Please create an account to participate in the Slashdot moderation system


Forgot your password?

Comment Re:Open-source tool to read Chip and Pin cards (Score 1) 317

I'm not entirely sure on how the chip works, but I imagine the chip contains a keypair for the customer and a certificate for the bank. The customer's key is protected with a password (AKA the pin) and used to encrypt messages to the bank. The customer's certificate is used to sign the messages. The bank's certificate is used to establish a secure channel between chip and bank. Am I anywhere close to reality?

Comment Re:Getting rid of cookies is okay (Score -1) 499

Speak for your self.

I like free websites. Websites like slashdot. If the ads on slashdot would lose effectiveness because advertisers can't target any more, slashdot will lose revenue. So maybe then they'll try to find an alternative revenue stream. Advertorials. Paywalls. Whatever.

It costs real money to operate a serious website. If you make advertisements ineffective by rejecting third party cookies, then the website owner will try to find another revenue stream. Maybe sell all account data to the highest bidder?

Believe me. Ads are annoying, but the alternatives are evil.

Comment Re:still debian. (Score 2) 627

Erhm. Package management in Debian is far from superior. You're confusing good packages (which Debian has) with good package management (which apt isn't). Nowadays the yum and zypper package managers are *far* superior to anything debian has to offer. Arguably, if Debian switched to either of them, Debian would become a better distribution.

Comment Re:A Green Light to all Hackers (Score 2, Informative) 114

No, this is completely normal. For example, governments have a monopoly on violence (see wikipedia). Citizens don't have the freedom to shoot each other, for example. A police officer does have the right to shoot under certain circumstances.

This isn't something from the past few years. Governments have reserved certain rights to itself for many centuries, in order to maintain civil order and sovereignty.

So, it's also completely normal that the government reserves the right to hack into computers under certain circumstances. For example, permission from a judge is needed. You can compare this to a search warrent for a private home, also the exclusive right for the government.

Comment Re:why is this release announcement buried? (Score 1) 124

Facebook, Microsoft, Amazon, Apple and Oracle all have a whole lot more users than NetBSD. To most people, NetBSD brings absolutely nothing that Linux doesn't bring. NetBSD may run in some routers, but Linux probably runs in a *lot* more routers. Even FreeBSD may run in more routers than NetBSD (JunOS is FreeBSD based..).

So, to most of us, NetBSD is "meh, don't care". Sorry.

Comment Apple (Score 1) 460

Apple is heading fast into the direction Microsoft went in the nineties. Even today news came out that Apple spends more on patents than on R&D. Now my question: what are your feelings towards Linux developers and users buying Apple hardware in order to run Linux on it? Do you feel they are in a way approving the way Apple operates nowadays?

Comment Re:Linkgin'2WP = infringement (Score 2) 203

No it isn't. Wikipedia was known by the general public before you linked them from your comment. Furthermore, the content on wikipedia isn't infringing.

I've got copies of music available on my private server at home. That server can be reached from the internet. If you'd somehow found out the url of the copied songs, then you'd be publishing (i.e. making them known to the general public) them, which would be infringing. And my personal copies are legal since I'm allowed to make a private copy of music I own.

Comment Re:Security by obcurity? (Score 4, Interesting) 203

Copyright law protects Security By Obscurity. So the judge was correct in this case.

In order in infringe on copyright law, you'll have to make a copied work public. So, as long as you don't publish a copied work (i.e. keeping it obscure), it's not an infringement. This, for instance, allows you to make a private copy of a copyrighted work without infringing on copyright law.

In this case, a private copy was made. Nobody knew where to find the copy, except for the person who placed the copy online. So, while the copy was on the internet, it wasn't public. Geenstijl made the copy public by making the URL known to the general public. Therefore Geenstijl infringed on dutch copyright law.

Comment Re:Seasons are tied to the equinoxes and solstices (Score 1) 454

Most of modern science started in western europe. Weather in western europe is dependent mostly on the temperature of the atlantic ocean. At the summer solstice, warmup of the ocean is at its quickest, but the temperature is still rising. It will continue to rise up until august or so. Therefore august is the hottest month in western europe and therefore seasons are defined as they are.

Somehow those late medieval scientists didn't care much about other regions of the world. Sue them.

Comment Re:So they don't know... (Score 1) 177

Any competent CA uses an HSM. I can even imagine using an HSM is a requirement for inclusion into the default CA bundle in webbrowsers.

An HSM is a Hardware Signing Module. It's a piece of hardware (supported by OpenSSL, by the way) which holds the secret keys. Secret keys cannot possibly be copied out of the HSM, except for backup purposes. But the backups are encrypted within the HSM itself, so the backed up keys can't be used for signing.

Diginotar, as most CA's I know of, uses multiple secret keys. One key is used for automated signing, typically used with Domain Validated certificates (blue address bar in your browser). For this key, a passphrase is kept somewhere available for the automated process, which of course is unsafe. Another key is used for higher security certificates. This is why not all certificates issued by diginotar are untrusted now. The certificates used by the Dutch governement for example, are signed with another key than the compromised key used for *

So, nobody got hold of the private key -- it's safely in the HSM. Not all of Diginotar is untrusted, just the key used for signing * Removing Diginotar entirely from browsers is a bit of an overreaction. It also causes distrust of certificates not signed by the key used for * This includes the central Dutch identity service, DigiD. DigiD is used for authenticated the inhabitants of the Netherlands to websites operated by the governement, so removing the entirety of Diginotar from browsers has a very large and unintended side effect.

Comment I disagree (Score 1) 173

At some point, connection quality on IPv4 will be worse than connection quality on IPv6 for a significant amount of people. Their CGNAT may be overloaded. They may run applications which don't work correctly behind CGNAT.

When this point is reached, dual stacked hosting will be an advantage over IPv4-only hosting. Search engines may start to weigh in IPv6-reachablilty of sites. When this happens, you'll want to be with a hoster which supports IPv6 already.

My computer can beat up your computer. - Karl Lehenbauer