Forgot your password?

Comment: Re:Politics (Score 2) 383

As soon as any government appoints a Czar, you know that they know bad things are going to happen.

* The person has little actual power
* They are allocated minimal resources
* Decisions come from the people above
* Blame falls upon the Czar's shoulders
* Appointing a Czar makes it look like you're doing something, even though you don't actually have to know what you're doing
* Almost inevitably the Czar resigns or is fired later for being ineffective - because they were never actually there to do anything or even empowered to do anything

When you see a Czar being appointed you should immediately think, "they know the outcome here has a high probability of being very damaging politically, likely because they either don't have the answers and they know it, or the answers they have point to a very unpopular outcome".

That's not being cynical, it's just reality.

Comment: Re:Where is the NFC 2-factor? (Score 1) 119

by DigitAl56K (#48200147) Attached to: Google Adds USB Security Keys To 2-Factor Authentication Options

Can you elaborate on what the problems are? You described having a PC in each room... so I don't see what's difficult about uninviting one and inviting another when moving.

Sure. Imagine it's a recurring meeting that someone else owns, or a short-term meeting where you're not the owner and the owner is late or doesn't have their laptop with them, etc. How are you going to change the invitation list? You can't, and neither can anyone else on remote teams, so you're screwed until someone goes and creates a new meeting and re-invites everyone, then hope the Chromebox picks that up fast enough, or at all, because technically the meeting has already started. Oh, and then also hope that nobody else has already booked the room you want to use, but simply hasn't showed up.

These are just some of the real problems I've found.

Comment: Re:Politics (Score 2) 383

If having a Czar will concentrate more power in their hands then a Czar is what they'll create.

Czar's are usually there to be completely ineffective and take the fall when side A politically leverages hindsight and/or the situation that they themselves have helped create against side B.

Don't be a Czar, it won't end well for you.

Comment: Re:Where is the NFC 2-factor? (Score 1) 119

by DigitAl56K (#48198245) Attached to: Google Adds USB Security Keys To 2-Factor Authentication Options

The proper solution for that problem is for the conference room PC to have its own account, which is invited to the hangout, rather than logging in with some individual's account. From a security perspective, having a device that lots of people log into is a bad idea; it's an ideal target for compromise, regardless of whether or not you use 2FA.

I'm aware of "the proper solution" from an administrative perspective, and maybe what you suggest does work at Google. However, there is a vast difference between a company the size of Google and, say, a startup where people just "take" rooms as needed, or you have to find a free room for something at short notice, and moving the conference from one room to another in a hurry becomes a pain. As I say, I've "experienced" the Chromebox for Meetings in the startup setting, and I'm sure it would be great _if_ you're a larger company, but it was "unpleasant" shall we say for me - in fact, you could tell it was not designed to handle exceptions very easily.

Google should recognize that there are many smaller companies than large ones and provide a convenient solution.

Comment: Re:Where is the NFC 2-factor? (Score 2) 119

by DigitAl56K (#48197255) Attached to: Google Adds USB Security Keys To 2-Factor Authentication Options

I don't see how fumbling around with USB sticks is much better.

I use a YubKey NEO-n. It's a tiny device, only extends from the USB port by a millimeter or so... just enough that you can touch it to activate it. I just leave it plugged into my laptop all the time, so there's no "fumbling with USB sticks", I just run my finger along the side of the laptop until it hits the key. It's extremely convenient.

That's okay for you on your laptop. When you go to a conference room with a e.g. a PC set up for conference calls, and someone needs to log in to pull up the hangout, it's a different story (don't even get me started on Chromebox for Meetings...).

Here, having a little dongle sitting in the middle of the desk connected to the main system via USB would provide an easy option to provide at least the 2nd factor auth, without anyone typing in codes or plugging in additional devices. Lots of people walk into a conference room with their phone in hand as it is.

Comment: Where is the NFC 2-factor? (Score 4, Interesting) 119

by DigitAl56K (#48196803) Attached to: Google Adds USB Security Keys To 2-Factor Authentication Options

Let me know when they start selling cheap NFC dongles so we can just tap our phone on them to login. I'm sure our company would buy a bunch. 2-factor makes logging in to conference systems a pain in the ass - everyone is always looking to the guy who doesn't use 2-factor to login already. I don't see how fumbling around with USB sticks is much better.

Comment: Protection against ARP poisoning (Score 1) 429

by DigitAl56K (#48112297) Attached to: BitHammer, the BitTorrent Banhammer

It would be nice if router logs showed suspicious ARP packets and/or declined to forward them except for specially privileged connections (e.g. via a flag in the access list). The router knows the addresses of users connected over WiFi, and it's extremely unlikely those WiFi users will be routes for other devices. This seems like a good measure in general to make MITM harder.

Comment: Put cryptography everywhere (Score 5, Insightful) 191

by DigitAl56K (#48087179) Attached to: DoJ: Law Enforcement Can Impersonate People On Facebook

Stuff like this is exactly why strong cryptographic solutions should be woven into the fabric of the internet ASAP (e.g. content signing in this case). Agencies globally have become extremely abusive - spying, manipulating, defrauding,denying - and work against the basic infrastructure elements that would prevent this at every turn. They really bring it on themselves with crap like this.

Comment: He's right! (Score 3, Insightful) 575

by DigitAl56K (#48040629) Attached to: Obama Administration Argues For Backdoors In Personal Electronics

“It is fully possible to permit law enforcement to do its job while still adequately protecting personal privacy,”

Maybe it is, when law enforcement isn't brazenly violating every single principle of personal privacy for all persons without redress. You got us here, Bush and Obama administrations. You. Not us. You.

Comment: Reports are often better than dashboards (Score 3, Informative) 179

by DigitAl56K (#47995161) Attached to: Ask Slashdot: Is Reporting Still Relevant?

I'm in no way a dashboard hater, but reports are great because:
* I can see them everywhere I can access my email. This is not always the case when a dashboard runs off an internal server.
* Getting an email in the morning is a reminder to check the data. If I have to remember to go to a dashboard I'll forget if I'm busy and could miss something important.
* Reports in my email are easily searchable without fiddling with date ranges in a console - assuming adequate history even exists since the latest time someone thought it would be a great idea to rebuild the dashboard.

Dashboards are great for sharing a realtime view but they aren't a replacement for reports. If you think they are, you probably seriously misunderstand your users.

Comment: Re:the technology is amazing (Score 1) 134

by DigitAl56K (#47994499) Attached to: Euclideon Teases Photorealistic Voxel-Based Game Engine

It's more complicated than that.

Polygon-based engines support (and modern games heavily depend upon) things like:
* Dynamic lightling and shadows
* Deformable environments
* Transparency
* Reflections
* Fast collision detection
* AI route planning

Now go back and look at that demo video and tell us where you see those things.

Also, polygon based engines are still pretty efficient because of:
* Texture re-use
* Bump mapping to improve realism
* Shaders to implement things like motion blur, ambient lighting, etc.
* LOD maps
* Spatial partitioning

Laser mapping is cool because it snapshots a static environment at a moment in time. It would take a lot of effort to produce a polygon model ground-up with the characteristics you'd want for high performance in a modern game. But there appear to be numerous benefits over what has been demonstrated here so far. Perhaps a better approach (for games, at least) would be to work on a project that helps generate or enhance a polygon-based model from the mapping.

Comment: Where's the interactivity? (Score 1) 134

by DigitAl56K (#47994223) Attached to: Euclideon Teases Photorealistic Voxel-Based Game Engine

I've seen demos of what I believe to be this technology before, but what it seems to lack is any kind of interactivity with the environment/objects in the environment. From what I can tell in this latest video they've added an FPS handgun overlay and some poorly animated ferns.

The point is: Cool, you can render a nice point cloud. Can you actually do interesting things with it / what we want in most games or virtual environments, or can you simply render a nice point cloud?

Comment: Encryption is the least of that problem! (Score 2) 126

by DigitAl56K (#47941287) Attached to: Next Android To Enable Local Encryption By Default Too, Says Google

The only way to back up and restore is by uploading your data to Google's cloud servers, where your data is much more likely to be purloined than if you had just left your device unencrypted in the first place.

As an Android fan, let me just say that these problems do not just stop with encryption. Unless you root your phone, you can't back it up properly because Google doesn't let you have access to your own files on your own f'ing device. Apparently nobody sees a problem in the fact that users are forced to make the decisions to either run stock or be able to access all their files. I'm sure it's to reduce piracy or something, but it's a nightmare. Unless your apps keep their data in an accessible folder or you let them keep all your settings in the cloud (if they even support that), just upgrading your handset to this years Nexus is going to mean data loss.

I get that it makes the security stronger, but Android badly needs some kind of super-user mode that makes the entire filesystem accessible to selected apps.

Comment: Doesn't matter how the government gets the data (Score 1) 199

by DigitAl56K (#47819583) Attached to: First US Appeals Court Hears Arguments To Shut Down NSA Database

Abridged version:

The right of the people to be secure [...] against unreasonable searches [...] shall not be violated [...] but upon probable cause

Regardless of how the government acquires the information, is the government performing unreasonable searches against the people? One might argue that inspecting every persons communications is both and reasonable and cannot possibly qualify for probable cause.

To err is human -- to blame it on a computer is even more so.