Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror

Comment: IoT Launchpad Security Project (Score 1) 131

by DamonHD (#49678077) Attached to: Beware the Ticking Internet of Things Security Time Bomb

Hi

We're working on a project (in public) to try to help secure out-of-the-box links from low-power cheap sensor nodes to the concentrator (or equivalent) in IoT networks.

Eg see:

http://www.earth.org.uk/note-o...
and
http://lists.opentrv.org.uk/pi...

to pick a couple of related items.

Anyone who'd like to help us get this right with solutions open source, please do contact us eg via @OpenTRV on Twitter or email.

Rgds

Damon

Comment: Re:NYT doesn't report news but does try to create (Score 1) 532

by DamonHD (#49636143) Attached to: The Medical Bill Mystery

My point is only that I would not be 'free' to take sensible entrepreneurial risks in the "land of the free" whereas I am under the NHS which is frequently derided from that side of the pond as some sort of socialist (itself a swear word) nightmare.

I'm railing against the "all government intervention" is bad school of thought/kneejerk. The NHS is not perfect by any means, but it happens to work much better and cheaper than the US model from where I'm standing.

LIFE IS NOT BINARY! (Not so catchy to chant in marches though. B^>)

Neither do I think that unending government intervention is a good thing. I am somewhat to the right of centre in UK politics (and just voted, tactically, an hour ago, in our general election).

Rgds

Damon

Comment: Re:NYT doesn't report news but does try to create (Score 1) 532

by DamonHD (#49631383) Attached to: The Medical Bill Mystery

There are various bands of dental treatment charges, but they are not uncapped so far as I know. Haven't needed that much fun.

Glasses, varies. My last eye test was completely free as I was referred by a doctor. I do pay for classes, but if you want to go economy it's pretty cheap and you can probably have glasses prescribed. I'm pretty much in the budget category even variofocals.

In neither case could I be bankrupted by unlimited uncontrolled charges.

Rgds

Damon

Comment: Re:NYT doesn't report news but does try to create (Score 1) 532

by DamonHD (#49629593) Attached to: The Medical Bill Mystery

Except, over here in downtrodden communist UK (keep an eye on tomorrow's election for us to become ultra-communist under a Tory/SNP/DUP alliance (joke)) guess how much of this rubbish I have to deal with?

1) An occasional fixed reasonable prescription charge, free for my kids.

2) Dentist fees, typically about £20/$30 each six month check-up, for a "scale and polish". Again, free for my kids.

Yeah, it's terrible over here.

As I have often pointed out, I would not be on my 3rd significant start-up if I'd been tried to my first random employer because of a health plan, given one or two exciting health blips over time.

Government is never ever good, ever. Unless it builds Interstates.

Rgds

Damon

Comment: Re:At the same time (Score 1) 323

GEM? Our bug-fix library on top of GEM was bigger than GEM itself.

Not saying that DOS/Windows was anything other than unnecessarily crap and buggy for a long time... (And it'll still take another decade for me to fully trust Microsoft to write 'reliable' rather than meretricious code...)

Rgds

Damon

Comment: Re:Some random CEO passed away? Oh noes! (Score 3) 176

Someone like many of us, and/or with a life many of us would aspire to, of an age similar to the likely median here (indeed I am a newly-minted 47-year old tech CEO, though not in his league nor in the Valley), white collar, dies suddenly.

It's shocking.

And though most deaths in the news can be dismissed as "would never happen to me because $HUGE_DIFFERENCE", this is less easy to dismiss, even if it turns out ultimately to be just bad luck.

Don't be so airily heartless: this is some genuine human interest for nerds, even if maybe no huge shakes in the big scheme of things.

Rgds

Damon

Comment: Re:I call bullshit on anything from Forbes (Score 1) 134

by DamonHD (#49534389) Attached to: New Javascript Attack Lets Websites Spy On the CPU's Cache

Look elsewhere in this story: I've posted a 2013 paper where using this type of attack it appears that very nearly 100% of your secret key bits can be recovered as you do a single encryption in another process.

Note: not just revealing that I did an encryption, but what the bits of the key were that did it.

*That* seems bad enough to need serious thought (or refutation) ASAP.

Rgds

Damon

Comment: Re:Not very useful. (Score 3, Informative) 134

by DamonHD (#49531359) Attached to: New Javascript Attack Lets Websites Spy On the CPU's Cache

Such as this?

https://eprint.iacr.org/2013/4...

"We demonstrate the efficacy of the FLUSH+RELOAD
attack by using it to extract the private encryption keys
from a victim program running GnuPG 1.4.13. We tested
the attack both between two unrelated processes in a sin-
gle operating system and between processes running in
separate virtual machines. On average, the attack is able
to recover 96.7% of the bits of the secret key by observ-
ing a single signature or decryption round"

Rgds

Damon

Computer Science is the only discipline in which we view adding a new wing to a building as being maintenance -- Jim Horning

Working...