Follow Slashdot stories on Twitter


Forgot your password?
Slashdot Deals: Deal of the Day - Pay What You Want for the Learn to Code Bundle, includes AngularJS, Python, HTML5, Ruby, and more. ×

Submission + - Tomb, a successor to TrueCrypt for Linux geeks (well, dm-crypt, basically...) (

jaromil writes: Last day we released Tomb version 2.1 with improvements to stability, documentation and translations. Tomb is just a ZSh script wrapping around cryptsetup, gpg and other tools to facilitate the creation and management of LUKS encrypted volumes with features like key separation, steganography, off-line search, QRcode paper backups etc. In designing Tomb we struggle for minimalism and readability, convinced that the increasing complexity of personal technology is the root of many vulnerabilities the world is witnessing today — and this approach turns out to be very successful, judging from the wide adoption, appreciation and contributions our project has received especially after the demise of TrueCrypt.
As maintainer of the software I wonder what Slashdot readers think about what we are doing, how we are doing it and more in general about the need for simplicity in secure systems, a debate I perceive as transversal to many other GNU/Linux/BSD projects and their evolution. Given the increasing responsibility in maintaining such a software, considering the human-interface side of things is an easy to reach surface of attack, I can certainly use some advice and criticism.

Submission + - 18 Years On, Ultima Online Is Still Going (

An anonymous reader writes: Ultima Online was released in September, 1997. It was the game that popularized graphical MMOs, and somehow, it's still running. Rock, Paper, Shotgun took a dive into the game to see how much it's changed, and who still plays it. As the community has shrunk, it's become increasingly tight-knit, and giving up the game now means giving up a social circle for many players. Even though newer MMOs have eclipsed the game's functionality, UO has a dedication to the full adventuring experience that later games haven't replicated. From the article: "While initially I couldn’t understand the appeal of Ultima, when I decided to shake off the limitations of an early level character and simply explore for myself, I found a game world with a lot to offer. Player created civilisations, unique monsters, and the sheer mystery of the world combine to keep this ancient MMO compelling. For all the ways in which the genre has improved, Ultima Online remains one of just a few MMOs that let you live an alternative life. That feeling of ownership ... combined with the diversity on offer, keeps players coming back day after day."

Submission + - Now get cosmic fog e-liquid at Dcvapor store. (

dcvapor writes: Cosmic Fog premium E-juice made in Orange County, California. Their range of eliquids has proved to be a hit in the USA. This e-juice craft only the most unique, thoroughly tested, highest quality e-liquids the vaping world has ever seen. Each flavor should be a new, exciting experience for every user, and given the amount of time that goes into every blend, it will be.

Submission + - Unnoticed For Years, Malware Turned Linux Servers Into Spamming Machines

An anonymous reader writes: For over 5 years, and perhaps even longer, servers around the world running Linux and FreeBSD operating systems have been targeted by an individual or group that compromised them via a backdoor Trojan, then made them send out spam, ESET researchers have found.

What's more, it seems that the spammers are connected with a software company called Yellsoft, which sells DirectMailer, a "system for automated e-mail distribution" that allows users to send out anonymous email in bulk.

Submission + - I Will Crack Your Password With Statistics (

pjauregui writes: The posts starts by asking the reader, 'Think like a hacker and ask yourself how fast your passwords might be able to be cracked based on their structure.' The author then describes his method for cracking passwords at scale, efficiently, stating that many attackers approach this concept headfirst: They try any arbitrary password attack they feel like trying with little reasoning. His post is a discussion that demonstrates effective methodologies for password cracking and how statistical analysis of passwords can be used in conjunction with tools to create a time boxed approach to efficient and successful cracking.

Submission + - US Navy researchers get drones to swarm on target (

coondoggie writes: The Office of Naval Research today said it had successfully demonstrated a system that lets small-unmanned aircraft swarm and act together over a particular target. The system, called Low-Cost UAV Swarming Technology (LOCUST) features a tube-based launcher that can send multiple drones into the air in rapid succession. The systems then use information sharing between the drones, allowing autonomous collaborative behavior in either defensive or offensive missions, the Navy said.

Submission + - Top 5 Python GUI Frameworks (

Nerval's Lobster writes: As a Python developer, sooner or later you’ll want to write an application with a graphical user interface. Fortunately, there are a lot of options on the tools front: The Python wiki on GUI programming lists over 30 cross-platform frameworks, as well as Pyjamas, a tool for cross-browser Web development based on a port of the Google Web Toolkit. How to choose between all these options for Python GUIs? Developer David Bolton started by narrowing it down to those that included all three platforms (Windows, Mac, and Linux) and, where possible, Python 3. After that filtering, he found four toolkits (Gtk, Qt, Tk, and wxWidgets) and five frameworks (Kivy, PyQt, gui2Py, libavg and wxPython). He provides an extensive breakdown on why he prefers these.

Comment Re:Dump SSL / Certificate-based Security (Score 1) 195

Perhaps I am missing something here...

PGP is a public key system. If you are going to be doing a mail system based on this, it seems to me that the receiving email client would check to see if the public key associated with the email address is on file. If not, request the public key from the email address. If the key is on file it could even check and verify that it is the same. If it is different, throw a warning.

I don't see that there is a need for central key distribution.

I have a theory that it's impossible to prove anything, but I can't prove it.