Follow Slashdot stories on Twitter


Forgot your password?
Polls on the front page of Slashdot? Is the world coming to an end?! Nope; read more about it. ×

Security Company Tries To Hide Flaws By Threatening Infringement Suit 124

Posted by Soulskill
from the because-that-always-ends-well dept.
An anonymous reader writes: An RFID-based access control system called IClass is used across the globe to provide physical access controls. This system relies on cryptography to secure communications between a tag and a reader. Since 2010, several academic papers have been released which expose the cryptographic insecurity of the IClass system. Based on these papers, Martin Holst Swende implemented the IClass ciphers in a software library, which he released under the GNU General Public License.

The library is useful to experiment with and determine the security level of an access control system (that you own or have explicit consent to study). However, last Friday, Swende received an email from INSIDE Secure, which notified him of (potential) intellectual property infringement, warning him off distributing the library under threat of "infringement action." Interestingly, it seems this is not the first time HID Global has exerted legal pressure to suppress information.

Comment: Why? (Score 2) 155

by fiordhraoi (#46082815) Attached to: $499 3-D Printer Drew Plenty of Attention at CES (Video)
Something that accepts .STL format (which most CAD type programs let you output now) and G Code (pretty much the standard for CNC machines) as well as their own XYZ format is hardly locked into "proprietary formats." Do you have to use their software? To do the actual printing, sure. But it looks like you can do the design in a number of other tools as well, as long as you can output the aforementioned .STL or G Code. Buying filament from them? Sure, possibly a pain. But then, for the vast majority of printers nowadays, you "have to" buy the ink cartridge from the company. And since it's in a cartridge, it's presumably easier to load - one of the most common complaints I've seen for products like Makerbot is that loading the filament is tricky and you often have to fiddle and do numerous test prints to get it right. Is that solution going to be best for a high-volume printer? Absolutely not. For a hobbyist who wants to print maybe a dozen things every few months? Should be fine.

Comment: Still not the biggest market problem (Score 2) 216

by fiordhraoi (#44555113) Attached to: Microsoft: Xbox One Won't Require Kinect To Function
Don't get me wrong, I'm glad MS has reversed course on all those items. They were bad decisions for the consumer. Ultimately though, it's coming in at a $500 price point. That's going to be it's single biggest hurdle when it's put on shelves (physical or virtual) next to its competitors.

Comment: Re:Two questions (Score 4, Informative) 1388

by fiordhraoi (#42535815) Attached to: Smart Guns To Stop Mass Killings
If you can purchase illegal drugs, the odds are that you can purchase an illegal firearm. And I don't doubt that videos and how-to guides would begin circulating on the internet for people to find, the same way that you can find bomb-making instructions today. That said, you're absolutely right about the number of incidents - while mass shootings are horrible, they're also a statistical anomaly. To use the standard "how unlikely" comparison - 543 people have died in US mass shootings since 1982. The US averages about 90 lightning strikes per year. So over those 30 years, that's 2700 lightning deaths. So you're about 5 times more likely to get killed by lightning.

Comment: Two questions (Score 4, Insightful) 1388

by fiordhraoi (#42535261) Attached to: Smart Guns To Stop Mass Killings
1) Can you develop such a complex system that works in the practical world (ie, it's cost effective and reliable)?

2) Can you develop a system in such a way that it can't be removed or bypassed?

The gun is a fairly simple machine. I can't think of a way to prevent the removal of such a complex system. And if the argument is going to be "it'll be legally mandated that all guns have this," you run into the same problem that gun control laws run into right now. Criminals - especially those who are planning on committing multiple murders and probably killing themselves in the process - really don't give a crap about following the law.

Comment: Re:It smells, like yesterday's fish! (Score 3, Informative) 242

by fiordhraoi (#41057389) Attached to: DEA Lack of Data Storage Results In Dismissed Drug Case
Agreed. Even if you want to say that they need the storage network-available and in a RAID, you could buy an entry level commercial NAS for under a thousand dollars plus the cost of drives. So even with say, 6 drives, you're still looking at sub 3 grand for 10TB of usable storage, and that's assuming you probably paid too much for the drives. I would be that cost wise, that is about the equivalent maybe five to ten hours of a government lawyer's time, to say nothing of the investigators, etc, etc.

Comment: Re:Recording devices are banned in McDonalds (Score 1) 1198

Obviously, you need to RTFA, and perhaps do some examination of your own thought process.
1) The glasses are not a recording device. The only reason they maintained images was because they were damaged, and new images did not arrive to fill the buffer.
2) Anyone who attempts to rip someone's "recording device" off their head only to find out that it is SCREWED INTO THEIR SKULL is an idiot if they don't realize after that fact that this is not the same situation as some guy with a digital camera. You could make the analogy that while pets are banned from many places, service animals are welcome.
3) Destryoing someone's documentation about their medical device is spiteful and childish at best, and legally questionable at worst.
4) One would not attempt to hide their identity while taking a perfectly legal action in accordance with company policy.
5) Obviously, the gentleman was angry enough to want to go to the top of the food chain (no pun intended). So even if this McDonald's was in France, the corporate HQ is in the US. So yes, attempting to get the corporate information from a US/English Language page makes perfect sense, rather than going to a "french-language" website where he can perhaps try to talk to the manager of that particular store.

He'd already been served his food - if the restaurant wanted him to leave, their best course of action would have been to wait a few minutes and let him finish up. It certainly would have caused less hassle and embarrassment to everyone.

Comment: Re:Doesn't work in the US (Score 4, Informative) 368

by fiordhraoi (#39969213) Attached to: The Dutch Repair Cafe Versus the Throwaway Society
Actually, it was originally called soccer by the British. In the 1860s, there were a number of sports called "football," and so they acquired different names/nicknames. So for example, rugby was generally referred to as Rugby Football. During that time, what is now modern soccer/football was the result of a number of teams getting together and unifying all their varying rules, which they then called "Association Football."

Now, the nickname of the time was to call rugby "Rugger." Because of this, "Association Football" acquired the nickname of "Assoccer." Which was rapidly replaced with "Soccer."

As to your class statement, it's not nearly that simple. Both rugby and soccer were originally upper class sports in their organized form. Soccer caught on with the lower economic classes more so than rugby, and it was at this time, nearly 20 years later, that the formal name "Association Football" went a different direction and became simply "football" to your blue collar Brits.

There is actually a British saying, “Soccer is a gentleman’s game played by ruffians and Rugby is a ruffian’s game played by gentlemen.” That said, your statement about it being called football because it was played on foot rather than mounted is strictly correct, it just doesn't apply to the particular evolution of the modern sport.

Comment: Re:Actually it's based on statistics (Score 2) 344

by fiordhraoi (#39812695) Attached to: Is Extraterrestrial Life More Whimsical Than Plausible?
I like to think that "in God's image" refers not to the physical. I'm going to borrow a bit from Neitzche here.

Companions the creator seeks, not corpses, not herds and believers. Fellow creators the creator seeks--those who write new values on new tablets. Companions the creator seeks, and fellow harvesters; for everything about him is ripe for the harvest.

Don't worry, some of us who believe in some sort of God also believe that we have brains and logic for a reason. And that any human attempt to simplify something as complex as a true divinity is ultimately going to be speaking in paraphrase and vast approximation. Heck, some of us even understand that the Bible is not necessarily literal truth in all instances, but rather a way of teaching religious and moral truths! :)

In the end though, I agree. There's too many planets and celestial bodies out there, period, for life of some sort not to have developed elsewhere. Will it be discovered in my lifetime? Maybe, maybe not.

Kleeneness is next to Godelness.