Please create an account to participate in the Slashdot moderation system


Forgot your password?

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).


Comment: Re:I don't get why there needs to be anything to b (Score 1) 45

by thegarbz (#49364397) Attached to: Australian Government Outlines Website-Blocking Scheme

The classic problem with all distributed tech is the initial connection. The pirate bay is on the end of a magnet link? Then why not attempt to block all references to the magnet link.

For each distributed system you need some place to start unless you think spamming random IP addresses on the internet hoping for a bite would be a good use of time and bandwidth, something that would also effectively become impossible with IPv6 address space.

Comment: Re:What really is happening? (Score 1) 179

I bet your console is reporting to the mother-ship or something.

This much is plainly obvious. They don't even try to hide it. An update for the Wii-U added quick load to the console, but the same update also added adve... .I mean "special offers". I could walk past the Wii one day and see no signs of life. Walk past it the day after and the home key on the remote is flashing blue telling me that there's an adve.... notification from the console.

I would be very surprised if the PS4 and Xbone didn't also call the mothership.

Comment: Re:Duh (Score 1) 23

by thegarbz (#49352545) Attached to: 'Bar Mitzvah Attack' Plagues SSL/TLS Encryption

Well part of the problem is screwing backwards compatibility with older clients. I mean I personally have secured my website with SSL to the nth degree, but I can't even access it with IE8/9 on a Vista machine and that's a browser. Imagine the amount of older software that wouldn't work if we removed every cipher on a whim.

Comment: Re:Yes, but.... (Score 1) 257

by thegarbz (#49349977) Attached to: Generate Memorizable Passphrases That Even the NSA Can't Guess

What about the sites that restrict the length of the password? The only thing I have to say to them is, "You're doing it wrong".

There is something deeper behind this. There is no technical reason why password length should be restricted as the resulting hashes are the same length effectively. Every time I see a max password length I can't help but wonder if the reason is limited space in a database column and that some braindead idiot is storing the passwords in plaintext.

Every time I come up with a password that has a maximum entry I ensure I use a strictly unique password.

Comment: Re:Duh (Score 4, Informative) 23

by thegarbz (#49349955) Attached to: 'Bar Mitzvah Attack' Plagues SSL/TLS Encryption

The flaws in RC4 have been known about for a long time but were thought irrelevant in the scheme of SSL/TLS to the point where RC4 was the preferred cipher suit only a few years ago as it was one of the few that were able to mitigate the BEAST attack. So the GP's comment that there's no surprise since RC4 has been known to be weak for a decade isn't quite the full story.

It was only in 2013 where RC4 became strictly taboo for use in SSL/TLS with the exposure of new exploitable vulnerabilities on top of the several previous weaknesses identified, and last month RFC7465 effectively banned the cipher's use in TLS.

Comment: Re:Never going to happen (Score 5, Insightful) 137

That's the thing about harmonisation of disperse markets, for every simple example of a drawback someone will come up with an example of an improvement. Regulations typically don't just magically appear, but are rather a reaction (often a knee jerk reaction) to a specific problem. Your example is good because it highlights some serious issues at both sides. For instance the increased overhead now placed on farmers, but at the same time the increased assurance placed on the customers and the government that everything is done as it should be. I.e. you know the bottle was cleaned properly before you used it, the government knows the measured quantity of goods changing hands for taxation purposes. The poor may be hard done, but they are also the ones reasonably protected.

Now this may or may not be the case here, but in a general sense this is where these ideas often come from.

Comment: Re:caveat emptor (Score 1) 264

This notion that people have perfect access to information to make perfect choices is completely bullshit when the only sources they have available to them are dishonest

I would go one step further. I don't believe we have perfect access to information in the west. Nothing is without bias, even if it's the unintentional bias introduced by human behavior in a perfect review system, e.g. 10 dissatisfied customers will speak out for every 1 satisfied customer which dramatically skews review systems.

Perfect information does not exist in the West even with lots of access.

Comment: Re:Do It, it worked in AZ (Score 1) 875

by thegarbz (#49341717) Attached to: Gen Con Threatens To Leave Indianapolis Over Religious Freedom Bill

you're in favour of slavery

Nice try, but being subject to non-discrimination is not the same as slavery. Slavery would be forcing the printer to do something that he wouldn't otherwise do for anyone else under the same conditions. If the picture of George Washington is the same when given by the KKK member as it is the local black kid, then forcing you to do business with one and not the other is nothing at all like slavery.

Comment: Re:Hmmm (Score 1) 262

by thegarbz (#49341679) Attached to: RadioShack Puts Customer Data Up For Sale In Bankruptcy Auction

It's not my responsibility to keep up with internal corporate policies for retailers.

And in that regard there's no responsibility placed on you, but if someone has gone to reasonable effort to make you aware of their policies before you enter then by entering you are in fact bound by them. I.e. a sign at the door saying your bag will be searched on the way out. I'm not sure exactly where you live but this type of condition has been enforced legally in every country where it's been used.

Comment: Re:Hmmm (Score 1) 262

by thegarbz (#49341669) Attached to: RadioShack Puts Customer Data Up For Sale In Bankruptcy Auction

Nope. I paid for the products and they have no right to search me.

Actually the law disagrees with you depending on what efforts the store went to to inform you that you will be searched on the way out.
If they did inform you with for instance a sign on the doorway on the way in, then your rights end with choosing not to go in the store.

You only ever need a choice. But the choice only needs to be provided once with reasonable notice.

"Mach was the greatest intellectual fraud in the last ten years." "What about X?" "I said `intellectual'." ;login, 9/1990