Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×

Comment: Re: GPG is another TrueCrypt? (Score 1) 284

by bingoUV (#49145617) Attached to: Moxie Marlinspike: GPG Has Run Its Course

from what I've read the Blackberry's model seems to be pretty good

Bruce Schneier put it perfectly - everyone wants you to be secure, just not from themselves. So Blackberry's model is great, safe from the government of India. But not safe from Blackberry and anyone capable of twisting Blackberry's arm. Don't worry, government of India also wants you to be safe - but not safe from government of India.

Google's security model is also very awesome. But Google's users are not safe from Google and anyone capable of twisting Google's arm. Microsoft's security model is also very awesome. But Microsoft's users are not safe from Microsoft and anyone capable of twisting Microsoft's arm. Such security has already been achieved some years ago, and it is demonstrably meaningless.

As long as you continue define as "secure" as something absolute, the security is meaningless.

Now show that it is possible to get meaningful security without understanding a lot more about security than the gadget freak joe sixpack.

Comment: Re:git blame (Score 1) 284

by bingoUV (#49145331) Attached to: Moxie Marlinspike: GPG Has Run Its Course

I'm willing to bet if you polled all the people that use email, a significant majority would prefer that their email couldn't be spied on by governments or other snoops.

Not if there is a postscript mentioning they won't be able to read their own mail if they lose the key. Even less if there is a post-postscript with stats on hard disk failure rates in laptops, desktops, specifically their hard disk model in their PC model. Even less if followed by data backup advice.

Comment: Re:Another bad omen for privacy and security (Score 1) 284

by bingoUV (#49145059) Attached to: Moxie Marlinspike: GPG Has Run Its Course

guarantees that you access to your keys across platforms, at all times, and that your keys are safe and backed up. Even if it means trusting your private keys to a 3rd party like Lastpass or Google or Microsoft, and they could theoretically decrypt all of your files and communication, most people simply cannot be trusted to secure their own asses

We already have this. Just install a browser plugin to enforce HTTPS as much as possible - done. Use webmails, blogs. Since you want encryption to be only a buzzword, there you have it. Web pages will be "encrypted(TM)", so will their webmail and blogs.

I don't see any usability problem for a token usage of encryption already for a few years. Only problem is with real usage of encryption, and that necessitates third parties / intermediaries to be unable to decrypt.

Comment: apple is no less complex than data (Score 1) 237

by bingoUV (#49109835) Attached to: Ten Lies T-Mobile Told Me About My Data Plan

Did you even read the post to which you replied?

In case this was supposed to be an on-thread-topic post, apples have so many different types of matter. There is water, sugars both simpler and complex. There are trace amount of vitamins. There are proteins - both from the apple tree as well as any insects that might have made this apple their home.

Many of these are behind the scenes - i.e. under the apple skin. Why should an apple vendor have to weigh all of these to be able to sell a pound of apples? Data pipeline providers don't have to - T-Mobile is the only judge of how much data a customer used. Their "scale" or "meter" doesn't have to be approved by any regulator.

Why so much unfairness against apple vendors?

Comment: Re: One strike (Score 1) 246

by bingoUV (#49105965) Attached to: Lenovo Allegedly Installing "Superfish" Proxy Adware On New Computers

You don't need the shell of a nearly standard laptop - because buying the motherboard for it means you're dependent on that laptop's manufacturer for driver support. So any advantage of "build your own" is gone right there.

You need a shell for a small form factor non laptop motherboard.

Comment: Re:The lesson here (Score 1) 266

by bingoUV (#49099233) Attached to: Lenovo To Wipe Superfish Off PCs

You have better things to do with your day than sit there like an angry little person and dwell on it. But you don't have better things to do with your day than telling others that you have better things to do with your day than sit there like an angry little person and dwell on it. You also don't have better things to do with your day than falsely proclaim that Lenovo care about people like you because they're taking steps to fix the situation rather than ignoring it. I note that your so proclaiming also doesn't achieve anything.

Comment: Re: One strike (Score 1) 246

by bingoUV (#49096093) Attached to: Lenovo Allegedly Installing "Superfish" Proxy Adware On New Computers

Then it's not "build your own" anymore.

Even if it were, driving to rent your 3-D printer could easily take longer than it takes to cook your rice, and designing the 3-D model over the bought small motherboard keeping in mind extensibility, cooling, access ports is another task that surpasses rice cooking.

Comment: Re:Misses the point (Score 1) 246

by bingoUV (#49093633) Attached to: Lenovo Allegedly Installing "Superfish" Proxy Adware On New Computers

If Linux wont he marketshare wars they would have fake certificates, app stores, in Ubuntu too

Yes, but fixing it will be simpler. Most Linux distribution installations are easier than windows installations. And getting the installer image is easier as it is most prominent in the distribution website rather than obscure as in the case of Microsoft's windows downloads.

MS needs to change the EULA to prevent this since Windows 10 will be free for the consumer version of it.

What has the end user got to with it? Lenovo is the middle-man, so MS need to change the MMLA (middle man license agreement).

Comment: Re: One strike (Score 1) 246

by bingoUV (#49093603) Attached to: Lenovo Allegedly Installing "Superfish" Proxy Adware On New Computers

Since laptops are (also) involved, you need machining of the body around your small form factor motherboard. Most experienced machinists wouldn't be able to do a good job in 15 minutes. And the tool list is much longer than a hex driver.

With just a hex driver, the "machining" can easily take a month.

It is not best to swap horses while crossing the river. -- Abraham Lincoln

Working...