Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?
For the out-of-band Slashdot experience (mostly headlines), follow us on Twitter, or Facebook. ×

Comment: Re:if that's true, (Score 1) 476 476

You've missed. It's not about the technical definition. The "key" is the passphrase. The passphrase is pre-shared. The shared secret is the key, and that is the passphrase.

The crypto key is what you are describing, not the pre-shared key the user uses.

The failure to communicate isn't our misunderstanding of the technological terminology, but your inability to put the technical terminology aside and listen to others.

Comment: Re:if that's true, (Score 1) 476 476

MAC address filtering isn't very secure, but it's better than nothing. It's like the door chain. They are easily cut, can be kicked open easily, and don't really improve security, but it makes you feel better. Aside from brute force, the glaring hole is that someone can snoop your network and see all the valid MACs on it, even if encrypted. Then, when any of those devices are gone (like your cell phone on WiFi in range), clone the MAC of the missing device, and you are 100% in, if MAC filtering is your only authentication. At best, it will deter a casual snooper, but will only add a tiny delay to a targeted attack.

Comment: Re:if that's true, (Score 1) 476 476

PSK is Pre-Shared Key. The "key" in that is the passphrase. You pre-share it by putting it in both devices before you try to pair them. The PSK isn't the session key. As you say, that's generated for the session.

And nobody was talking about what is "transmitted" so unclear what that has to do with whether the PSK you enter on the "passphrase" space on the router is a [PS]Key, or a passphrase. It's both. The terms are used interchangeably for that setting. And yes, that's confusing as "key" is used elsewhere for a different purpose. But that doesn't make your car-key not a key because it doesn't look like your house key.

Comment: Re:Taxes (Score 1) 182 182

My point was that so many people were getting hung up on "use taxes are silly" without even realize they were talking about use taxes. The tax should be valid, it's valid everywhere. It should be ignored. I was born and raised in a state with use taxes. I didn't learn what a use tax was until after I had left. Neither I, nor my parents, ever paid a use tax, despite having owed one, many times.

Chicago's move is rational. It placed a use tax on entertainment, then argued that streaming entertainment is entertainment, not a "purchase" (which would fall under a different use tax). They are 100% correct, and the move is 100% legal and consistent with existing law and rulings. It's just that Use Taxes in general are silly and ignored. They only work when the state claims a nexus and converts it to a sales tax.

Comment: Re:Passwords (Score 1) 241 241

Nothing can EVER be repeated

I'm not 100% sure what you mean by this. But if you mean that you cannot use a password that you've used in the past then I have a problem with this... having something jump out and say "you can't reuse this password" actually gives something away: that you've used the password! Maybe you've also used that password on other sites so by saying "you've used this, you can't use it again" is actually, imo, bad for security.

If you mean that you cannot use a character in the password that you've already used then this is also bad for security... it allows an attacker to know that characters cannot be repeated and this, therefore, weakens randomness.

Many people are unenthusiastic about their work.