Forgot your password?
typodupeerror

Comment: Re:I know you're trying to be funny, but... (Score 4, Insightful) 704

by tero (#47545045) Attached to: Linus Torvalds: "GCC 4.9.0 Seems To Be Terminally Broken"

Did you actually read the thread?
You know, where Linus tracks down the thing and collaborates very professionally with other devs?

Yes, he uses harsh language at times, but who the fuck doesn't. He does not work in enterprise environment, it's his own mailinglist.

Comment: Re:still speculation (Score 5, Interesting) 475

by tero (#47143119) Attached to: The Sudden Policy Change In Truecrypt Explained

Two guys - working working over a decade without funding etc.

Ennead was 29 in 2005 (http://www.wolfmanzbytes.com/windows/70-truecrypt-encryption.html) and they obviously developed it on their freetime.

Fast forward from that to today and you got couple of middle-aged devs, probably with more demading careers and perhaps even families and maybe with young kids.

They started it as a Windows project, when Windows was...a completely different beast than it is today.

It's no wonder TrueCrypt didn't get very many (any?) releases in the past couple of years.

It's certainly a very interesting way to exit stage.

Comment: Re:still speculation (Score 1) 475

by tero (#47142915) Attached to: The Sudden Policy Change In Truecrypt Explained

It's just his page, read the actual quote I referenced, it's nothing to do with Steve Gibson - he is just quoting two people on twitter.

Bottom line - we have no evidence of warrant canary or "dev rage quit".

Also: https://twitter.com/0xabad1dea...

Personally I'm more inclined to believe the devs calling it than any NSA scheme, but again.

No. Evidence.

Comment: still speculation (Score 4, Informative) 475

by tero (#47142619) Attached to: The Sudden Policy Change In Truecrypt Explained

According to this page - someone e-mailed a dev contact and claims they called it quits due to lack of interest

https://www.grc.com/misc/truec...

(Scroll to the bottom, the green box).

The only real "confirmation" we have is the info on the TrueCrypt page. It's over (no matter what the reason is), best to move on.

Comment: Re:Fishy (Score 1) 566

by tero (#47117015) Attached to: TrueCrypt Website Says To Switch To BitLocker

Seriously, if it's FOSS, doesn't that mean anyone can take the TrueCrypt code and do with it what they will?

Yes, but TrueCrypt has never been FOSS and by the looks of it never will be. It has always had it's own license that contained distribution and copyright-liability restrictions.

It's never been accepted as "open-source" by OSI.

Comment: Re:All part of the plan. (Score 3, Insightful) 327

A lot of browsers are to blame for this. Both Chrome and Firefox place a big search bar in the middle of the screen and put it in auto-focus as soon as the browser starts.

Firefox gets most of its funding that way (ironically from Google) and Google gets to harvest our searches in both cases.

It's a browser UI issue, not a user issue.

Comment: it's a good effort (Score 5, Interesting) 379

by tero (#46798647) Attached to: OpenSSL Cleanup: Hundreds of Commits In a Week

Right now, I think the team is mostly focused on having "something usable" in OpenBSD and I doubt they care too much about anything else outside their scope.

Having said that - forking OpenSSL to something usable and burning the remains with fire is a great idea, however there is considerable risk that the rush will cause new bugs - even though right now those commits have been mostly pulling out old crap.

Fixing the beast is going to take a long while and several things will need to happen:
- Upstream hurry to put more crap into the RFC needs to cease for a while. We don't need more features at the moment, we need stability and security.
- Funding. The project needs to be funded somehow. I think a model similar to Linux Foundation might work - as long as they find a suitable project leads. But major players need to agree on this - and that's easier said than done (who will even pull them to the table?)
- Project team. Together with funding, we need a stable project team. Writing good crypto code in C, is bloody hard, so the team needs to be on the ball - all the time. And the modus operandi should be "refuse features, increase quality". Requires a strong Project Lead.
- Patience.. fixing it is a long process, so you can't go into it hastily. You need to start somewhere (and here I applaud the OpenBSD team), but to get it done, assuming that above is in place - expect 1-3 years of effort.

Comment: Re:And the attempt to duplicate their efforts resu (Score 3, Insightful) 448

by tero (#46733583) Attached to: Commenters To Dropbox CEO: Houston, We Have a Problem

USA had absolutely no grounds to remove Saddam Hussein from the power.

The only reason they received U.N mandate is because they fabricated the WMD evidence and outright lied at the hearing.

On top of it they captured people - detained unlawfully without a charge or trial and tortured during their captivity.

Condi Rice and the rest of the Bush Jr. administration should be tried for their crimes.

To understand a program you must become both the machine and the program.

Working...