Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
For the out-of-band Slashdot experience (mostly headlines), follow us on Twitter, or Facebook. ×

Comment: Re:who tha fu.. (Score 1) 187 187

The 'feature' occurred on Windows Phone first, not sure exactly what version. I assume that it made a great pitch to prospective carriers, since they all love offloading customers onto anything that isn't their data network as often as possible, and typing passwords into your phone is a pain, so automating it likely increases network offload considerably.

Comment: Re:No (Score 1) 187 187

Just as they say, in the context of backups, that 'if it isn't automated it won't happen'; there is likely to be a considerable difference in the rate of unintended leakage between a 'yeah, I guess I did tell Bob the password, he could pass it on' and 'the password spreads through your entire social group like a bad chain email'.

This sort of 'friend/acquaintance' attack attack is also exactly where slightly-too-automatic automation makes it really easy to bypass what limited good sense about security humans do have.

If, say, Alice and Bob have just had a messy breakup; it would be fairly obvious to any mutual friend of the two that sharing one's wifi password with the other, or a known friend/agent of the other, is something that they wouldn't like. They might do it anyway; because people are assholes like that sometimes; but it would be deliberate. Social-engineering somebody in that situation into telling you the password might be vaguely tricky. Social-engineering them into making you enough of a contact/friend/whatever on the services that this 'wifi sense' system uses to receive the password should be absolutely trivial; quite possibly already done.

I suspect that it isn't for nothing that this 'feature' first appeared on Windows Phone; carriers adore the idea of getting the filthy customers off the cell data networks they pay for and onto wifi as often as they can, and don't much care about a bit of collateral damage inflicted by dumb implementations.

Comment: Re:if that's true, (Score 4, Interesting) 187 187

What I would like to see explained in more detail is the claim that 'wifi sense doesn't reveal your plaintext password' during the sharing process.

My understanding was that(except WPA2 with RADIUS and a suitably chosen EAP) there isn't any provision for authenticating to a password protected AP without knowing the password. The AP itself might be able to destroy the password after it has been set, saving only a hash, as is good practice to keep more important sets of usernames and passwords from being compromised; but the client requesting authentication needs the password. The non 'enterprise' cases were designed to be easy to use, not particularly clever; and MS has limited room to get creative without causing nasty breakage on large numbers of variously dysfunctional legacy APs.

With a proper full WPA2 setup, or with one of the 'no authentication at the AP; but captive portal and/or VPN is the only way to access anything interesting' arrangements, you have more options; but how can you 'share' authentication to a WPA-PSK or WEP network without also sharing the key? Did they actually come up with something really clever, or does the UI just not show you the password, thus 'hiding' it?

Comment: Re:Antropologist (Score 4, Insightful) 48 48

Someone unqualified to access the safety of nuclear power plants declares them unsafe.

Did you bother to even skim the article? It was essentially entirely focused on human and organizational risk factors, the sort of thing that anthropologists do actually study, in US nuclear facilities and preferred methods of securing them.

If the concern is "will the roof resist a hardware-store-improv mortar attack?", sure you don't want an anthropologist on the job. If the concern is "so, will the guards notice, give a damn, and do something about it; or will I just have to walk past a token force optimized for cheating its way to passing grades during perfunctory audits at lowest possible cost?", that's an anthropological question. And the answer appears to tend toward the latter.

Comment: Re:A lot of the online gambling industry is locate (Score 0, Flamebait) 59 59

Surely the proposal will be scuttled when the realize that driving the gambling operations out of the province will sharply reduce the number of them that give due prominence to French language text; and acknowledge the right of the people to lose money without brutalizing exposure to anglicisms.

Comment: Re:It's not designed to dogfight. Lowest priority. (Score 2) 756 756

Technically the gun 'works'; but the vendor is too half-assed to actually provide drivers for the gun until some later revision, for which we will presumably pay more.

Optimists prefer to focus on the fact that, in order to preserve the oh-so-sexy-low-radar-signature design, the system only holds 200 rounds, so nobody expects much of it even when the pilot is able to use it.

Comment: Re:Linux everywhere. (Score 1) 26 26

Is there anywhere that the 'Warrior' design actually exists in any form more advanced than internal or very-select-partners-only engineering samples?

Based on what is written about them, they seem fairly interesting; but they don't actually seem to exist anywhere. You can get relatively low end MIPS cores in a lot of routers and such (ramips based devices and some broadcom) and much punchier hardware from outfits like Cavium; but the field is pretty empty of the 'warrior+powerVR' SoCs that are proposed in various slide decks. The CI20 is still based on the JZ4780, from Ingenic's 'if you really can't afford a fancy Allwinner' line of penal CPUs; but no warrior.

Comment: Umm... (Score 1) 151 151

It seems like a commonplace that not every line-of-business java slinger is going to make use of the more elegant mathematics being worked out on the edges of 'computer science'; but isn't this issue already addressed by the fact that things like 'software engineering' are distinct courses of study, with a different emphasis?

Also, why do we care what a former biologist, now sci/tech article writer for the WSJ has to say about technology-related education? Is there some connection that I'm missing?

Comment: Re:a bright future (Score 1) 39 39

Some of the (often excitingly dreadful) stuff used by the orbital-launch rocketry guys might beat hydrocarbons on pure energy density; but I suspect that civil aviation may not be ready for hydrazine spills on busy runways and range safety officers blowing up the occasional airliner.

The exciting thing about solar aircraft(aside from it being cool that they are possible) is that, if you can get efficiency high enough, they are basically your only option for long-to-indefinite loiter. In-air refuelling costs a small fortune, so hydrocarbons are mostly out; and nuclear, the only other long-lasting fuel source; has been explored; but you don't name a project after the god of the underworld because it satisfies more conservative risk analysis.

Comment: Re:Precedent (Score 2) 63 63

Even without a formal system of precedent, and treating prior cases as authorities to be cited, I'd imagine that the outcomes of past cases, and the various arguments and concepts employed, likely have an influence on future cases, at least those where the person overseeing them is undecided or has no particular opinion on the matter.

At least in the US, that seems to be a factor when(for some reason of how the courts are structured and arranged) a given court decision is not official precedent for the purposes of another court; but still has a decent shot at being cited if it framed the issue persuasively. It's not 100%, it might also be mentioned in the process of vehemently disagreeing with the decision of the other court and politely-but-brutally rubbishing their line of thought; but even without binding legal obligation to consider a given case, sufficiently similar past cases tend to help shape future thinking on the matter(as well as encouraging or discouraging prospective litigants).

Comment: I'd certainl yhope so... (Score 4, Insightful) 63 63

Under what legal theory would it be forbidden to offer a product that blocks shitware? Even if we grant that this 'freemium.com' must be tolerated as legal-but-sleazy, rather than dragged out and hung from a lamp post; is there some sort of 'right to be installed' that software possesses that nobody told me about?

It seems about as silly as arguing that throwing away junk mail without opening it is abridging the spammer's right to free speech.

Comment: Re:Why? (Score 1) 358 358

Indeed; that's why I included the "don't need bitcoins" case(already have euros in hand) and the "won't be helped by bitcoins"(nominal euro holdings are frozen in a bank or similar, and are at risk; but also unavailable to buy bitcoins with.)

I definitely suspect that somebody is going to be taking quite a bath on this; either holders of Greek state debt, or Greeks with cash in easy reach of the state, or both; but I just don't see how bitcoins outperform 'in-hand' euros, or dollars in terms of weathering the transition; while anyone who can't get their euros is probably in deep shit; but can't buy bitcoins because they can't get to their euros, so they won't be helped much by bitcoins.

I definitely wouldn't want to have money stuck inside Greece should it exit; but barring all but the most heroic border controls, not a historical strong point of the Greek government, just walking the euros out if you have them will be relatively simple(and, if doing so is illegal, so would getting the same euros out-of-country by buying bitcoins from a non-greek, the money needs to move either way); while anyone who doesn't have them may well be stuck; but also doesn't have cash on hand to buy bitcoins.

Comment: Why? (Score 2) 358 358

I realize that any instance of fiat currencies looking foolish is a happy day for the goldbugs, physical and virtual; but I'm not sure I follow:

Greece has been part of the euro zone for a while now, any remaining pre-euro currency is just a collector's item, and has no value now and no expectation of gaining value as the basis of a post-euro greek currency.

The euro itself will presumably do some fluctuating based on whether people are more nervous about the fact that the euro zone basically can't pull together when things look vaguely bad; or more enthusiastic about the fact that a weak member of the euro zone dropped out, leaving a stronger survivor group and establishing a precedent for (relatively) orderly drumming-out of any future weaklings.

In any case, greeks who currently have cash holdings either don't need bitcoins(if they just put the euros under their pillow they'll still be able to drive into the nearest euro zone country and spend them) or won't be helped by bitcoins(their euros are just numbers in the ledger of some deeply fucked bank that is imposing withdrawal limits or freezes, so they can't get them to hide under their pillow or to buy bitcoins).

A 'grexit' is actually more or less the opposite of the classic 'my holdings are in the dysfunctional currency of inflationistan; but capital controls are keeping me from expatriating them or buying dollars!' problem that bitcoin might actually be useful for addressing. If Greece drops out, all the greeks holding euros still have relatively hard currency, probably superior to whatever is introduced as a local replacement. They gain no obvious advantage from shifting euros into bitcoins, unless Greece bumps up their border controls into a veritable Berlin wall to prevent physical transport of currency; but continues to ignore online activity.

This story just seems orthogonal to bitcoins.

May Euell Gibbons eat your only copy of the manual!

Working...