Forgot your password?

Comment: Re:Journalism died a long time ago (Score 3, Interesting) 29

Indeed. If they automatize things, we will at least have consistent low quality...

Actually I think the use of algorithms to write articles is great, I'm currently working on an anti-article algorithm that extracts just the facts from algorithm-generated articles and turns them into tweets. So instead of having to plough through a long slew of pseudo-intelligent analysis, all you get are the essential sound bytes: "Cat explodes; canary charged by police", that sort of thing. Pretty soon it'll be bigger than Facebook.

Comment: Re:TLS? who cares? (Score 1) 178

Microsoft is still operating under NSL restraints. That means the NSA has the keys anyway.

TLS doesn't work that way, the implementation trusts, and uses, whatever keys it's told to trust (via certificates). And that's the problem, while most implementations will allow you to manage your own certs, for example by creating self-signed certs, the Windows implementation will only trust certs from commercial CAs. You know, Diginotar, Trustwave, Comodo, those sorts of guys. So you can't just generate and manage your own keys and certs but are forced to pay, and trust hundreds of external CAs to manage your certs (and by extension keys) for you.

Comment: Re:Taggant (Score 2) 51

by arglebargle_xiv (#47366783) Attached to: IEEE Launches Anti-malware Services To Improve Security

I can't get the linked PDF to load

Basically they want the people who write malware packers to tag the packed malware as malware so it can be easily identified. Sort of like asking burglars to wear a shirt with I AM A BURGLAR printed on it in large letters, and perhaps notify the police when they're planning to break into a house.

It's a cunning plan, but somehow I can't see it catching out many bad guys.

Comment: Re:I won't upgrade. (Score 1) 669

Something about a security vulnerability that didn't make a lot of sense.

The problem was that Windows 7 gadgets had no security whatsoever, the only security setting you could have for them was "everything all the time" (there were theoretical config.options you could use that tightened things up a bit, but they weren't actually used). So you had the situation of ActiveX circa 1995 in a current OS that was touted as very secure (or at least "we tried really hard to make it very secure"). The issue wasn't why they discontinued it, it was how it ever got out the door in that state in the first place.

Comment: Re:That's not proof! (Score 5, Interesting) 475

by arglebargle_xiv (#47142777) Attached to: The Sudden Policy Change In Truecrypt Explained

Could you clarify? Who is Alyssa Rowan to TrueCrypt? Sorry for my ignorance, I tried Googling a bit and just got links to this article.

It's someone who has been active in the crypto/security community for awhile now. Personal details are pretty scarce (i.e. it could be a front for the NSA for all anyone knows), but the persona has been active in crypto. If you want something to Google on try "alyssa rowan cryptography".

Comment: Re:Traced? Perhaps. (Score 1) 72

by arglebargle_xiv (#47042803) Attached to: Mysterious Disease May Be Carried by the Wind

meh and even it it really was from the crops:

Interesting to see that the supposed origin is northeastern China, which is where the Japanese special unit 731 carried out biological warfare experiments during WWII, polluting large areas with bioweapons products. Perhaps this is a case of the chickens coming home to roost?

Comment: Re:Certificate extortion (Score 0) 60

I know several admins that mitigated the hole but couldn't replace their certificates either because the signer charges a ridiculous revocation fee (I'm looking at you, StartSSL),

Yup, twenty-five whole dollars. That's the price of several Big Macs, with fries!. Shameless what some CAs will charge.

(Not defending the CA racket here, but $25 isn't really that much when they give the certs out for free. In any case why revoke them, just replace them with a new, free cert. Yes, I know someone can spoof the server using the old cert, but if you want to save the $25...).

This is an unauthorized cybernetic announcement.