Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×

Comment: Getting Older (Score 1) 4

by chill (#49305869) Attached to: Are printed books' days numbered?

I've been finding that reading e-books is *more* popular among the older crowd. The Kindles, Nooks and reading on tablets allows people to adjust font sizes and zoom in ways that making reading pleasurable once again.

Also, try picking up a backpack from a middle schooler when they have it full of their books. They're back breakers. My daughter switched to e-books in college and loves them for the simple fact she isn't going to strain something just to lug them around.

Paper books will survive, but start to get relegated to niche status -- especially for anything technical or lots of non-fiction. That stuff becomes obsolete so fast I'd rather have the electronic, up-to-date versions.

Comment: Re: Is there any way to block the use of old ciphe (Score 1) 89

by chill (#49179469) Attached to: FREAK Attack Threatens SSL Clients

I was thinking server side, for the web server. But yes, you need to ensure every service you provide that uses TLS is properly configured.

I'm not sure how much this would impact something like SMTP-S or IMAPS, since the connection duration on those types of service is so short.

The big target is going to be web servers.

Comment: Re:Is there any way to block the use of old cipher (Score 3, Interesting) 89

by chill (#49175663) Attached to: FREAK Attack Threatens SSL Clients

Yes. http://www.openssl.org/docs/apps/ciphers.html

The question is does OpenSSL accept the weak ciphers as a downgrade bug even when EXPLICITLY DISALLOWD.

I haven't seen answered in any of the linked articles so am digging/testing.

After the last couple of bugs my organization set the explicit cipher/algorithm/has acceptable list. The export ciphers were excluded on purpose from our list.

SSL Labs https://www.ssllabs.com/ has a recommended list buried in their documentation somewhere.

Comment: Re:Typical government official, breaking the law (Score 1) 538

Nope. The devil is in the details as to the nature of the law being violated.

The difference between a civil offense and a criminal offense are usually defined by the nature of the offense and the punishment assessed. Civil offenses involve violations of administrative matters.

Read more: http://criminal-law.freeadvice...

Comment: Re:The Keystone Pipeline already exists (Score 4, Informative) 437

by chill (#49122571) Attached to: Obama Vetoes Keystone XL Pipeline Bill

Almost.

The Keystone-Cushing extension (Phase II), running away480-kilometre (300 mi) from Steele City to storage and distribution facilities (tank farm) at Cushing, Oklahoma, completed in February 2011.

The Gulf Coast Extension (Phase III), running 784-kilometre (487 mi) from Cushing to refineries at Port Arthur, Texas was completed in January 2014, and a lateral pipeline to refineries at Houston, Texas and a terminal will be completed in mid-2015.

It is only the Phase IV leg, running from between Hardisty, Alberta, and Steele City, Nebraska that wasn't approved. That part crosses the U.S.-Canadian border.

Obama signed off on the rest (symbolically, I believe, as I don't think it required Federal approval), back in 2011.

Real programmers don't bring brown-bag lunches. If the vending machine doesn't sell it, they don't eat it. Vending machines don't sell quiche.

Working...