Forgot your password?

Comment: Re:DOS version? (Score 3, Informative) 100

by Just Some Guy (#48200915) Attached to: Samsung Acknowledges and Fixes Bug On 840 EVO SSDs

The current firmware update ships as a bootable ISO. Burn it to a CD/DVD (or a flash drive if you can work it out), hold down "option" at boot, and you'll be looking at a DOS prompt in no time. I verified this two days ago when I misread the firmware version on the website and downloaded an updater for the version I already had.

Comment: Re:If it works, leave it alone. (Score 1) 242

by Just Some Guy (#48190703) Attached to: Help ESR Stamp Out CVS and SVN In Our Lifetime
The problem is that you're building more and more tooling on top of a painfully decrepit system. Every time you spend more than zero seconds dealing with renaming a file, you've lost money on the deal. Every time you work off HEAD because it's too painful to branch, you're spending developer salaries. I get that "if it ain't broke, don't fix it", but CVS it utterly and fundamentally broke. You're throwing good money after bad trying to keep it alive.

Comment: This is why they made the cloud (Score 1) 242

by Just Some Guy (#48190611) Attached to: Help ESR Stamp Out CVS and SVN In Our Lifetime

Hosting Git is dirt cheap. Converting from ${old_terrible_system} to Git is the painful one-time expense. Here's how you do it:

1. Fire up a suitably bit AWS cloud server.
2. Copy your repo to it.
3. Run the command to convert your old repo to Git.
4. Download the new Git repo.
5. Shut down the instance.

You don't buy expensive, power-hungry software that's going to cost an arm and a leg to store, power, and cool for the next year when you only need its brute force for a few hours. The Cloud isn't a magical cure-all, but it's a perfect fit for things like this.

Comment: Re: Apple Pay (Score 2) 354

by Just Some Guy (#48163271) Attached to: Apple Announces iPad Air 2, iPad mini 3, OS X Yosemite and More

Do you have a cite for this? I'm pretty familiar with how Google Wallet (with and without a hardware Secure Element) works, and I *know* that CC info is presented to the POS in order to make the transaction.

Any of the hundreds of articles about how Apple Pay works. Here's one that explains that the device gives the credit card terminal a 16-digit randomized token and a unique one-time-use CCV. Payment processors use the pair to identify the credit account to bill.

In short, your actual credit card numbers never leave your device. Google for "apple pay token" if you'd like to dive into further detail.

Comment: Remote Backups (Score 1) 150

by Just Some Guy (#48150653) Attached to: If Your Cloud Vendor Goes Out of Business, Are You Ready?

I find that cloud backups are an excellent complement to local backups. I have a 6TB Synology unit at home that stores all our family photos, Time Machine backups, scans of all our important docs, etc. I love and trust that little server. I also have it configured to ship nightly backups to Amazon Glacier so that if my house burns down and takes the Synology with it, I can restore it all and have my digital life back.

I guess I could buy a second unit and keep it at work, but that's a lot more effort than setting up a scheduled job to sync everything up to a remote server without my manual intervention.

Comment: Re:Web server for printing... (Score 1) 178

by Just Some Guy (#48150317) Attached to: Apple Releases CUPS 2.0

even still, the only time anyone I knew personally printed anything from a mobile device was over 10 years ago and that was in an electronics store, printing goatse over bluetooth to a printer on display.

The last time I did it was this morning when my kid's school emailed a permission slip that I needed to sign and return. I like not having to go find my laptop, locate the same email, and print from there when the thing I want printed is already being displayed on the phone screen that I'm staring at.

Comment: Re:I think the part that scares me.... (Score 1) 149

by Just Some Guy (#48143635) Attached to: ISPs Violating Net Neutrality To Block Encryption

Not only did this company not have the chops to figure out that 'someone may have incorrectly configured a firewall!', oh no. They decided to compound their inadequacy by including it in a filing to the god damn FCC.

Yes, they should be experts in gear they may not themselves be using. They should also not complain to the government office responsible for receiving complaints about such things, because ISPs always do such things as honest mistakes and not as predatory rent seekers.

Comment: Re:The "It's not working" attack (Score 1) 149

by Just Some Guy (#48143581) Attached to: ISPs Violating Net Neutrality To Block Encryption

We need the equivalent of HSTS but for SMTP. Maybe it replies with a "250-ALWAYSTLS" to EHLO, and clients and other servers cache the fact that "server always wants TLS". Then those clients can warn users when their messages can't be delivered according to the recipient server's TLS policy.

This would be so easy if we had DNSSEC or an alternative equivalent, so that you could publish something like an MX record but with added content like "always use an encrypted connection" (perhaps replacing MX records with SRV, maybe?). They'd have to be signed, though, or you could count on ISPs to forge false records.

Comment: Re:OK... (Score 1) 187

It kind of does. Well, at least it will go a long way toward having your opinions fall on deaf and unwelcoming ears - here, anyway.

I don't know you, Florian, and I don't have anything against you personally. You might be a great guy that I'd enjoy hanging out with for all I know. However, I'm sure this isn't the first time you've heard that large chunks of the F/OSS community don't particularly trust you. I can't comment on your disclosure timeline that you described in another post, but I know that I was disgusted to find out that you'd written some very supportive stuff about a company which was seen as attacking Free Software, and then it came out that they were paying you. While you have as much right to speak your opinion as anyone else, you can't be surprised that forums like Slashdot are unlikely to care to hear it.

Comment: Re:Oh great (Score 2, Interesting) 547

by Just Some Guy (#48135319) Attached to: Password Security: Why the Horse Battery Staple Is Not Correct

Unless you're talking about something that I'm not getting, it's not susceptible to a dictionary attack. The individual words may be, but a brute force attack would still need to guess all of those words in that order.

The part you're missing is Markov chains and Bayesian analysis. I'll bet a reasonable corpus of phrases would show that "is" follows "love" fairly often, and "love is beautiful" is far more common than "love is axiopisty". Similarly, "birds that sing" is hugely more likely than "birds that exhibitorship".

While the whole phrase is unlikely to be the first random thing someone types, each word in that phrase is quite likely to be the one chosen based on its predecessors. I still think correct horse battery staple is a poor idea compared to a strong randomly generated string, but /usr/share/dict/words on my system has 235886 entries and 235886^4 ~= 2^72. That's reasonably random. I would much rather have to iterate through Markov chains branching from each word in the dictionary and trying the likely phrases than to have to brute force each possible 4-word combination. I don't have the numbers to back it, but I bet you could reduce the search space by quite a lot of orders of magnitude.

...when fits of creativity run strong, more than one programmer or writer has been known to abandon the desktop for the more spacious floor. - Fred Brooks, Jr.