Forgot your password?

Comment: Re:Strange.. (Score 1) 318

If you live totally off the grid then I respect your position entirely. However, without knowing you, I can probably safely assume that this is not the case. It's probably highly likely that you rely on pollution-causing motor vehicles to deliver essential goods (food, clothing, construction materials, etc.) to maintain your life or at least your standard of living. If you benefit from motor vehicles in this way, then forswearing them is not a noble act. It's just pure hypocrisy.

Comment: Re:Strange.. (Score 1) 318

There are lots of things that aren't actually illegal but are nevertheless considered socially unacceptable. I would be happy to see public smoking relegated to this category. For example, it's not actually illegal to walk up to a total stranger and start verbally abusing them, nor is it directly harmful to the victim's health, but such actions are highly frowned upon by society and for good reason.

Comment: Re:Texas Has Fewer Homeless, California More (Score 1) 318

This argument is ridiculous. You're on slashdot. You should know better. Should California start deporting homeless people to lower its homelessness quotient? How about just outright killing them? For that matter, prisoners don't count as homeless, so let's incarcerate them. I'm not homeless, but if I were, I'd do everything possible to get myself to California. Obviously (to everyone but you), this does not mean that California or its policies cause homelessness in the first place.

Comment: Re:Strange.. (Score 0) 318

The only problem I have with smokers (and it is a big problem) is that I detest secondhand smoke. I dislike the smell intensely, even in open spaces outdoors. Unfortunately, this problem is completely irreconcilable with most smokers' desire to smoke in proximity to where non-smokers are. If you are the rare smoker who only smokes in your own residence which is not shared with anyone else like me living in the same building, then I respect that. Otherwise, no. As far as I'm concerned, your right to smoke ends when your smoke hits my face. It is unreasonable to expect non-smokers to accommodate smokers by giving smokers priority in public spaces.

Comment: Re:Tmux (Score 1) 136

by David Jao (#46730725) Attached to: Seven Habits of Highly Effective Unix Admins
I'm not a tmux user, so I may be completely wrong, but I think what they are talking about is that in tmux you can share one window in a session without also sharing all your other windows in that session. You can also easily move tmux windows between sessions, which you can't do in screen. In addition, sharing a tmux window to another user with a different login account is a lot easier in tmux than in screen. There are also forks of tmux that allow two people to use one window with two independent cursors.

Basically, tmux is a lot more flexible and easier to hack than screen. I've never bothered with tmux though, screen is good enough for me.

Comment: Re:Oops in title - "sans" ? (Score 2) 147

by dylan_- (#46691903) Attached to: Seagate Releases 6TB Hard Drive Sans Helium

Doesn't "sans" mean without?

Yes, that's because WD's 6TB Ultrastar He6 was hermetically sealed with helium inside, something the company said was critical to reducing friction for additional platters, while also increasing power savings and reliability. Seagate, however, said it doesn't yet need to rely on Helium to achieve the 50% increase in capacity over it's last 4TB drive.

At least, I'm sure I read that somewhere.

Comment: Re:A simple solution (Score 2) 97

by David Jao (#46675815) Attached to: FCC Orders Comcast To Stop Labeling Equipment Rental a Service Fee does a pretty good job of pirating most live sports, albeit only in standard definition quality.

I think HD quality is overrated. Yes, I can tell the difference. Yes, I appreciate HD quality. But up until 2003 or so, I happily watched live sports in standard definition quality without feeling in the least bit cheated. So I see no reason why high quality is mandatory today.

Comment: Old news (Score 5, Insightful) 144

This is quite old news, why is slashdot only picking up on it now?

The impact of this bug does not compare to the goto fail bug. Most Linux distributions use OpenSSL for TLS. Even if a program links to GnuTLS, it may not use GnuTLS for certificate validation, and if it doesn't, then it's not affected by this bug (one example is Google Chrome). It's not like iOS where everything is required (by App Store rules) to use SecureTransport.

Comment: Re:Do they distribute the source? (Score 1) 208

There's a lot of GPL software in Ubuntu, starting with the Linux kernel. Does Tesla distribute the source code to Model S owners that ask?

The source disclosure requirements of the GPL are often misunderstood. To comply with the GPL, it is not enough to distribute the source code to Model S owners that ask.

The GPL provides three options for distributing binaries (Sections 3a, 3b, and 3c), and anybody distributing Linux source code must comply with at least one of these options. Tesla cannot use Section 3c, since Section 3c states that only non-commercial distributors can use Section 3c. Section 3a requires Tesla to distribute the source code to all Model S owners, not just those who ask. Section 3b requires Tesla to distribute the source code to anybody who asks, not just Model S owners who ask.

Therefore, Tesla is required to distribute the Linux source code that they use either:

  • To every Model S owner, regardless of whether the owner asks or not, or
  • To every legal entity that asks for the source code, regardless of whether the entity is a Model S owner or not.

Comment: Re:Tip from a programmer (Score 1) 78

by David Jao (#46616725) Attached to: FTC Settles With Sites Over SSL Lies
Another point that you missed completely is that your targeting assumption is wrong. If you're doing a MITM against a banking site, you DON'T need to target them. Not with SSL. You can compromise instead any one of the thousands of certificate authorities in the world. Any single successful compromise of any of these unrelated third parties gives you free rein to MITM any banking site in the world. From the point of view of the server administrator, this is absolutely insane. No matter how good my own security is, an attacker can MITM me by compromising any single one of any of thousands of unrelated CAs, 99.99% of which I as a server administrator have never done business with. At least with SSH if my own server keys get compromised it's my own damn fault. Not so with SSL.

Comment: Re:Tip from a programmer (Score 1) 78

by David Jao (#46616671) Attached to: FTC Settles With Sites Over SSL Lies
Your argument remains completely nonsensical for one very basic and unavoidable reason: SSL is also equally vulnerable to stolen keys. There is no way in which SSH is worse than SSL.

Of the MITM attacks against SSL actually deployed in the wild, what proportion rely on stolen keys compared to compromised certs? Answer that question, and you'll see that my "most attacks" claim is fully valid.

Comment: Re:Tip from a programmer (Score 1) 78

by David Jao (#46614299) Attached to: FTC Settles With Sites Over SSL Lies
Yeah great. This kind of SSH compromise requires a targeted attack, and will only work on that one server. By contrast, with SSL, a single DigiNotar stunt allows you to attack thousands of servers and millions of users all at once. See the difference? SSL is great in theory, horrible in practice. Anyone claiming otherwise is willfully blind of real-world considerations. This includes most cryptography researchers.

The more cordial the buyer's secretary, the greater the odds that the competition already has the order.