Forgot your password?

Comment: Re:I don't care. (Score 1) 108

by DaphneDiane (#47861971) Attached to: Why Google Is Pushing For a Web Free of SHA-1

That's why I always use ROT-13 twice. It completely eliminates the risk of that form of decryption.

Because I had to worry about clients using XP SP2, I'm stuck using ROT-1. But I found that if I use it 26 times, it gives just as good protection and also avoids the inverse directional issues ROT-1 has with some implementations.

Comment: Future of C++ Standard Library (Score 3, Interesting) 427

by DaphneDiane (#47671471) Attached to: Interviews: Ask Bjarne Stroustrup About Programming and C++

One of the recent concerns raised with C++ compared to other popular languages is the breadth of the standard library. I know that the C++ standard committee was looking at adding a C++ transformed version of Cairo to the standard. And of course their is boost. What else do you see coming to address the perceived API shortcomings?


Murder Suspect Asked Siri Where To Hide a Dead Body 160 Screenshot-sm

Posted by samzenpus
from the worst-laid-plans dept.
An anonymous reader writes A Florida man currently on trial for murder reportedly attempted to use Siri to garner ideas about where to bury the body of his dead roommate. According to police allegations, a University of Florida student named Pedro Bravo murdered his roommate via strangulation in late September of 2012 over a dispute involving Bravo's ex- girlfriend. According to a detective working the case, Bravo subsequently fired up Siri on his iPhone and asked it "I need to hide my roommate."

Comment: Confused (Score 2) 44

While Apple discourages OpenSSL, it looks like there are using freeradius which does use OpenSSL instead of own open source Secure Transport library ( of goto fail fame ). However it seems like it is using version 0.9.8, i.e. heartbleed free.

$ otool -L radiusd | grep -e libssl -e libcrypto
/usr/lib/libssl.0.9.8.dylib (compatibility version 0.9.8, current version 47.0.0)
/usr/lib/libcrypto.0.9.8.dylib (compatibility version 0.9.8, current version 47.0.0)

Comment: Re:Backups (Score 1) 564

Data that is legally obligated to stay on one specific computer in one specific room and never leave; under penalty of legal action.

That level of insanity is why I am laughing. The bold parts specifically. When you allow people who have no clue how a system works to legislate how it works, you get this.

And sometimes they understand and it's intentionally awkward. For example if you want to prohibit certain types of research instead of just legislating directly against it and appearing anti-science, just add a whole bunch of red-tape and difficult requirements. Bonus points if they appear to have a pseudo-valid alternate purpose such as increasing data security. Consider how the restrictions on steam cell research were implemented.

Comment: Re: Cool but not finished yet (Score 1) 170

by DaphneDiane (#46999989) Attached to: WebKit Unifies JavaScript Compilation With LLVM Optimizer

While V8/Blink are currently faster it was Safari that started the the speed race. Yes chrome (v8) jumped way ahead, so its nice to see Safari catching back up.

As an aside while I understand part of the cause of the WebKit / blink split is Google not letting WebKit merge some of there features back into the main line leading to Apple redoing them for example WebKit 2; the split is a good thing as it leaves two strong teams both focused on improving and competing with each other vs the mono culture that WebKit was becoming.

+ - Google/Samsung changes to SD card behaviour in KitKat (4.4.2) breaks apps.->

Submitted by TeddyR
TeddyR (4176) writes "With the widespread release of Androif 4.4.2 (kitkat) to many Samsung devices worldwide and specifically now with the US rollout by major providers in the US it seems that Samsung has decided to implement Googles latest API regulations for SD Card storage. This breaks MANY third party applications since only the Google/System/OEM/Carrier signed apps can now write to the external SD Card thus making MANY paid applications useless.

Confirmed affected: TMobile and Sprint Samsung Note 3 and potentially the Galaxy S4 and upcoming Galaxy S5. This change affects ALL Samsung KitKat 4.4.2 devices, including the Note 2, S3 once KitKat is released to those devices.

Time to call your carrier and lodge a complaint to ask that they request that this "feature" be returned to the original behavior.


Link to Original Source

+ - Security Vulnerabilities Found in 90% of Top Mobile Banking Apps->

Submitted by concertina226
concertina226 (2447056) writes "Testing only iOS devices, Ariel Sanchez from IOActive found that 90% of the apps contain non-SSL links, which means that a hacker could potentially intercept the traffic and inject random JavaScript/HTML code in order to create a fake login phishing attempt.

For example, a user could be lured to a fake login page and told that their online banking password had "expired", and asked to re-enter their username and password in order to access their account. The hacker could then use those details to take control of the user's online banking account."

Link to Original Source

+ - CSIRO scientists 3D print dragon for Australian girl after letter goes viral->

Submitted by Anonymous Coward
An anonymous reader writes "A seven-year-old girl who wrote a letter to scientists asking if they could make her a dragon has got her wish after they created a special 3D printed one from titanium.

A letter written by Sophie from Queensland to Australia's Commonwealth Scientific and Industrial Research Organization (CSIRO) asking for a dragon, was posted on the scientists' website and went viral."

Link to Original Source

+ - LLVM and Clang 3.4 are out

Submitted by Anonymous Coward
An anonymous reader writes "With C++14 draft fully implemented in Clang and libc++. Read more in LLVM and Clang release notes."

Safari Stores Previous Browsing Session Data Unencrypted 135

Posted by Soulskill
from the security-through-obscurity dept.
msm1267 writes "Users of Apple's Safari browser are at risk for information loss because of a feature common to most browsers that restores previous sessions. The problem with Safari is that it stores session information including authentication credentials used in previous HTTPS sessions in a plaintext XML file called a Property list, or plist, file. The plist files, a researcher with Kaspersky Lab's Global Research and Analysis Team said, are stored in a hidden folder, but hiding them in plain sight isn't much of a hurdle for a determined attacker. 'The complete authorized session on the site is saved in the plist file in full view despite the use of https,' said researcher Vyacheslav Zakorzhevsky on the Securelist blog. 'The file itself is located in a hidden folder, but is available for anyone to read.'"

Never say you know a man until you have divided an inheritance with him.