Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror

Comment Re:FUD removal. (Score 1) 365 365

Actually Linux is my primary OS. But how does that help the rest of the world? A solution that improves security for the technocrati is great, but not really worth deploying to the masses. And until it's worth deploying to the masses, it's just not going to be generally available to the few.

And even on Linux the security isn't impenetrable.

Also, no, you don't need root to install new software on Linux, unless you want that software to be accessible to all users. That's not the way most repository interfaces are configured to operate, but you can always install software directly as well, just download and run the install script. Even back in University I had a library of personal software installed on my locked-down university account.

Comment Re:Scripts that interact with passwords fields aws (Score 1) 365 365

Key- and screen-loggers? Pretty standard stuff I believe. All that's required is the wrong virus or trojan sneaking on to your machine somehow.

The main point is only that only one thing is needed to compromise security - knowledge - and thus is a stretch to cal two-factor under the traditional definition (at least so far as I understand it. I'm a programmer, but no expert on security)

I certainly don't contest the challenge that it's probably significantly more difficult to bypass. At first glance it would seem to have great potential, IF done well. But I don't even know enough details to judge the theory, and as always implementation details will likely expose far more vulnerabilties to hackers. The question is, would it continue to be fundamentally more secure if it became the primary means of security, or is it's primary benefit that of being a small small enough target that it's not worth the effort?

Comment Re:Or let us keep our hard-earned money (Score 1) 571 571

No, that is why we have regulation by an ideally democratic government - to impose those rules upon the entire marketplace that cannot realistically be instated any other way. Because just like most other Tragedy of the Commons situations, if everyone behaves with rational self-interest, then everybody loses. It's only by having rules imposed by a collectively empowered authority that we can align rational self-interest and our own best interests.

Comment Re:Scripts that interact with passwords fields aws (Score 1) 365 365

>because it's actually more than two-factor authentication
Kind of, maybe, but you really have to stretch the definition. Two factor authentication is typically a combination two of:
- something you know
- something you have (physical object)
- something that's an inherent characteristic (biometric data)
specifically so that it's extremely unlikely that an unauthorized user can get access to more than one of them.

Meanwhile yours (from what I can guess from your under-specified description) involves:
-Picture (keyfile?) that's stored online where anyone can get it (and how do you access it? a password?)
-passphrase
-password

And yes, that's considerably more challenging to hack than a simple password alone, but it still sounds like it only involves "something you know", and thus offers none of the more concrete protections offered by more traditional two-factor authentication. All it takes is someone filming your keyboard and screen while you log in and your security is completely bypassed. Not appreciably more difficult to hack than a completely random 30-character password that can be conveniently stored in an encrypted password manager on a USB flash drive accessible via passphrase, which provides quasi-twofactor authentication on the front end. You can watch me enter my passphrase, but without also having the file on my USB drive it won't help you log into any of my accounts

Granted, that's not as convenient on phones/tablets/etc, but given how common spyware of various types is on such devices I'd be *extremely* hesitant to access anything actually important from those unless you completely refused to install any software that has the potential to monitor your activities - a call that's becoming increasingly difficult to make even for the competent.

Comment Re:Or let us keep our hard-earned money (Score 5, Insightful) 571 571

Because market inefficiencies make certain necessary adaptations effectively impossible.

For example, if Company A decides they want to be responsible corporate "citizens" and shift their energy consumption to sustainable sources, then they increase their costs and can no longer compete effectively with Company B unless there's a mass movement to purchase A's products because of their energy policy. And unfortunately the existence of Walmart and the like is proof enough that the mass of Americans consider up-front price to be the single most important factor in purchasing decisions, even when it increases their own long-term costs (a $50 appliance that needs to be replaced yearly is far more expensive than a $200 appliance that will last indefinitely), much less indirect social costs whose full weight won't be felt for generations.

Granted, at the moment if we removed all fossil-fuel subsidies renewable energy would look far more competitive, but to really level the playing field we would have to also impose new penalties on "socialized-cost subsidies" that have long been grandfathered in: Coal for example imposes phenomenal pollution costs at almost every stage. If however we imposed well-structured penalties/taxes to reflect the actual cost of reversing that damage then it would be one of the most expensive energy sources available.

Comment Re:Someone doesn't understand how this works (Score 5, Informative) 292 292

Sure, and if LexisNexis owns the copyright they can sue, but the State would have no standing to do so. No more than I can sue you for pirating a Disney movie.

The fact that the state is suing implies that THEY are claiming copyright ownership. And while I'm not 100% certain about Georgia, that would certainly not fly if the federal government were the one making the claim - as an agent of the people, any works owned by the government are automatically placed in the public domain.

Comment Re:Spreadsheets (Score 3, Interesting) 143 143

I like to play with orbital mechanics - "hard science fiction" scenarios such as orbital catapults and the like, and spreadsheets are a decent way to quickly run the numbers for a large range of parameters. For example, a few hundred mile tumbling-cable space elevator around the moon could grab payloads directly off the surface and launch them on Hoffman transfer orbits to Mars or Venus, without ever exceeding a fraction of a g acceleration.

Comment Re: They're not going to arrest him! (Score 1) 312 312

100 acres would be a radius of only ~392 yards, and from what I can find the range of an unimpeded 9mm pistol round can be a couple thousand yards*. Obviously the accuracy will be nonexistent at that range, but we're talking about how far a stray shot can travel before hitting the ground. So, unless you've got *really* dense trees, a bullet fired into the woods will potentially cross several neighbours properties as well as your own. I really hope you're using a proper backdrop.

Comment Re:this is outrageous. (Score 1) 312 312

Sure there would - it still needs to be determined with certainty whether the particular action actually occurred, who was involved, and in some cases what the motive was (say premeditated murder versus self defense). Not to mention whether the law is being applied justly - jury nullification has a long and proud history in this country.

"There is nothing new under the sun, but there are lots of old things we don't know yet." -Ambrose Bierce

Working...