Please create an account to participate in the Slashdot moderation system


Forgot your password?

Comment: Re:A new way to mitigate credit card fraud (Score 1) 141

by joe_cot (#38519162) Attached to: Data Exposed In Stratfor Compromise Analyzed
If they stored CVV, they'd be in a hell of a lot of trouble. PCI compliance requires not storing the CVV. However, as stated earlier, a lot of places don't require CVV. *None* of the cards should have CVV stored, so there's no real difference between expired and unexpired.

Comment: Better ways to do random (Score 2) 189

by joe_cot (#37963486) Attached to: Exploiting Network Captures For Truer Randomness
As a number of commenters have pointed out, /dev/random is actually way more random than what this article suggests doing. If you want stuff that actually is more random, or need a lot more random data, here are some options.
  • provides random data generated by radio noise. You can get as much random data as you'd like. Gaming websites download their random data in 5MB chunks to use for card shuffles and dice rolls.
  • HotBits is a similar idea, but uses radioactive decay instead of radio waves
  • If you want to do it in house, you can do so with a smoke detector and a webcam. This was submitted to slashdot in 2006
  • Finally, if you need a ton of random numbers, and they must be random, you can buy RNG hardware

What do i do? if I don't really care if it's random, I use the RPG from the programming language I'm using, or /dev/random. If I really, really care that it's random, I download a chunk of data off, and either use that for the numbers, or use it to seed my RNG. For the most part, anything more than that is overkill.

Comment: Re:Really? (Score 1) 766

by joe_cot (#35894284) Attached to: Microsoft Counts Down To XP Death

But Edgy is not the same as Maverick. There is likely very few to no packages that haven't been changed in the process. Ubuntu is saying that your version is EOL, and you need to upgrade, same as Microsoft. The only real difference is that Ubuntu is free and Windows is not. But no one cries foul because Ubuntu no longer supports Edgy.

Comment: Really? (Score 3, Insightful) 766

by joe_cot (#35894086) Attached to: Microsoft Counts Down To XP Death

Windows XP is almost 10 years old. Find me a Linux distro that supports 10 year old versions, on the desktop.

No one cried foul when Windows 98 was EOLed, after only 8 years. That was because they liked XP. Microsoft has pushed back the EOL on Windows XP multiple times due to complaints, but it's time to move on.

If you dislike Vista and 7, use something a different operating system. Don't pretend Microsoft should support 10 year old software.

Comment: Not a particularly effective road block (Score 2, Informative) 845

by joe_cot (#34953016) Attached to: The Case of Apple's Mystery Screw
A quick Google found a cheap and easy kit for removing and replacing these screws. You can probably get the screwdriver alone for less.

My guess is that the point, like most roadblocks on customers, is to discourage casual hobbyists from messing with their devices. Everyone else can get around it pretty easily.

Comment: reddit example is incorrect (Score 1) 133

by joe_cot (#34662854) Attached to: Pay What You Want — a Sustainable Business Model?

reddit didn't say "pay what you want" for upgraded accounts. They said "hey, we really need some money", hinted that people might get something in return, and let them donate.

What they got was upgraded accounts, for a duration based on how much they had donated, and trophies saying that they were "charter members".

So there's a big difference there. For the Humble Indy Bundle, it's "pay what you want" and you get the same thing. For reddit, it was initially "pay what you want", with no indication as to what you were getting, and what you paid affected what you got.

Comment: Not deleted, encrypted (Score 4, Interesting) 239

by joe_cot (#33209478) Attached to: New Toshiba Drives Wipe Data When Turned Off

From the scant details in the article and summary, it appears that the drives are encrypted, and the "wipe" consists of getting rid of the encryption key.

Calling that a "wipe" is rather misleading in my opinion. Toshiba's in for one hell of a liability issue if their encryption is ever cracked -- though I'm sure they'll take care of all that in the fine print.

Comment: Yep, that totally works in practice (Score 4, Insightful) 462

by joe_cot (#32915932) Attached to: DRM vs. Unfinished Games

Yep, totally worked for Dragon Age, for example. You can't get the DLC if you have a pirated copy of the game, so you definitely can't download giant bundles of all the DLC that can be decrypted and plugged into the game. Said DLC isn't up on torrent sites 2 days after the release.

If you're going to release DLC with micro-payments, don't "punish" pirates by forcing them to also not pay for your DLC.

Only way to really combat piracy is to have an online element that only works with a valid CD key. That won't stop piracy, though; it'll just make it less useful.

Never say you know a man until you have divided an inheritance with him.