Forgot your password?

Comment: So if TOR nodes can easily do it (Score 3, Informative) 115

by phorm (#48223713) Attached to: Researcher Finds Tor Exit Node Adding Malware To Downloads

Who's to say that your friendly ISP or government agency isn't doing the same? Or even better yet, how about for OS updates.

Last time I checked even my linux *.list files were referencing HTTP hosts rather than HTTPS (not that HTTPS is really much better, when gov't agencies are concerned)

Might make sense to use an SSL-enabled connection and a key that's provided with the distro.

Comment: How about even simpler (Score 1) 651

by phorm (#48222531) Attached to: Automation Coming To Restaurants, But Not Because of Minimum Wage Hikes

A cellphone app (or site), which after you've completed your order either sends it to the store directly, or gives you a scannable barcode. Scan the barcode, and your order is done exactly with what you asked for, you just need to pay (or maybe you can even do that through the app)

For those that commonly order the same thing, save the barcode and re-use it next time.

Comment: Re:Except it's not (Score 1) 522

by phorm (#48214259) Attached to: Shooting At Canadian Parliament

OK, except in Canada it actually works this way. A guy with a gun is noticed. Since there's no legit reason to be carrying around a firearm in public, the police were notified and the guy was picked up.

Now in the U.S., dude may have had a carry permit, and been legit. Around here there's no such thing, so there's a much better chance of noticing when some guy has a rifle in his jacket or a pistol bunging out under his shirt or pants pocket. The only people other than uniformed authorities with guns in public WILL be criminals, or idiots who don't pay attention to the proper storage/transport rules.

Comment: Re:Respect in anonymity (Score 1) 544

by phorm (#48212845) Attached to: The Inevitable Death of the Internet Troll

People call "women" X because they fill their profiles with pictures of themselves looking like X.

Sometimes this may be true. Other times it's just a convenient insult for morons. I've been called n*gg*r, j*w, sp*c, f*g, etc etc, yet I am white, not religious at all, straight, etc. Really I think that part of it is infantile minds can't come up with more meaningful/fitting insults.

Comment: Awareness (Score 1) 688

by phorm (#48207685) Attached to: FTDI Reportedly Bricking Devices Using Competitors' Chips.

On the other hand, that could have been accomplished by doing something like display an error "your device contains an unrecognised/counterfeit chip and cannot be used with this driver.", or possibly a BSOD. That doesn't break the device but does prevent its use with the driver while notifying the user.

Comment: Test app (Score 1) 688

by phorm (#48207457) Attached to: FTDI Reportedly Bricking Devices Using Competitors' Chips.

Based on the story, it seems like once you plug in the illegitimate devices, they're going to be reassigned the bad PID fairly quickly making them rather useless afterwards. Unfortunately that would pre-empt any sort of windows app which tests whether they're legitimate.

In Linux-land, I'd guess that the current driver still works well. Does anyone know of a way to test whether devices are legitimate?

Comment: Except it's not (Score 1) 522

by phorm (#48205289) Attached to: Shooting At Canadian Parliament

It's pretty easy to get a gun in Canada if you don't have a criminal record or mental illness, and can find people to vouch for you.

Not all types of guns - handguns are harder - mind you, but hunting is a pretty common sport and rifles or shotguns aren't a huge deal to get if you're patient.

What we *DON'T* have is stuff like carry permits etc allowing people to walk around in public with guns (which I still personally think is a bit crazy).
Bag 'em and/or lock 'em up until you're at the range or the hunting trails.

Comment: Actually a good point (Score 1) 766

by phorm (#48205121) Attached to: NPR: '80s Ads Are Responsible For the Lack of Women Coders

And these days, I *am* seeing more female gamers (though often more casual etc).

Many guys I know started with computers/coding because they wanted to replicate the stuff they played on in younger days. Perhaps we'll see more young girls who grow into women with similar aspirations, which may be a feedback loop resulting in more cross-gender-friendly games.

Comment: Re:1..2..3 before SJW (Score 1) 766

by phorm (#48205055) Attached to: NPR: '80s Ads Are Responsible For the Lack of Women Coders

I'll second this for many shops I've worked, but those actually tend to have a good male/female dynamic anyhow. On the other hand, the workplaces that did *NOT* have a good dynamic,often had guy who, yes, tried to be nice but really came off creepy or giving a used-care-salesman type vibe. Sharing weird material, and sharing with other male co-workers after discovered a female c/w's previous "modelling" career was particularly uncool. That the CEO was also early 20's and most of the women tended to be of a certain age/appearance demographic may have also contributed (not that people can't be smart/productive and attractive at the same time, but experience in that environment did indicate that it was a primary contributing factor).

Thankfully, I can honestly say that particular workplace was an outlier, and that most workplaces I've had seem to promote respectful and have good interpersonal relationships.

Comment: Strata fines (Score 1) 397

by phorm (#48204871) Attached to: Speed Cameras In Chicago Earn $50M Less Than Expected

In my old building, I was on the Strata council. One of the things we made sure was to *never* include fines in our revenue projections. Yes, paid fines went to general revenue, and were somewhat consistent, but all the operating budgets were set from set revenue and fines just got dump in at the end of the year (which did help with unexpected shortfalls, or to shore up the reserve) but they were never *expected*.

Comment: For internal use? (Score 3, Insightful) 185

by phorm (#48003881) Attached to: Security Collapse In the HTTPS Market

HTTPS/SSL, but with the signing, distribution, and recovation done in-house. The big SSL vendors seem to often be prone to poor security, as well as possibly succumbing to the demands of certain government agencies and providing "private" keys.

At least if your certificate is signed in-house, you have control of your certs and a certain amount of extra protection against the above. This might not be a good solution for smaller shops, but mid/medium shops could accomplish this, it's just easier to use a "big name" registrar.

Perhaps one solution would be to have an easily deployed appliance/distribution that runs as an internal certificate store.

You are in a maze of UUCP connections, all alike.