Forgot your password?

Comment: Re:ET would disprove God (Score 1) 499

by Vellmont (#48033305) Attached to: Are the World's Religions Ready For ET?

According to the one religion I'm somewhat familiar with
Then you're not very familiar with Christianity, or religion, really.

Christianity has survived worse than aliens. Heliocentric theory, evolution, and earth as a globe are all facts that Christianity has had to deal with over the last 100 years. The different sects are at varying points in how they've evolved with these facts, but they have and are evolving.

You think of religion as a series of facts, which it partially is... but that's not the main thing. The main thing is group identity, and group identity can and does change with time. You can't really "disprove" group identity.

Comment: Re:IE better fits the definition. (Score 1) 117

by Vellmont (#48025157) Attached to: Tor Executive Director Hints At Firefox Integration

w3 schools is about one of the WORST examples you could have picked. Web developers and designers don't use IE for obvious reasons.

But you're right though that browser market share is hugely dependent on what group you've picked. Business users use IE in much higher numbers. Given Microsoft's corporate masters, I'd be VERY surprised if they put an anti-spying feature in the browser. Remember, business loves to spy on their employees.

My money is still on Firefox though. Mozilla has a mission to provide privacy to its users. They actively resist making it easy for corporations to do MITM attacks on the browser though including custom placed to install CAs. Safari is a possibility too, but I'd still bet on FF.

Comment: Re:It's been in bash a while. (Score 2) 317

by Vellmont (#47997433) Attached to: Flurry of Scans Hint That Bash Vulnerability Could Already Be In the Wild

Oh, and as an addendum, I consider anything that originates from the client, something that the user can generate.

i.e. untrusted input is untrusted input. People get far to specific about that kind of thing. If you're taking input from a client, and passing it to a system executable in some way, that's bad.

Comment: Re:It's been in bash a while. (Score 1) 317

by Vellmont (#47996261) Attached to: Flurry of Scans Hint That Bash Vulnerability Could Already Be In the Wild

The "With many eyes all bugs are shallow" myth is busted again.

Uhh.. I guess I'd say the "many eyes" have been saying for almost 20 years that a website that takes in user data and then passes that to a shell to run an executable is kinda stupid, and insecure.

Comment: Re:They will never learn (Score 1) 103

by Vellmont (#47976023) Attached to: Compromised To Serve Malware

I disagree with your basic premise, that things are secure, or insecure. Everything is a tradeoff. Using a foreign CDN is a tradeoff of trusting a third party to be secure vs doing it yourself. Just because you do it yourself doesn't mean it's "more secure", it's just more in your control, which can be good or bad.

We make this tradeoff all the time. Have you ever used 3rd party software on your website? Well then you're making a tradeoff as well.

You're right to be suspcious of trusting a 3rd party, but I don't agree that using a CDN is always a bad choice, incompetent, and obvious to anyone competent.

Comment: 40 hour weeks != complacent. (Score 1) 275

by Vellmont (#47949699) Attached to: Ask Slashdot: How To Avoid Becoming a Complacent Software Developer?

People develop lives and other interests. If you'd like to dedicate yourself to one thing, great. But you have an odd idea about the nature of liking what you do. Liking what you do is very different from wanting to do it all the time. The world is an interesting place with a lot of different things in it. Don't assume people that have other interests (Family, hobbies, houses, travel, leisure) aren't passionate about what they do, they've just realized that there's more to life than computers.

In fact, a good way to get burned out is to do exactly what I suspect you're doing. Working really long hours, and dedicating lots of your free time to software. Cut it out, and maybe you won't get burned out.

Comment: Re: So everything is protected by a 4 digit passco (Score 1) 504

by Vellmont (#47940627) Attached to: Apple Will No Longer Unlock Most iPhones, iPads For Police

Not without huge advances in theoretical mathematics, no.

Cryptography relies not only on the math being correct, but the implementation as well. How sure are you that Apple implemented the random number generator properly, for instance? Maybe that 128 bit key only has 64 bits of entropy because someone screwed up. 64 bits of entropy is feasible to brute-force.

Also, only RSA relies on factoring large numbers. RSA, and other public-cryptography is only used to encrypt the key. The underlying algorithm is still generally block ciphers like AES, which aren't dependent on prime numbers.

Comment: Easy fix for the government. (Score 1) 504

by Vellmont (#47940475) Attached to: Apple Will No Longer Unlock Most iPhones, iPads For Police

So instead of requesting access to the data, they'll request access to installing a special update to your phone that simply transmits the encryption key.

If you trust Apple to update your software, and Apple has to do whatever the government says, there's always going to be a way for the government to get your data.

Comment: Re:Experience counts (Score 2) 232

by Vellmont (#47929065) Attached to: Ask Slashdot: Have You Experienced Fear Driven Development?

Of course, the respect you're seeking must be proportional to your actual skills, merit to the company, etc.

Hmmm.. this is the only statement I find questionable. Everything else I agree with. I think everyone deserves respect. The lowest level employee doesn't deserve to be yelled at for missing deadlines, or having a bug that's missed. That's basic human nature, and you're not entitled to it simply because you're more valuable, it's something all people need. I understand your position, but if the only way you can gain "respect" is through fear (fear you'll leave), that's still an indication of a sick organization.

Long term, you should still leave if everyone doesn't deserve respect, not just "valuable" people.

Comment: Re:Then I guess you could say... (Score 4, Insightful) 222

by Vellmont (#47915293) Attached to: Schizophrenia Is Not a Single Disease

The trick is that doctors need to stop treating schizophrenics like we're sick. They need to start treating us like we're real people that just happen to have a different sense of reality.

In a sense, I sort of agree with you, in another, totally not. Depression is also another way of viewing reality. Is someone who's depressed "wrong" about concentrating on the negative aspects of living? No... but I think most people who're depressed would rather NOT be depressed. Obviously telling someone who's depressed to just "cheer up", and "things aren't that bad" isn't going to help much. But like a disease, it's an aspect of yourself you'd rather not have and aren't in total control of, and want to be "cured" of. So the disease model isn't too far from the truth. I don't see how scizophrenia is much different.

You yourself don't really like your symptoms, wouldn't you rather they be gone? So I'm not sure I really understand your point.

Comment: Re:Deism (Score 1) 937

by Vellmont (#47899465) Attached to: Why Atheists Need Captain Kirk

The same inadequate reasoning that makes people think their could be meaning to the universe is the same lack of reasoning that causes smart people to be religious.

You make the mistake of categorizing all religion into one big bin. Thinking about our place in the universe is a religious activity, but also a very human one. Deciding we have no place in the universe, or the universe has no meaning is also in that same category. By seeking to escape religion, you're only being ensared by it.

Comment: Re:Need more than a legal precedent (Score 0) 421

by Vellmont (#47890849) Attached to: Windows Tax Shot Down In Italy

More than a legal precedent this needs solid regulations with teeth. I suspect that if you walk into whatever the Italian equivalent of Best Buy waving this judgement around and demanding a refund that they will just have security escort you out. But if refusal to even offer a Windows free machine was worthy of a fine, let alone not removing it, then windows free machines would be widely available.

I've spent some time living and working in Italy. I'd be very, very careful before I simply apply US and Canadian ideas and norms onto Italy. Italy isn't filled with big box stores. I don't know that there's an equivalent mass retailer that sells everything from PCs to appliances in Italy. Rome at least is more filled with smaller retailers rather than enormous mega-retailer stores like in the US. There's some big retailers to be sure, but there's a lot more smaller ones.

But the one thing you should be VERY wary of is applying the rule of law to Italy. The normal rules of fines, and governments imposing restrictions on things doesn't always apply. Italian courts are a mess, and regularly change verdicts. So I wouldn't just naturally expect Italian retailers to suddenly start offering Windows free machines available for sale. Italy isn't like the US, or even the rest of the EU.

Passwords are implemented as a result of insecurity.