Become a fan of Slashdot on Facebook


Forgot your password?
Slashdot Deals: Deal of the Day - Pay What You Want for the Learn to Code Bundle, includes AngularJS, Python, HTML5, Ruby, and more. ×

Comment Re:This is a change for the better (Score 3, Insightful) 403

Baloney. Comey isn't being "reasoned and nuanced"; he's engaging in rhetorical bafflegab to pretend to be reasoned and nuanced. His definitions of "skepticism" and "cynicism" are, respectively, "tut-tutting and letting me go back to doing things the way I want" and "actually making my start complying with the Constitution".

Comment Re:Very sad - but let's get legislation in place N (Score 3, Informative) 706

And why should it? For the sake of argument do you think the government should tell you that you MUST install a home security system, have dead bolts on every exterior door, require exterior doors be steel or solid wood, limit the side of windows to no more than 1" by 1" or require bars?

If you're in business and promising your customers that you're keeping their stuff secure, well, yeah, there should be legal penalties for not meeting some standards of due diligence (admittedly, there's quite a bit of wiggle room as to where those standards should be set).

Comment The System Is Hardened Against That (Score 1) 392

Smartphone encryption uses composite keys, made by combining the password the user punches in to gain access with a digital key baked into the phone. The latter is hard to extract by physical examination, and too strong to brute-force (256 bits, IIRC). Thus, an attack against an offloaded copy of the encrypted data is very difficult (effectively impossible if the attacker botches the attempt to extract the device key and burns it), and an attack against the user password alone can only be done on that device.

Comment You Missed The Stupidest Statement Of All (Score 1) 392

Apple and Google replied, in essence, that they could not [access the phones] — because they did not know the user’s passcode. (...United Way Update...) There is no evidence that it would address institutional data breaches

In words of one syllable (well, I can't do anything about the fact that "Apple" and "Google" are two syllables, so the authors of the article will just have to pop an aspirin and such it up): The whole point is to stop that kind of data leak -- if Apple and Google don't have it, a bad guy can't steal it from them.

Mommy, what happens to your files when you die?