Follow Slashdot blog updates by subscribing to our blog RSS feed

 


Forgot your password?
Close
typodupeerror
×

Comment Re:Obligatory reminder that an alternative exists (Score 1) 97

by Carewolf (#48902903) Attached to: OpenSSL 1.0.2 Released

That's at least three sorts of nonsense:

https://www.fourmilab.ch/hotbi...

https://www.random.org/

http://random.hd.org/

The OS has no magic either, or are you saying that it's random seeds all the way down?

Rgds

Damon

Yes. There is for thing dedicated random number hardware and there is hardware that can produce partially random data, such as network cards and radios, but the latter are only really good when combined with eachother and with a random number tracker, which is something the OS can do.

Comment Re:libressl-2.1.3 (Score 1) 97

by Carewolf (#48902895) Attached to: OpenSSL 1.0.2 Released

Care to provide any actual statistics for that claim, or are you just one of those annoying morons with a habit of being FUDsy against anything with "Gnu" in the name?

No, I prefer GPL when other choices are equal. GnuTLS has just never had a very good reputation, and even from the most optimistic point of view, it has always been secondary to OpenSSL just by having fewer users and fewer developers. I would be great if it was better, but it has had some unfortunately design choice and a long string of serious vulnerabilities. Just look it up.

Comment Re:Obligatory reminder that an alternative exists (Score 1) 97

by Carewolf (#48897585) Attached to: OpenSSL 1.0.2 Released

No matter what the security problem, it's always the random numbers, or lack thereof that is the problem.

(checks apt-get before making a fool of himself) ... Why the hell hasn't somebody made libRNG?

p.s. Seriously, how hard could it be to split out the RNG code of openssl or libressl and make it the gold standard? Yeah, I know it's generally unproductive to ask such rhetorical questions. Yes, I'm a coder that could do it (never looked at openssl code, but I'm sure I've dealt with worse, so I know it's possible), but I have no desire to become the owner of such a project, so I won't even bother to look at the effort required. Nor will you, probably. I have plenty of other things occupying my time. Maybe in another 20 years, if I'm retired by then...

Because on a unix system you just read from /dev/random anyway. Random seeds is an operating system responsibility, you can not make good random numbers without a little good random seed.

Comment Re:libressl-2.1.3 (Score 2) 97

by Carewolf (#48897579) Attached to: OpenSSL 1.0.2 Released

OpenSSL remains the only portable SSL library that can be used by both open source and commercial developers alike. Which is really a shame, because OpenSSL sucks. All the bad things the libressl people have said about OpenSSL are absolutely true.

We have GnuTLS which is only one year younger than OpenSSL, has a nicer API, is portable to Windows, has a better track record with regard to binary compatibility, a better build system, and can be used by commercial software (it’s LGPLv2.1). Comparison of features with other SSL libraries.

It also has a much worse track record in security, which is why no one uses it as the a primary SSL library and only as a library for operating on certificates.

Comment Re:Performance Mouse MX (Score 1) 431

by Carewolf (#48897427) Attached to: Ask Slashdot: Where Can You Get a Good 3-Button Mouse Today?

Can't recommend enough the Performance Mouse MX enough.

While it does have the middle button integrated into the scroll wheel, once used to it you will find it completely intuitive. I middle click hundreds of times a day and only found it difficult during the first two weeks of owning the mouse. 5 years later I still prefer the Performance MX over anything else.

To middle click I typically shift my index finger over a centimeter or two. My hands are slightly above average size and ergonomically the PerfMX is perfect for me.

Logitech Anywhere MX is similar except it actually has a separate button for the middle mouse button. The wheel click is changed to be the free-wheeling lock which makes much more sense.

Also, free wheeling for the win.
Star Wars Prequels

Disney Turned Down George Lucas's Star Wars Scripts 422

Posted by Soulskill from the not-enough-anthropomorphic-animals dept.
ageoffri writes: When Star Wars fans learned that George Lucas was making the prequels, most were filled with excitement and anticipation. When Episodes 1-3 were actually released, many found them unsatisfying, and became disillusioned with Lucas's writing. Now, it appears Disney felt the same way. Though they bought Lucasfilm and began production on Episode 7, they weren't interested in using the scripts Lucas had already worked on. In an interview, he said, "The ones that I sold to Disney, they came up to the decision that they didn't really want to do those. So they made up their own. So it's not the ones that I originally wrote [on screen in Star Wars: The Force Awakens]." After what happened with the prequels, that may be for the best — but others may worry about Episode 7's plot being entirely in the hands of Disney and JJ Abrams.

Comment Re:Crusty Hardware (Score 2) 189

by Carewolf (#48875287) Attached to: User Plea Means EISA Support Not Removed From Linux

I find it hard to believe that anyone is using EISA still. It got almost no traction in desktops and the only systems that ever had EISA slots were 386-486 era servers before the VL-BUS and PCI bus started to gain traction in late 486's.

If someone actually has a working EISA system, I'd like to see a photo. I had never managed to see more than one of these systems in my lifetime, and only saw one because it was being replaced in 1997 by a Pentium desktop.

I've actually seen more MCA systems than I've ever seen EISA.

EISA was parallel with VL-BUS for a long time, where consumer hardware used VL-BUS and enterprise or server hardware used EISA. PCI replaced both that wasn't until the mid 1990s. Still 20 years ago though.

Comment Re:Not "like Slashdot" (Score 1) 225

by Carewolf (#48867621) Attached to: Facebook Will Let You Flag Content As 'False'

Exactly my 1st thought. Maybe not "false" exactly, but I've long wanted to be able to mod comments "-1 incorrect". Of course I also want a "+1 funny AND insightful".

Yeah I have often missed it too, but I guess the point is that if the post is incorrect you should reply to it and correct it, and moderators should look for replies that correct it to upvote.

The real problem is that you are not allowed to comment after voting on a story.
Windows

Microsoft Reveals Windows 10 Will Be a Free Upgrade 570

Posted by samzenpus from the try-it-free dept.
mpicpp was one of many to point out this bit of news about Windows 10."Microsoft just took another big step toward the release of Windows 10 and revealed it will be free for many current Windows users. The company unveiled the Windows 10 consumer preview on Wednesday, showcasing some of the new features in the latest version of the operating system that powers the vast majority of the world's desktop PCs. The developer preview has been available since Microsoft first announced Windows 10 in the fall, but it was buggy, limited in scope and very light on new features. Importantly, Windows 10 will be free for existing Windows users running versions of Windows back to Windows 7. That includes Windows 7, 8, 8.1 and Windows Phone. Microsoft specified it would only be free for the first year, indicating Windows would be software that users subscribe to, rather than buy outright. Microsoft Corporate Vice President of the Operating Systems Group Joe Belfiore showed off some of the new features in Windows 10. While Microsoft had already announced it would bring back the much-missed Start Menu, Belfiore revealed it would also have a full-screen mode that includes more of the Windows 8 Start screen. He said Windows machines would go back and forth between to two menus in a way that wouldn't confuse people. Belfiore also showed a new notification center for Windows, which puts a user's notifications in an Action Center menu that can appear along the right side, similar to how notifications work in Apple OS X. Microsoft Executive Vice President of Operating Systems Terry Myerson revealed that 1.7 million people had downloaded the Windows 10 developer preview, giving Microsoft over 800,000 individual piece of feedback. Myerson explained that Windows 10 has several main intents: the give users a mobility of experience from device to device, instill a sense of trust in users, and provide the most natural ways to interact with devices." More details are available directly from Microsoft.
Facebook

Facebook Will Let You Flag Content As 'False' 225

Posted by Soulskill from the things-that-definitely-certainly-won't-ever-be-abused-at-all dept.
jfruh writes: If you're tired of seeing fake or misleading news articles posted by your friends to Facebook and then spreading like wildfire, you might be in luck. In a system that's something like Slashdot comment moderation on a grand scale, you'll now be able to flag a story as false. Links that have been flagged this way by many users will appear less frequently in people's newsfeeds, or with a disclaimer attached.

Comment Re:Nice laptop, but dislike the keyboard design (Score 1) 592

by Carewolf (#48846835) Attached to: Why Run Linux On Macs?

A recent employer issued me a new 15" MacBook Pro. I really liked the weight, battery life, screen quality, and the feel of the keyboard. But the non-PC keyboard layout drove me nuts. I.e., the absence of stand-alone keys like home, end, page-up, alt, etc.

You should happy they removed home and end. At least if you are running OS X. You might end up hitting them otherwise, and then chaos and stupidity ensues. It seems Apple instead of fixing the retarded behavior of home and end in OS X just removed the buttons so users would hit them and be thrown around and lose the position in the document they were working on. Typical Apple; fixing the problem, not by admitting any fault but by removing user options.

Comment Re:Here's an interesting follow-up idea (Score 4, Insightful) 291

by Carewolf (#48842007) Attached to: Innocent Adults Are Easy To Convince They Committed a Serious Crime

What would be interesting would be to see what a polygraph says about their false memories. Can it distinguish between an event that occurred and one that was from a false memory? If not, that would be the final nail in the coffin.

What coffin? Polygraphs are a hoax intended to scare stupid criminals into confessing. It does even work on real memories, why would it work on false ones?

Slashdot Top Deals

The optimum committee has no members. -- Norman Augustine

Close