Please create an account to participate in the Slashdot moderation system


Forgot your password?
For the out-of-band Slashdot experience (mostly headlines), follow us on Twitter, or Facebook. ×

Comment: Re:Allow me to be the one saying "well, DUH!" (Score 1) 165 165

"And you're transmitting your key to your car"
"Aaaaand... constantly while you're walking around."
"Uh.... well, ... yeah..."
"Whew. Glad mine doesn't inform anyone and everyone what key I use wherever I go. Someone bad might listen..."

Active keys transmit only when you press the button. Passive keys transmit only when a challenge is transmitted to them. That's why the latter only functions if you're fairly close to the vehicle.

So it is not constantly transmitting the key while you're walking around. It's transmitting the key to anything that can sufficiently imitate the key-request transmission of a car.

Most of these systems implement appropriate rolling-key or challenge-response protocols so that the transmissions are not easily replayable. There are certainly dysfunctional implementations, but most hacks against remote-entry systems attack weaker parts of the overall system than key transmission.

Of course, if you want to duplicate a physical key, all you need to do is get a high-resolution picture when the victim takes their keys out of their pocket.

Comment: Re:Hash and Salt (Score 1) 206 206

Yes, that's what I was saying. Salting uses a non-secret nonce. You could set up some system with a secret nonce, but then it would be a different construction than "salt" (and hard to argue that it's better).

Having access to the salt does make it much easier to crack the password. In fact, it's basically necessary to crack the password. It is still considered non-secret, though.

Comment: Re:Hash and Salt (Score 1) 206 206

That situation is partially the result of more widespread use of salt. It doesn't magically make bad password hard to crack (as you point out). But it used to be the case that, with rainbow tables, you could crack even moderately difficult passwords very quickly. It also adds a pretty substantial slowdown for large password breaches -- even though all the easy passwords will be cracked anyway, a factor of hundreds of thousands slowdown starts changing the "easily crackable" threshold.

Comment: Re:Hash and Salt (Score 3, Informative) 206 206

Salting is nice, but when the attacker gets both the hash and the salt, they can attack specific users.

Of course they can. The entire purpose of salting is to make it so that the same password, hashed two different times, produces completely different hashes. This has two important consequences. First, it makes it basically impossible to precompute password hashes. That's a big deal compared to the "without salt" case, where rainbow tables make checking against precomputed hashes very easy. Second, if two users on a system have the same password, you can't tell without computation. Said another way, it means you need to crack passwords individually rather than in bulk. This isn't game-breaking, but it's significant when you have million-user breaches.

All of the typical ways of storing password hashes store the salt alongside it. It's expected that an attacker that obtains the hash will obtain the salt. It's within the design.

If you want the password hash separate from a piece of key password-validation data, at that point the extra piece of data is a secret and what you're basically making is a message authentication code. But, it's very difficult to argue that this is ever really more secure.

Still, the 100k rounds of SHA256 seem decent.

Would bcrypt be any better than PBKDF2 here?

100k rounds of SHA256 is decent. The longer SHA2 variants are better, sure. More rounds is always better, of course. 100k is better than what most people use. But, if the decryption is always happening client-side (which it should), then ideally you can afford and should use many more rounds of SHA1. Maybe if they're using JavaScript, that limits how high they can jack the number of rounds up and still get reasonable performance on low-end devices.

I don't know that bcrypt is necessarily much better than what they're doing. It may be, but at a "details" level, not a "major benefit" level. Both bcrypt and PBKDF2 support many rounds and prevent precomputation, which are major features.

What would be better, if the devices they want to support can run it, is something like scrypt, which is resistant to hardware acceleration and thus much harder to crack in practice.

Comment: Re:and the beer is really good (Score 1) 528 528

They import quite a lot of Belgian beers here. The style category is popular, so of course there are plenty of terrible attempts, but there are a lot of American brewers making Belgian-style beers that do an excellent job.

You're free to go tell Ommegang, Allegash, Russian River, or Jester King they're doing things wrong.

Comment: Re:and the beer is really good (Score 1) 528 528

Well yeah. It's the same way with American beer -- we've got lots of good beer, but most of what people buy is the crap, so it's the most visible. Similarly, brands like Beck's dominate sales in Germany, despite the fact that Germany has many perfectly good beers. (The subtleties of the different cultures and economies of beer are different, but the large-scale picture is similar in this way.)

Comment: Re:and the beer is really good (Score 1) 528 528

I only ever bought Bitburger in Berlin. That and Beck's were the dominant beers. A few times in the US, folks with a German-beer fetish have brought Bitburger or Warsteiner to a party. Not good.

Jever was better on tap, but I have not worked up the curiosity to buy it bottled in the US.

Comment: Re:What's that you say? (Score 1) 528 528

It's free because when you invest money, and get more out of it than you put in, it's free.

No, it's not free at all. It's an investment. That is, it ties up your money and subjects you to risk. Not free.

Apparently it's a profitable investment, which, if you're a government that can afford to take that risk, is a better deal than free.

"Free" is a decent approximation for casual conversation, then. But it's not free. Call it what it is. A profitable investment!

Comment: Re:and the beer is really good (Score 2) 528 528

They are not that good, they are just served in larger portions, which makes all the difference... (Well, that and they generally have more alcohol than what Americans are used to).

That's a tough sell. Most of the popular German beers are only around 5%. That's more than Bud Light but not outside the range that any college student would be used to. But many of those are served at ~350 mL (12 oz). Weizenbier is often served by the half liter, but that's just a pint. The only German beer that's regularly served in a Mass (liter) is Munich beers. Those are often ~4%. So you're really down to just Munich festbier, which can be north of 5% and served in two-pint glasses.

The real devil is the undertrained American bartender who will pour you a pint of a Scotch ale, Russian Imperial Stout, Belgian quad, barleywine, or big double IPA. Oof.

Comment: Re:and the beer is really good (Score 1) 528 528

To be fair, if you go to any sizable store or gathering in Germany, it's quite clear that the vast majority of what anyone sells, buys, or drinks is crap like Beck's.

Weizenbier is probably the most widely-available good beer in Germany. (Though, IMO, a Jever will do in a pinch.) More regionally, helles, festbier, and dunkel from respected breweries are good. Same with rauchbier or schwartzbier, but those are an odder flavor and less common. Koelsch is excellent.

There are some good Pils also, but it's not a flavor everyone likes, and it's so popular in the mass market that you've got to be careful about what you're buying.

The first myth of management is that it exists. The second myth of management is that success equals skill. -- Robert Heller