Forgot your password?
typodupeerror

Comment: Re:So (Score 1) 59

by savuporo (#47486193) Attached to: Tesla Model S Hacking Prize Claimed

PIN probably shouldnt be stored in the car, store a salted hash.

By the way, my old 91 Camaro used to have a start "security feature", where they had a basic resistor embedded in the ignition key. If the resistance was off or didnt start and blocked further tries after 3 attempts or something for 15 minutes.

Awesome when the contacts got slightly oxidized : )

+ - Tesla Model S hacking prize claimed ->

Submitted by savuporo
savuporo (658486) writes "AutoBlogGreen reports: The $10,000 prize for successfully hacking a Tesla Model S has been claimed. A team from Zhejiang University in China claimed victory at the Symposium on Security for Asia Network (SyScan360) event in Beijing by exploiting a "flow design flaw," whatever that means, to gain access to vital systems including the door locks, horn and window controls, while the vehicle was moving.

Last year, potential security pitfalls of high-tech electric and hybrid cars came to light when the DARPA successfully hacked into hybrids from Ford and Toyota. For illustration about why this might become a big deal, here is a video report about Prius ECUs and internal CAN network being messed around with while driven."

Link to Original Source

Comment: Re:Python (Score 1) 466

by savuporo (#47241637) Attached to: Ask Slashdot: Best Rapid Development Language To Learn Today?

"Some of these packages are poor crap" out of tens of thousands in repository ? Oh, the humanity ! How is that different from any other programming language ? 90% of contents of any open source repositories is poor crap, be it github, sourceforge ( is that still alive ?? ) or even volumes of example code docs put out by good wise companies like Google, Apple or Microsoft. Its your job as a developer to sort through the crap that stinks less.
And no, i dont regularly attend parades and do not ride on bandwagons, thanks.

Comment: Re:Dear Microsoft.... (Score 5, Funny) 218

by savuporo (#47187067) Attached to: Microsoft Fixing Windows 8 Flaws, But Leaving Them In Windows 7

Dear Microsoft,

Please make Windows 9 touch only, do not give anyone any menu, use the well known principle of most surprise for the user interface design, break all possible APIs, come up with another Uncommon Language Runtime, force me log into everything with the same username and password security be damned, put Bing on the way of actually getting to internet and if you could Ribbon me another two three screenfuls, all would be dandy.

Only by implementing these urgent measures will you guarantee your local fanbase of 2 people will stay very loyal. And the rest can move on to better things and world will be a better place.

Thanks,
Your local detractor.

Comment: Re:No one will ever buy a GM product again (Score 2) 307

by savuporo (#47181407) Attached to: GM Names and Fires Engineers Involved In Faulty Ignition Switch

How about firing people that installed policies for engineers to NOT speak out about faults and banned them from even talking about it ? Who compiled the not to be used word list of "hindenburg", "death trap" etc ?

Maybe search for causes in your legal and PR and HR departments first. Oh, and execs.

Comment: Re:Sorry... (Score 4, Insightful) 206

So lets see. This is an NRC report that ONLY considered using SLS as the launch vehicle, and concluded that you cannot get to Mars with that, something has to be done differently.

How about _trying_ something different then for a change, stop trying to build redundant launch vehicles, we already have plenty, and actually invest in enabling technologies that DO get us to Mars.
Like, putting spacecraft together from modules like was done with ISS and other stations before that - except without involving costly human ops. How about refuelling the spacecraft on orbit. How about doing research on partial-g environments, and launching a centrifuge. How about sending some rats en route to Mars to study different radiation shielding approach effectiveness. The list is endless. Actually, NRC PRODUCED all the enabling technology roadmaps, they are available here :
http://www.nasa.gov/offices/oc...
How about actually fricking following these roadmaps ( SLS is NOT in there ) and getting some stuff done ? Advanced radioisotope stirling generator that was outlined as the CRUCIAL enabling technology piece for future exploration ? Cancelled ! Funds are required to build a monster rocket to nowhere instead ...

But, if you keep doing the same thing over and over, no reason to expect a different result. Kill the waste, and start investing in future.

Comment: Re:Should have upgraded Openssl (Score 2) 44

by savuporo (#47147427) Attached to: Heartbleed Bug Exploited Over Extensible Authentication Protocol

Phones are the least of the worries IMO. There are so many internet connected consumer electronics devices around that are based on some lightweight linux stack - SmartTVs, home routers, set-top boxes, NAS boxes, IP security cameras etc come to mind. These things will NEVER get patched because the development teams that put together the original firmware for the last years model are often even not around anymore. "Install Cyanogenmod" is not an option either.
With the "Internet of Things" wave raising, this will only get worse.

I'm not sure there is a reasonable solution there, zero day exploits will continue to be around, and companies will continue to build "embedded" devices that are not really designed to take frequent software updates.

Maybe there is a room on market for consumer oriented security certification brand, which basically tells the buyer - yes, we have reviewed and tested the software stack on this device, and its reasonably safe and sound and the company behind it is reasonably committed to keeping it secure ?

Nobody said computers were going to be polite.

Working...