Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror

Comment Re:Secure systems (Score 1) 119 119

We have to start by teaching new programmers how to make secure systems first (and I repeat, systems, not just programs) and just then how to program.

This theory can be applied to so many things when it comes to programming and designing. Many web applications are designed by designers, and security is never a consideration. Security awareness is increasing though, but it will take time to spread this knowledge through the industry.

Comment Re:the system is wrong (Score 1) 80 80

The average user doesn't have the know-how to do that. Normal users freak out if they see that they have to accept a certificate - to them, it means their computer is about to burst into flames and hacker ninjas are going to come through the window and steal their credit cards. Also, there still isn't anything stopping one of the few CAs you created exceptions for from being tampered with.

Comment Re:Anonymous Finland denies the hack (Score 1) 129 129

"This is Anonymous" "That wasn't Anonymous, just someone claiming to be!" "Anon here, don't listen to them, they are not Anonymous" ...and so on into infinity. Anonymous can be anyone, and can be an individual or group. There is no one single "Anonymous", hence the name. Unless they're blowing up a van on the news. That's Anonymous.

Comment Re:Obligatory XKCD (Score 1) 205 205

The idea of shorter password intervals is to prevent against guessing attacks, and attempts to crack the password. In reality, it would normally take much more than 30 days to crack a good password that is encrypted well, but unfortunately, too often those two requirements aren't met.

Comment Re:Translation (Score 1) 172 172

So, what you're saying is that you could just 'forget' to include some details in order to bypass them finding anything suspicious? I imagine that some inspectors would find issues, and others wouldn't. If you submitted a few applications, I imagine you could get away with injecting something malicious. That being said, at least there is an app review process...

panic: kernel trap (ignored)

Working...