Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror

Comment: Re:Neville Chamberlin was not available for commen (Score 1) 156

by Rei (#48630561) Attached to: "Team America" Gets Post-Hack Yanking At Alamo Drafthouse, Too

Germany was spending far more on their military during that time than Britain was. If Britain and France had stepped in earlier, Germany would have been totally unprepared and the war would have ended quickly. Not to mention all of the horrors of the Holocaust that would have been prevented.

If Britain and France had managed to delay the war to "prepare" even more, say a few years, the Luftwaffe would have been dominated by jets, German ballistic missiles would have been longer range and more precise, and they might even have become a nuclear power. I really don't think this is the analogy you're looking for.

Comment: Re:503 (Score 1) 340

by chihowa (#48628475) Attached to: Google Proposes To Warn People About Non-SSL Web Sites

Absolutely. Verification out-of-band on first connect was implied, but I should have stated that more clearly. Ultimately I just use my own CA and DANE, which is simpler and easier to roll out.

If we're going to stick with the root CA system, we really should start fixing it. Allowing multiple CA signatures, pinning certificates, limiting the scope of CA signatures, etc... Any of those options improve the situation. Even culling the root CA list and setting up region specific CA packs would help tremendously. There's no reason my systems should implicitly trust all of the corporations and governments in that list. If I want to shop on Chinese sites, I can download the Chinese CA list, but there's no reason for everybody in the world to have every root CA. This is a weakest-link system by design. Continually adding more links isn't helping!

Comment: Re:Land of the free (Score 1) 480

by rjh (#48628395) Attached to: Reaction To the Sony Hack Is 'Beyond the Realm of Stupid'

So, the NJ State Senate Majority Leader admits that New Jersey's law, which would make smart guns mandatory within three years of the first commercially-available smart gun being sold anywhere in the United States, can be reversed... if only the NRA will agree to stop obstructing the sale of smart guns within the United States, which they do specifically because of the New Jersey law?

I don't see the problem. The NRA is obstructing a law that goes against their stated interests, and New Jersey is promising to reverse that law if only the NRA will stop obstructing what that law regulates?

For the NRA's stated position, see here. Particularly:

NRA does not oppose new technological developments in firearms; however, we are opposed to government mandates that require the use of expensive, unreliable features, such as rigging a firearm so that it could not fire unless it received an electronic signal from an electronic bracelet worn by the firearm's lawful owner (as was brought up in Holder's recent testimony).

That's their stated policy, right there.

Comment: Re:The Batman, Theater Attack Comparison (Score 1) 480

by rjh (#48628111) Attached to: Reaction To the Sony Hack Is 'Beyond the Realm of Stupid'

Not quite. Courts have been willing to hold businesses liable for damages due to foreseeable criminal acts, yes, but so far no court has been willing to hold businesses liable for damages due to acts of war levied by a foreign state.

That's a pretty big jump to make, incidentally.

The risk is not that the courts might hold the theater chain responsible -- the courts wouldn't, on the grounds that the theater chain isn't responsible for protecting their clientele against acts of war from a foreign nation-state. The risk is that the lawsuit would be filed and it would cost the theater $20 million or more just to get the courts to dismiss all charges.

That $20 million is probably considerably more than they would make from screening The Interview, so the logical business case is to not screen it.

It's sad, but ... the real problem is not that the courts might hold the theater liable: it's that in our current system, getting sued is, in itself, its own punishment.

Comment: Re:Land of the free (Score 1) 480

by rjh (#48627973) Attached to: Reaction To the Sony Hack Is 'Beyond the Realm of Stupid'

The NRA does not object to smart gun technologies, and believes that people who wish to be allowed to buy them should be allowed to buy them.

The NRA objects to smart guns becoming mandatory, because the technology for smart guns is nowhere near mature.

The number one desired trait in a firearm, moreso than caliber or capacity or anything else, is reliability. The reason why Glocks are so popular isn't because of caliber, capacity, or aesthetics -- all of which other firearms do better. It's because a Glock is as reliable as gravity. If you chamber a round and pull the trigger, it goes boom. If you don't pull the trigger, it won't.

I have personally seen a Glock get thrown into a bucket of wet, goopy mud and left there for fifteen minutes just so the mud had the opportunity to permeate the whole of the firearm. At the end of the fifteen minutes the owner pulled the Glock out, shook it precisely three times to dislodge mud from the barrel, and fired one hundred seventy rounds through it in the space of about five minutes, just one magazine after another after another... just to prove the weapon was reliable.

Do you believe the current crop of smart gun technologies are equally reliable? The ones I've had the chance to play around with definitely aren't. They can't even agree on whether they need to fail safe or fail deadly.

Comment: Re:Never attribute to stupidity (Score 1) 480

by Rei (#48626209) Attached to: Reaction To the Sony Hack Is 'Beyond the Realm of Stupid'

Propaganda campaign by who? I think Singer needs to check his haughtiness at the door:

the ability to steal gossipy emails from a not-so-great protected computer network is not the same thing as being able to carry out physical, 9/11-style attacks in 18,000 locations simultaneously. I can't believe I'm saying this. I can't believe I have to say this."

Except, of course, for the fact that the prime suspect is the hand-picked hacker squad of the Hollywood-obsessed leader of a nuclear armed state with ICBMs, whose family's Hollywood obsession has gone to such extremes in the past as kidnapping filmmakers and forcing at them at gunpoint to make movies for them. I can't believe I'm saying this. I can't believe I have to say this.

Comment: Theaters are not worried about 9/11 (Score 3, Interesting) 480

by Headw1nd (#48626029) Attached to: Reaction To the Sony Hack Is 'Beyond the Realm of Stupid'

Regal Cinema et al. are not really worried about terror strikes. Muslim terrorists have made threats against various movies for decades and it hasn't stopped anything from being shown, and this is from groups that have proven experience blowing things up.

What these companies are in fact scared shitless is the kind of cyberattack that Sony suffered. As bad as Sony security might have been, I guarantee it was heads and shoulders above what any of these theater chains have in place. Sony was able to shrug off millions in damages, but for AMC it could be lights out. At the very least it would beat out the profits of showing a mediocre comedy. This is why they're scared to show the interview - concerns about "terror attacks" are a smokescreen.

Comment: Re:503 (Score 1) 340

by chihowa (#48625865) Attached to: Google Proposes To Warn People About Non-SSL Web Sites

If you verify the self-signed certificate the first time you use it, it can't be substituted for another self-signed certificate at any later point in time without triggering an alert. However, even if you personally verify a CA signed certificate, it can be continually be replaced with other CA signed certificates without ever alerting you (DANE and such not withstanding).

Because of the currently implemented browser behavior, which is to implicitly trust any certificate signed by any root CA, personally verified self-signed certificates are more resistant to MITM attacks.

Statistics are no substitute for judgement. -- Henry Clay

Working...