Follow Slashdot stories on Twitter


Forgot your password?

First Successful Collision Attack On the SHA-1 Hashing Algorithm ( 41

Artem Tashkinov writes: Researchers from Dutch and Singapore universities have successfully carried out an initial attack on the SHA-1 hashing algorithm by finding a collision at the SHA1 compression function. They describe their work in the paper "Freestart collision for full SHA-1". The work paves the way for full SHA-1 collision attacks, and the researchers estimate that such attacks will become reality at the end of 2015. They also created a dedicated web site humorously called The SHAppening.

Perhaps the call to deprecate the SHA-1 standard in 2017 in major web browsers seems belated and this event has to be accelerated.


SIgn Of the Times: Calif. Privacy Protections Signed Into Law 40

The EFF reports a spot of bright news from California: Governor Jerry Brown today signed into law the California Electronic Communications Privacy Act. CalECPA, says the organization, "protects Californians by requiring a warrant for digital records, including emails and texts, as well as a user's geographical location. These protections apply not only to your devices, but to online services that store your data. Only two other states have so far offered these protections: Maine and Utah." The ACLU provides a fact sheet (PDF) about what the bill entails, which says: SB 178 will ensure that, in most cases, the police must obtain a warrant from a judge before accessing a person's private information, including data from personal electronic devices, email, digital documents, text messages, and location information. The bill also includes thoughtful exceptions to ensure that law enforcement can continue to effectively and efficiently protect public safety in emergency situations. Notice and enforcement provisions in the bill provide proper transparency and judicial oversight to ensure that the law is followed.

Comment Or from Apple's perspective, mission accomplished (Score 1) 137

Apple gave fair warning to vendors that they wanted sandboxed applications to be the standard for the platform. Sandboxed applications do not run out of system directories, they are basically "jailed" in their own sandboxes. Microsoft, like most software vendors, ignored Apple. So now the vendors are reaping the rewards of what they sowed.

The bigger problem with El Capitan lies with virtualization and VPN software. These need to make changes to the system routing and interface tables to properly route packets between virtual machines and the Internet, or between the local host and the other end of a VPN tunnel. El Capitan breaks our VPN at work and I have advised our employees to not upgrade to El Capitan due to this fact until Apple and VPN vendors come up with a solution to this problem. I certainly am not going to advise employees on how to disable Apple's security system (SIP), that would be lunacy on my part akin to telling employees how to disable virus protection on their Windows laptops given the increasing threat level for Macs recently.

In the end, we need more secure systems, and Apple is providing one. The fact that it breaks existing applications and inconveniences users is unsurprising. It would have been surprising if that *hadn't* happened -- which is one reason why consumer operating systems are so insecure (because making them secure breaks so much stuff).

Comment Re:you could choke a horse with these SAVINGS! (Score 3, Interesting) 117

My favourite is a somewhat optimistic one that appears on my iPad when it looks at I always read in landscap - what happens is the site appears for a second or so, then an enormous black square appears blotting out all the content and the text "Please rotate your device" inside it. No I am not going to rotate my device purely in order to see some advert that;s meant to be inside this giant black square that I don't want to see in the first place. I've had that happen quite a lot on the site, and I've still got no idea what's meant to appear because I just close the site when it happens. Meh.

Comment Source control? (Score 4, Insightful) 88

What bothers me most about things like this is trying to relate it back to what is supposed to have changed in the latest versions. I can't think of anything in iOS 9 that should have touched code like this, which makes me wonder about the state of source control.

Happy to be wrong, but Apple have had a few regression-type bugs before which again make me think their branching/merging strategies may not quite be up to snuff. Would like to be wrong though - anyone know of a changed area in iOS 9 that would have necessitated playing with something like this?

Comment Re:Ben Franklin (Score 1) 1291

So first up - I am not saying he must be wrong about this but equally it follows that it is not necessarily true that he must be right. For my own position - yes, I am indeed asserting he was wrong. The spiel about increasing poverty through provision of public services is standard rhetoric recognisable through into the Victorian era, and to some extent today, and is simply not born out by the experience of post-war Britain when public services really started to appear on a large scale.

The experience of nations with state welfare systems is usually a good-with-problems style affair. I live in the UK and for example whilst I recognise the NHS has problems (it can be inefficient) I also recognise the huge benefits (I am alive, when in a purely paid-for system I would have been dead from polio aged 10 months).

Basic income I'm not really arguing about - I simply don't know enough about the evidence. But provision of public services as being a bad thing...yes, I am stating he was wrong.

Comment Re:Lots of details in that article (Score 1) 213

I'm equally interested - there's room in the market for more than one kind of car.

I currently have a Boxster (987.2), and previously a 911 (996, was twenty years old when I had it and then the engine blew up as early 996's are wont to do...). I've looked at the Tesla and would really like it, but the handling of the Boxster is something I'd miss and there's no convertible either.

That doesn't make the Tesla bad of course, it just makes a different segment. So I'm equally interested in the new Porsche designs and the new Tesla ones - different cars for different purposes.

Comment No more iTuines server (Score 3, Interesting) 89

This is excellent news for me. I have a Synology and a 10.6.8-based original Intel Mac Mini that just acts as an iTunes and Crashplan server. All my films converted from DVD/blu-ray are stored on the Synology, but I need iTunes running to be able to access it on the Apple TV. With this I should be able to use Plex on the Synology and remove the need for iTunes. Crashplan can also be made to run on a Synology, so I can completely eliminate the need for that Mac Mini.

With a few more apps, like Amazon Instant and BBC iPlayer, this thing could then completely cover what I do. One caveat - just please, please, please give me paid app options and not freebies with adverts in the UI.

You have mail.