Become a fan of Slashdot on Facebook


Forgot your password?

Comment: Re:Angry, lost my template at this story (Score 0) 178

I was going to strongly disagree, but I didn't want to hear the Whoooosh of the Parent Post's Sarcasm passing over my head...

At least I hope it is sarcasm, I wouldn't put anything past Comcast
<forced meta-insert by Comcast net> but they are the most customer focused and patriotic company who only deserves further deregulation  </meta-insert>

Comment: Re:Easy to kill this one (Score 1) 206

by Harodotus (#48227075) Attached to: Verizon Injects Unique IDs Into HTTP Traffic

Not really. Even if your derivative work idea was valid and could be used to stop Verizon, they would just update their Terms of Service (TOS) to explicitly have you grant them this right and waive any claims.

Frankly, while i haven't checked, is very likely that their existing TOS grants them the right to make any change to your traffic they see fit, so it's likely that any derivative work would fail on it's face based on your existing contract.

Comment: Re:Here's his best defense.. (Score 1) 802

by Harodotus (#43858639) Attached to: Judge Orders Child Porn Suspect To Decrypt His Hard Drives
I'd always wondered if someone's decryption passphrase was a short description of how he committed a crime like:

"I buried the murder weapon at gps xxx,yyy"

"I had premeditation in committing my illegal acts"

Then it would definitely be self-incriminating to reveal his passphrase, and if forced to, he could get the conviction overturned on appeal.

+ - Northern Ireland Town Fakes Prosperity for G8 Summit->

Submitted by Anonymous Coward
An anonymous reader writes "

A town in Northern Ireland is getting spruced up for the arrival of some special guests. World leaders are gathering in the town of Enniskillen for the G8 summit next month. And to get ready, the town is putting up fake storefronts on shuttered businesses. Anchor Marco Werman speaks with Irish Times reporter Dan Keenan about the efforts to make the town look prosperous.


Link to Original Source

Comment: Re:Warning! Security hole in ROT-13 and ROT-26! (Score 1) 261

I'm afraid that your information is out of date, with the progression of Moore's Law, even ROT-39 now fails to today's botnet based distributed key cracking apps, i recommend using 128-bit ROT keys (or even-256 bit ROT keys for super secure data) despite the performance impact requirements.

Using just ROT-128bit (aka ROT-3.40282367e38 or ROT-340,282,367,000,000,000,000,000,000,000,000,000,000) should keep your data secure for years.

Comment: Re:Outward Appearances (Score 5, Informative) 175

by Harodotus (#42714845) Attached to: Aaron Swartz Case: Deja Vu All Over Again For MIT
I might add the Swartz was charged with 13 felonies, with a maximum sentence of 65 years in felony lockup, effectively life in prison. Murder, even multiple murders, has no more harsh a punishment (except in death penalty states).

You're point is valid, but it's, at best,a Type D "crime" being punished as a type A "the most harsh society can inflict" and might not even be a good civil suit for mild contract violation.

Comment: Re:Single point of failure (Score 1) 127

by Harodotus (#33505622) Attached to: NYT Password Security Discussion Overlooks Universal Logins
Well, it was mainly meant as a tongue-in-cheek dig at the folks in Redmund.

However, while it's not like I've gone to trouble of checking it, it's my understanding that modern password guessing dictionaries are incredibly extensive and have lengthy sections of common key combinations such as single letter repetitions of all acceptable lengths, numeric sequences, and keyboard patterns like qwerty, extended qwerty (qwertyuiop[]\asdfghjkl;'z), as well as many more folks have been dreaming up for decades now.

Of course the webpage is just a local javascript for simple complexity checking, but it's important to remember that it's not really a good simulation of a password's unguessability.

NYT Password Security Discussion Overlooks Universal Logins 127

Posted by timothy
from the your-voice-is-your-password dept.
A recent NYT piece explores the never-ending quest for password-based security, to which reader climenole responds with a snippet from ReadWriteWeb that argues it's time to think more seriously about life beyond passwords, at least beyond keeping a long list of individual login/password pairs: "These protective measures don't go very far, according to the New York Times, because hackers can get ahold of passwords with software that remotely tracks keystrokes, or by tricking users into typing them in. The story touches on a range of issues around the problem, but neglects to mention the obvious: the march toward a centralized login for multiple sites."

Comment: Re:Modem Box (Score 1) 876

by Harodotus (#27999957) Attached to: The Hard Drive Is Inside the Computer

As a former broadband network architect (Telocity/Directv DSL) my understanding of modern Cable and DSL provider use of the term "modem" is that Modem implies a tunneled link between the CPE (Customer Premise Equipment) and a box at the ISP.

So here at my home using Comcast, we have a CPE Cable Ethernet/Cable COAX proxy that gets a outward facing DHCP IP from a server at the local Comcast ISP. This IP is part of a private non-Internet network. The CPE/Proxy then connects to a server at Comcast's data center using a PPTP tunnel, authenticating (customer-side) using keys stored in the CPE and (server-side) with a database of current active paid customers.

If authentication completes successfully, then the CPE Device links the PPTP tunnel to my local network and to the real internet on the far side of the multi-interface ISP Server.

so it's more like:
_______________{------- PPTP tunnel ------}
PC-- local net -- CPE -- ISP Private net -- ISP Server -- Internet

This is much more like a real telephony modem than a router or network type converting Gateway.

The reason they use this is of course now all they need to do to cut you off is change the ISP Database if you don't pay your bill.

If the real Internet was run out to your house, you could just run your own CPE and get free service until they sent a Tech to unwire your link (or have smarter more expensive hubs that can remotely cut-off links). That's too expensive to be cost effective, so they use the "modem" model to control costs. They usually make you pay for the CPE too so it's really a net gain.

Interestingly, this is why rebooting your CPE "modem" often fixes broken Cable Internet connectivity. It forces it to connect out to a new PPTP server and if the ISP PPTP server being broken/overloaded is the issue, then you have a whole new one and it tends to work better.

"We shall reach greater and greater platitudes of achievement." -- Richard J. Daley