Forgot your password?

Comment: Great throughtput rates would be fabulous (Score 1) 67

by idontgno (#46827853) Attached to: How much use would you get from a 1 gigabit internet connection?

but what I want is less lag. Really.

My lag in server-based games runs in the teens of milliseconds, but I would like to push that below 10ms. My own reactions aren't getting any faster, so a bit less wire delay would be a nice compensation. (Ok, not much compensation, since human response times are easily an order of magnitude slower than that, but still...)

Comment: Re:How many? (Score 1) 297

by idontgno (#46827785) Attached to: Aereo To SCOTUS: Shut Us Down and You Shut Down Cloud Storage

Well, you're "morally obligated" to watch the advertisements. And, in a broadcast executive's mind, you're obligated to buy stuff being advertised, too, in order to prove that advertising is worth the money.

And no, you're not supposed to skip the ads, although I don't think that's really what's at stake here.

I think the real point has been mentioned elsewhere in the thread: allowing Aereo to do this without paying some license money to the broadcaster undercuts the negotiated licenses cable and satellite providers have to pay to the broadcasters to do essentially the same thing. If Aereo shut up and paid, they wouldn't be in trouble. But of course, they probably wouldn't be able to make money either. As stupid as it sounds, if a customer pays for a service that intervenes between the broadcast and the consumer, that service may be liable for fees to the broadcaster. I don't know about if the customer buys hardware (like an OTA Tivo to timeshift)... did they have to pay out license fees?

Comment: Re:Here's the problem (Score 1) 169

by idontgno (#46827405) Attached to: OnePlus One Revealed: a CyanogenMod Smartphone

Came here to say this.

"Nice phone. Good luck in the US of A getting any carrier to activate it and let you use it. But hey, at least it's a small wifi-only tablet with theoretically access to cell data."

I suppose it'll work out OK in the more communications-civilized* regions of the world.

*In other words, places where regulatory capture hasn't occurred and customers have more rights than livestock.

Comment: Re:Alternative to one tough tablet (Score 1) 92

by idontgno (#46824929) Attached to: The $5,600 Tablet

You're missing the part where if a slashtard gives you a dismissive alternate solution, and you can't use it because it misses some critical and non-negotialbe criterion in your use case, it's your fault because your cow isn't spherical enough.

Welcome to Slashdot, where all the Windows are evil, all the grits are hot, and your problem doesn't matter because it doesn't conform to someone else's biases.

Comment: Re:Whatever you may think ... (Score 1) 446

by idontgno (#46728181) Attached to: Heartbleed Coder: Bug In OpenSSL Was an Honest Mistake

The WTF part of this (the kind that lives on) is that the RFC, which he co-authored, has this strong and specific warning:

If the payload_length of a received HeartbeatMessage is too large, the received HeartbeatMessage MUST be discarded silently.

He knew about the risk. He documented the risk. But come coding time, he forgot the risk.

Ya gotta feel for that. How many times have I gotten up bleeding and dazed and said to myself "I knew that was a bad idea."

Comment: Re:Not malicious but not honest? (Score 1) 446

by idontgno (#46728125) Attached to: Heartbleed Coder: Bug In OpenSSL Was an Honest Mistake

The bug itself had to do with allowing a mismatch between the amount of data sent and the amount retransmitted in what's essentially an echo command that TLS implements. A hardened malloc() would make it impossible to exploit that, but OpenSSL would still have a bug even with one, just one that couldn't (probably, maybe, perhaps) be used to get confidential data.

Right. Instead of a remotely-exploitable information leak, it's most probably reduced to (at worst) a low-grade denial-of-service attack caused by crashing HTTPS server processes no faster than they can respawn.

By that critereon alone, I do surely wish OpenSSL had just stuck to the dog-standard malloc() rather than cowboying up their own.

Comment: Re:This may be a dumb question, but... (Score 1) 446

by idontgno (#46728065) Attached to: Heartbleed Coder: Bug In OpenSSL Was an Honest Mistake

Many compilers precalculate arithmetic expressions consisting of constants, replacing them at compile-time with the result value constant.

I believe the different constants can be deduced from Section 4 of the original RFC proposing the TLS hearbeat message:

4. Heartbeat Request and Response Messages

The Heartbeat protocol messages consist of their type and an
arbitrary payload and padding.

struct {
HeartbeatMessageType type;
uint16 payload_length;
opaque payload[HeartbeatMessage.payload_length];
opaque padding[padding_length];
} HeartbeatMessage;

The total length of a HeartbeatMessage MUST NOT exceed 2^14 or
max_fragment_length when negotiated as defined in [RFC6066].

type: The message type, either heartbeat_request or

payload_length: The length of the payload.

payload: The payload consists of arbitrary content.

padding: The padding is random content that MUST be ignored by the
receiver. The length of a HeartbeatMessage is TLSPlaintext.length
for TLS and DTLSPlaintext.length for DTLS. Furthermore, the
length of the type field is 1 byte, and the length of the
payload_length is 2. Therefore, the padding_length is
TLSPlaintext.length - payload_length - 3 for TLS and
DTLSPlaintext.length - payload_length - 3 for DTLS. The
padding_length MUST be at least 16.

HeartbeatMessageType is a single-byte enumeration (documented in Section 3) and the payload_length is a uint16 (two bytes)... and the packet always requires 16 bytes of padding, so that's the 1, the 2, and the 16.

Comment: Re:Power? (Score 1) 630

by idontgno (#46708977) Attached to: Navy Debuts New Railgun That Launches Shells at Mach 7

I remember hearing a proposal that the barrel (or rail) would be magazine-fed along with the armature and round. Kinda defeats the probable space/weight advantages over a chemically-propelled round, but at least you don't have tons of explosive propellants in the magazine.

I don't know how serious the proposal was. But it would solve the rate-of-fire issue.

Comment: Re:It's not trending. (Score 1) 371

by idontgno (#46696667) Attached to: Smart Car Tipping Trending In San Francisco

So, this explains why you were tipping those "Smarts".

What about your criminal confederates? More illegal thrill-seeking? Someone secretly paying to have the cars tipped? Voices in their heads? Hatred of tiny four-wheeled tin boxes arrogantly pretending to be cars?

The last is the reason I do it. I mean, would do it. Although I don't. Really.

Passwords are implemented as a result of insecurity.