Slashdot is powered by your submissions, so send in your scoop


Forgot your password?

Comment: SSH (Score 3, Insightful) 37

So, I have to trust a server to automatically replace a trusted key with a new trusted key.

Yeah, this is the type of thing I'll try when it's been in the code for five, ten years.

I'm perfectly sure, as a mathematician, that you can use some kind of secure exchange to make this work but - fuck - I won't be trusting implementations of it for a while.

Isn't this exactly the sort of thing that, half-assed, will generate security problems for years to come and yet still seems to be outside the SSH protocol and has to be a custom extension? Is there an RFC for this?

Sorry but as far as I'm concerned key management shouldn't be a part of the process that's handling connection authentications, etc. Why can't this be an outside protocol entirely? For decades, we've been waiting for some kind of automated decentralised, anonymised key-store and surely the effort going into securing this very dangerous piece of code would have been better put into moving the problem away from SSH and allowing multi-protocol use of such things.

Comment: Re:Stop rape in India? (Score 1) 232

by Rei (#48948429) Attached to: Indian Woman Sues Uber In the US Over Alleged New Delhi Taxi Rape

Actually, disabling substances are used in the vast majority of rapes. The most common is alcohol (trying to get the victim too drunk to resist or looking for someone who already is, in about two thirds of rapes), but drugs are used in about 20% of additional rapes. Very, very few rapes follow the classic Hollywood script of "stranger leaps out of the bushes with a knife" - so vanishingly few that the scenario is statistically almost nonexistant. Disabling substances are extremely popular because 1) they work very well, 2) the victim often can't remember the attacker well if at all, 3) the victim is not in a state to be making a report until long after the event, 4) the victim's ability to make legally reliable testimony is compromised. Why would people choose the Hollywood way over that?

And I'm sorry, but if you think that you can watch everything you consume every second of every evening you're out and not slip up, you're an idiot. And yes, the reason people get mad at people like you is that the problem is that there are people out there drugging other peoples' drinks en masse and thinking that this is acceptable behavior, not that victims haven't gained supernatural abilities to hyperfocus on everything they may potentially consume at all times and never slip up. "Look, I'm sorry that you're dying of pancreatic cancer, but you should have been getting pancreatic function tests daily and working two jobs to pay for weekly MRI scans to find it before it could have posed a threat to you, and because you weren't, it's your own damned fault, and don't act like I'm a jerk for pointing this out!" That's how you come across when you take that tack. The problem is the f***ing cancer, not the victim.

Comment: Re:Sigh (Score 1) 107

by ledow (#48946489) Attached to: BT Unveils 1000Mbps Capable Broadband Rollout For the United Kingdom

No, I may have mistyped because I'm lazy, but I only work in "Mbps" being bits. When you want to talk bytes, I use "MB/s" like everyone else has does for years. Pedantry over the captialisation only came later. Generally, nobody states in "MBps" and means bytes or "Mb/s" and means bits.

ALL numbers in my post? Mbits. Fuck multiply by 8 if you want and it's still - on average - worse than the 4G on my phone in the same area, but that's NOT the number I'm getting.

Comment: Re:500Mb/s or approx 50MB/s (Score 1) 107

by ledow (#48946465) Attached to: BT Unveils 1000Mbps Capable Broadband Rollout For the United Kingdom

And if Gigabit is already commodity hardware at home, and bog-standard small business switches are built with 48 ports of Gigabit plus whatever backbone for a few hundred quid for the last ten years, what do you think serious ISPs and datacentres have been using all that time for, say, leased line and stuff.

Of course it requires upgrades but they would need to have been a generation ahead since the start and kept replacing or they would not be able to handle anything.

BT are a telecoms company. They handle the international fibres for the UK and all kinds of stuff. Internal switching on their networks must be fantastic already, even if our end-user experience is shit.

Comment: Re:500Mb/s or approx 50MB/s (Score 1) 107

by ledow (#48946001) Attached to: BT Unveils 1000Mbps Capable Broadband Rollout For the United Kingdom

If you're not on Gigabit already, I'll be surprised.

Even basic cheap laptop wireless, smartphone wireless and wireless routers are in the, what? 300Mbps or so range? Two or three of those and you can flood a Gigabit connection.

You would need a new router with BT anyway, because it's a new protocol. And then you'd need to throw away the BT router and buy a real one after the first week when you read how crap and insecure they are.

But there are £200 routers on the market that have triple WAN failover (including USB 3G/4G) with VoIP, VPN, wireless, and Gigabit switches built-in.

And networks have an even easier problem. Buy one Gigabit port and push all your dozens / hundreds of users over it who almost certainly all have Gigabit ports anyway. Bottleneck before you even start. And if you don't have at least a Gigabit network backbone and 100Mbps to the desktop, you are technically worse than every primary school I've worked in in the last 15 years.

More likely is that your webfilter/VPN will struggle to process that amount of traffic, but it's unlikely if you've bought anything half-decent. The last VPN/Firewall I saw that couldn't handle more than 100Mbps was an old Netgear thing about the size of a pack of cards that was so old it refused almost all modern browsers thinking they were Netscape.

Comment: Re:Telegraph poles mostly gone in UK (Score 2) 107

by ledow (#48945993) Attached to: BT Unveils 1000Mbps Capable Broadband Rollout For the United Kingdom

Er... crap.

I have a street strewn with telegraph poles. My parents live in a streeet strewn with telegraph poles. So does almost everyone I know. Most of those people live in London, for a start, and it's not limited to just there.

Fuck knows where you live but if you don't have pole at the end of your street with cables going to each house, I'm guessing it's a new build estate (which are in the minority compared to, say, 30's/40's/50's/60's houses).

However, what you might mean is that those poles will feed the cables from each house down to a green box which may have some kind of fibre/copper backbone that goes under the street. But it's still copper... FTTC hasn't arrived in many places.

But if you live in a UK town and are more a few hundred metres from a telegraph pole, I'd be surprised.

Comment: Sigh (Score 4, Insightful) 107

by ledow (#48945973) Attached to: BT Unveils 1000Mbps Capable Broadband Rollout For the United Kingdom

Slashdot are posting what The Register posted two days ago, so I'll post the same comment I posted there two days ago:

I work for a UK school.

BT took nearly TWO YEARS to get a leased line to us. They were blocked from completion after we cancelled the contract because they said there was a 20th delay because "there's not enough room in the duct" followed by "there's not enough room at the exchange". You'd have thought someone might notice in two years that you had no room, eh?

We cancelled because, despite wonderful promises, prices and speeds, we never actually managed to get the line into the building.

In the meantime, I'm running a school for 400 kids on a VDSL line with ADSL backup which BT promise me can get "45Mbps" and "20Mbps" at best, respectively. Funny. Because my Smoothwall says we've never pushed more than 10Mbps for a fraction of a second and the average over the working day - with 500 users and 600 devices - is somewhere around 4MBps down and 1MBps up..

BT can make all the "maximum" speed promises they want. If you can't get it installed, or the actual download is so much less than the maximum, it's pointless. Absolutely pointless.

Ironically, I get 32Mbps download on 4G when sitting in the IT Office. If only 4G didn't have such pathetic data allowances.

Comment: Re:Stop rape in India? (Score 1) 232

by Rei (#48945731) Attached to: Indian Woman Sues Uber In the US Over Alleged New Delhi Taxi Rape

Right, so women are supposed to walk around at all times with a gun in their hand, never setting it down for anything, and have a proximity radar to warn them if anyone is approaching them where they can't see so that she can pump them full of lead?

Why, I bet the gun will just shoot the rohipnol right out of drinks too!

The percent of rape cases in which having a gun could have helped is probably in in the single digits. And with it of course carries the risk of escalating the risk of getting you seriously injured or killed.

Comment: Re:The crime happened to an Indian in India. (Score 1) 232

by Rei (#48945635) Attached to: Indian Woman Sues Uber In the US Over Alleged New Delhi Taxi Rape

I should add that the Strauss-Kahn red meat is getting old. First off, most of the descriptions of the case are way off, partially inspired by the prosecutors switching from overplaying the case against him to overplaying the case for him. To be clear:

1) If an accusation is made, and the accused is convicted, the legal system has been determined that the person is guilty.
2) If an accusation is made, the accused is not charged, and the accuser is convicted of making a false accusation, then the legal system has determined that it was a false charge.
3) If an accusation is made, the accused is not charged, but neither is the accuser, then the legal system has made no finding in any direction due to insufficient evidence to match the "beyond a reasonable doubt" standard in either direction.

This should be obvious, but for some reason, many people are always fixated on interpreting #3 (by far the most common scenario) as #2.

As for Kahn? Since then he's been caught up in one sex related charge after another - and has admitted to parts of them. He's currently out on bail awaiting trial for running a prostitution ring; the trial begins a couple days from now.

Comment: ...which is therefore not parallel (Score 5, Informative) 205

by Roger W Moore (#48945117) Attached to: There Is No "You" In a Parallel Universe

Different matter distributions == a universe in which said parallel universe which is inherently different than what we see around us.

I think there is some confusion over what "parallel" universe means. This is generally taken to be a universe which has been an exact parallel of our own universe up to some point after which it diverges i.e. everything is the same up to some point in time. In the quantum multiverse interpretation of QM this happens for each possible result of collapsing the wave function.

I've never heard of this ever being associated with multiple 'universes' from inflation because QM requires that the universes interact before they separate (this is how it explains the self interference of a single particle) whereas inflation requires that the universes be causally disconnected after their creation i.e. inflationary universes are just different universes, not parallel ones. So I think the author of the article got himself rather confused.

Comment: Re:VPN. (Score 1) 105

by CastrTroy (#48942137) Attached to: Fixing Verizon's Supercookie
Probably more than you can trust Verizon. Also, you can set up your own VPN server on Amazon's Cloud or another VPS provider. Sure there's always the chance that somebody would mess with your http connection, as you aren't really in control of the machine when using a VPS or other cloud provider. Although I think that any VPS/Cloud service that started manipulating the data traversing their servers would become very unpopular very quickly, and could also switch providers. It isn't so easy to switch cellular networks as most people are on contracts, and even those who aren't on contracts generally have very few choices for providers.

"Now here's something you're really going to like!" -- Rocket J. Squirrel