Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
For the out-of-band Slashdot experience (mostly headlines), follow us on Twitter, or Facebook. ×

Comment: Re:Logjam / Diffie Hellman attacks (Score 1) 95 95

by luis_a_espinal (#49897745) Attached to: New OpenSSL Security Advisory Announced

OpenSSL has added protection for TLS clients by rejecting handshakes with DH parameters shorter than 768 bits. This limit will be increased to 1024 bits in a future release.

Good. But it doesn't go far enough. How about some kind of deprecation warning if DH is using any well known prime number?

What prime number that is known or effectively computable for DH is not well known? Maybe I'm missing something here.

Comment: Re:Predictable cadence? (Score 1) 95 95

by luis_a_espinal (#49897731) Attached to: New OpenSSL Security Advisory Announced

What stops you from patching your machine in your own time?

Budgets, schedules, coordination with other 24/7 services that depend on it, etc, etc. If it is a single isolated system, then yeah, it's trivial. When we are talking about production and test environments with dozens (or even more) systems, then it is not just a matter of working "own your own time." This gets worse when there are systems that heavily utilize SSL.

Any such upgrade requires some type of basic regression testing of said systems outside of the typical testing schedules associated to development. And that brings up pulling resources from somewhere else to do the testing.

It is almost never our own time alone.

Comment: Re:Predictable cadence? (Score 1) 95 95

by luis_a_espinal (#49897707) Attached to: New OpenSSL Security Advisory Announced

Unfortunately in this world with change control, number of systems affected, testers that need to be lined up, business stakeholder notified of outage if any etc means that unless a security issue is out in the wild your are not going to deploy it. By having regular predictable releases you can organise regular pre-approved changes etc.

Hans

And how do you schedule predicable zero-day security patches, for instance?

Comment: with regards to meaningless slogans (Score 1) 95 95

by luis_a_espinal (#49897701) Attached to: New OpenSSL Security Advisory Announced

There's a difference between having the capacity for the moral depravity and incompetence needed to be a politician

What a load of meaningless crock. I'm sure it makes up for one hell of a slogan. Meaningless, but certainly attention-grabbing for the purpose of rhetorical posturing. Congratulations.

Comment: Re:Drinking Water (Score 1) 51 51

by luis_a_espinal (#49891811) Attached to: Astrobotic To Take Mexican Payload To the Moon

They don't have clean drinking water but they have a space program? I think their brains are refried.

Yeah, because everyone in the US has access to clean water. I could take you down a trip in the South if you want some examples. #rollseyes.

Not everything is Mexico is backwards, just as not everything in the US is of a 1st world quality. Talking about talking shit just for the sake of it.

Comment: Some still require ink sigs (Score 1) 395 395

by luis_a_espinal (#49891609) Attached to: So Long Voicemail, Give My Regards To the Fax Machine

The legal profession has embraced electronic signatures. At my work we use DocuSign for the majority of contracts with our vendors.

Not all participants in the legal profession have embraced e-sigs. For example, my wife and I needed to get a power-of-attorney (POA) so that I could a home purchase deal while she was out of the country. That was just a week ago. And the POA was required to be signed, in blue ink, before taking it to the court house.

Even in real estate, there are participants who, for one reason or another, still demand sigs. For the same property we are trying to close, the seller (a trust) required us to use ink signatures, which we found it very unusual since we have been doing e-sigs for ages.

For as long as someone demands an ink signature for something someone else wants, and there are now laws demanding e-signatures to be accepted when offered, we are going to have ink sigs. And that is going to be the case for a long, long time to come.

Comment: Re:Cue creationists (Score 1) 51 51

by luis_a_espinal (#49882655) Attached to: Signs of Ancient Cells and Proteins Found In Dinosaur Fossils

Cue young earth creationists claiming this dinosaur was intelligently designed 5000 years ago.

Sigh.

Some of them already claim that soft tissue discoveries proved that dinosaurs were recent. IIRC it was listed in the "creationist rigs search results" article a week or two ago.

Of course, there's a pending religious schism between those who claim all the dinos died in the flood, those who claim that they were saved by Noah and died later, and those who say they never existed at all (the fossils being planted by God to make sure no eviloutionists believe the bible).

You forget the existing religious schism which pits creationists vs those who accept evolution. This is something that completely baffles me, creationism, since I came to the US 26 years ago.

Creationism is hardly a form of thought in the rest of Christendom, but it is so dominant in the US. How can this country who has achieved so much have so many troglodyte-thinking people?

My grandma back in my country, who has never left her little mountain town and who only completed elementary education accepts evolution (scientists say so, I don't understand it, but they do, because they studied a lot, so it must be true, that is what she says.)

The level of willful stupidity in this country boggles the mind.

Comment: Germany is not socialist (Score 1) 528 528

Socialism has made many promises it cannot keep. Capitalism promises nothing, but can generate much more wealth.

1. Germany is not socialist. If you bring socialism in the context of comparing Germany with the US, you are an ignorant ass.

2. Socialism, capitalism, blah blah. You don't know what the hell you are talking about.

Seriously, get the hell out of whatever hole you live in, travel the US, and then travel the world. Then talk.

Comment: Freedom and shit, and other slogans (Score 1) 528 528

Which do you prefer? Freedom, Higher risks and higher reward? No risk, less freedom, but a lower standard of living?

Socialism has made many promises it cannot keep. Capitalism promises nothing, but can generate much more wealth.

Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety. And to in my experience end up giving up liberty AND security.

What a load of bullshit. See, here in the US, sadly we have waaaaay too many freedom-fries folks who think they are Daniel Boom or some shit, but in reality they are just some variant of Beavis and Butthead.

Any argument they make, they drop the word "freedom" and voila, in their minds, that makes it valid. They don't even know what the fuck freedom is, or whether they truly have it. What comes out of their mouth are not reasons, but fucking slogans.

They go about their lives building these black-n-white, freedom-or-else as if the world operated in that way, because, according to their experience that's how it is (and one has to wonder what type of first-hand experience they have on the subject.)

Comment: Re:Does US have any real jurisdiction over FIFA? (Score 1) 194 194

They claim evidence that the corruption was carried out on US soil using US banks. That's better reasoning to me than "Fifa is multinational and under no one's jurisdiction" as they will claim.

But frankly the fact the US isn't completely obsessed with the sport like some other nations will go a long way to keep things impartial. If fifa threatens to ban the US from world cup consideration you can expect a very heartfelt "oh darn" as a response and the investigation will continue.

By the FCPA, they wouldn't even need to claim that the corruption took place on US soils and/or using US banks. All it takes is either a US national or legal resident, or US company or US-based subsidiary of a foreign company (Traffic Sports USA) to engage in bribery of foreign officials, or be bribed by foreign officials. Bribery and being bribed by foreign officials is the hallmark of FIFA, and that organization pretty much screwed itself up the moment it established links with US companies.

So this is all about the US getting the 1994 World Cup through bribery?

I'll answer in the affirmative to satisfy your supposition.

Comment: Re:Does US have any real jurisdiction over FIFA? (Score 1) 194 194

... unfortunately the penny arcade crowd is going to tear it down in their endless, nihilistic pursuit for yet another reason to be upset or whatever.

Are we to get some deep meaning from this spew of faux witticism?

We got your reply, what more can we ask?

Comment: Re:How is this news for nerds? (Score 1) 194 194

According to the CIA World Factbook, Trinidad and Tobago has a population of about 1.2 million people, or about the size of Dallas, TX. Not exactly a huge place population wise - only 159th in the World.

But since its quality of development (and the discussion herein) centers in its GDP per capita, it kind of doesn't matter a flying turd if its population is just 1.2 mills, does it?

Comment: Re:How is this news for nerds? (Score 2) 194 194

"Liberal racist fucker"? It's the LIBERALS that are racists now? LOL.

Oh yes, they can be. Should I provide you with examples? Now, I have no dog in this fight as of who is better or worse, liberals or conservatives. But anyone who thing racism is strictly a non-liberal trait is full of shit.

Comment: Re:Does US have any real jurisdiction over FIFA? (Score 3, Interesting) 194 194

They claim evidence that the corruption was carried out on US soil using US banks. That's better reasoning to me than "Fifa is multinational and under no one's jurisdiction" as they will claim.

But frankly the fact the US isn't completely obsessed with the sport like some other nations will go a long way to keep things impartial. If fifa threatens to ban the US from world cup consideration you can expect a very heartfelt "oh darn" as a response and the investigation will continue.

By the FCPA, they wouldn't even need to claim that the corruption took place on US soils and/or using US banks. All it takes is either a US national or legal resident, or US company or US-based subsidiary of a foreign company (Traffic Sports USA) to engage in bribery of foreign officials, or be bribed by foreign officials. Bribery and being bribed by foreign officials is the hallmark of FIFA, and that organization pretty much screwed itself up the moment it established links with US companies.

The US is not alone in this. Many developed countries have similar provisions with a global scope (fraud/bribery of this type committed anywhere). A lot more have similar provisions only on a local scope (only those committed locally.)

This FIFA thing is a good thing, but unfortunately the penny arcade crowd is going to tear it down in their endless, nihilistic pursuit for yet another reason to be upset or whatever.

Comment: Re:Does US have any real jurisdiction over FIFA? (Score 4, Informative) 194 194

This 'onion' issue is but a side-show of the indictment of FIFA officers by the Obama Administration

While everyone knows that FIFA is corrupt, we must also acknowledge the fact that the indictments from US is a kind of a long-stretch, for all I know FIFA does not belong to USA alone

The Foreign Corrupt Practices Act of 1977 (FCPA) allows the US to prosecute anyone, anywhere, irregardless of citizenship for specific forms of fraud so long as said person has caused US companies or US-based offices of foreign companies to commit said type of frauds or has used the US banking system to commit said type of frauds. Traffic Sports USA is a company being investigated for that that type of fraud, and so many other businesses tied to either FIFA or CONCACAF.

Now, when I say specific forms of fraud, the law strictly refers to fraud intended to manipulate of foreign politicians or foreign state agencies or to partake in exchange of benefits or gifts with a foreign politician or foreign state agency or representative. The nomination of Qatar for the next World Cup (as a result of a payment under the table to secure those right) falls into that category.

If there were no nationals (or national or US-based business entities) involved at all, then FCPA wouldn't apply at all, and there wouldn't be any news to blather and bloviate about.

Top Ten Things Overheard At The ANSI C Draft Committee Meetings: (4) How many times do we have to tell you, "No prior art!"

Working...