Follow Slashdot stories on Twitter


Forgot your password?

Comment: jeez, conversion took all of 2 seconds... (Score 1) 144

by Creepy (#49536467) Attached to: I spend most of my time ...

260 meters * ~3.28 m/ft (or 3,28 in some parts of the world) = 853 feet.

I live in the US and work with both US and Europeans, so knowing at least rough conversions is a necessity. When I say it's a little cool at 16 degrees today it makes a big difference when I'm talking to US or Germany - that's like -9C or 61F. It may be confusing because I sometimes jokingly call it balmy when it is freezing.

Comment: Re:FTFY (Score 1) 189

by Creepy (#49529277) Attached to: Microsoft Announces Device Guard For Windows 10

Gatekeeper was never really designed for corporate style use, but to be honest, neither was the mac itself. For that matter, Windows PCs aren't really designed for corporate use, either.

My worry is that it works like Gatekeeper, though. The Windows Store is a hideous mess, especially on the free side - a lot of programs that should be free come up as low voted "lite" versions that do nothing without you paying for the real program. A prime example of this is .7z - the default programs (and there are about 20) are all view only unless you pay their fee and all you get is a touch interface 7zip, a program which you can download and use free on non-touch devices. I got so frustrated finding one that I just gave up and installed 7zip (this was a touch supporting laptop). Uninstalling one of these crapware programs is completely unintuitive to a desktop user, as well (supports the touch paradigm only). I actually had no idea how until my wife got a Windows Nokia phone.

And yes, I think the Windows Store is far worse than the Android store in this respect - way too many "lite" programs or trialware that does little or nothing without you paying for them. With android you usually get advertisement injection with this sort of free program. I'd rather have that than shakedown-ware. For reference, on android I had no problems finding a free .7z extractor (and it compresses, too!). It was the first hit I got and had 4.2 stars (first I got on Windows was 2 stars).

No, I don't mind paying for software, but when the program is free on the same platform just with a different interface I draw the line. Set up a paypal account and ask for donations if you are a poor college student. Be sure to state that you are a poor college student on the download page - I'm a sucker for pity pay donations. My worst fear is a Gatekeeper-like app locking the vast majority of users to some money grubbing bottom feeder developers like people that make money this way. This is capitalism at its worst, profiting off of someone else's creation.

Comment: Re:lol, Rand sucking up to the dorks (Score 1, Troll) 202

The law was written in 1983 and updated a tiny amount in 1986. It was a time before the internet, and was specifically written with ATMs in mind. Even worse, they used one of the most ambiguous and horribly loosely written laws in existence, the Espionage Act of 1917 as the blueprint. This is the same law the US government used to charge Edward Snowden with espionage, which is supposed to be when you give confidential information to foreign governments, not someone that is not supposed to have it (seriously, that is what the law defines as espionage).

So yes, access without authorization makes a lot of sense when used for ATMs. When applied to the internet, it makes using practically any for-profit web site illegal to visit and requires you to use your actual name, not an alias (that is also illegal according to this law - you are misrepresenting yourself).

What did Aaron do? He put public domain documents on the internet that a school was charging something like 10 cents a page for copies. Since this was a "financial transaction," this was a 25 year felony crime according to a law written for ATMs. Not exactly sure how it got to 35 years, as I remember that law was 25 max. Incidentally, I know several people more legitimately charged with that - they were pirates arrested in the 1980s (affiliated with the Super Pirates of Minneapolis and Midwest Pirate's Guild), but most were underage and served no time.

Comment: wish I could... (Score 1) 533

by Creepy (#49505177) Attached to: Utilities Battle Homeowners Over Solar Power

In a ruling 20+ years ago, my city banned rooftop and "visible from the street" solar panels and all wind turbines in a "nuisance" ruling. That same ruling also bans trash cans visible from the street and having any sort of front yard structure to hide them (these structures are allowed on the side of the house). Living on a corner lot where my backyard is partially visible from the street (I could build a fence, but my backyard is small and would likely block the panel), I cannot legally have solar and they have cited me for trashcans on the side of the house because it is "front facing to the street," even though it is the side of my house.

Comment: Re: For work I use really bad passwords (Score 1) 136

by Creepy (#49479059) Attached to: Cracking Passwords With Statistics

You could also use a system to vary the passwords. I use the last character of the site name (as I stated in a different post), but I've been migrating to a new system in the past couple of years, which is why I didn't care about divulging it. Let's say the new system is the first and last characters of the site (it is not) - I could then have sPa$$w0rdT for the password to Slashdot, and while it is essentially the same, it varies for most of my accounts. One hint - my new system sometimes excludes RSTNLE, AKA the Wheel of Fortune characters, AKA the most popular characters in at least American English, but sometimes does not and knowing when to use them or not is part of the trick. My new system gives me 4 character/number differences and positional differences in every password, so I expect it will be far more secure than my current method and still easy to remember.

Comment: Re: For work I use really bad passwords (Score 1) 136

by Creepy (#49478937) Attached to: Cracking Passwords With Statistics

I have throw-away passwords I sometimes reuse as well, also for sites I need to register on and don't particularly care about (they also get a junk email account I never check). I will vary this password by using a trick - I use the last character in the site name as the first character in the password so it is rarely the same. Still not exactly secure, but easy to remember and varies the password by site. The rest of the password is usually some fantasy character name with flipped calculator/leetspeak letters thrown in with the capital moved to after the first number. For instance, Godwynne would become g0Dwynn3 and BadBrutus would be b7DBrutus. If I was on Slashdot, these would be tg0Dwynn3 or tb7DBrutus.

And yeah, that is for my throw-away passwords. Most of my non-throwaway passwords I doubt could be guessed or hacked through brute force. A keylogger probably won't help (it will be flagged as an unknown program by security scans and set off a security alert), so you'd need to rootkit the machine.

Comment: Re:For work I use really bad passwords (Score 1) 136

by Creepy (#49478655) Attached to: Cracking Passwords With Statistics

That works great if you aren't forced to have 6 characters different, as well. Our rules were 8+ characters, 20x without repeat, 6 char difference in each password, 30 day forced changes, at least one upper case character, and at least one punctuation. Through trial and error, I found the 6 characters different were based on position, so my solution was rotation - Pa$$w0rd becomes a$$w0rdP and then $$w0rdPa, etc. Works for a few months at least, and I only needed to memorize three strings. Never got cracked by the brute force software so far, so it worked for me (and no, my password is not Pa$$w0rd - that is an old joke and not a very good one).

Comment: The almost poetic irony... (Score 2) 332

by Creepy (#49460393) Attached to: California Looks To the Sea For a Drink of Water

Speaking of nuclear, Nixon actually killed off the Molten Salt Reactor Experiment and fired Oak Ridge Laboratory lead Alvin Weinberg because he was advocating ditching the liquid metal fast breeder reactor in favor of the much safer molten salt reactors. Nixon did this to promote building Light Water Reactors in California and protect jobs there rather than delaying them for a new technology to be developed. The ABSOLUTE KICKER is that Weinberg also wanted molten salt reactors because their high heat can be used for desalination (and their ability to scale to small sizes would make them ideal for developing countries that needed desalination as well as some electricity).

Comment: Re:I think we just need to get burned. (Score 2) 332

by Creepy (#49460299) Attached to: California Looks To the Sea For a Drink of Water

I can count Bush's environmental policies on two fingers - banning of incandescent light bulbs (which, honestly, was going to happen eventually) and banning CFC asthma inhalers to support the Montreal Treaty, even though those were one of the tiniest contributors to ozone depletion and seriously impacted asthmatics (for one, it was the only over the counter asthma remedy, for two, the replacement, HFA inhalers, were patented, prescription only, and were only tested on healthy adults in the FDA's "fast track" program, which is the same thing they do to test GMOs, and 3/4 of the manufacturers used an allergen, alcohol, as part of the propellant, so that went over poorly...).

If there's one president I wish had failed to get into office, it's Bush, though Obama has cut it close a few times (both of them have TERRIBLE financial policy, IMO - defund Obamacare? Only the assistance to the poor was unfunded - Bush's Medicare D wasn't funded AT ALL)...

Comment: Re:It's all about competition (Score 1) 208

by Creepy (#49394655) Attached to: Comcast Planning 2Gbps Service, Starting With Atlanta

I just bought a new laptop and the cheapest one that included 802.11ac was a $700 Dell - but that had absolutely shitty specs other than that (720p graphics, non-touch, a slow i5, Intel integrated 4000 graphics...). For $800 I got a much faster i7, nVidia 840 gpu (shitty, but better than Intel 4000 by far), and 1080p graphics in the same form factor, but only 802.11n wifi (which was in almost every other laptop I looked at as well). It is unfortunate, but 802.11ac is not widely adopted yet :(

Comment: Re:Browsers getting too complex (Score 1) 237

by Creepy (#49303203) Attached to: Every Browser Hacked At Pwn2own 2015, HP Pays Out $557,500 In Awards

Except vanilla html5/javascript won't let you touch the filesystem other than to load files (you can with extensions or using some other method like PHP). That makes it difficult to design an exploit as well as create a safety sandbox for the program itself. Flash is essentially an OS, so exploiting it makes exploiting the machine much easier. I've been hacked so many times with PHP vulnerabilities I've stopped using it and use my own coded CGI calls for file access.

Speaking of CGI, CGI's been around since 1993 and has pretty much all the vulnerabilities of whatever application it calls. I've used it for some strange stuff - kick of a csh, run a program that takes specifically (and well parsed) text as input and then elevate itself to root to load it as a crontab, run perl scripts, start a terminal on the web server as root when I didn't have root (exploited a root vulnerability and placed my little password protected file there, and then created a way to start it from my web browser - that eventually broke when my computer was refreshed and the hard coded DISPLAY was wrong), etc.

Comment: Re:My casualty list... (Score 1) 307

I have two Barracudas and neither shows any sign of failure. Neither are primary hard drives, though. They certainly outlived the 6-8 month life of my Death Star drives back in the day (before IBM sold its Desk Star unit to Hitatchi HGST - and the replacement from HGST have been rock solid - I have two that were replaced by HGST in 2003 that are still functional).

Comment: Re:ASUS GFX Card (Score 1) 307

Really? I've had lots of problems with ASUS hardware and they replaced or repaired all of it under warranty. My laptop with an nVidia 8800M (I think that was the model) died twice under warranty and once just out, all three times due to the graphics card (which notoriously had problems). I've also sent in one graphics card under warranty and it got fixed.

Hmm... my GPU count is bad - I forgot the two returns under warranty for that laptop. GPU was my winner anyway, but it just extended its lead over hard drives.

Sapphire, on the other hand... RMA'd the same brand new card three times and was returned the same card with the same exact problem (it worked until you tried to use graphics memory and then crashed within 2 minutes). I marked the card with a dot sticker on my second return because I guessed they were just sending me the same unmodified card back. The third time I sent them a CD with a demo program I wrote that would cause the crash. Same card minus the CD returned to me.

"But this one goes to eleven." -- Nigel Tufnel