Forgot your password?

Comment: Re:One man (Score 1) 186

by PopeRatzo (#48227433) Attached to: Days After Shooting, Canada Proposes New Restrictions On and Offline

A perfect chance to tighten the fences keeping the citizens in check.

I'm not disagreeing with you, but the idea that you have to keep Canadians "in check" is pretty funny. I've lived in Canada and have never met a people who were less "out of check".

I mean, what are there, about four homicides a year in Ottawa? And three of those are probably mercy killings. The other was a guy who wore a Marian Hossa jersey to an Ottawa Senators' game. Even criminals in Canada are polite.

+ - Profits! Profits! Profits! Ballmer Says Amazon Isn't a Real Business

Submitted by theodp
theodp (442580) writes "According to Steve Ballmer, is not a real business. “They make no money,” Ballmer said on the Charlie Rose Show. “In my world, you’re not a real business until you make some money. I have a hard time with businesses that don’t make money at some point.” Ballmer’s comments come as Amazon posted a $437 million loss for the third quarter, disappointing Wall Street. "If you are worth $150 billion," Ballmer added, "eventually somebody thinks you’re going to make $15 billion pre-tax. They make about zero, and there’s a big gap between zero and 15." Fired-up as ever, LA Clippers owner Ballmer's diss comes after fellow NBA owner Mark Cuban similarly slammed IBM, saying Big Blue is no longer a tech company (Robert X. Cringely seems to concur). "Today, they [IBM] specialize in financial engineering," Cuban told CNBC after IBM posted another disappointing quarter. "They're no longer a tech company, they are an amalgamation of different companies that they are trying to arb[itrage] on Wall Street, and I'm not a fan of that at all.""

Comment: Re:WTF? (Score 1) 186

Then there's another Jihadist who attacked two police officers in NYC with an axe: ... But these two aren't reported as heavily because they didn't use a gun, and the liberal media are against guns.

No, they're not related because they're not related.

This "jihadist" thing is just a hook for a certain slice of the crazies to hang their hat on. We will always have crazies doing antisocial things. Ordinarily they would be called "crimes by crazy people." But as soon as a crazy says "jihad", it's "terrorism" so the government needs to further infringe on liberties.

Just say no to "jihad" as a serious thing - it's popularized to speed along your enslavement. There may be a few actual jihadis operating in the Middle East, but going nuts on some cops with a hatchet is not jihad, it's assault.

Comment: Re: Did they make money on Surface? (Score 5, Interesting) 59

I own a Surface Pro 2 and a Surface Pro 3, and use them for portable music production, live performance and field recording. They are by far the best system for such use. It's a tablet, with the touch screen (or stylus) except it can run a full version of ProTools with all the plug-ins and VSTi's you could possibly want. Full USB connectivity for audio interfaces, MIDI controllers and peripherals.

If they made a Macbook with a removable touchscreen, it would be close, but Apple seems more intent on having every pixel in the world. I remember when Apple really catered to musicians (except for their slow adoption of audio driver standards). Now, they cater to people watching cat videos. At the moment, there is no device close to the Surface Pro for this purpose. I don't believe this niche is enough to sustain the Surface Pro by itself, but I'm glad to have them right now. And I hope someone else out there is paying attention, which is why I post a comment just like this every time the Surface comes up on Slashdot.

Not that there's anything wrong with cat videos.

Comment: Re: Did they make money on Surface? (Score 2) 59

Of course he's looking for bad news. Have you read the comments for any Slashdot article that mentions the Surface or Surface Pro? A brigade of people come out who are basically upset that it even exists. It's like the Surface Pro scared their mothers when they were in the womb.

+ - Microsoft now Makes Money from Surface Line, Q1 Sales Reach Almost $1 Billion 1

Submitted by SmartAboutThings
SmartAboutThings (1951032) writes "Microsoft has recently published its Q1 fiscal 2015 earnings report, disclosing that it has made $4.5 billion in net income on $23.20 billion in revenue. According to the report, revenue has increased by $4.67 billion, compared to $18.53 billion from the same period last year. However, net income has decreased 14 percent compared to last year’s $5.24 billion mainly because of the $1.14 billion cost associated with the integration and restructuring expenses related to the Nokia acquisition.

But what's finally good news for the company is that the Surface gross margin was positive this quarter, which means the company finally starts making money on Surface sales. Microsoft didn’t yet reveal Surface sales, but we know that Surface revenue was $908 million this quarter, up a massive 127 percent from the $400 million this time last year. However, if we assume that the average spent amount on the purchase of this year’s Surface Pro 3 was around $1000, then we have less than 1 million units sold, which isn’t that impressive, but it’s a good start."

Comment: Re: Passwords should not exist (Score 1) 153

by dgatwood (#48226269) Attached to: Passwords: Too Much and Not Enough

They only fix 2 problems - weak passwords and keyloggers.

That's not true. They also provide protection against:

  • Shoulder surfing attacks, which require no compromise to the internals of the endpoint
  • Storage of data encrypted with a protocol that later proves vulnerable in some interesting way, such as a key compromise

For example, consider heartbleed. If someone stores your encrypted communication, and later compromises a host's private key, that attacker could ostensibly decrypt those communications. If you use a password, that password is compromised, and it's "Game over, man." If you use a physical token, only the PIN is compromised (assuming the actual verification happens in a separate process).

Ideally, you would still want to issue new PIN codes, but the account hijacking risk would be largely mitigated by the physical token requirement, at least after the n-hour cookie expiration window passes, and you could even eliminate that window by expiring any cookies in your authentication database before bringing it back online after you fix the heartbleed vulnerability.


Passwords: Too Much and Not Enough 153

Posted by Soulskill
from the 123456-trustno1-hunter2-letmein dept.
An anonymous reader writes: Sophos has a blog post up saying, "attempts to get users to choose passwords that will resist offline guessing, e.g., by composition policies, advice and strength meters, must largely be judged failures." They say a password must withstand 1,000,000 guesses to survive an online attack but 100,000,000,000,000 to have any hope against an offline one. "Not only is the difference between those two numbers mind-bogglingly large, there is no middle ground." "Passwords falling between the two thresholds offer no improvement in real-world security, they're just harder to remember." System administrators "should stop worrying about getting users to create strong passwords and should focus instead on properly securing password databases and detecting leaks when they happen."

Comment: Could be worse (Score 1, Interesting) 140

by pushing-robot (#48225613) Attached to: Verizon Injects Unique IDs Into HTTP Traffic

My router injects a unique identifier into every packet it sends. The manufacturer claims they can't turn it off. Yeah, probably under pressure from the government. But I'm building my own open source router that blanks out everything—MAC, IP, you name it. I'll be invisible to everyone. Take that, Orwellian bastards!

The flow chart is a most thoroughly oversold piece of program documentation. -- Frederick Brooks, "The Mythical Man Month"