Forgot your password?
typodupeerror

Comment: Transitional packages (Score 1) 103

by tepples (#48228743) Attached to: OwnCloud Dev Requests Removal From Ubuntu Repos Over Security Holes

No, because renaming it has the same effects on existing systems. The installed package "ownCloud" is no longer there (by that name) so future usage of apt-get can still break.

Of course it can. The repository maintainer can introduce a new package pwnCloud and turn ownCloud into a metapackage that requires pwnCloud. This "transitional package" pattern happens often in Ubuntu updates.

Comment: Ads would be mixed content (Score 3, Insightful) 174

by tepples (#48228709) Attached to: Verizon Injects Unique IDs Into HTTP Traffic
For all users other than subscribers and karma-capped users who have checked "Disable Advertising", Slashdot is funded by advertisements. Using an HTTP ad network from an HTTPS site would be blocked as mixed content, and HTTPS support among ad networks is very new. AdSense, for example, didn't support HTTPS until September of last year.

Comment: Re:Is there a way to prevent this? (Score 1) 174

by tepples (#48228665) Attached to: Verizon Injects Unique IDs Into HTTP Traffic

Still, there is an option to sign up for just the phone plans without wireless data

Are you sure Verizon will even activate voice-only service on a smartphone? AT&T sure won't.

and use wired or satellite ISPs for internet access.

And if the DSL ILEC for your area is also Verizon, too bad.

Comment: Time and money to move to change ISPs (Score 1) 174

by tepples (#48228655) Attached to: Verizon Injects Unique IDs Into HTTP Traffic
In order to stop being a Verizon customer, someone who requires home or mobile Internet access for his way of life might have to move his family away from territory serviced by Verizon, either as the DSL ILEC or as the only wireless carrier with acceptable coverage. Consensus in comments to previous Slashdot articles is that almost nobody is willing to spend the time and money to move just to change ISPs.

Comment: Re: Paper statement surcharge (Score 1) 194

by tepples (#48228491) Attached to: Passwords: Too Much and Not Enough
Because of the low adoption of S/MIME and OpenPGP, I've seen banks send not a copy of the statement but instead a notice that a new statement can be viewed by logging in to the bank's HTTPS site. Besides, without Internet banking, how do you discover unauthorized withdrawals from your checking account before your statement, and how do you send money to individuals?

Comment: Re:I don't understand (Score 1) 79

by smitty_one_each (#48228355) Attached to: It's Official: Joe Biden's Son is a GOP Candidate

However, not everybody needs to be whipped by your angry,vengeful god to be forced to do "good".

How can dirt do "good"? And how can you show that my motivations are not a positive desire to be something more than evil? Here's the point: you need first to pray for the understanding of God.

So, I will consider your need for a crutch (group hug) as a disability, with plates for the car and everything, so you can park where you want.

Only to the extent that the sun is a crutch for the vine. Yours is a flawed statement from a flawed understanding.

Comment: Re:I don't understand (Score 1) 79

by smitty_one_each (#48227559) Attached to: It's Official: Joe Biden's Son is a GOP Candidate
I understand myself to be a craven, sinful, carnally-minded piece of wickedness fit for Hell, in the eyes the father. Like everyone else.
Such good as can be found in me is due to the Holy Spirit, by way of Christ. So, can you be more specific about "moral blindness", and how you even arrive at "moral" from your purely materialistic vantage?

Comment: Key stretching with PBKDF2 (Score 1) 194

by tepples (#48227131) Attached to: Passwords: Too Much and Not Enough

a CPU that can manage a trillion hashes per second (easy)

A trillion (10^12) hashes per second can still check only 100 million (10^8) passwords per second if checking each requires 5000 rounds of PBKDF2. In the common PBKDF2 built on HMAC, each round is two hashes, making a 5000-round PBKDF2 take 10,000 (10^4) hashes.

Comment: The cost of great security is severe inconvenience (Score 1) 194

by tepples (#48227071) Attached to: Passwords: Too Much and Not Enough

There are infinite varieties of ways to inject a delay between login attempts, or lock out the console/IP entirely, after N failed attempts. N should be on the order of 10

At which point you may be on the wrong side of the tradeoff between security and convenience. If you have 100 subscribers behind a proxy with a single public IPv4 address, and ten of them forget one password, good luck fielding customer support calls for all of them.

Comment: Re:Computers: They can respond fast -and- slow (Score 1) 194

by tepples (#48227023) Attached to: Passwords: Too Much and Not Enough

Things like Facebook Connect, OpenID Connect and Mozilla Persona (BrowserID) are better than passwords [and] easy on the user when implemented right

The problem comes when well-known sites don't implement it right, such as by implementing only Facebook Connect and nothing else. The Huffington Post, for example, requires each commenter to have a valid subscription to mobile phone service and give a globally unique number capable of receiving SMS to Facebook.

"It is easier to fight for principles than to live up to them." -- Alfred Adler

Working...