Forgot your password?
typodupeerror

Comment: Re:How about (Score 5, Interesting) 231

by Pricetx (#46912259) Attached to: How To Prevent the Next Heartbleed

A quote from the "Insane Coding" blog, which in turn quotes from the book "cryptography engineering":

The issues with higher level languages being used in cryptography are:
- Ensuring data is wiped clean, without the compiler optimizations or virtual machine ignoring what they deem to be pointless operations.
- The inability to use some high-level languages because they lack a way to tie in forceful cleanup of primitive data types, and their error handling mechanisms may end up leaving no way to wipe data, or data is duplicated without permission.
- Almost every single thing which may be the right way of doing things elsewhere is completely wrong where cryptography is concerned.

Comment: Student Loans (Score 2) 390

by Pricetx (#46797419) Attached to: Ask Slashdot: Hungry Students, How Common?

Just to clarify, how do student loans work in the US?

In the UK, they're provided by the government, and they don't work like conventional loans. They come directly out of your salary, and only once you start earning a certain amount. Even then, the amount scales depending on how much you earn, to the point where you may never even finish paying it (if you hit age 50 it just gets dropped completely).

Whilst admittedly I still live at home, I can afford a car with literally thousands to spare, and have never met anyone personally who has financial issues relating to being a student.

Based on all of the comments I'm reading here, my assumption is that in the US, student loans work more like conventional bank loans, where repayments are a fixed amount regardless of earnings?

Comment: Not actual cheat websites being checked (Score 3, Informative) 511

by Pricetx (#46275781) Attached to: Gabe Newell Responds: Yes, We're Looking For Cheaters Via DNS

One point that I don't think a lot of the commenters aren't getting, is that it isn't the actual "cheat websites" that are getting detected by this system, the system doesn't even check for them.

As Gabe explained, most cheating software uses DRM, similar to that of games themselves, which "phones home" to the cheat software publishers to ensure that all of the users of the software are actually paying for it. These "DRM servers" will have their own domain names, and it's these domain names which VAC is looking for. This is to avoid flagging people for simply having visited the cheat website.

It's also worth pointing out that this check is only triggered *AFTER* VAC has already detected that the player is cheating through other means, it can be thought of as a second factor of cheat authentication. This means that players can't get "tricked" into being VAC banned by having malicious javascript on a website causing their PC to perform DNS lookups on these blacklisted domains, as they won't even be checked by VAC unless the player is detected as cheating through other means.

That being said, there's always the possibility of false positives, and if you combine that with malicious javascript mention above, you could just be incredibly unlucky and accidentally get VAC banned.

Comment: Re:Can they get phone stores to install it? (Score 1) 143

by Pricetx (#45453535) Attached to: Ars Checks Out CyanogenMod's New Installer

As far as I'm aware, Europe (or, at least, the EU) has never had carrier locked phones. It's still common to buy them on contracts with a carrier, but if you cancelled the contract, you could immediately switch carrier with the device and continue using it. This isn't to say that carriers don't like bundling bloatware with their devices though.

That being said, it also helps that we don't have an odd mix of GSM and CDMA to contend with.

Comment: Re:pf (Score 2) 235

by Pricetx (#45179565) Attached to: NFTables To Replace iptables In the Linux Kernel

If you weren't already +5 informative, I would have up-voted you. pf has syntax so logical it's almost like speaking English. Then, in comparison, you have to memorize a variety of command flags to get anything done with iptables.

Mind you, personally i'm a FreeBSD user and (I think?) you can't actually get iptables for *BSD, and I don't have much use for a complicated firewall setup,

Comment: Re:pf (Score 1) 235

by Pricetx (#45179557) Attached to: NFTables To Replace iptables In the Linux Kernel

Actually, the reason that FreeBSD doesn't continue to receive upstream updates for PF is that the underlying code base to link it into the kernel has diverged too much from FreeBSD compatibility. This is compounded by the fact that the FreeBSD project has applied SMP patches to PF, which interferes with kernel interaction.

Comment: Cars already have black boxes in the UK (Score 2) 732

by Pricetx (#44733201) Attached to: EU Proposes To Fit Cars With Speed Limiters

Whilst this is only partly relevant to the story, I thought it might be interesting to some non Europeans.

A popular trend in the UK at the moment for young drivers is to have their car fitted with a "black box" by the insurance company. The idea behind this box is that it monitors the "g-forces" it is exposed to, to gather an idea of how safely the owner is driving the vehicle. Throughout the year, the owner is graded on various aspects of their driving based on this telemetry. Also, I believe that the insurance companies can penalise the owner for driving at certain times, e.g. after 10pm on a friday night. The idea behind this is that the insurance company can charge the owner less, and if they do well after one year, the price drops dramatically.

Additionally, if the black box experience a very high braking force, it will automatically trigger the insurance company to ring your mobile to ask if you're okay, and if you need any help exchanging insurance details with any other drivers involved.

Anyway, back on point, I imagine it wouldn't be too difficult to add GPS facilities to these devices, and receive speed limit information based on location similarly to have satnav's currently do so. Obviously, for various reasons already mentioned by other posters, you would not want any restrictions to be physically enforced, but it could serve as a guide, or notice, to the driver.

Comment: Err, what about PRISM? (Score 1) 251

by Pricetx (#44663069) Attached to: Ask Slashdot: How To Diagnose Traffic Throttling and Work Around It?

Wasn't the whole reason one of the NSAs main schemes was called PRISM because it described the process they used to capture data. They would have optical fibre cables run through a junction box which would "split" the signal towards both the intended destination, and NSA hardware, therefore acting like a "prism". This therefore would both not affect latency, and not lower throughput.

Comment: They can drive themselves, but what about parking? (Score 1) 662

by Pricetx (#44648453) Attached to: Concern Mounts Over Self-Driving Cars Taking Away Freedom

I think it's fairly clear to see that autonomous cars are advancing to the point where they're starting to look feasible in mass deployment. However, one area I still think they're severely lacking is parking. Good luck telling a car to go to the town centre, drive into a multi-storey car park, pay at the machine, and find a space. I'm not saying it's not possible, but I've never actually seen an autonomous vehicle dynamically search for and select a parking space.

I suppose you could still have a system where the "driver" pays at parking barriers etc. until a more autonomous system was produced.

Comment: Who actually said Google was supplying the NSA? (Score 1) 104

by Pricetx (#44336773) Attached to: Google Is Bringing Chrome Remote Desktop App To Android

Sorry in advance if I missed some crucial piece of information relating to this in the last few weeks.

At what point exactly did we determine that Google was giving ANY information to the NSA of their own accord? (ignoring DMCAs and the like, as I don't think that's the NSAs job).

The whole point of PRISM is that it splits the light signal from fibre optic cables on the internet backbone, which is NOT under Google's control.

As far as we know, when Google announced it had never heard of PRISM before, when it first went public, they could have been telling the truth, as Google would theoretically have no way if telling if something like this was happening outside of their jurisdiction.

Comment: Re:tcsh (Score 1) 80

by Pricetx (#43941617) Attached to: FreeBSD 8.4 Released

As an addition to my previous comment. Upon further investigation (by which I mean I discovered bash --version), I found that the version of Bash in the ports tree is indeed a GPL V3 version of Bash. I assume this means that whilst the FreeBSD project can not use any GPL V3 code in the operating system itself (I believe by FreeBSD 10 they want to have removed all GPL code full stop), there is no restriction on the licencing used by software in the ports tree (within reason).

Also, I quickly checked my Debian Wheezy box and that runs Bash 4.2.37, and Arch is using the same version as FreeBSD. I guess it shows that depending on the package, the ports tree can be rather bleeding edge at times.

Comment: Re:Cause and effect (Score 2) 193

by Pricetx (#43848639) Attached to: Blizzard's Unannounced 'Titan' MMO Rebooted, Development Team Reduced

Whilst I'm not a very active WoW player, I can tell you that there is an increasingly large number of servers, or "Realms" as they're called, that are very empty (200 players online at peak time). This doesn't just have a negative effect on the social side of the game, it also causes a whole host of issues for the in-game economy, and the ability to party up for dungeons and raids.

I think from a player point a view, downscaling their number of actual game servers would be a welcome move (albeit tricky to carry out due to potential player name / guild name conflicts when multiple realms are merged).

Comment: Re:Excuse my ignorance (Score 4, Informative) 75

by Pricetx (#43589937) Attached to: DragonFly BSD 3.4 Released, With New Packaging System

Wikipedia has a rather well written article on FreeBSD's ports system (and being that FreeBSD has the largest user base of the *BSDs, it is often thought of as "the BSD system"). http://en.wikipedia.org/wiki/FreeBSD_Ports

Additionally, it may be worth noting that FreeBSD is transitioning over to a new binary package system called "pkgng", (to replace pkg_add, not ports). I don't personally know much about it, but the trusty old FreeBSD handbook has a section on it: http://www.freebsd.org/doc/en/books/handbook/pkgng-intro.html

Comment: Depends on the username (Score 1) 383

by Pricetx (#42756011) Attached to: Ask Slashdot: Name Conflicts In Automatically Generated Email Addresses?
It really depends on what the usernames are like, at my university the username is [initials][year started][three random letters], so for instance, john doe starting in 2012 would be jd12ges@uni.ac.uk, however, if your usernames are just a random sequence of letters or numbers this wouldn't be a very good solution.

Never ask two questions in a business letter. The reply will discuss the one you are least interested, and say nothing about the other.

Working...