Slashdot videos: Now with more Slashdot!

Pray that you never get a federal job. OPM conducted my background investigation for a security clearance. My two-hour routine interview turned into a four-hour nitpicking interview. Being single and staying in the same studio apartment for nearly ten years was considered odd. Working a weekday job and a weekend job for a year, and having multiple overlapping contract jobs for several years, was odder. Not being able to remember every detail of every job I had to take since the Great Recession was oddest. When asked if you're going to commit terrorist acts against the U.S.A., always tell the truth.

Again, any algo considered secure today may be rendered useless by a discovery tomorrow. That's the nature of cryptography. Time and again we have seen that what we considered "unbreakable" (within reasonable time) offered some side channel attack or an implementation flaw (or worse, as in SSL3, a design flaw that CANNOT be patched) that turned it into a useless waste of computing cycles.

You cannot "promise" that whatever protocol, implementation or procedure you offer will be secure for the next X days/weeks/years with absolute certainty. Hell, given what went down within the last 12 months, anything could blow up tomorrow.

But until it does, it is secure. Security is a bit like a scientific theory. Sound and solid and true and real... until someone comes in and proves it wrong.

How much?
and
What MEPs?

Free roaming SOUNDS nice, but it's not really a good idea for the average person.

Face it: Telcos will want to retain their revenue. One way or another. And if roaming is cut, something has to pick up the slack.

And now ask yourself who would benefit from calls across Europe costing the same as domestic calls. Hint: It ain't gonna be you with your 2 weeks vacation abroad.

People lie. People lie under oath. Why the fuck should the waiter care about the perjury? There is nobody who could prove him wrong. And it only increases his credibility because, hey, who'd imperil his liberty over something as trivial as just keeping his job?

You would neither be the first nor would you be the last innocent person behind bars because it would have inconvenienced someone to tell the truth.

Anyone found in willful and deliberate violation of the GPL showed that they have no interest in copyright or its protection. Hence they implicitly and irrevocably agree that they will not pursue anyone violating their copyright.

That should take care of this pretty quickly. You don't even have to look for GPL violations in products anymore, corporations will do that for you in the products of their competitor, hoping to kick them out of the market that way.

You'll have a hard time proving in a court that you made a reasonable attempt to pay. Judges tend to go by occam's razor, and what's more likely: You bailing after eating 'cause you can't / don't want to pay, or the waiter refusing to take your cash?

No, a true Canadian would proably say "Sir, if it would not be too much of a burden to you, may I ask you to refrain from trampling on my freedoms, eh?"

Because clients are run by idiots. Sorry, but it's true.

Clients are run by people who look at the funny acronyms and you can watch their eyes glaze over. If they know anything about it, they will know that there are keys and these keys depend on how big the number next to them is. That there are symmetric and asymmetric keys and that 512bit can be a LOT if it's symmetric and insignificantly little if it's asymmetric is already something you won't be able to teach them.

So configure your servers, people. Configure them to ONLY accept sensible ciphers. Yes, that means that people with Internet Explorer 5 might not be able to use your page. Then inform them to fucking get a browser that was made in this millennium! These people are a security risk and bluntly, if you want to do business with them, you do not want to do business with me.

Or at least I don't want to do business with you!

One set of algorithms, good for the lifetime of the device... hmm... you mean, like, say, SSLv3 until about 6 months ago? If we hadn't found POODLE, it would still meet all criteria for a good, secure algo for the foreseeable future. At the very least for the lifetime of any device build within the last year (until about 6 months, of course).

There is no such thing as "guaranteed to be secure for the lifetime of a device". All it takes is to find a fundamental flaw in the algorithm (like, well, POODLE) and what was supposedly bulletproof for the next few decades crumbles like a house of cards the next day.

Because there's still a difference if the local police department has a key to your house or whether the lock is easily picked with a coat hanger without leaving any traces of trespassing.

You see, it's not ONLY the government that's out to get you.

Yeah, 'cause it's so much better to let the trolls troll.

"The wiser head gives in" only means that the assholes get their way. Nothing else.

What the fuck does Germany have to do with the whole deal?

And what do you think would happen? The GA could draw a gun and cap him right in the court room and NOTHING would happen. Who would, could stand up against it?

And just as with dealing with Lucifer, you should read the fine print. Yes, they will head the contract. But I wouldn't put it beyond them that they'd claim he somehow did something wrong and hence the contract is null and void as soon as they can grab and pin him.