Forgot your password?

Comment: Re:I think it's reasonable, if it was accurate (Score 1) 276

by lamber45 (#46427515) Attached to: Should Newsweek Have Outed Satoshi Nakamoto's Personal Details?
There is value. If the creator wrote it on his free time after working 30 years in a probably thankless job he couldn't tell his family about, there's hope for me to do something similar, or at least I should advise my sons to get a good education and a stable job. On the other hand, if he was a 15-year-old kid who flunked most classes in school and spent the majority of his nights playing video games, I'd better get my sons each a latest-model gaming rig, because that ship has sailed for me.

Comment: Haven't had this issue with GMail, but with other (Score 2) 388

by lamber45 (#45928191) Attached to: Ask Slashdot: What To Do With Misdirected Email?

My GMail (and Yahoo! as well) username is (first name)(middle name)(last name), all fairly common [in fact at my current employer there are multiple matches of (first name)(last name), and my father has the same (first name)(last name) as well], and I have not had this problem with either service. Perhaps using initials instead of full names is part of it; or your last-name may have different demographic connotations.

I did, however, recently have that problem with a Comcast account. When the tech visited our home for installation, he created an account (first name)(last name) . I didn't actually give it out anywhere, yet within a few months it was filled with a hundred or so messages for someone in another state. I did try responding to one item that seemed moderately important, and whoever got the response [the help-desk of some organization] didn't seem to grasp that I had no connection with the intended recipient. Since I hadn't advertised it anywhere, it was easy to change the username, to (my first initial)(wife's first initial)(my last initial)(wife's last initial)(string of digits) While this address appears to have been reused, apparently Comcast no longer allows address reuse; I tried using a previous ID that I had used a long time ago, and it was not available.

Since you ask for advice, I recommend two courses of action:

  • 1. As long as you still have access to that address, when you receive anything that is clearly misdirected and potentially of high value, deal with it politely. Don't use a "form response", instead personalize the response to the content of the message. CC the intended recipient on the response, if you are able to divine who it is. Once you've dealt with the matter, delete the whole thread. For newsletters, try following an "unsubscribe" action, if that's not available mark as spam.
  • 2. Consider an exit strategy from your current e-mail address, no matter how much is attached to it. See the Google help posting "Change your username". For the new address, try a long nickname or full first name instead of first initial; or maybe add a string of numbers, a city your contacts will recognize, or a title. Give your important contacts plenty of advance notice, post the new address with the reasons you're switching [perhaps with a list of the confusing other identities as well] on your "old" Google+ profile. After a reasonable time (say six months or a year), delete your old account. Make sure you change your address at all the "various sites" you've registered at before doing so, in case you need to use a password reset function.

Comment: Re:Switch to an easier technology (Score 1) 399

by lamber45 (#44529823) Attached to: Ask Slashdot: How Do I Request Someone To Send Me a Public Key?
I wouldn't want to trust just the secretary of the other org. However, with public keys (HTTPS, PGP, SSH, anything else similar), it's good for the information on "how to verify" the key to be widely disseminated. For example, the org could put its key fingerprint, and a screenshot of the same as used in common applications, on an indexable part of its HTTPS-protected public website. An individual could put his PGP key fingerprint on his (paper) business card, as fine-print on his resume or CV, and in his e-mail signature. The secretary should be able to say what the key is, and how to verify that.

Comment: Makes sense (Score 1) 196

by lamber45 (#42806969) Attached to: New Secure Boot Patches Break Hibernation
Hibernation actually is a security hole. I'll ignore the kexec issue for now, but encrypted and checksummed hibernate images would be a good thing, and would be nice on a non-SecureBoot system as well. At a minumum, the hibernation image should carry a checksum of { the image data + the kernel that loaded it + relevant platform data }. That would at least prevent partially booting a suspend image with random corruption. Can SecureBoot also provide a secret key used only to encrypt the suspend image and decrypt it during boot? Or some additional data to feed into the checksum that securely identifies the platform? Or keep the suspend checksum in nonvolatile memory that can only be written to by a trusted operating system?

Comment: Re:Couldn't we just charge them tuition? (Score 2) 689

by lamber45 (#42742841) Attached to: Does US Owe the World an Education At Its Expense?
... except that bona-fide work visas for random foreigners are pretty hard to come by. For many international students, a student visa is the only way to be in this country until they graduate, after which if their grades were good enough they have a shot at an H-1B or a sponsored visa. Then there are the schools that are diploma-mills whose main purpose is to allow their students to work in "practical training" as soon as possible...

Comment: Re:Actually, the opposite (Score 1) 150

by lamber45 (#42618403) Attached to: Another Java Exploit For Sale
Several of your arguments are either false these days, or not as bad (especially versus the alternatives) as you make them sound:

-take 30 seconds to a minute to load

This load-time is for the first applet in a browsing-session, not each one; and "30 seconds to a minute" is an outer figure, on a reasonably modern system it will be less. I've seen Flash-based games that took a long time to initialize, as well.

- fonts and widgets are not native and look weird

Actually, you can have native widgets, with the old AWT components; it's the (slightly newer, still around for a long time) Swing that looks the same on every platform. Whether it's "ugly" is a matter of opinion.

Now, it's true that some people never need to run applets, those who do don't do so every day, and some applets look like something from 1995 because they really were written in 1995, and still work; but the Java plugin is not totally going away any time soon, and I think it's still a good choice for applications with unusual UI requirements that need to run "in" a browser.

Applets aren't just games, either. From my current needs:

  • The GIS browser for the city I live in;
  • My employer's expense-submission program;
  • The VPN clients (from two different vendors) for systems I access for work

And that doesn't even include JNLP (Java Web Start) programs, which aren't the same "sandbox" but which also depend on Java platform security for their sandbox.

Comment: Re:paranoid mode engaged ! (Score 1) 79

by lamber45 (#42511915) Attached to: Hiding Secret Messages In Skype Silences

Except that the packet already has at least an 8-byte UDP header, a 20-byte IPv4 (or 40-byte IPv6) header, and a link-layer header of some sort. There's probably some sort of checksum and block padding within those 70 bytes (which may in fact include the UDP or TCP header as well).

Similarly, VNC tunneled over SSH doesn't use 1-byte and 2-byte packets. For a certain block-size for which I did calculations and watched some real-life traffic, actual packet payloads for the different relevant messages are as follows:

  • SSH CHANNEL_OPEN "direct_tcp": 92 bytes
  • KeyEvent (messagetype=4): 44 bytes
  • PointerEvent (messagetype=5): 28 bytes
  • ClientCutText: at least 44 bytes

Since there are only about 90 keys on my keyboard, that seems like a lot of wasted space per packet; but remember that just the TCP and IPv4 headers are 40 bytes, so it's only 51.2% of the IP data, and even less of the link-level data.

Comment: Link to law's text (Score 1) 511

by lamber45 (#42350985) Attached to: New York Culls Sex Offenders From the Online Gaming Ranks
Had to dig a bit to find it (no link in article). The law itself just says that registered offenders have to provide Internet IDs as well as name and address, that the state may disclose them in certain cases, and that a certain subset of offenders may not access a certain subset of websites. How this translates into account closures is that the gaming companies, or whatever, consider the accounts to be in violation of their Terms of Service; for example, the Facebook ones specify:

You will not use Facebook if you are a convicted sex offender.

If someone doesn't like that, they need to sue Facebook; this particular law did not require Facebook to add it.

Comment: Re:This would seem to be the guy (Score 1) 143

by lamber45 (#41986101) Attached to: CyanogenMod Domain Hijacked

Strange thing is that both domains are anonymized now, makes it hard to tell who's who in this argument:

  • Domain ID:D160468854-LROR
    Created On:21-Oct-2010 18:09:32 UTC
    Last Updated On:01-Nov-2012 04:14:02 UTC
    Sponsoring Registrar:eNom, Inc. (R39-LROR)
    Registrant Name:WhoisGuard Protected
    Registrant Organization:WhoisGuard
    Registrant Street1:11400 W. Olympic Blvd. Suite 200
    Registrant City:Los Angeles
    Registrant State/Province:CA
    Registrant Postal Code:90064
    Registrant Country:US
    Registrant Phone:+1.6613102107
    Registrant FAX:+1.6613102107


  • Domain name: CYANOGENMOD.COM
    Administrative Contact:
    Contact Privacy Inc. Customer 0121602432,
    96 Mowat Ave
    Toronto, ON M6K 3M1
User Journal

Journal: Who I'm planning to vote for, and why

Journal by lamber45

I should say first of all that I'm really proud of Mitt Romney, I identify with him, and I suspect he might make a good president. He was born in the state where I grew up, he's a member of my church, and he has a history of business and state-government success. Even more personally, my parents went to his father's funeral and I used to listen to his niece's talk-radio show as a teenager.

Comment: Re:Why seperate boxes for tiny resource requiremen (Score 1) 320

by lamber45 (#41853029) Attached to: Ask Slashdot: Little Boxes Around the Edge of the Data Center?
For bootstrapping and security, I imagine. If there's a cold outage, or an extended spike in network traffic, or a misconfiguration on a switch that blocks all network traffic for a few minutes, a few services will need to be working without depending on anything else when everything else is brought online. That might be master NTP, master DNS, master LDAP, or as stated monitoring (so you can see what actually went wrong in one place). And you could run all of them on one box, with two or three similar as backup, but the point of the question is that you don't need a 64-CPU SPARC box for those services even in a large datacenter; and even if you ran it on a 4-CPU x64 blade, that would be harder to find in the dark or with alarms going off than a standalone box.

"You know, we've won awards for this crap." -- David Letterman