Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
For the out-of-band Slashdot experience (mostly headlines), follow us on Twitter, or Facebook. ×

Comment: Re:Competent Authorities (Score 1) 133 133

Assange is a hypocrite that lets his personal agenda and politics determine what he releases.

If you can't understand why that matters you really can't be part of the conversation, sorry. You need to learn to think for yourself, critically.

But riddle me this, what does his work have to do with the fact that he's a criminal? He's a criminal with or without his work. When you look at his 'work' and notice he does the same lying bullshit to manipulate reality. He modifies what he release to show parts that promote his agenda and leaves out context which shows that what he presents is nothing like he claims.

You trust a man that lies about EVERYTHING HE DOES to provide you with all the facts about how others are lying? Idiotic

Comment: Re:Hillary Clinton says: (Score -1, Flamebait) 226 226

Then you lack a moral compass and need t get some help.

I'm suggesting that when you know the fucker is guilty, you put his ass in jail, not defend him.

Apparently you think its Ok for someone to keep their job/career at the cost of someone else getting raped.

THAT IS FUCKED UP.

I know the argument you're trying to make and its bullshit. She made her choice, no one else. This bullshit about lawyers representing clearly guilty clients because 'its what we do' is ... well, bullshit.

This is exactly why there is absolutely nothing wrong with a boat full of lawyers being at the bottom of the ocean.

Comment: Competent Authorities (Score 0, Flamebait) 133 133

and that it is in fact not a request for asylum per se; instead, they assert, the letter merely expresses Assange's "willingness 'to be hosted in France if and only if an initiative was taken by the competent authorities.'

First off, thats a request even if you continue your typical bullshit lying Assange.

Second, I'm 100% certain he doesn't want competent authorities involved, if they are, he's fucked,

The only reason he's not in jail in Sweden already is because Ecuador feels like trying to be a dick to the US.

He's been utterly destroy. He's shown his true colors. He's shown wikileaks is about his ego, not truth. He's shown he thinks he's above the law and that he thinks EVERYONE else is corrupt and out to get him. He has no friends and his only followers are those to stupid to recognize his bullshit and college kids who think they have to fight everyone else battles for them even when they have no fucking clue what they're doing it for.

At some point, Ecuador is going to get tired of him, after which, someone is going to put him in jail.

The only thing that shocks me so far is that Sweden has a statute of limitations that doesn't take into account that the accused is running from the law. Its one thing to timeout on things when you have no idea who you're looking for ... but they know who and where he is.

He's a douche, so much a douche that even France thinks he's a douche. How sad do you have to be when even France doesn't capitulate?

Comment: Re:Penalty for obvious false claims (Score 1) 91 91

There is. All you have to do is file a take down notice about the take down notice. At which point, Youtube can put it back up until a court actually rules on the issue.

To date, the courts have not been kind when someone actually stood up and challenged bullshit DMCA requests.

Comment: Re:what? (Score 1) 37 37

The terminology being used is intentionally misleading.

The way its being said, most people who aren't that interested think its one single continuous flight, which is impressive.

There really isn't anything particularly impressive about this once you take that out of the equation.

Voyager was impressive. https://en.wikipedia.org/wiki/...

IT actually DID fly around the world without stopping, and it did the entire flight in 9 days, and they didn't stop to take breaks to avoid weather, they flew AROUND a Typhoon FFS.

This solar powered aircraft is more like a training run for one someone actually wants to do it properly.

Comment: Re:Nobody cares about the password your transcript (Score 1) 242 242

The amount of effort it takes to do proper password handling versus the amount of effort it takes to just store one long enough to authenticate a user is so little different that treating them differently just shows a lack of knowledge about security in general.

Sending a clear text password for 'recovery' tells me that you didn't even bother to hash it ... that is NEVER AN ACCEPTABLE PRACTICE. If you think it is, or if someone treats it like it is, it shows you that they aren't capable of treating the different bits of data at different security levels since the extra 3 lines of code to hash the password for safer storage was apparently too much for them.

If you(they, whoever) care so little about the password that its not hashed, then its not worth having a password for in the first place. On modern processors, even doing hashing in ASSEMBLY is not a ridiculous task, every other higher level language has a library that does it in one function call in most cases.

There is no excuse that justifies storing a password in clear text. Ever.

Comment: Re:Security (Score 1) 242 242

Yes.

People who think they have a clue and are clever ... then decide to share their awesomeness and cleverness with others in a way that makes us all worse off ... yes, that makes me angry.

But hey, you go ahead and deflect. No sense in acknowledging the problem and doing something about it, you go ahead and pretend you've done nothing wrong and I'm the bad guy for pointing out how you're just as stupid as the article you're replying to ... but you don't even realize it or why, and you're bragging about your poorly thought out methods.

You think you know what your doing and don't, and on top of that you've decided to attempt to corrupt other people with your broken methods. You are the definition of a security problem.

Comment: Re:Security (Score 2) 242 242

You haven't been developing web apps very long, have you?

Steps 5 and 6 are horrible from a UX perspective and actually lower security a tiny bit.

By emailing out a single use password you make it possible for someone to eaves drop on the email train and login to your site using the single use password that you sent over email ... in clear text, over a system that may end up easily being stored on disk and snoop-able on many computers.

There is absolutely no reason to email them the password, you've already verified the email address is viewed by the user, doing it again just exposes that information to other people who may not know the users 2 security questions, but do already have access to the users' email.

You've effectively made your security questions useless if someone hacks the email account in the first place, which is often the case before using that to spider out and discover other services the user has. (You check the users sent/inbox/archive for emails from certain email addresses that are used by various services and can quickly tell the user does use specific services.)

Emailing a password is ALWAYS BAD PRACTICE.

ALWAYS.

Did you hear me? ALWAYS.

When you think you've figured out a way to make it 'safe'. Jab an unsharpened pencil in your eye as punishment and remember: ITS ALWAYS A BAD IDEA TO EMAIL PASSWORDS.

I'll go ahead and not bother pointing out how bad of an idea 'pre-defined' security questions are at this point, seems like you probably need to do some brushing up one security practices from someone who knows a bit about what they are doing. FFS, there are frameworks for every major web dev environment for user auth recovery. You shouldn't even be rolling your own.

Comment: Re:Bad Summary, Only new part is the sharing optio (Score 1) 479 479

Apple backs up my passwords with an encryption key which is also protected by a separate password.

Apple CAN NOT read my passwords, so they can not share them.

Not sure about Google, but I hope it does the same.

Microsoft is uploading passwords clear text or in some other equally dangerous form thats decryptable so they can be shared.

Comment: She's think about it, or you are? (Score 1) 246 246

If she's thinking about it, why are you the one asking about it?

Sounds more like she's thinking about not trying very hard to get back into it ... You ever consider that she doesn't actually want to? Maybe you want her too? Maybe she's only trying to put forth enough effort to appease you but not actually enough to get a job?

Something is wrong if you're asking for her.

Adapt. Enjoy. Survive.

Working...