I imagine it would not be stored centrally but in the TPM where the TPM says yay or nae when presented with the image. In theory the TPM doesn't release the actual key even to the BIOS but rather just does the authentication. But who knows what kinds of attacks they can withstand when physically pulled off the mainboard.
Slashdot videos: Now with more Slashdot!
We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).
I've seen cases recently where people crossing the border from one nation to another have been asked to enter their phone or laptop password for inspection. They are at this point free to refuse to divulge this information though there may be the obvious consequences. Using biometrics, would it not be possible for an attacker to simply force one to provide biometrics to unlock a device? What about other attacks such as a spouse unlocking a device using his/her partner's fingerprint while (s)he is asleep? I would think this would open up new security holes for the ones it fixes.
from www.pckeyboard.com - based on the IBM model M. You will not need a new keyboard again for a good many years. I prefer the buckling spring types but the silent ones have excellent travel as well.
She should forfeit her compensation package as a consequence of her falsifying her application.
Agree with parent here. I would add that as you are finished your first two years, you have jumped through the hoops which cause most people to drop. First year maths, stats etc. In years 3 and 4, things get much more interesting. Stick it out and you'll be a better programmer as a result. Yes, web developer == programmer.
This is not the fault of the currency. It is a fault of the exchange provider and the users of the currency really need to be careful in who they put their trust.
I'm sorry but noone without a great deal of development experience should be writing a Bitcoin exchange or any other type of financial exchange exposed to the internet. The attackers got hold of the unencrypted wallet? Why would an exchange wallet ever be unencrypted? Why is there a single wallet in the first place? Why not have seperate wallets per user account encrypted with their own passphrase such that the site operator doesn't even have access? Maybe a master password override to decrypt but never stored online etc.
Why is the wallet stored on the webserver in the first place? Why aren't funds transfered to offline storage on a regular basis? I could go on.
I use the Netgear WNDR3700 which works quite well with OpenWRT. Having said that, really slashdot? Slow day?
Bitcoin currently has no passwords. If you get their wallet.dat, it's all over.
With the recent MTGox compromise, I've been looking at a better password system. It looks like one way to go is to use a program like password safe or keesafe to generate unique passwords per website. However, I'm curious as to how resistant these master files are to GPU attacks. GPUs basically sliced through the MTGox MD5 hashes like butter. How long would it take a higher-end distributed cluster to break a Password Safe master file? It's blowfish encrypted I believe.
I realize this article is coming from a corporate perspective but from a home user's perspective, I am really getting quite a lot from IPV6. I once had to poke holes in my firewall to get at internal machines on nonstandard ports when away from home. Now that they are IPV6 enabled,, I can address them directly. I can also access my Samba shares (ISP port blocking) and the SIP protocol works much better now that NAT is not involved.
The tunneling does add latency though so here's hoping the ISPs get native connectivity soon now.
Actually, DKIM can be used to guarantee a sender. We're using DKIM here with ADSP. That is:
_adsp._domainkey TXT "DKIM=ALL"
tells a receiver that all emails from our domains should be signed. Since the keys themselves are published in our DNS, a machine not under our control should not be able to send an email purporting to be from our domain.
I'm not sure but I would think that mechanism would make SPF irrelavent. Assuming antispam software actually checked the adsp dkim records.
That's the thing I don't understand about the whole Symbian open sourcing and the excitement around it. Unless I am off-base, it's not like a programmer will be able to pick up the Symbian codebase, make a modification, compile a new kernel and flash it into his phone. If that's the level of open-sourcing we're talking about here, disabling 'Symbian Signed' will be trivial. Is this geared more toward device manufacturers? IE. end-users and developers need not care?