Forgot your password?

Comment: Re:If it works, leave it alone. (Score 1) 176

by Just Some Guy (#48190703) Attached to: Help ESR Stamp Out CVS and SVN In Our Lifetime
The problem is that you're building more and more tooling on top of a painfully decrepit system. Every time you spend more than zero seconds dealing with renaming a file, you've lost money on the deal. Every time you work off HEAD because it's too painful to branch, you're spending developer salaries. I get that "if it ain't broke, don't fix it", but CVS it utterly and fundamentally broke. You're throwing good money after bad trying to keep it alive.

Comment: This is why they made the cloud (Score 0) 176

by Just Some Guy (#48190611) Attached to: Help ESR Stamp Out CVS and SVN In Our Lifetime

Hosting Git is dirt cheap. Converting from ${old_terrible_system} to Git is the painful one-time expense. Here's how you do it:

1. Fire up a suitably bit AWS cloud server.
2. Copy your repo to it.
3. Run the command to convert your old repo to Git.
4. Download the new Git repo.
5. Shut down the instance.

You don't buy expensive, power-hungry software that's going to cost an arm and a leg to store, power, and cool for the next year when you only need its brute force for a few hours. The Cloud isn't a magical cure-all, but it's a perfect fit for things like this.

Comment: Re: Apple Pay (Score 2) 352

by Just Some Guy (#48163271) Attached to: Apple Announces iPad Air 2, iPad mini 3, OS X Yosemite and More

Do you have a cite for this? I'm pretty familiar with how Google Wallet (with and without a hardware Secure Element) works, and I *know* that CC info is presented to the POS in order to make the transaction.

Any of the hundreds of articles about how Apple Pay works. Here's one that explains that the device gives the credit card terminal a 16-digit randomized token and a unique one-time-use CCV. Payment processors use the pair to identify the credit account to bill.

In short, your actual credit card numbers never leave your device. Google for "apple pay token" if you'd like to dive into further detail.

Comment: Remote Backups (Score 1) 150

by Just Some Guy (#48150653) Attached to: If Your Cloud Vendor Goes Out of Business, Are You Ready?

I find that cloud backups are an excellent complement to local backups. I have a 6TB Synology unit at home that stores all our family photos, Time Machine backups, scans of all our important docs, etc. I love and trust that little server. I also have it configured to ship nightly backups to Amazon Glacier so that if my house burns down and takes the Synology with it, I can restore it all and have my digital life back.

I guess I could buy a second unit and keep it at work, but that's a lot more effort than setting up a scheduled job to sync everything up to a remote server without my manual intervention.

Comment: Re:Web server for printing... (Score 1) 174

by Just Some Guy (#48150317) Attached to: Apple Releases CUPS 2.0

even still, the only time anyone I knew personally printed anything from a mobile device was over 10 years ago and that was in an electronics store, printing goatse over bluetooth to a printer on display.

The last time I did it was this morning when my kid's school emailed a permission slip that I needed to sign and return. I like not having to go find my laptop, locate the same email, and print from there when the thing I want printed is already being displayed on the phone screen that I'm staring at.

Comment: Re:I think the part that scares me.... (Score 1) 149

by Just Some Guy (#48143635) Attached to: ISPs Violating Net Neutrality To Block Encryption

Not only did this company not have the chops to figure out that 'someone may have incorrectly configured a firewall!', oh no. They decided to compound their inadequacy by including it in a filing to the god damn FCC.

Yes, they should be experts in gear they may not themselves be using. They should also not complain to the government office responsible for receiving complaints about such things, because ISPs always do such things as honest mistakes and not as predatory rent seekers.

Comment: Re:The "It's not working" attack (Score 1) 149

by Just Some Guy (#48143581) Attached to: ISPs Violating Net Neutrality To Block Encryption

We need the equivalent of HSTS but for SMTP. Maybe it replies with a "250-ALWAYSTLS" to EHLO, and clients and other servers cache the fact that "server always wants TLS". Then those clients can warn users when their messages can't be delivered according to the recipient server's TLS policy.

This would be so easy if we had DNSSEC or an alternative equivalent, so that you could publish something like an MX record but with added content like "always use an encrypted connection" (perhaps replacing MX records with SRV, maybe?). They'd have to be signed, though, or you could count on ISPs to forge false records.

Comment: Re:OK... (Score 1) 179

It kind of does. Well, at least it will go a long way toward having your opinions fall on deaf and unwelcoming ears - here, anyway.

I don't know you, Florian, and I don't have anything against you personally. You might be a great guy that I'd enjoy hanging out with for all I know. However, I'm sure this isn't the first time you've heard that large chunks of the F/OSS community don't particularly trust you. I can't comment on your disclosure timeline that you described in another post, but I know that I was disgusted to find out that you'd written some very supportive stuff about a company which was seen as attacking Free Software, and then it came out that they were paying you. While you have as much right to speak your opinion as anyone else, you can't be surprised that forums like Slashdot are unlikely to care to hear it.

Comment: Re:Oh great (Score 2, Interesting) 546

by Just Some Guy (#48135319) Attached to: Password Security: Why the Horse Battery Staple Is Not Correct

Unless you're talking about something that I'm not getting, it's not susceptible to a dictionary attack. The individual words may be, but a brute force attack would still need to guess all of those words in that order.

The part you're missing is Markov chains and Bayesian analysis. I'll bet a reasonable corpus of phrases would show that "is" follows "love" fairly often, and "love is beautiful" is far more common than "love is axiopisty". Similarly, "birds that sing" is hugely more likely than "birds that exhibitorship".

While the whole phrase is unlikely to be the first random thing someone types, each word in that phrase is quite likely to be the one chosen based on its predecessors. I still think correct horse battery staple is a poor idea compared to a strong randomly generated string, but /usr/share/dict/words on my system has 235886 entries and 235886^4 ~= 2^72. That's reasonably random. I would much rather have to iterate through Markov chains branching from each word in the dictionary and trying the likely phrases than to have to brute force each possible 4-word combination. I don't have the numbers to back it, but I bet you could reduce the search space by quite a lot of orders of magnitude.

Comment: Re:Healthy relationship (Score 2) 622

by Just Some Guy (#48134065) Attached to: The Correct Response To Photo Hack Victim-Blamers

Somehow that doesn't sound like a loving healthy relationship. It sounds like a relationship based on sex and mutual attraction.

By what corruption do you assume that those are mutually exclusive? It's perfectly normal to be in a loving, healthy relationship with someone you're attracted to and want to have sex with. If Ms. Lawrence wanted her boyfriend to think of her when the separation grew unbearable, then that's between her and her boyfriend. There's nothing remotely unhealthy or unusual about that.

"Life, loathe it or ignore it, you can't like it." -- Marvin the paranoid android