Forgot your password?

Comment: Needs more Spy Thrilling (Score 3, Insightful) 89

by psyclone (#47257543) Attached to: Nokia Extorted For Millions Over Stolen Encryption Keys

The money was left in a bag at a parking lot nearby Särkänniemi amusement park. Then things went wrong. The blackmailer took the bag. Police, however, lost track of the blackmailer and the money was gone.

What, no GPS transmitter in the filament of each paper Euro? Amateurs.

Comment: Re:Meta-review (Score 1) 51

by psyclone (#47248297) Attached to: Book Review: Security Without Obscurity
I also thought the review was overly wordy and hard to parse. For example:

One of the ways Stapleton brings his broad experience to the book is in the many areas where he compares different types of cryptosystems, technologies and algorithms. This enables the reader to understand what the appropriate type of authentication is most beneficial for the specific requirement.

Could easily be written as:

Stapleton compares different types of cryptosystems, technologies and algorithms.

Leaving plenty of space to list more concrete information from the book, like the Parent suggested: a table of contents.

Comment: Re:A Lost Era (Score 4, Interesting) 122

Even if there are arcade "museums" and other classic arcade venues to be found, do any of those have NEW games? There's a new 4-player pac man game (amidst many ticket-churning games) at a local arcade, which is fun, but it's an iteration on an old game.

My Billy Mitchell question: Is there anything new out there in arcade games that play in a more or less classic style, but don't churn out tickets?

+ - GPS Fitness Data Sold to Oregon Transportation Dept

Submitted by nullchar
nullchar (446050) writes "The Oregon Department of Transportation has signed up for the Strava Metro GPS service for $20,000 USD. Strava is a mobile fitness app used by cyclists and runners to track their performance with GPS. Strava says the data set of over 300 billion GPS points it has collected worldwide are anonymized and aggregated to protect privacy. Oregon wishes to use the data to enhance it's bike lanes.

The article poses some interesting questions (beware annoying "More:" links between every paragraph):

Strava pulls in position and speed data so accurately that it can often be used to identify what lane a cyclist is using on a particular road. With such accuracy, could the government use Strava data to figure out if a cyclist ran a stop sign or a stoplight? Could it be used in the event of an accident involving a vehicle to map a cyclist's behavior prior to a collision? This is just speculation, as the data is intended to be anonymous.

It would be easy for them to create a database of Strava's user-created "segments" to identify "hot spots" where cyclists may be riding in especially aggressive fashion. In his piece in Bicycling magazine on the Strava-related death of Kim Flint in 2010, David Darlington compared some of the site's "KOM" segments to illegal street racing. He even showed how easy it is to identify cyclists breaking the law by finding several KOM segment leaders who recorded speeds in excess of the posted speed limit.


Comment: Re:Encryption (Score 1) 220

by psyclone (#47101899) Attached to: PHK: HTTP 2.0 Should Be Scrapped
How is the Auth1 scheme described above susceptible to offline dictionary attacks?

I'm assuming both client and server then exchange the Auth1 value to know if they can trust the other side: server would check for correct password, client would check for non-MITM server.

The supposed MITM would attempt to offline brute force the Passhash as they now know the inputs to the HMAC, and they know the correct Auth1 value?

Comment: Re:Google is dropping XMPP and Talk/Chat anyway (Score 1) 121

Features? It's great to have the server manage groups so when a new user of Team X gets added, all of Team X shows up in their roster. File transfer is simpler and more secure using XMPP+TLS than requiring the "cloud". Persistent chat rooms (ala IRC channels) are a great way to keep people collaborating. Even IDEs like Intellij can help collaboration by sending "File Z line N" code pointers or diffs that show up right next to the code your team is working on.

That and by using OTR or trusting your own server to not log chats protects privacy. But does anyone care about privacy anymore?

"People should have access to the data which you have about them. There should be a process for them to challenge any inaccuracies." -- Arthur Miller