Forgot your password?

Comment: Re:Good luck with that. (Score 3) 554

by exabrial (#48235357) Attached to: Rite Aid and CVS Block Apple Pay and Google Wallet
Think of the soccer mom scenario...

Lady enters checkout line with baby on hip and two kids in cart. She's tired of wrangling, wants to leave ASAP.
Apple/Google: Using one hand, pulls phone out of purse, taps, enter pin on phone.

CurrentC: Pull phone out of purse. Unlock phone. Launch CurrentC app. Due to poor cell signal in store, app takes a long time to connect. Enter app pin. Request new transaction. Wait for QR code to show. Explain to the cashier you need them to scan this code. Wait for the second code to appear on Casher's screen. Scan that. Wait some more. Kids screaming murder now. Poor lady begins to cry.

Comment: Target, KMart, and WalMart (Score 3, Informative) 554

by exabrial (#48235313) Attached to: Rite Aid and CVS Block Apple Pay and Google Wallet
First, CurrentC involves scanning TWO QR Codes. Wow. It's almost like we should use a radio to exchange the data. Durr. Second, Target, KMart, and Walmart are involved with this... KMart and Target are idiots; Walmart has an empire, what are they colluding with them? Apple customers are elitist that will go out of their way to use their fancy phones to do anything (ex: boarding passes). Whichever one of these retailers wakes up first and embraces secure technology wins a whole lot of new business.

Comment: Oh really? (Score -1, Flamebait) 377

by exabrial (#47526401) Attached to: Western US States Using Up Ground Water At an Alarming Rate
So what alarmist hyper-environmentalist news stories are we to believe? Last time I checked, we had environmentalists screaming that fracking thousands of feet down leaks chemicals (sand, light hydrocarbons) through thousands of feet of permeable geological layers. If these layers are so permeable and the alarmists are telling the trough, how come it takes `thousands` of years to recharge the aquifers?

Comment: Because no matter what Obama says (Score 4, Insightful) 312

by exabrial (#46679069) Attached to: Why No Executive Order To Stop NSA Metadata Collection?
It was a program he approved and sponsored no matter what ignorance he claims. We need to hold him accountable, but unfortunately, there is an unhealthy celebrity love affair with this president that he is using to cover the usual dirt that comes with this office.

Comment: Actually looking for a way to do this... (Score 0) 572

Malware is pretty easy to download over HTTPs, since an IDS can't fingerprint it. I've been looking for a firewall that can do this reliably, so I'd love to hear solutions that people have found work reasonably well.

Management has no interest in employee's personal lives. Hence we don't block facebook, youtube, etc. The goal is to keep the company asset's safe. Employees are made aware during their orientation that we have the ability to monitor their computers in every way. The message has been, if you want privacy, use your mobile device (and don't vote for Democrats and their spy programs).

Comment: The real crisis is the routing table size problem (Score 3, Interesting) 574

by exabrial (#46267143) Attached to: Whatever Happened To the IPv4 Address Crisis?
Truth is NAT works just fine for the vast majority of cases, and makes a layered (IE not-eggs-all-in-one-basket) approach to security much simpler.

The real problem is routing table size with BGP. As we continue to divide the internet into smaller routable blocks, this is requiring an exponential amount of memory in BGP routers. Currently, the global BGP table requires around 256mb of RAM. IPv6 makes this problem 4 times worse.

IPv6 is a failure, we don't actually _need_ everything to have a publicly routable address. There were only two real problems with IPv4: wasted space on legacy headers nobody uses, and NAT traversal. IETF thumbed their noses as NAT (not-invented-here syndrome) and instead of solving real problems using a pave-the-cowpaths-approach, they opted to design something that nobody has a real use for.

Anyway, I'm hoping a set of brilliant engineers comes forward to invent IPv5, where we still use 32 bit public address to be backward compatible with today's routing equipment, but uses some brilliant hack re-using unused IPv4 headers to allow direct address through a NAT.

Flame away.

Whoever dies with the most toys wins.