Fnord666 - Slashdot User

Comment Re:they used encryption, hmacs, thought they knew (Score 1) 83

by Fnord666 on Saturday February 07, 2015 @01:42PM (#49006201) Attached to: How To Hack a BMW: Details On the Security Flaw That Affected 2.2 Million Cars

BMW's programmers did as much as I'd expect any application programmer to do. It's then time for the security audit, by a truly qualified security person, to catch the kinds of mistakes that the author caught.

No. Security is not an afterthought or something do be approached at the end. It needs to be an integral part of the software development lifecycle from soup to nuts. Anything else results in "ship it now, we'll fix it later" decisions and we end up where BMW is today.

Comment Re:I don't think this is really true. (Score 1) 153

by Fnord666 on Saturday February 07, 2015 @12:23PM (#49005723) Attached to: Facebook Will Soon Be Able To ID You In Any Photo

Also very hard if there is not a set of reference photographs.

Fortunately your friends, relative, and coworkers are willing to help out with that. Each photo uploaded to Facebook with your face tagged in it is a reference photo. Setting your privacy settings to not display those tags doesn't mean the data point wasn't saved.

Comment Re:OpenSSL, GnuPG, ... (Score 2) 51

by Fnord666 on Friday February 06, 2015 @04:55PM (#49001189) Attached to: GnuPG Gets Back On Track With Funding

Every e-mail client(desktop and mobile) should have S/MIME and GnuPG integrated in - including Gmail, Yahoo and the various ISP web clients. What's taking Google so long for Gmail - pressure from various governments?

Maybe it's the fact that if your email is encrypted as it passes through Google, they can't data mine it. Since that is the Raison d'etre for gmail, it would kind of defeat the whole purpose.

Comment Navigation Map Updates (Score 1) 157

by Fnord666 on Friday February 06, 2015 @04:50PM (#49001133) Attached to: Automakers Move Toward OTA Software Upgrades

While some carmakers today offer over-the-air software upgrades to navigation maps and infotainment head units,

Others, such as Toyota, want to charge you $250 US for a one time update to the maps. Then they wonder why I still have a Garmin stuck to my windshield. Thanks for nothing Toyota.

Comment Re:Lasers are easy to stop (Score 1) 517

by Fnord666 on Friday February 06, 2015 @12:48PM (#48998731) Attached to: The US Navy Wants More Railguns and Lasers, Less Gunpowder

Conventional ships guns hit targets over the horizon by firing up and then gravity brings it down (hopefully on target) and they have about as much range now as they are ever going to get, everyone is agreed there. All I was implying is it's going to be hard to hit a target over the horizon with a straight shot. If your going to shoot the railgun the same way you shoot conventional guns what's the point?

They'll still use indirect fire, it may just have to orbit the earth a time or two before coming back down for the impact.

Comment Re:Been a long time coming (Score 1) 294

by Fnord666 on Thursday February 05, 2015 @10:55PM (#48995365) Attached to: Radioshack Declares Bankruptcy

Then they expanded like hell, employed stupid corporate business policies like charging people to pay for store catalogs, ridiculous "i need all your personal info" so I can sell you a resistor, etc.

I remember this shift well. Our local store manager understood though. As soon as you gave him a WTF look he would reply with "Right. Kris Kringle it is then."

Comment Better Story Link (Score 4, Informative) 84

by Fnord666 on Thursday February 05, 2015 @12:59PM (#48989911) Attached to: Smartphone Attachment Can Test For HIV In 15 Minutes

Here is a link to the original article cited by the Times that contains more detail.

Comment Re:Here's a great idea... (Score 1) 481

by Fnord666 on Thursday February 05, 2015 @12:38PM (#48989711) Attached to: DOT Warns of Dystopian Future For Transportation

It's a no-brainer.

then how are we supposed to do it?

Get the government involved of course.

Comment Re:Bound to happen (Score 1) 619

by Fnord666 on Tuesday February 03, 2015 @12:27PM (#48969905) Attached to: Google, Amazon, Microsoft Reportedly Paid AdBlock Plus To Unblock

I don't mind ads as such, but what I do mind more than anything else -- more than being noisy and obnoxious -- is the tracking that comes with them. That's why I block all advertising that I can, and why I always will.

And the drive-by malware. Don't forget about the malware that makes it into even the best of ad networks.

Comment Published but not released yet. (Score 1) 27

by Fnord666 on Sunday February 01, 2015 @05:48PM (#48953879) Attached to: Lab Samples Database "JuliaBase" Published As Open Source

According to their info page, juliabase has not had a 1.0 release yet.

JuliaBase is organized in a public Git repository on GitHub. So far, there is no public release of JuliaBase 1.0. However, the master branch in the repository is a release candidate, ...

I'm not sure I would solely trust my lab results to a LIMS system that is pre-release.

Comment Re:Can someone explainn (Score 1) 165

by Fnord666 on Thursday January 29, 2015 @12:29PM (#48932021) Attached to: Drone Maker Enforces No-Fly Zone Over DC, Hijacking Malware Demonstrated

How big is your brick? While there are hexa- and octocopters that can carry a couple of pounds (which are big and conspicuous spider-looking things), the payload of the DJI Phantom line is measured in low-double-digit grams.

Video of one lifting 50lbs. Is that enough for you?

Comment Re: Fault of the walled garden (Score 1) 192

by Fnord666 on Saturday January 24, 2015 @08:10PM (#48895653) Attached to: WhatsApp vs. WhatsApp Plus Fight Gets Ugly For Users

if your friends run off a cliff, do you follow them?

Yes, but that's because we are all BASE Jumpers. Ditto for the bridges too.

Comment Re:Weak Bladders (Score 2) 174

by Fnord666 on Saturday January 17, 2015 @11:50AM (#48838741) Attached to: Spanish Judge Cites Use of Secure Email As a Potential Terrorist Indicator

Every time there is some little incident of terrorism the public starts soiling their panties and begging politicians to do something. Frankly I find it disgusting.

Except that this raid occurred on 12/17/14, several weeks before the attack on Charlie Hebdo.

Comment Re:One more reason to use a wired keyboard (Score 1) 150

by Fnord666 on Wednesday January 14, 2015 @12:45AM (#48808951) Attached to: Wireless Keylogger Masquerades as USB Phone Charger

Since AES is a block cipher, and an AES block is 16 bytes, and since keypresses appear to be transmitted "instantaneously", does that mean for each keypress, a 16-byte block is formed, and encrypted? And what about the encryption mode? (Otherwise doesn't it basically become ECB?)

You use the block cipher to generate what is essentially a random stream, then XOR it with the input stream as needed, turning your block cipher into a stream cipher.

Comment Re:Nope (Score 1) 331

by Fnord666 on Sunday January 11, 2015 @04:29PM (#48788791) Attached to: Would You Rent Out Your Unused Drive Space?

The problem is, that hasn't been decided as of yet. It would make sense to any normal person that they wouldn't be. But law enforcement isn't sure how to deal with such services so they are doing their best to kill the industry with raids, but then drop the cases before they hit court so no ruling can hurt their efforts.

Even if it turns out that you are not legally responsible for the content, that's not going to keep LE from confiscating/impounding your computer systems for an undetermined amount of time.

Slashdot Top Deals