Forgot your password?

Comment: Re:I know you're trying to be funny, but... (Score 1) 455

by DarkOx (#47545565) Attached to: Linus Torvalds: "GCC 4.9.0 Seems To Be Terminally Broken"

Actually it just proves how valuable people think he is. Look at the rest of our society. We allow all kinds of people who are of some particular talent: athletics, musicians, actors, politicians, certain academics, and others get away with things the rest of us would surely be fired over and quite possibly prosecuted and imprisoned.

I am not say its a good thing, but our society in general allows individuals who attain a certain celebrity status a degree of entitled behavior and allowances are made when they break the 'rules' the rest of us live by. The more actual talent and the less 'replaceable' they are the more outrageous we let them behave. Some of them over step and hilarity ensues and others remain decent people and don't take advantage of their position at all.

Linus however is no different in this regard. He does it because he CAN get away with it. The rest of us ARE WILLING to put up with it; that has been proven over and over again. He knows how far he can go and does not go farther.

Comment: Re:I know you're trying to be funny, but... (Score 1) 455

by DarkOx (#47545445) Attached to: Linus Torvalds: "GCC 4.9.0 Seems To Be Terminally Broken"

I agree the major distributions have botched almost all of those. Can you site any MAJOR bugs in release ( ie even numbered minor version kernels without -rc etc on the end of them) that issues?

I can't recall any. Like any large complex software project Linux has had its share of bugs but I have been using it in various capacities for 15 years and I can't recall anything in a non-development release that made me go "Good God how did that get past QA".

Comment: Re:Simple, block all ads (Score 1) 83

It seems that a lot of internet companies make their money from adds. If this buisness model was so bad it would have stopped decades ago.

So how do you propose web sites to be funded. People don't like a pay wall, ISP will not pay you for their customers visit. If your site doesn't meet the need for the greater common good then you probably won't have the government or some other large grant funding you. However you have costs to pay for. The add model is the best we can get unless you know of some superior buisness model.

Comment: Re:I know you're trying to be funny, but... (Score -1, Troll) 455

by hairyfeet (#47544857) Attached to: Linus Torvalds: "GCC 4.9.0 Seems To Be Terminally Broken"
Torvalds has shown repeatedly he has ZERO professionalism and the fact that so many in the FOSS community make excuses for his childish amateur hour behavior is truly sad. There is NO EXCUSE for acting like a spoiled rotten 14 year old Halo player and the fact that Torvalds can continue acting this childish and get away with it is a pretty damning commentary on the Linux community and its support of diva behavior.

Comment: Re:Advertised on YouTube? (Score 4, Interesting) 83

The 'you can skip in 5 seconds' ads amaze me. Presumably the people using them know that they have 5 valuable seconds that everyone can see, yet they uniformly squander them. I've almost never seen an ad that tells me anything interesting in the first 5 seconds, which isn't that surprising, but it's really surprising to me that most don't even tell me what the product is. Several that I've seen use the first 4 seconds to fade from black, then get 1 second of something incomprehensible before I hit skip.

Comment: Re:umm duh? (Score 1) 173

by TheRaven64 (#47544353) Attached to: Dropbox Head Responds To Snowden Claims About Privacy

Please correct me if I'm wrong because I may not have imagined this system properly. I was thinking the idea was that you encrypt each file with a single unique key, and then to use a public-key encryption scheme to encrypt that key. You can then send the encrypted file and the encrypted key to another user, knowing that it will need that users private key to decrypt.

Every time you upload a file, you generate a random symmetric key. You encrypt the file with this key and the key with your public key. If you want to download the file, you get the file and the encrypted key and then you decrypt the key with your private key and then decrypt the file. When you create the account, you upload your public key.

When you want to share a file with everyone, with no access control, you download the encrypted key, decrypt it, and provide it to the server. The server can then decrypt the file.

When you want to share a file with a limited set of users, you download each of their public keys (which you can cache in the client) and the encrypted symmetric key, decrypt the key, and then encrypt it once for each user. They will then only be able to access it with their client.

I'm not sure who you're 'we' as in 'internet community' is. We do have standards and off-the-shelf libraries for everything required to implement this and others have done so in the past (one of my colleagues during her PhD did back around 2006, to give one example, others have implemented more complex and flexible schemes more recently). Note that this is the simple textbook scheme for doing this kind of system. It's been implemented before and doubtless will be again. If you check the research literature then you'll find more interesting schemes.

The only problem is if you want to be able to access it from the browser, without some kind of plugin (Google actually does compile OpenSSL with Emscripten to do ASN.1 parsing, but I wouldn't recommend using it for encryption).

Comment: Re:maybe (Score 1) 367

Right the entire conflict is evil and it needs to end, but for it to end the West needs to quit meddling and and the various Palestinian groups need to accept reality.

Its not the Wests fault for creating Israel. Sure we did but all throughout history wars have been fought and lines on maps have been redrawing various peoples have been pushed out of one spot or another by other groups. There has to be some statue of limitations on these things. 70 years on I think we need to acknowledge we are no-long responsible for the security of Israel ( that needs to on them now ) and we don't owe the children of the displaced Palestinian peoples anything either. Which leaves the situation like this:

Israel faces and existential problem. They can't appease the Palestinians without abandonment of the fundamental character of their nation. Nobody can reasonably expect a people to do that.

Hamas has and does advocate and conduct violence against Israel, the can and do hide weapons among their civilian population they have and will use their tunnels or any relaxed restrictions on the embargo to transport weapons or materials from which weapons can be made into Gaza.

The Palestinians face an existential problem, They can't make peace with Israel without surrendering what they believe to be their homeland; nor can they accept the status quo as a settlement neither of the current Palestinian territories is economically viable on its own. They cannot feed the people they have with their own production they cannot produce enough of anything else of value to purchase food, their existence is dependent on charity. They could not do this with open boarders either.

Nobody can expect the Palestinians to lie down and accept that.

Because the threats they face on their boarders Israel can't accept much movement where lines on the map are concerned and remain defense able. Its a fundamental impasse.

So every couple years we have these little dust-ups and thousands die and more end up suffering. Then some arrogant fools arrange another ceasefire thinking its humanitarian. Next various groups again in the name of humanitarianism provide food and energy to Palestine, which leads to another generation born into a community which cannot support them and life of no real opportunities or hope. Finally we repeat the bloodshed. Its stupid more people have died badly than if we just backed off and let Israel, the Palestinian groups, and the other local nations states just slug it out and finish things once and for all.

Frankly we should have recognized the coup that took place in Egypt and cut off the foreign aid and imposed an travel ban. If we had let Egypt collapse into a failed state (and it would without tourism and aide monies) it would give the Palestinian refuges some place to go or force Israel to fight a war that actually resolves the matter once and for necessitated by no longer having Egypt's assistance to keep arms out of Palestine. Maybe over a few decades a new stable system could emerge;

Rght now its just an endless cycle of violence and we are its enablers. I really believe the most humanitarian thing we could do is just resolve the get out of the conflict and stay out of the conflict no matter what.

Comment: Re:Thanks (Score 1) 362

Even with a tunneled VPN there is a lot of traffic shaping they could do that probably would not interfere with most online commerce and business users activities.

Web browsing is very busty. You simply allow full bandwidth when connections start. Then you count packets per second and packet sizes, which you can do encrypted or not. Unless deliberate steps to introduce noise are taken media streams are going to be characterized by relatively fixed size packets are fixed rates. Connections for things webpage loads or form posts and Outlook syncs probably will be in most cases to short lived for your analysis phase to complete and won't be affected at all.

Bigger file transfers (assuming you don't want to throttle them too) will in most cases show more variation in packets per second as network conditions change, because in most cases they running as fast as things will allow, wherever the bottle neck might be, unlike streams which are hopefully running at a negotiated rate that is fully sustainable.

Comment: Re:S'not Wooden (Score 1) 79

by jesse (#47539713) Attached to: A Warm-Feeling Wooden Keyboard (Video)

Hi @dotdancohen, We're using Matias Quiet Click switches. We're definitely aware that different folks have different preferences and assuming we can make the numbers and logistics go, we hope to offer several other Matias Alps options including their louder variant.

The ÂTron isn't for sale. (Nor is the Fingerworks or any of the other weirder stuff.)

I'd love to hear/read more about the leather keycaps.

And yep, I've actually been documenting my prototypes on GH :)

Comment: Re:Thanks (Score 1) 362

Right because there is no way a little traffic analysis can't tell the difference between some typical GET and POST request sent on an SSL channel and video stream. /sarcasm off

It might be slightly harder to tell the difference between a video stream and a large file download but by no means impossible. You can do this much with (relatively) inexpensive COTS routing and fire-walling equipment now.

Nope just SSL or just tunneled ipsec for that matter won't cut it; you going to have to put some traffic analysis thwarting measures in there too, which means even more waste than the tunnel overhead. So ultimately VZ is making things worse for themselves in terms of network traffic, unless they are only going to allow busty stuff like webpage downloads.

Still even the typical slashdot'ers home setup is very much on the losing end of the arms race as things stand today. The only reason VPN success is VZ isn't really trying that hard.

Comment: Re:umm duh? (Score 1) 173

by TheRaven64 (#47539311) Attached to: Dropbox Head Responds To Snowden Claims About Privacy

then you may as well just give the server the AES key and ask it to decrypt the file

But in that model, if "the server" has the key, wouldn't Dropbox have the key? I thought that was the whole thing people were freaking out about.

No, you'd have the key. If you wanted to share the file publicly, then there's no point in keeping it encrypted, so you'd provide the server with the key and it would decrypt, saving you the cost of downloading and reencrypting.

I understand what you (and the AC) are saying about storing an encrypted key on the server, and then re-encrypting the key for each new user you'd want to share with. That's a clever arrangement and I admit that I hadn't thought of it, but it still seems like it has the potential to create more complexity than most people want to deal with. It still means you need to manage various encryption keys, and we (Internet culture) seem intent on not developing a coherent system for managing encryption keys.

The client just needs one key, the RSA (or equivalent) public key. You'd need to copy this between devices, but it's relatively small (under 1KB). It's small enough to fit in a version 40 QR code quite easily, so you could set up mobile devices by displaying the QR code on your laptop screen and point the mobile device's camera at it, if you don't have any sensible way of transferring files between devices. The client then has to download the file and the associated key, decrypt the key with the locally-stored key, and then decrypt the file, but that's not something that's exposed to the user.

"Indecision is the basis of flexibility" -- button at a Science Fiction convention.