Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?

Comment Re:Encryption across radio waves is illegal? (Score 1) 138 138

As paranoid as is sounds, these days I think it is entirely plausible that a national security letter or somesuch was used to say "if you tell anybody about this, we will put you in a deep dark hole ... whether it's for the rest of your life or marking the end of it is your choice".

NSLs are not magic. They are not for making arbitrary legal requests. Even the EFF will tell you that--as well as telling you that NSLs cannot possibly have anything to do with ProxyHam.

Comment Re:I would sell it (Score 1) 654 654

I've only been in Berlin (a big city, obviously), but the public transit there was incredibly convenient. Comparable to NYC--the parts serviced by subway. But the S-Bahn (surface small train) covers most of the major suburbs, which is as good as the outer subway coverage of NYC and better than, say, commuting by LIRR.

I currently live in a small city that has pretty good public buses--for a city of its size in America. I don't use it, because, as most Americans here will complain, it's painfully slow and inefficient given the realities of where one lives, works, and shops. It's unfortunate but it's true. In a big city that's designed appropriately, public transit is great: it's faster than getting through traffic and it's cheaper than parking. Outside of that, in the US, it's often just not economically possible to have good enough service to all the places where people need to go.

Comment Re:Allow me to be the one saying "well, DUH!" (Score 1) 165 165

"And you're transmitting your key to your car"
"Aaaaand... constantly while you're walking around."
"Uh.... well, ... yeah..."
"Whew. Glad mine doesn't inform anyone and everyone what key I use wherever I go. Someone bad might listen..."

Active keys transmit only when you press the button. Passive keys transmit only when a challenge is transmitted to them. That's why the latter only functions if you're fairly close to the vehicle.

So it is not constantly transmitting the key while you're walking around. It's transmitting the key to anything that can sufficiently imitate the key-request transmission of a car.

Most of these systems implement appropriate rolling-key or challenge-response protocols so that the transmissions are not easily replayable. There are certainly dysfunctional implementations, but most hacks against remote-entry systems attack weaker parts of the overall system than key transmission.

Of course, if you want to duplicate a physical key, all you need to do is get a high-resolution picture when the victim takes their keys out of their pocket.

Comment Re:Hash and Salt (Score 1) 206 206

Yes, that's what I was saying. Salting uses a non-secret nonce. You could set up some system with a secret nonce, but then it would be a different construction than "salt" (and hard to argue that it's better).

Having access to the salt does make it much easier to crack the password. In fact, it's basically necessary to crack the password. It is still considered non-secret, though.

Comment Re:Hash and Salt (Score 1) 206 206

That situation is partially the result of more widespread use of salt. It doesn't magically make bad password hard to crack (as you point out). But it used to be the case that, with rainbow tables, you could crack even moderately difficult passwords very quickly. It also adds a pretty substantial slowdown for large password breaches -- even though all the easy passwords will be cracked anyway, a factor of hundreds of thousands slowdown starts changing the "easily crackable" threshold.

Comment Re:Hash and Salt (Score 3, Informative) 206 206

Salting is nice, but when the attacker gets both the hash and the salt, they can attack specific users.

Of course they can. The entire purpose of salting is to make it so that the same password, hashed two different times, produces completely different hashes. This has two important consequences. First, it makes it basically impossible to precompute password hashes. That's a big deal compared to the "without salt" case, where rainbow tables make checking against precomputed hashes very easy. Second, if two users on a system have the same password, you can't tell without computation. Said another way, it means you need to crack passwords individually rather than in bulk. This isn't game-breaking, but it's significant when you have million-user breaches.

All of the typical ways of storing password hashes store the salt alongside it. It's expected that an attacker that obtains the hash will obtain the salt. It's within the design.

If you want the password hash separate from a piece of key password-validation data, at that point the extra piece of data is a secret and what you're basically making is a message authentication code. But, it's very difficult to argue that this is ever really more secure.

Still, the 100k rounds of SHA256 seem decent.

Would bcrypt be any better than PBKDF2 here?

100k rounds of SHA256 is decent. The longer SHA2 variants are better, sure. More rounds is always better, of course. 100k is better than what most people use. But, if the decryption is always happening client-side (which it should), then ideally you can afford and should use many more rounds of SHA1. Maybe if they're using JavaScript, that limits how high they can jack the number of rounds up and still get reasonable performance on low-end devices.

I don't know that bcrypt is necessarily much better than what they're doing. It may be, but at a "details" level, not a "major benefit" level. Both bcrypt and PBKDF2 support many rounds and prevent precomputation, which are major features.

What would be better, if the devices they want to support can run it, is something like scrypt, which is resistant to hardware acceleration and thus much harder to crack in practice.

Comment Re:and the beer is really good (Score 1) 528 528

They import quite a lot of Belgian beers here. The style category is popular, so of course there are plenty of terrible attempts, but there are a lot of American brewers making Belgian-style beers that do an excellent job.

You're free to go tell Ommegang, Allegash, Russian River, or Jester King they're doing things wrong.

Comment Re:and the beer is really good (Score 1) 528 528

Well yeah. It's the same way with American beer -- we've got lots of good beer, but most of what people buy is the crap, so it's the most visible. Similarly, brands like Beck's dominate sales in Germany, despite the fact that Germany has many perfectly good beers. (The subtleties of the different cultures and economies of beer are different, but the large-scale picture is similar in this way.)

Comment Re:and the beer is really good (Score 1) 528 528

I only ever bought Bitburger in Berlin. That and Beck's were the dominant beers. A few times in the US, folks with a German-beer fetish have brought Bitburger or Warsteiner to a party. Not good.

Jever was better on tap, but I have not worked up the curiosity to buy it bottled in the US.

"Anyone attempting to generate random numbers by deterministic means is, of course, living in a state of sin." -- John Von Neumann