Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror

Comment God DAMN it! Not fucking again! (Score 2) 110

I remember the days of the Clipper Chip, and of the prohibition on exporting strong crypto. I remember getting a package from Checkpoint in Ramat Gan, Israel (over international DHL, I believe it was) that was slathered with warning stickers that said it could not leave the USA...when it originated from Israel.

I remember in 2000, doing an IV&V of a VPN solution that did something really funky with their key generation, such that they were allowed to export strong (based on bit size) encryption without having to do key escrow. They put some of the key generation material in the handshake exchange...which means it went in the clear. I shit you not. Oh, and also, their algorithm had no forward secrecy...which was the whole point. Anyone who had sniffed the session could go to the operator of the VPN with a warrant, and have them re-generate the key that was negotiated between the two endpoints...making it possible to decrypt the session. Of course, this came along with a whole metric shitload of security problems, like the fact that compromising the VPN concentrator and pulling a little data off of it would give you the ability to decrypt any session that included that concentrator (we never got to the point of seeing if we could get the same effect by attacking the client). Basically, the whole thing was just a big pile of bitch cock, just waiting for disaster. (We also found a one-packed DoS, a buffer overflow, and other things...all unauthenticated attacks.)

And the best part? The client for whom it turned out I was doing this IV&V. It was the United States Secret Service...specifically the protective detail for the incoming Bush administration. This pig-fucker of a VPN solution was going to be used to protect the President of the United States. That was fun to find out...at the outset of the engagement, we thought our client was the Treasury Department in general (which was kind of true, in a way). When we had "The Meeting" to tell them what a disaster the solution was, they told us who we were really working for in specific. I really needed a drink after that meeting.

Needless to say, the Secret Service ended up going with a different solution.

And now here we are again...with different people but the same organizations bringing up the same dogshit reasons to try and justify demanding the same dumb-shit idea be implemented...backdoored encryption. I find it so incredibly interesting that, when it came down to it, the US Government wouldn't rely on a solution like that to protect themselves, but they would insist that the rest of us accept it for our own use. It makes me want to spew a litany of every obscene word and phrase I can remember, in alphabetical order.

Comment I wish it was only 'low quality' ads. (Score 1) 273

How about the ones that start windows popping up all over the place? Or start playing at obnoxiously loud levels? Or the four videos that start sucking down cpu.

And it doesn't help that I tend to pop open a few articles to read (or questions on StackExchange (disclaimer: I'm one of the moderators on Open Data)), and if a video starts playing, I'd have to look through all of my tabs and figure out which one it was to shut it down.

And that's not the disturbing ones that seem to be tracking other sites I've been to (we saw you were shopping for (x), so now it's going to follow you around for the next three months).

... and then there's the malware.

A few years ago, there was an article about the FBI spoofing websites to foist their spyware on people ... and I commented that it'd be easier for them to start up their own ad network, and they'd be able to just wait for the right person to visit. I have no idea if law enforcement is doing it, but I'm pretty sure that the criminals are.

Comment Re:Too late (Score 1) 400

Yeah and we are focused on fixing all the issues that have caused projects to move.

I want to commend you for participating in the forums, and keeping a remarkably calm demeanor as a significant number of Slashdot readers demonstrate that they go online primarily to yell at other people. It took me a minute to grasp that someone who is actually accountable for Slashdot and SourceForge was actually participating; we've become used to seeing strange behavior (Bennett Haselton *cough*) with no accountability, and not even someone willing to step up and speak to the complaints/arguments/whatever.

And now, here you are standing in the aftermath of that behavior...for which you are not responsible...and taking the brunt of it even after you announce that you've done a good thing that all the screaming howler monkeys actually wanted. Bravo, sir, bravo! Keep to the course, and I believe that it will get better.

As for those who are serving as the voice of reason, and pointing out that this new management is in no way responsible for past sins...keep that up too. We've got to help these people turn things back around by backing them up.

Comment Re:Surprised? (Score 4, Insightful) 571

If a company chooses Unix, then they're "locked in" to Unix, as well. The idea that there's some kind of MS-specific "lock in" is hogwash.

Except that, for the most part, Command line and APIs, even for X in Unix have changed little since 1978, so the "lock-in" is more the equivalent of having the odd pillow between you and where you want to go than the Windows/Apple 10 foot high concrete wall.

In the main, Unix API changes are for very good reasons (Unity and systemd being very visible, but highly atypical examples), whereas Windows API changes are intentional, put there to force upgrades on the user base for commercial reasons.

Once a company chooses Unix, it is hard to imagine they would go back, except at the point of a gun.

Comment Re:Trend towards illegibility (Score 1) 155

add a half an inch of space around everything to make a layout suitable for ... well, I don't know what

Because if you don't do it, Google says they will de-list your website for being Un-mobile friendly.

Eventually, Webmasters cannot say that being customer-friendly is more important than Google friendly, because "no google=no customers".

You might think there would be laws about "demanding money with menaces" and "abuse of monopoly", but where there is money there no law that cannot be "accidentally misplaced".

Slashdot Top Deals

"Card readers? We don't need no stinking card readers." -- Peter da Silva (at the National Academy of Sciencies, 1965, in a particularly vivid fantasy)

Working...