Forgot your password?

Comment: Three duh's from the article: (Score 1) 60

by malakai (#47581021) Attached to: Multipath TCP Introduces Security Blind Spot

Three duh's from the article:

Trust models users and networks have fostered with Internet providers are also changed—and in some cases broken. Contrary to that, providers will no longer be able to sniff traffic—under court order for example—unless they work hand in hand with other providers handling split traffic sessions.

They lost me at "Trust models users .... have fostered with Internet providers".... Duh.

“Technology like MPTCP makes it much harder for surveillance states,” Pearce said. “If I split traffic across my cell provider and an ISP I may not trust, in order for a surveillance state to snoop they have to collaborate with all these parties. It’s a much harder proposition.”

Who cares? And if you really care enough, and you are a suveilance state, you can sniff from the soruce, or a common route in between in which all the data flows. Will you have to spend a little extra CPU and Memmory to piece together the full stream? yeah, duh.

Finally, Pearce said, there will be ambiguity for firewalls about what incoming and outgoing traffic looks like. She said that MPTCP enables endpoints to tell servers there are other addresses to which the server may connect, but the firewall may not necessarily interpret that as an outgoing connection.

And not very hard to fix for the firewall vendors. Will you have to patch your FW? Probably. Is that a problem? No, duh.

Comment: Re:US investigators like Southern ping arc (Score 2) 145

by malakai (#46500149) Attached to: US Navy Strategists Have a Long History of Finding the Lost

I'm not positive about this, but I don't think they need to turn on 'another' transponder, they just need to change their transponder code. I'm pretty sure pilots dial in the code based on what the tower tells them to use. I don't think every transponder is guaranteed unique, and traceable.

Comment: Re:Lotsa hate going on here (Score 1) 166

by malakai (#46387373) Attached to: Invention Makes Citibikes Electric

In NYC, a lot of the delivery guys ( well the Chinese guys ) have some sort of clockwork style bike mod on their delivery bikes. It mounts under the seat and attached to the drive train, and they must be storing energy into a spring or some other mechanical way, then they pop a button and you hear 'click click click' and the bike goes up the hill as they guy coasts on the pedals.

I'm always leery of those contraptions. Just waiting for one to fail catastrophically and send metal gears into bystanders.

Comment: O.M.G (Score 4, Funny) 168

by malakai (#46379653) Attached to: Damming News From Washington State

This is the problem with Hydro power. This is why we should go 100% solar and not use electricity at night. We can't safely use Hydro, it's too dangerous, the pressure levels and engineering is too dangerous and a single mistake could kill an entire ecosystem.

Think of the children down river from this dam!

If you have any incandescent bulbs, _YOU'RE_ to blame as well.

-Francis Candlemaker

Comment: Re:Sounds like a lawsuit waiting to happen (Score 1) 448

by malakai (#46102947) Attached to: Developer Loses Single-Letter Twitter Handle Through Extortion

Sadly a lot are doing this now. Even if you swipe, they will ask for the card, and then punch in the last 4.

  I stopped giving them the card and asked them what they needed, and they would still ask for the last 4. I got concerned when my wife's card was used within 40 mins of us buying something at a Best Buy at _another_ Best But location across town. We think the cashier called someone and gave them the digits. They had her security code as well. My wife had handed her card to the cashier at the cashiers request.

Pretty good memory for the cashier to remember the digits, expiration, and security code. That or it's a local security guy with access to the video cameras over the cashier. Or she had her phone sitting some where nearby and would wave the card over the camera for someone else to read.

Sadly, it's not really my problem. American Express needs to figure out how to handle these merchants and their employees. It's what I pay AMX for.

Comment: Re:Sounds like a lawsuit waiting to happen (Score 2) 448

by malakai (#46101165) Attached to: Developer Loses Single-Letter Twitter Handle Through Extortion

I routinely get service reps reading my last 4 digits of cards they have on file. This happen on Delta all the time. I have about 6 credit cards on file, and sometimes I need them to make sure specific tickets are on specific cards. I often have a conversation like "That's the one ending in 1011 right? No sir. Is it the 1099? No sir. Really? Which is it? It's the 1014 sir. Oh yeah, that one. ok."

Last 4 are not a secret. Best buy and lots of box retailers now actually ask you for it when you check out. You have to broadcast it in the air in front of everyone in line.

The issue here is GoDaddy. If GoDaddy doesn't have a 2 factor auth system option you should not be using them for DNS hosting.

Comment: She wasn't surveilled.... (Score 5, Informative) 150

by malakai (#45986913) Attached to: US Senator Warns Against Political Surveillance By Drone

... I don't see this covered in any of the mainstream media reports, but the 'drone' involved was a pink 'barbie' knockoff with no video capability. It's a $25 dollar think-geek type mini gyro. I'm amazed it made it to the 2nd floor window of a home outside. No wonder it crashed, those things have the stability of a paper airplane thrown into a fan.

Example of it:

"Obviously the pilot of the drone had some surprise..."

Obviously the pilot couldn't see you because there's no cameras on it, so I doubt she was surprised you looked out the window....

...because the drone wheeled around and crashed ..."

They do that a lot.

The irony here is Feinstein over dramatization of this event given what she authorizes on the SIC. Using this incident to call for stricter drone laws is like being hit by a paper airplane and calling for the FAA to investigate.

Comment: Re:Bad Coffee, Bad App (Score 4, Interesting) 137

by malakai (#45977143) Attached to: Starbucks Phone App Stores Password Unencrypted

Love my mocha's. Can't tell you how many times I got to a 'local' coffee house and get a crap mocha. Some like to put store bought chocolate syrup in it, others like to add a mocha powder without first turning it into a wet paste. I've had Swiss Miss packets added to a late and told this was their 'Cafe Mocha'.

All in all, I can count on one hand the number of good cafe mocha's I've had at 'local' coffee houses.

On the other hand, every Starbucks I got into, anywhere in the world, seems to have the same Cafe Mocha. It's as if they had a recipe and the barista's were trained to make it. I like being in a town for the first time in my life, finding a Starbucks and feeling a little bit like being at home.

In the end, I reward any store on it's quality, I don't stereotype a store based on it's number of locations or perceived local community value. Would you patron a crap restaurant just because it's "local"?

Another megabytes the dust.