of the stock to go up. So someone saw me coming and they sold me the stock. That is the way the stock market works. When you sit at the trading terminal you look for the sucker. When you don't see one, it's you. In this case it was me.'"
GNOME

GNOME: Possible Recovery Strategies 432

Posted by Soulskill from the get-better-at-telling-people-to-shut-up dept.
An anonymous reader tips an article from Datamation about several suggestions for the GNOME project to answer user complaints and boost developer morale. From the article: "... with very few changes, GNOME 3 could be much more acceptable to most users. A moveable panel, panel applets, desktop launchers, user control of virtual desktops, menu alternatives that would remove the need for the overview -- all of these could be added easily as options. Together, they would reduce at least ninety percent of the complaints against GNOME 3. ... If GNOME is having trouble as a desktop environment, one obvious solution is to find new niches. Lopez and Sanchez suggested following KDE's lead and producing a tablet, while Lionel Dricot recently suggested a suite of cloud-based services. ... The one strategy that GNOME has never tried is asking users what they want. Instead, the project has preferred to rely on usability theory, treating it as an exact science instead of a collection of competing ideas supported by usually inconclusive studies that could be mustered to support almost any design. In GNOME 3, testing with actual users did not occur until near the end of the development cycle, when the chances of any major changes were remote."
Data Storage

Ask Slashdot: Personal Tape Drive NAS? 268

Posted by timothy from the can-tape-actually-be-that-fast? dept.
New submitter hey_popey writes "I would like to piggyback on a previous Ask Slashdot question. Do you know of any realistic way to use a tape drive solution at home, not as a backup, but as a regular NAS? I would like, for example, to save the torrents of my Linux distributions on it, and at the same time, play the family videos on a computer. It would seem at a first glance that the transfer rates and capacity of Linear Tape-Open (1.5TB, 280MB/s in 2010) and the functionality of LTFS would allow me to do that, but I don't know the details, or whether this would be economically viable."
Earth

Meat the Food of the Future 705

Posted by samzenpus from the clean-your-plate dept.
Hugh Pickens writes writes "BBC reports that rising food prices, the growing population, and environmental concerns are just a few issues that have food futurologists thinking about what we will eat in the future and how we will eat it. In the UK, meat prices are anticipated to have a huge impact on our diets as some in the food industry prognosticate meat prices could double in the next five to seven years, making meat a luxury item. 'In the West many of us have grown up with cheap, abundant meat,' says Morgaine Gaye. 'Rising prices mean we are now starting to see the return of meat as a luxury. As a result we are looking for new ways to fill the meat gap.' Insects will become a staple of our diet. They cost less to raise than cattle, consume less water and do not have much of a carbon footprint. Plus, there are an estimated 1,400 species that are edible to man. 'Things like crickets and grasshoppers will be ground down and used as an ingredient in things like burgers.' But insects will need an image overhaul if they are to become more palatable to the squeamish Europeans and North Americans, says Gaye. 'They will become popular when we get away from the word insects and use something like mini-livestock (PDF).' Another alternative would be lab grown meat as a recent study by Oxford University found growing meat in a lab rather than slaughtering animals would significantly reduce greenhouse gases, energy consumption and water use. Prof Mark Post, who led the Dutch team of scientists at Maastricht University that grew strips of muscle tissue using stem cells taken from cows, says he wants to make lab meat "indistinguishable" from the real stuff, but it could potentially look very different. Finally algae could provide a solution to some the world's most complex problems, including food shortages as some in the sustainable food industry predict algae farming could become the world's biggest cropping industry. Like insects, algae could be worked into our diet without us really knowing by using seaweed granules to replace salt in bread and processed foods. 'The great thing about seaweed is it grows at a phenomenal rate,' says Dr Craig Rose, executive director of the Seaweed Health Foundation. 'It's the fastest growing plant on earth.'"
Bug

The PHP Singularity 622

Posted by Soulskill from the buggy-event-horizon dept.
An anonymous reader writes "Jeff Atwood at Coding Horror has a post about the awfulness of PHP — or, rather, a post about posts about the awfulness of PHP. He points out that PHP has been the whipping boy for the developer community for years, and while everybody seems happy to complain about it, nobody seems willing to do anything about it. He writes, 'From my perspective, the point of all these "PHP is broken" rants is not just to complain, but to help educate and potentially warn off new coders starting new codebases. Some fine, even historic work has been done in PHP despite the madness, unquestionably. But now we need to work together to fix what is broken. The best way to fix the PHP problem at this point is to make the alternatives so outstanding that the choice of the better hammer becomes obvious.'"
Networking

Cisco Pushing 'Cloud Connect' Router Firmware, Allows Web History Tracking 351

Posted by Soulskill from the solution-looking-for-a-problem dept.
Myrv writes "Reports have started popping up that Cisco is pushing out and automatically (without permission) installing their new Cloud Connect firmware on consumer routers. The new firmware removes the user's ability to login and administer the router locally. You now must configure the router using Cisco's Cloud connect service. If that wasn't bad enough, the fine print for this new service allows Cisco to track your complete internet history. Currently, it appears the only way to disable the Cloud Connect service is to unplug your router from the internet."
The Almighty Buck

U.S. Gas Prices Continue To Fall 398

Posted by timothy from the just-when-I-stop-driving-so-much dept.
First time accepted submitter nmpost writes "Earlier this year, as gas prices hit record highs in the winter and spring for that time of year, experts warned we were headed for all time records this summer. Something strange happened before every motorists recurring nightmare happened: gas prices actually started dropping. In fact, prices have fallen over $.50 since they peaked in the spring. Experts have now flipped their projections, and believe prices will continue to tumble through the fall."
NASA

NASA Gets Two Military Spy Telescopes For Astronomy 237

Posted by samzenpus from the hand-me-downs-for-the-heavens dept.
First time accepted submitter SomePgmr writes "The U.S. government's secret space program has decided to give NASA two telescopes as big as, and even more powerful than, the Hubble Space Telescope. Designed for surveillance, the telescopes from the National Reconnaissance Office were no longer needed for spy missions and can now be used to study the heavens."

Comment Re:Mistake (Score 1) 170

by Eric Smith (#40052555) Attached to: Wozniak's Original System Description of the Apple ][
Note that the 558 is not retriggerable. This led to bugs in joystick (or game paddle) reading in many Apple II programs. If you trigger the 558 to read input 0, then want to read input 1, do NOT just trigger it again. Make sure that input 1 has timed out first, before triggering it to be read. Otherwise you'll read an incorrect value. Or trigger once, then read all inputs you're interested in at the same time.

Slashdot Top Deals

The Tao is like a glob pattern: used but never used up. It is like the extern void: filled with infinite possibilities.

Close