Follow Slashdot blog updates by subscribing to our blog RSS feed


Forgot your password?

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).


Comment: Re:And anyway... (Score 2) 257

by praxis (#49349795) Attached to: Generate Memorizable Passphrases That Even the NSA Can't Guess

First you claim that they use malware to send my plaintext passwords to themselves. Then you claim they have been caught red-handed doing the first compromising networking equipment which never sees my plaintext passwords.

I understand your point, but your claims are rather incongruous.

Comment: Re:What guarantees of longevity? (Score 1) 48

by praxis (#49348939) Attached to: Facebook Makes Messenger a Platform

First, not all companies are doing fine using services from Oracle, IBM, SAP and Microsoft.

Second, Facebook is different in the same way that Oracle is different and IBM is different and SAP is different. It is not a very convincing argument to say other companies provide services so *this* company's services must be "fine".

Comment: Re:Are the CAs that do this revoked? (Score 1) 133

by praxis (#49336419) Attached to: Chinese CA Issues Certificates To Impersonate Google

Yes, of course you also have to trust the sender. We're talking about securing communications here, not trusting a sender. If you don't trust the sender, why even talk about trusting their communication? We need to first trust the sender, then we can think about "how do I know this message is from that specific trusted sender and not compromised."

Authentication using a certificate gives you no inherent trust of the other party. I thought that was obvious.

Comment: Re:eliminate extra sugar (Score 1) 491

by praxis (#49331153) Attached to: Hacking Weight Loss: What I Learned Losing 30 Pounds

There is no quick and easy solution, that is true. If you overeat then there are only one way to validate you are eating less: measure.

We too use a variety of ingredients and we too cook from scratch without using recipes. We weigh our ingredients before putting them in the dish. I takes maybe 5 seconds longer, per ingredient. We write down the weight for each no a piece of paper that's always by the scale. Then, while we wait for the dish to finish (or some other time later), we calculate how many calories went into the dish total. Most of the time, we don't eat left overs but cook fresh every day, but sometimes we do make two-days worth. Either way, we know how much is in the entire batch and can portion: whether its two portions, four or six, it's more or less the same math.

It does take effort and time, but it's well worth it in our case. Over time, we got good enough at guessing, even with new ingredients we've not used before but could compare to others, at how many calories we're putting into our food, to within 10% error. That's not great, but we can now often guess how much food we didn't cook has just by looking at it.

Last night I worked late and the company bought us pizza. I felt the weight of the slices and guessed 250-300 per slice. I then looked it up online when I got home and the restaurant that made the pizza lists it at 280. Now, of course it's an estimate but it's a starting point.

The more you do it, the easier it gets.

Comment: Re:Are the CAs that do this revoked? (Score 2) 133

by praxis (#49330105) Attached to: Chinese CA Issues Certificates To Impersonate Google

The company can generate a certificate (public and private key pair) and send you the public key pair through an unsecure channel. They can then tell you the fingerprint over a secure channel. You do the same. You each verify that the public key of the other party is actually the other party's public key and then you two can communicate securely.

No, what constitutes a secure channel for key verification? That's where you can get levels of trust from one posted on their website (weak) to one read to you over a phone by a human (weak) to travelling and exchanging (stronger). Of course, if you are travelling you might as well just exchange public keys that way.

Comment: Re:But they help also (Score 1) 366

by praxis (#49302125) Attached to: Uber Shut Down In Multiple Countries Following Raids

I had a chance to actually use uber, so excuse me and please correct me if I get this wrong, but I was under the impression that the uber fare is based on the distance between start and destination as determined by a routing software and not on the detours the driver decides to take?

So how could the driver fleece the passenger here?

I can only go off the information Uber makes publicly available without signing their terms of service, but this disclaimer is prominent on their marketing materials: "Applicable tolls and surcharges may be added to your fare." Sounds like you are agreeing to unspecified surcharges, which if they abuse, your only recourse would be expensive litigation rather than protection laws of taxi services.

Comment: Re:But they help also (Score 1) 366

by praxis (#49296173) Attached to: Uber Shut Down In Multiple Countries Following Raids

In both scenarios, the passenger may be fleeced. The difference is, in one, the passenger has a recourse (having the local government find the driver in violation of the law and losing his taxi license if he does it often enough) and in the other not (having only a private relationship with a non-employee of a private company, having agreed to term of service for using the App, and only being able to sue the driver on his own).

If we're going to say the regulations are bad, and hence we should throw them all out, we're going to have an anarchy.

Comment: Re:But they help also (Score 1) 366

by praxis (#49292959) Attached to: Uber Shut Down In Multiple Countries Following Raids

Guaranteeing taxi-users to need a GI using recent (online) maps is a pretty bizarre requirement for good taxi service. Taxis exist to serve everyone, which includes the blind, the elderly, the religious, and the poor.

Also, an uber driver who decided to flaunt all regulation, can certainly charge a customer for taking the scenic route. They aren't licensed taxis, so are exempt from the rule that they must take the shortest route unless permitted by the customer.

Comment: Re:But they help also (Score 1) 366

by praxis (#49292771) Attached to: Uber Shut Down In Multiple Countries Following Raids

Oh, please. I am no friend of the rent-seeking, regulatory-capture taxi cartel, but Uber is unethical as hell.

So go after them for that... instead of an excuse that literally supports evil.

Its as if you are saying "Uber is unethical, therefore I want the very things that makes the existing system evil to triumph over Uber! Go evil!"

There is a middle ground, grasshopper. The choice between draconian regulation serving only the interests of the wealthy establishment and anarchy were laws are meaningless words on a piece of paper is an illusion. Labeling them with ethical monikers like good and evil only furthers the false dichotomy and prevents a civil discussion about what it is we, as a society, actually want to fall on this debate.

Comment: Re:But they help also (Score 1) 366

by praxis (#49292699) Attached to: Uber Shut Down In Multiple Countries Following Raids

I see the Uber debate as being about something completely different than "COMPANIES BAD GOVERNMENTS GOOD". Some taxi regulations, as you helpfully point out, are indeed, obsolete. They can certainly use a refresh. How we handle this situation is the crux of the disagreement.

Uber wants to ignore the rules and do what makes sense. The government wants the rule of law to be meaningful. They are both right, but what we need to do is change the laws. Civil disobedience is one way to do that. Some people, the disruptive, see Uber as doing its part, but they are not.

Uber does not want the rules changed, they want profit. They're not being disobedient to better our world, they're being greedy and narcissistic.

"Mach was the greatest intellectual fraud in the last ten years." "What about X?" "I said `intellectual'." ;login, 9/1990