Slashdot is powered by your submissions, so send in your scoop


Forgot your password?

Comment: Re:obligatory Good Luck With That (Score 4, Insightful) 140 140

People will crack streamed DRM if there is content that's either only available there, or is available there first... If you look at most torrent sites these days you will see all kinds of content that has been ripped from streaming media sites, all of which used DRM and yet still got cracked and made available in a more convenient form via torrents.

Comment: Re: Umm... their DRM code works quite well... (Score 1) 140 140

When people started doing that it was the current generation console, and it's not a lot of effort to install an xk3y (which costs about the price of a single game) and then copy downloaded iso files to a usb hdd... In fact, being able to hook up a large portable hdd containing hundreds of games is far more convenient than sorting through a pile of dvd media.

Comment: Re:Ummmm... (Score 1) 243 243

If the password can be retrieved in an automated fashion then even if its encrypted, everything necessary (i.e. the key) is present, so if the host is compromised the passwords effectively are plaintext as the attacker can simply run the same process to decrypt the password.

And even if you use SSL to check your mail, that doesn't change how the email has been transmitted from one mail server to another, which is often done without using SSL, and most mail servers will fall back to plain text even if they do support SSL because so many out there don't support SSL at all.

Comment: Re:Security (Score 1) 243 243

Not necessarily in these days of social media... A lot of people have Facebook accounts and will have added relatives or people they went to school with...
For your example, you already know the school, so you find out a list of their teachers (often published online) and try them all, and if the attacker knows your age they can narrow it down further... Either way there's a relatively small number of possible answers.

Comment: Re:Security and IPv6 (Score 3, Interesting) 297 297

Good luck trying to scan an ipv6 range...
The smallest subnet is a /64, even scanning every host there for a single port would take a LONG time.

IPv6 works fine with VPN software, even ipsec was originally a part of ipv6 and cruftily backported to ipv4... Infact, you can use ipsec properly (ie end to end without kludges like l2tp) with ipv6. The problems published recently were due to short sighted vpn providers who completely ignore the existence of ipv6. If they provided dual stack connectivity over their vpn then there wouldn't have been a problem.

Bugs could still be found in ipv4 stacks too (and are still being found), on the other hand ipv6 is much newer and addresses some of the weaknesses of ipv4.

Comment: Re:Options (Score 1) 483 483

MAC filtering will stop random users from connecting automatically, but won't stop someone who is intentionally trying to gain access... Changing your MAC is trivial.

Agreed that _optout is offensive, why should i have to change the name of *my* network to cope with this crap, and where would it end? I shouldn't have to explicitly opt out of things i never have any intention of using and might not even be aware of.

The only real solution is a dedicated (isolated) guest network, with regularly changing keys... I don't have guests visiting all the time so i could easily generate a new key each time...

Comment: Re:Google gets a free pass? (Score 1) 483 483

Any device that connects to wifi has to store the passwords either in the clear or in a retrievable form...

If you compromise the device, you can extract the keys (and a lot of other stuff too). Other devices just obfuscate the keys, but they are still retrievable (e.g. try wirelesskeyview or gsecdump for windows).

That's why virtually all platforms offer device encryption these days to lessen the chances of the device being compromised at all.

Comment: Re:if that's true, (Score 1) 483 483

Limiting sites and protocols just causes problems, people will have their devices setup to connect to all manner of things (vpns, email, im, voip etc), and restricting what they can access will invariably block some stuff and render the connection unusable, causing a denial of service if the handset automatically connects to the wifi and loses its cellular connection where everything was working.

I'm still waiting for the advent of the computer science groupie.