Please create an account to participate in the Slashdot moderation system


Forgot your password?

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).


Comment: Re:More of the same (Score 1) 116

by Meneth (#49446943) Attached to: 'Let's Encrypt' Project Strives To Make Encryption Simple


Certificate validation is a defense against Man-in-the-Middle attacks. But the "Let's Encrypt" system is vulnerable to a MitM attack between its server and the server that would request the proper certificate.

It can thus be fooled into issuing false certificates by the very people those certificates should defend against.

Comment: Re:Really? (Score 1) 294

by Meneth (#49328181) Attached to: Steve Wozniak Now Afraid of AI Too, Just Like Elon Musk

You seem to underestimate the inventiveness of a superintelligence, and the diversity of hardware controlled by computers, and our reliance on them. It is also possible to use electronic communication to make humans do work for you.

For example, if the AI solves the Protein Folding Problem, it could contact a Protein Sequencing Service and have them build proteins that fold into self-replicating nanobots.

Comment: Re:Metadata (Score 1) 309

by Meneth (#49139667) Attached to: Moxie Marlinspike: GPG Has Run Its Course

SMTP requires that those fields be world-readable. Or do you propose that SMTP servers somehow route email to the appropriate recipient without being able to read who the recipient is?!

No, what I propose is that we start using a protocol other than SMTP for email. I don't think such a protocol exists yet, and I don't know much about how it would look, but I think AC #49126801, right above, has some good ideas.

Comment: Re:More of this ridiculous (Score 3, Insightful) 134

by Meneth (#49117929) Attached to: Pakistanis Must Provide Fingerprints Or Give Up Cellphone

Surely they'll find it very difficult to get an unregistered SIM card.

No, but they'll find it difficult to get unregistered cards to work, at least once the networks start blocking all cards that are not registered.

The counter to that is to steal registered cards. The counter to that is to report the cards as stolen. Counter: kill the card-owners, so they can't report the cards. Counter: police de-registers cards belonging to dead people. Counter: kidnap/disappear the card-owners. Only works until the authorities catch on in each individual case. Mitigation: keep kill/stealing. That's what terrorists do anyway, so no problem there. Problem: you're now switching numbers often. Gonna be difficult to keep your address book up-to-date.

Comment: Re:Drama queen (Score 2) 196

by Meneth (#49037733) Attached to: Firefox To Mandate Extension Signing

All modern operating systems put restrictions on what software can run on them and what it can do.

No, they don't. Windows, Linux, the BSDs, OSX, none of those have any mandatory filters. Windows and OSX have some "anti-malware" crap, but those can be disabled.

Even on Linux your app doesn't get automatic root access and the ability to poke into the kernel just because you want it.

If an app wants root access, it'll pop up a password prompt. If you want it, it can poke anything. :)

In a consumer society there are inevitably two kinds of slaves: the prisoners of addiction and the prisoners of envy.