Forgot your password?
typodupeerror

Comment: Re:Inability of server to enforce policy (Score 1) 212

by shaiay (#42395831) Attached to: Lax SSH Key Management A "Big Problem"

The server not being able to force policy on the clients is inherent to the client-server system: If you client is un-trusted, you cannot enforce anything on it.

Unfortunately, while current OpenSSH supports multiple authentication options, they cannot be "stacked" - if you manage to authenticate in one way, you are in.

In my blog I suggest a solution: I show a way to force OpenSSH to ask for a (server based) password after key based login,. This way you can enforce password policy on the server (strong passwords, etc...) with the standard tools, and also require a key. The key can now be password-less.

Shai

Comment: I use the same model for an android app (Score 1) 341

SSH Persistent Tunnels : It's GPLv3, complete with building instructions:
http://code.google.com/p/ssh-persistent-tunnel/

but for $1.50 you can just save yourself the hassle of setting up the android SDK and install the binary from Google Play, complete with automatic upgrades etc...
https://market.android.com/details?id=org.ayal.SPT

Comment: Re:makes sense (Score 1) 334

by shaiay (#38775250) Attached to: Lawyer Demands Pacemaker Vendor Supply Source Code
Most devices that I know of need to pair physically with their programmer -- something needs to touch the skin above the implant to initiate communications.
At this range, the would-be-assassin can just as well inject something to harm a person, no need for sophisticated communication gear. (a PC analogy: if the PC can be physically compromised, using SSL to access gmail won't help you ...)

Comment: Re:makes sense (Score 1) 334

by shaiay (#38775214) Attached to: Lawyer Demands Pacemaker Vendor Supply Source Code
As someone working in implanted device development I can assure you that there are many regulations in place to guarantee that not much can interfere with your pacemaker.
For the specific case of shoplifting detector gates, there exists such labs as GTRI which has specific tests for them, and for other types on interference there are many standards (PC-69, EN-45502, and more).
Implanted device software is highly regulated and is developed and tested according to the relevant IEEE standards.
Also note that pacemakers are quite old technology ~1958 and quite mature. So, although it is conceivable that there are bugs in pacemaker software, please give the relevant hw/sw engineers some credit

+ - Report: Iran 'blinded' CIA spy satellite->

Submitted by shaiay
shaiay (21101) writes "Following the deluge of Iran military technological achievement stories, another achievement by the Islamic republic? From the biggest Israeli news site ynet: "European intelligence source claims Iran stuns West by 'aiming a laser burst quite accurately' at US satellite in never before reported incident. US official: If Russians provided Iran with sophisticated jamming equipment it means a lot else is at risk too""
Link to Original Source

Comment: Re:Evolution (Score 1) 283

by shaiay (#36685018) Attached to: Thunderbird Unseats Evolution In Ubuntu 11.10
The email calender connection is simple -- email is used for invitations. invitations to events are sent via email, and the invited parties can accept, decline and such, also through emails.

While this can be done using separate email and calendar apps, where the calender is a viewer for invites that the email app receives, and the calendar app sends invites/replies to invites directly using the MTA, it's much more convenient to be able to just be able to see the invite in the email app, see if it conflicts with an existing event, and click "accept" ro decline or whatever, all in the email app, in the message view pane.

+ - language for cross platform models?

Submitted by shaiay
shaiay (21101) writes "We are experiencing an explosion of OSs — GNU/Linux, android, IOS, windows etc... How do you code an application for cross-platform deployment?
The current paradigm in GUI programming is to use a Model-View-Controller (MVC) design. We are trying to design a cross platform application that will work at least on windows and android. The View is certainly platform dependent, and the Controller probably also. The Model however is, in theory, platform independent and should ideally be available as a library. But how do we implement a platform-independent library? Is there a way to code it once and compile on all platforms? a C library should work with windows and on android with the NDK, but how about using a higher-level language like python? does anyone have any experience to share?"

Comment: Re:Price £135 - Meh (Score 2) 182

by shaiay (#35077112) Attached to: DreamPlug ARM Box Brings Power To Plug Computing
1. I have an eepc 701, 2Gb SSD + external 2TB disk. It's running lenny, and It's been on for about two years, doing an rsync backup every night. I'm not sure what the power usage of this setup is since the eepc 701 is a celeron machine, which is not very energy efficient, and the the 2TB external disk has it's own power supply, but it does show that it can withstand being on 24/7

2. For a really cheap alternative, try buying an NSLU unit used (called SLUG by it's affectionados). it should be ~$20. It takes 5W! I run squeeze on it. I have one connected to an external 500GB 2.5" unit,. It uses only the 5W power supply. It's on 24/7 doing backups from gmail, and photo backups, and serves multimedia files via SAMBA. It is quite slow, but it does the work

3. Slightly higher power -- pogoplug at ~$50 on ebay. This should be fast enough and very low powered.

Comment: Re:Oh, I laughed when I read this (Score 1) 573

by shaiay (#35036228) Attached to: Spam Text Prematurely Blows Up Suicide Bomber
Actually it wasn't in a deserted road but in Talpiot commercial district in Jerusalem (See this report).
Because of the time difference it blew off an hour early which was (I think) 7:30am instead of 8:30am. 8:30am would have been a very busy time. at 7:30am it was quite deserted.
Also, there was no suicide bomber -- the car was left to blow up with a timer.

(null cookie; hope that's ok)

Working...