Please create an account to participate in the Slashdot moderation system


Forgot your password?

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).


Comment: Re:FDE on Android doesn't work as of yet (Score 1) 110

by Gaygirlie (#49170495) Attached to: Google Backs Off Default Encryption on New Android Lollilop Devices

I get your point, but I disagree on the part where you write that background operations need the disk or else they can't possibly work at all. Current smartphones are not designed to work without accessing the disk, that's true, but in theory 1GB of RAM is plenty for processes like polling a chat server or SMS to run entirely in it.

Yes, but if the phone was to lose power, like e.g. run out of battery or crash you'd lose all the data in RAM. From a general usability-standpoint losing any data that does only reside on your phone is unacceptable, most people would definitely throw a major fit about it even if it only ever actually harmed very few individuals. What if that SMS-message you just got, for example, was something important, but it got lost in bit-space? Well, you wouldn't know until it's too late!

As for keeping things in RAM: Android isn't known for being small and efficient, not even Lollipop. There are plenty of RAM-hungry background-tasks running and things like e.g. Facebook and such that are notoriously bad. Then some phones even offer things like spoken keyword-recognition that would require keeping a whole effing lot of stuff at all times in RAM just to work. I doubt 1GB RAM would be even nearly enough on most people's phones, though 2GB or more would of course help. You'd still have the issue I mentioned above, though.

Comment: Re:Required HW (Score 1) 110

by Gaygirlie (#49170339) Attached to: Google Backs Off Default Encryption on New Android Lollilop Devices

As I said in the earlier comments, ARMv8 does support AES-encryption/-decryption in hardware. Most phones out there at the moment are not ARMv8, though, so they still have to resort to software-encryption/-decryption and that is the reason why Google backed off with the requirement of defaulting to encrypting devices. Up-and-coming higher-end phones are starting to ship with ARMv8 SoCs so they can perfectly feasibly enable full-disk encryption (FDE), but low-to-mid-end devices will most likely take several years before they have H/W-accelerated AES-encryption/-decryption.

Comment: Re:FDE on Android doesn't work as of yet (Score 3, Informative) 110

by Gaygirlie (#49170261) Attached to: Google Backs Off Default Encryption on New Android Lollilop Devices

So the protection is only effective if someone steals my phone while it's turned off, which is, like, 0.1% of the time?

Yes, that's exactly what it was designed for. If the system required you to enter the FDE-password whenever you open up the screen then how would background-processes, like e.g. SMS-receiving, chat and such stuff work? They'd only be able to access the disk when you have the display open and that'd obviously make the whole thing unuseable as a smartphone in the first place. No full-disk encryption scheme has been designed to withstand attacks originating from an already-running system since you need to keep the key in memory to do anything with the disk in the first place!

Comment: Re:FDE on Android doesn't work as of yet (Score 5, Informative) 110

by Gaygirlie (#49170179) Attached to: Google Backs Off Default Encryption on New Android Lollilop Devices

Or at the very least it would need to come with a significant enough processor jump that no one notices the drop in responsiveness from any earlier device.

Depends on whether the SoC can do AES-encryption/-decryption in hardware or not. Your Nexus 5 does it in software, ARMv8 (ARM64) includes optional support for H/W-accelerated AES. It's unlikely that low-to-mid-end phones will be sporting ARMv8 SoCs anytime soon, but it'll happen eventually, and higher-end phones are already starting to move to it.

Comment: Re:FDE on Android doesn't work as of yet (Score 1) 110

by Gaygirlie (#49170145) Attached to: Google Backs Off Default Encryption on New Android Lollilop Devices

The issue with FDE in Android has for long been the lack of combining strong passwords with a pattern lock or pin lock for unlocking the screen. In other words, your encryption key is only as strong as the pin code or password you are willing to put in every time you open your screen lock.

No, it doesn't. At least in Lollipop FDE-password is separate and you enter it at boot.

Comment: Re: About right (Score 4, Informative) 241

by Gaygirlie (#49110089) Attached to: In Florida, Secrecy Around Stingray Leads To Plea Bargain For a Robber

There really has to be some sanity here: the weapon must be able to cause grievous bodily harm in order to justify heavy sentences. A BB gun doesn't qualify

Boy, 10, dies after his brother accidentally shoots him in the head with a BB gun at close range:
BB gun accident takes life of a 20-year old boy:

You can surely find a lot more googling a little. I also recommend taking a look at Google image-search. The thing is, if you shoot someone in the head with a BB-gun there actually is quite a risk of bodily harm (torn eyes etc.) and loss of life. They're unlikely to kill you if you fire them somewhere other than the head, but they certainly are dangerous items and they can still cause damage to internal organs, depending where the shot lands and its angle. I have a BB-gun that's capable of easily piercing an aluminum can and I certainly wouldn't want to be on the wrong end of the barrel.

Comment: Re:The best bug is the one not written (Score 3, Insightful) 95

by Gaygirlie (#49100813) Attached to: Linux Foundation: Bugs Can Be Made Shallow With Proper Funding

Software can't be made secure afterwards, it must be the the primary goal.

That's bullshit. Software can definitely be made secure afterwards even if it wasn't that to begin with, there is no other obstacle to that than manpower and time. Also, security being a primary goal does not guarantee that there won't be bugs, so again, that makes that saying utterly ignorant. Bugs, by very definition, are accidental issues, not designed-in features, and no amount of "primary goals" will guarantee that mistakes and accidents won't happen.

Comment: "risks serious damage to the system" (Score 3, Insightful) 138

by Gaygirlie (#49065241) Attached to: NVidia Puts the Kibosh On Overclocking of GTX 900M Series

If the user overclocks their GPU and it ends up overheating and breaking down isn't the responsibility for that on the user's shoulders? Why does NVidia care so much? Does the law somewhere state that NVidia is still responsible for the damages since their drivers have such an option or what is missing from this story? If some law somewhere did state that then I could totally understand NVidia's stance, but at the same time it would make me wonder why it doesn't apply to desktops, then.

Comment: Re:Frame-interpolation. (Score 1) 121

by Gaygirlie (#49027697) Attached to: VLC Acquiring Lots of New Features

You'll need a quite beefy computer for SVP and you need to have the SVP Manager running whenever you want to see videos in 60 fps, the website or the installer doesn't make it clear enough IMHO, so I thought to mention. The included MPC-HC works great for watching stuff and I can bet you'll see the difference, but oddly enough the installer doesn't create a shortcut for MPC-HC, you need to find it in the installation folder and create a shortcut for it manually. I hope this gets you going and hooked to high-framerate videos :)

Comment: Frame-interpolation. (Score 5, Interesting) 121

by Gaygirlie (#49027577) Attached to: VLC Acquiring Lots of New Features

Personally, I would like to see them add frame-interpolation to VLC. There is Smooth Video Project that can be used with several other players and you could use it even with XBMC, though I don't know if it works with Kodi anymore, but SVP doesn't work with VLC. I really do enjoy watching videos in 60 fps, it's like a night and day compared to the usual 23.976 or 25 fps, even if it's just interpolated.

Committees have become so important nowadays that subcommittees have to be appointed to do the work.