Please create an account to participate in the Slashdot moderation system


Forgot your password?

Comment: But it might (Score 1) 55

by mitcheli (#49728771) Attached to: Swedish Court Orders Seizure of Pirate Bay Domains
The problem with this idea is that as TPB migrates to additional domains, it leaves open a few possibilities. First, sites opposed to TPB will create malicious sites to try and spoof TPD to collect data, spread malware, and otherwise degrade the services that TPB offers. Second, while rapid DNS techniques are well implemented in malware like botnets, it's not a capability that the average Joe can keep track of, so without some form of front end that can track and change with the rotating DNS entries, people will get frustrated and stop using the service. And this is exactly what the opposition wants. It's time that many of these types of technologies go through redesign again. And they must be redesigned from the protocol level. TPB succeeded where Napster didn't because the content being traded was not hosted with TPB. But they are still centrally located for the purpose of search and front end to the users. Anytime a bellybutton can be poked, it will be. So the protocol must be designed to prevent ANY centralized management. Next, any protection mechanisms (trust models, etc) that are built into the protocols used must be extremely well thought out. When analyzing for protocol weakness, rules matter. If only certain nodes are allowed to be "trusted" ,then you can better bet that those wishing to exploit it will design a node to be trusted. Protocols must also be non-differential at all levels, from the handshake of the SSL layer down to the initial HELO to the transmission characteristics of how it sends data. If the protocol can be differentiated, it can be blocked, tracked, hacked, or otherwise interfered with. Simply wrapping it in Tor isn't going to work. There are ample talks out there on how Tor traffic can be characterized and interfered with.

+ - Bittorrent brings Bleep ->

Submitted by mitcheli
mitcheli writes: From the "Not-on-my-watch" Dept:
If you want the security of knowing your voice, text and picture messages can’t be intercepted, direct peer-to-peer communication with end-to-end encryption is the gold standard: and that’s what BitTorrent offers with its Bleep app. Every conversation is between you and your friends. There is no cloud to hack because messages are never stored in the cloud. For text messages and photos, Bleep offers the choice of Whispers – where both text and images disappear when they’ve been read – and Messages, which stores them locally on the device. You can also make voice calls with the same peer-to-peer encrypted technology

Link to Original Source

Comment: Re:Minecraft Mods (Score 5, Informative) 315

by mitcheli (#49442283) Attached to: Ask Slashdot: How To Introduce a 7-Year-Old To Programming?
Minecraft Mods are an excellent way. My youngest latched onto those with no issues. Ironically, I tried to teach my 13 year old Apple's Swift language and he was totally uninterested, but mu youngest is latching right onto it, finding ways to modify our test game we're working on, and reciting back to me what objects, methods, and attributes are. I think he even understands inheritance and method overrides. He's got the tree structure of nodes in SKNodeKit down as well. And he's 9. And to think, the 13 year old was the one who expressed a desire to learn how to write games. To each his own...

Comment: Won't work in the US (Score 2) 62

by mitcheli (#49441381) Attached to: Uber Finally Accepts Cash -- For Autorickshaws In Delhi
Cash payments, while really nice for the drivers, would open them up to attack. In markets like DC. Uber drivers have to have clear signage indicating they are driving for Uber (see how many you can spot on the street corner sometime). But if they have this signage, there's nothing saying they can't be carjacked or mugged.

Comment: Re:There's a shock... (Score 3) 100

by mitcheli (#49441189) Attached to: Apple Leaves Chinese CNNIC Root In OS X and iOS Trusted Stores
It somehow doesn't surprise me that Apple is still hosting the exploited CA cert. They released patches to a number of openssl (which OSX does use) that supposedly fix the high level vulnerabilities of late (Security Update 2015-3?) But at the same time, the version that's running is 1.0.1g ... and there have been several high level vulnerabilities such as the down channel exportable encryption bug that still haven't been addressed. Thinking Apple needs to step up their game!

Comment: What does it all mean? (Score 1) 83

by mitcheli (#49432561) Attached to: Patent Case Could Shift Power Balance In Tech Industry
While I like Apple just as much as any other Mac fan and have been known to be ding as a troll when commenting on Microsoft posts, I have to ask my self one good question about all the litigation between Apple and the world. When will this litigation cross the threshold of aggressiveness and open up Apple to review by regulators as acting in a monopolistic fashion? (dread the thought! I have zero desire to run Internet Explorer on my iPhone.)

Comment: Of all the stupidity (Score 2) 107

by mitcheli (#49233161) Attached to: Lawsuit Claims Major Automakers Have Failed To Guard Against Hackers
Clearly some lawyer has some teenaged kids he's looking to put through school. But food for thought here. Having just gotten into analysing the ECMs in my car and figuring out how to analyse the performance characteristics of my car, I appreciate the ability to figure out what's going on with the vehicle without paying $1000's to the mechanic. That being said, I have serious doubts that a public/private key cryptographic authentication mechanism on the vehicle ECM would be shared with the consumer that purchased said vehicle and would ultimately eliminate the ability of people to work on their vehicles.

Comment: Net Neutrality and it's effects on Cell Providers? (Score 1) 550

So Some cell providers in the US provide "x" amount of GB's of data on a rate plan and when that data is used up, they turn off access to the Internet (blocking) and other providers will allow you to use "x" amount of data and then throttle back your remaining data (throttling) to dial up modem speeds (EVDO or less). Since these rules prohibit blocking and throttling, what will Net Neutrality do to cell phone plans?

A triangle which has an angle of 135 degrees is called an obscene triangle.