Forgot your password?

Comment: Re:Why bother? (Score 1) 48

by Fnord666 (#48440243) Attached to: Another Hint For Kryptos

Come on, there's an arbitrary number of formulas that could be used to encode the next bit. If you look at a sequence 1 3 5 7 and ask what's the next number most people would answer 9. Then the answer is "11, because it's the odd numbers excluding squares like 3*3 = 9" and people would go "How the f*ck should I know that?" and there's no analytic function that says how "weird" your formula is. You're just making a guess of how long it'd take before someone tries a formula like this, it could be in five minutes or fifty years.

No, people would then ask "Why is 1 in the list then since 1*1 = 1?"

Comment: Re: This is news, how exactly? (Score 3, Insightful) 187

by Fnord666 (#48297521) Attached to: Denuvo DRM Challenges Game Crackers

i have an artificial ceiling on game prices. i am mentally unable to convince myself a game can be worth more than 9.99 no matter what. and even that is only for an AAA title or good flight simulator. fortunately, i've grown out of impatience long ago and don't mind buying the likes of Crysis 3 a year or 2 after release.

The other nice thing about this is that you can game on modest hardware rather than needing bleeding edge, expensive components in your rig.

Comment: Re:Typical short sighted viewpoint (Score 1) 594

by Fnord666 (#48294103) Attached to: Space Tourism Isn't Worth Dying For

Everything was, at some point in time, a novelty. That doesn't mean they are all equally useful. Even if some people took a plane to just go up and down, most people knew they could take a plane to take them from A to B quickly and efficiently. In contrast, the SS2 has been designed only to go from A to A with a short thrill ride in between.

Could SS2 be the predecessor though to a transport that goes from A to B in a short period of time where A and B are very far apart globally? Perhaps it could turn around and make the return trip the next day/week. Would there be value in a trip from Texas to Australia in under 4 hours?

Comment: Battery Manufacturers (Score 0) 613

by Fnord666 (#48290711) Attached to: Ask Slashdot: Where Do You Stand on Daylight Saving Time?
You do realize that Daylight Savings Time was created by battery manufacturers in a bid to sell more 9V batteries. They have used tried and true FUD tactics to scare the sheeple into replacing the batteries in their smoke detectors unnecessarily. It worked well too. Battery sales, specifically 9V batteries, increased 38.3% the year Daylight Savings Time was introduced.

Comment: Not for the user's benefit (Score 1) 631

by Fnord666 (#48254475) Attached to: Why CurrentC Will Beat Out Apple Pay
CurrentC is not for the user's benefit. It's for the merchant's benefit so that they can avoid the fees that MC/Visa charge them for handling the transaction. I don't see anything in this deal that benefits the consumer. For example, you will no longer have any charge back protection. If the item you purchased turns out to be a brick in a box you will be at the merchant's mercy to transfer the funds back into your account at some point. Meanwhile that money is just gone.

The user interaction in the transaction flow is also hideous.If you disagree, take a look at the example transaction flow that they display on their site.

Here's how it looks like it works:

  • Take out your phone,
  • Enter your phone's password
  • Launch the payment app
  • Enter the app's PIN
  • Take a picture of the QR code that the register displays
  • Hope you have cellular signal
  • Get a QR code back
  • Let the clerk scan the reply code
  • Put you phone away
  • Receive your merchandise

Compare that to NFC

  • Take out your phone,
  • Tap the NFC pad with your phone
  • Enter the app's PIN
  • Put you phone away
  • Receive your merchandise

I'm sorry but that dog won't hunt.

Comment: Re:Not a chance (Score 1) 631

by Fnord666 (#48254221) Attached to: Why CurrentC Will Beat Out Apple Pay

I don't want to give you nightmares, but it is horrifying how little security there is on ACH transactions. The whole system relies on the ability to undo transactions to discourage fraud. All anyone needs is the routing and account numbers that are helpfully printed on your checks.

I hate to break it to you, but your average individual cannot initiate an ACH transaction and transfer money out of your account.

Comment: Re:Still have to install (Score 1) 113

by Fnord666 (#48201809) Attached to: Delivering Malicious Android Apps Hidden In Image Files

Still, though, this vulnerability appears to be firmly in the area of social engineering because why would I want to download an encrypted image file that requires another separate, random app to decrypt and view it?

The payload is encrypted/embedded into an image that is an asset inside the application such as a splash screen or a logo. It appears innocuous until the application runs, extracts the embedded apk and executes it. Prior to that the malicious payload is not detected by application scanners that scan the carrier apk.

Comment: Re: Golden Hammer (Score 1) 195

by Fnord666 (#48180831) Attached to: JavaScript and the Netflix User Interface

1. Basically, all crypto that uses "magic constants" without a clear and complete spec of how they were reached is highly suspect. That includes most ECC crypto the NSA has done so far and is likely the reason the NSA and some vendors like RSA are pushing for the use of ECC crypto.

Very true in general. With elliptic curves, you need to use specific curves because randomly selected curves are easily compromised. Only curves with very specific properties are acceptable, but as you point out the NSA has not publicly enumerated those properties. The very same thing happened with the selection of the S boxes in DES, but in that case it turned out that the NSA recommendations did, in fact, harden the algorithm from attacks such as differential cryptanalysis, an analytical technique not publicly known a decade later. Unfortunately the recommended elliptic curves have turned out a bit differently so far and thst shift seems to echo the changing mindset of the NSA and/or the administration that it reports to.

If God had a beard, he'd be a UNIX programmer.