Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).


Comment: Not "block" (Score 1) 216

by Cley Faye (#49285995) Attached to: France Will Block Web Sites That Promote Terrorism
A more appropriate terminology is "hide". There is zero improvement in the gov' capacity to actually block such websites from the source (which would at least have a chance to be effective). Instead, they just mess with the DNS to "prevent access" to a list of websites containing gods know what. I wouldn't know such blockage exist without news outlet since I'm not using my ISP's DNS.
And there's not much uproar about these "weapons" (the media call the recent laws "arsenal") being targeted at everyone, very marginally hitting actual terrorists (and not, in any way, hindering their capacity to communicate and recruit). Way to go France.

Comment: Re:What's TSYNC ? (Score 4, Insightful) 338

by Cley Faye (#49209383) Attached to: Google Chrome Requires TSYNC Support Under Linux

they were able to survive without TSYNC and make it 'safe' but suddenly they can't

Geez, improving their software's security by taking advantage of better kernel support, Google really are deadbeat stupid. Better drop the sandboxing idea, have everything in the same process, preferably run as root. We'll be all safe with this old, not up-to-date version of openssl with brand new SSL3.0 support.

Comment: Re:What's TSYNC ? (Score 2) 338

by Cley Faye (#49209369) Attached to: Google Chrome Requires TSYNC Support Under Linux
The actual replies are worse than the slashdot summary; when someone asked for TSYNC support, the answer was "sounds like another good reason not to use Google Spyware". The followup are in the same vein about Flash.
Now one can have his opinion and think that Chrome/Flash are evil incarnates and must be wiped out from our universe, that doesn't change the fact that Flash still exist, is still in use by an awful lot of websites, and Chrome is the only way to get this content under Linux. Telling people "nah, not gonna have it, kthxbai" is probably more hurting than anything.

Comment: Re:I hope it works (Score 2) 60

by Cley Faye (#48874021) Attached to: Calls For European ISPs To Filter Content Could Be Illegal
I hope too. Even with the best intention in the world, doing this would only have negative consequences (and not the expected one).
  • Filtered content would still exist and grow happily with at most the small annoyance of hiding it slightly. Or simpler yet use a vpn that even a grandma could set up nowadays and proxy to an unfiltered ISP.
  • People responsible for "drawing the line" of what is forbidden will go haywire. Any situation where the lines are fuzzy need dedicated examination and reaction, not a handful of guys saying "hey, block me this just 'cause".

But I'll admit I might be a bit optimistic trying to use logic and basic thinking about what will be a political discussion.

Comment: Re:what's wrong with ifconfig? (Score 2) 164

by Cley Faye (#48658753) Attached to: NetworkManager 1.0 Released After Ten Years Development
For desktop users.
Most "not power" user simply want their computer to access "the internet" and don't care much about anything in between. NetworkManager does just that: plug the ethernet, you get a working connection. Input a wifi password in a simple, straighforward input dialog, and it works.
I don't know if it was designed explicitely for this usage, but it work wonderfully there. In other scenarios... not so good. On a dev system, or a server, you'll want to remove it. Bet let's not forget the desktop users :)

Comment: Re:Forked the Debian? or the Debian? (Score 1) 184

by Cley Faye (#48658737) Attached to: Devuan Progress Report Published
The proposition to have multiple init system in Debian was promptly rejected with arguments ranging from infeasible to "who is going to make all these packages compatible with sysv init" (although they were compatible a few month ago).
I don't think doing it anyway in Debian was a good choice in that ambience.

Comment: A fun story about TPB and France (Score 1) 251

by Cley Faye (#48565773) Attached to: Peter Sunde: the Pirate Bay Should Stay Down
Story time... A few days ago (less than a week!) the SCPP (the french RIAA) finally got a ruling forcing ISP to block TPB. At the time, we all laughed at both the idea that blocking a website is useless, and at the price we payed for this (it took a lot of court time to get this result, which translate into taxpayers money). Fastforward yesterday, TPB disappear. If the situation stay this way it will truly be a ridiculous ruling on all account. Fantastic.

Comment: Re:Sony needs to invest in their IT (Score 1) 170

by Cley Faye (#48547599) Attached to: Sony Hacks Continue: PlayStation Hit By Lizard Squad Attack
There's some middle-ground to find. Sure, there is no 100% foolproof way to secure your network, but if a company get hacked and preliminary investigations shows that this company used debug configurations with outdated software, coupled with bad habits of storing sensitive information in a plaintext, unprotected database, then this company is guilty of something.

Comment: Re:Too little, too late (Score 1) 525

by Cley Faye (#48371329) Attached to: Microsoft To Open Source<nobr> <wbr></nobr>.NET and Take It Cross-Platform
As per tradition, I didn't RTFA, but Microsoft have a nasty history with opensource and licensing. It's so bad, that some developer take care of not *seeing* any MS source to avoid future litigation... I would be very careful with the condition attached to using .Net.

Comment: Re:Justify my love (Score 2) 47

by Cley Faye (#48322313) Attached to: LibraryBox is an Open Source Server That Runs on Low-Cost Hardware (Video)

You.... don't?

This one is too hard to defend. Sometimes I've been really enthusiastic about small and/or useless stuff on crowdfunding sites and early access stuff, but this is simply overpriced off the shelve hardware with a sticker...

Well, as long as there are people willing to send money to them, I suppose it's a "good" idea from a commercial point of view...

Comment: Re:Well... no. (Score 1) 126

by Cley Faye (#48308347) Attached to: Flaw in New Visa Cards Would Let Hackers Steal $1M Per Card
Ah, I get it you don't take the subway (or other crowded public transportations) too often...

Regarding the time needed for this, when I put my own card behind my phone, it really worked in roughly a single second. And it does work as fast through multiple layers of clothing as long as there's nothing metallic in the way. Now, in very crowded area, peoples get pushed on each others. If it was enough in the past for a skilled pickpocket to steal your wallet without you noticing, clearly it's enough promiscuity to do a contactless swipe over your pocket.

Now, the question of multiple NFC cards is real, but you assume that people who have multiple contactless cards hold them all in the same place. Unfortunately, for it to mitigate this "attack", all the card need to be on the same technology (for example, my transportation card doesn't talk NFC and don't seem to interfere with my phone NFC reading capabilities). And some people find it more convenient to "spread" their contactless card, so they can just push their wallet/handbag/whatever on the NFC reader instead of taking out the card itself. Again, convenience my very well be in the path of security.

So, all in all, yes, I have evidence that reading an NFC card through clothes can be done efficiently and go unnoticed. Also, since you mention tinfoil wallet time, for NFC it might be enough. I said it in another post, but a "simple" metallic card holder render my cards invisible as far as my phone NFC reader is concerned, so it might be a short term solution. But I also don't doubt that it's infaillible, as boosting the signal from the receiver side might be enough to get through that. YMMV.

Comment: Re:Just ask your bank to send you (Score 1) 126

by Cley Faye (#48306281) Attached to: Flaw in New Visa Cards Would Let Hackers Steal $1M Per Card

As for people suggesting Faraday cage wallets and such, I'm unconvinced. A proper Faraday cage has to have no gaps, and most of these are not that tightly constructed. I would not be at all surprised if many of them provide only a feeling of security rather than actual security.

Don't know about "faraday cage" wallets, but I carry most of my cards in a simple metallic case that loosely close (it's not airtight or anything). It is enough for my phone to not pick up the card inside when I put them together, so I suppose it would be a severe hindrance to people trying to read an NFC card with a quick bump.

Still, some tweaked hardware to boost the signal on the receiver side might get through. Hmm I need to run some more tests...

... though his invention worked superbly -- his theory was a crock of sewage from beginning to end. -- Vernor Vinge, "The Peace War"