Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).


Comment: Re:stupidly weak (Score 1) 257

by vux984 (#49352141) Attached to: Generate Memorizable Passphrases That Even the NSA Can't Guess

You are looking at it wrong.

No. I'm not. You disagreed with me, and then made exactly the same argument I did. I even agreed that 6 word passwords was equal to roughly 16 characters. So what are you arguing with me for? Reread my post.

Even at the minimum length of 27 chars, you are looking at a maximum combination of 1.7190708e+27. Where you to just use a-zA-Z0-9~!@#$%^&*()_+ you could have the same level of brute force complexity with 15 chars.

I know that. The advantage of a 6 word password over shit like this:a-zA-Z0-9~!@#$ is that you can actually easily remember it; and most of us can type it faster too despite the longer length.

You are wasting a pretty substantial portion of value for each character you need to type by using a word list like this.

Are we that tight on RAM or something? Its easier to remember and faster to type and just as secure. Who cares if its extra 16 bytes?

Comment: Re:Hack for a shitty law (Score 2) 122

by vux984 (#49350465) Attached to: Australia Passes Mandatory Data Retention Law

If you are not being paid to be a journalist or paying someone to be a journalist then you are not a journalist, and warrants are not required, under this law. A subtle and deliberate difference.

If you are collecting ad revenue from your blog, that's good enough to make a hobbyiest a "commercial drone operator" subject to FAA regulations in the USA. Maybe that'll work for "journalists" in Australia.

Comment: Re:Advert for Razer? (Score 1) 199

by vux984 (#49350409) Attached to: What Makes the Perfect Gaming Mouse?

Sounds you got a mouse that defaulted to "left-hand mode." I bought a Razer "left-handed" mouse which was pretty much identical to the right-handed version, but with different button-mapping defaults.

I'm trying to parse your message but can't.

My mouse (DeathAdder Left Handed) by default is a perfect mirror image of the RH one. And that's the problem; its fine ergnomically; but the button physically on the left side, by default registers as the Right Mouse Button and the one physically on the right side registers as the Left mouse button ... which I find to be patently idiotic. I can (and do) switch them in the Razor software, but their are times I want to use the mouse without the Razer software (bios, safemode, tempoarily with a laptop etc and its a PITA.

If lefties really are evenly split on which button should be which I'd suggest either the mouse be configurable at the mouse firmware level on that setting so that its "built into the mouse", or that it have a physical little switch on the bottom to set it one way or the other.

But I suspect most lefties are like me, and expect the button physically on the left of any mouse they use to BE the left mouse button; and the right to BE the right button.

What razor mouse did you buy? And how were the button mapping defaults "different"? How was yours different from mine?

Comment: Re:Symmetric mouse (Score 1) 199

by vux984 (#49350331) Attached to: What Makes the Perfect Gaming Mouse?

Of course a game can do anything it wants with multiple input devices.

Right, of course. But

a) no game actually does support it directly that I've ever seen.

b) i doubt any game engines have support for it so you'd be working outside the engine which is usually a PITA; if you are using the engine to provide all your other input primatives and events and would make developing support for it at the game title level highly unlikely.

Comment: Re:stupidly weak (Score 1) 257

by vux984 (#49350085) Attached to: Generate Memorizable Passphrases That Even the NSA Can't Guess

1 letter vs 1 word is not practically the same thing. There are 26 letters 10000 words in the average dictionary for this purpose.

a 6 word passphrase chosen randomly from a 10k word dictionary; is essentially choosing 6 letters at random from a 10,000 letter alphabet.

6 random dictionary words, spelled correctly, single space between them, is as secure as selecting 16 letters randomly. (10^24 possibilities) about 80 bits that's pretty reasonable.

And much easier to remember.

And its actually several orders of magnitude more secure than that if your attacker doesn't know your password generation method; which in most cases they don't.

Comment: Re:Advert for Razer? (Score 1) 199

by vux984 (#49349227) Attached to: What Makes the Perfect Gaming Mouse?

Sure, if this is for reals I'll bite.

I went through three copperheads over a couple year period, now discontinued; the buttons gave out. Instead of a crisp click that worked anywhere on the button, it got 'soft' and unreliable. Old product, old news, hope you got whatever the issue was sorted on new units. I haven't had trouble with my current death adder.

I use a deathadder LH ergo now.

But as it is now, its still on your site if you search for it, but its not easy to find. If its not selling well, that might be part of it :(. It also doesn't look like you've made the successor the death adder chroma available in LH form factor. Too that's a shame; I'd buy one.

Beyond that: feedback:

Quite like it. Comfortable; but wish it had a a couple more usable buttons.

Only one of the 2 thumb buttons is really usable. I hold the mouse too far back to be able to reach the forward thumb button. I wonder if that's a common complaint?

And I'd LOVE to see the market research / focus group data etc that led you to have it default to the right mouse button being the "left click" *button 1"!!!

As someone who grew up in a world of universal and RH ergo mice, the left mouse button has always been the Left mouse click "button 1"...on every mouse ive ever laid a hand on; it seems absurd to me that any mouse would ship with them reversed by default; even on for LH users.

Sure I can swap them in the software, but its still annoying; since they'll be wrong in BIOS/UEFI, or if boot to safe mode, or with linux live CD, etc... maybe I'm the oddball who uses mouse left handed, who wants the left button on the mouse to be the left button click event but I truly find it hard to believe.

If the deathadder LH is on its way out that's a shame. I'd definitely be interested in an LH mamba or LH deathadder chroma than the Naga; I might try a Naga LH; but I can't imagine needing or wanting the thumbnumber pad. Maybe its one of those things you love once you try... but I haven't taken the plunge... and its bit much $$$ to just order online to find out. And I've never seen one open in store to play with.

Comment: Re:Symmetric mouse (Score 1) 199

by vux984 (#49348591) Attached to: What Makes the Perfect Gaming Mouse?

On the other hand as a left handed person; right hand ergo mice are useless; and its frustrating to see the majority of high end stuff is right hand ergo.

And any desk that's used by multiple random people should have a universal mouse because while you might whine about using a universal mouse imagine how annoying it would be to sit down at a desk with a LH ergo one!! That's what I deal with all the time with ergo right mice.

For gaming at my own desk, I'd buy near the top end if they made them but they don't. They are all RH ergo. I'm generally forced to buy lower tier stuff that available in universal form factors.

Razer makes a couple LH ergo units though, and I'm actually using their DeathAdder now myself as my preferred mouse; but again more because its slim pickings than because i think its the best mouse on the market. It might well be the best LH ergo mouse on the market though; and I am pretty happy with it.

Logitech used to make one MX 610 left handed but it was really far down the line as far as quality and it was nearly junk as a gaming mouse. (fucking thing had alert LEDs for im and email... yeah. they made exactly one LH ergo mouse ever and its pathetic crap like that.)

I realize LH ergo is going to be at most 10% of a niche - a niche within a niche; but I'm still surprised at the near total dearth of decent LH ergo options.

I'm also surprised at the tendency for LH ergo mice to have the Right and Left mouse button flipped by default. How many LH people actually swap the mouse buttons?? I spend enough time using random and shared computers that the left mouse button is the left mouse button and I click it with my middle finger.

When I use my LH ergo mouse at home, I don't want the everything backwards, I want the left mouse button to be the left mouse button and the right to be the right. Do the majority of lefties really swap the buttons? Unfathomable to me.

Comment: Re:Hopefully logic and reason will win this time (Score 1) 166

by vux984 (#49334091) Attached to: The X-Files To Return

Imagine a show where, at the end, the weird supernatural was always explained by rationality. That's a show I'd like to watch, and it would be educational, too!.

Castle is more or less that; although the show as a whole is not really to be taken seriously either so I'm not sure I'd call it educational... but at least it knows its not a serious show and doesn't take itself too seriously either.

Unlike, say CSI which gradually turned from a fairly neat sherlock holms-ey style science based detective show at the very beginning to a really unwatchably bad soap opera with unbelievably bad science that took itself so seriously that the unbelievably bad science and general overall absurdity just couldn't be overlooked or forgiven.

Comment: Re:Are the CAs that do this revoked? (Score 1) 133

by vux984 (#49331525) Attached to: Chinese CA Issues Certificates To Impersonate Google

The cert is as secure as the cryptography and implementation.

The point however, is that, as implemented, if you trust verisign as a root CA for any domain; then you trust verisign as a possible root CA for ALL domains.

Including your own private domain, the one you signed yourself, and installed your own certificates for.

The trust is up to you, not some web of "authorities".

But you and I when presented with a self-signed certificate on the world wide web are not generally in a position to have any information at all whatsoever whether to trust it or not.

The web of authorities may be broken and unreliable in edge cases; but taking them out the equation and saying "the trust is up to me" is meaningless ... if I browse to how am I supposed to make an informed decision whether to trust the cert or not? Putting the decision in my hands is useless if I can't make an informed decision.

Comment: Re:Are the CAs that do this revoked? (Score 2) 133

by vux984 (#49330871) Attached to: Chinese CA Issues Certificates To Impersonate Google

Self-signed certs are much more secure than anything stamped by a CA.

Agreed, sort of. Its true ONLY if you load the client browser with the cert. There no security at all in being presented an arbitrary and here-to-for unknown self-signed-cert when browsing the the web, which means self-signing is suitable for managing your own users securely; more securely than than using the major roots.

But -- one -- unless you actually remove the major roots; and we assume they're compromised then they can still present valid certs for your stuff - so switching to self signed doesn't really get you much security in that case. Because few of us can really afford to realistically pull all the major root authorities out of our browsers. If I normally self-sign my-private-domain; and then access it from my-laptop with my certs preloaded -- I can still be MITM'd if bad-actor can drop a versign signed cert or my domain in front of my browser -- I won't catch that unless i inspect the cert manually each time i visit; or I pull verisign out of my browser -- neither is convenient.

And two -- self signed is useless for securing the public web. After all, if I browse to your-domain and get presented a self-signed certificate how do I know its from you? I could be looking at ANYBODY's self-signed certificate for your domain. That's far worse than the current root-CA situation where at worst a small number of entitties can impersonate me... as opposed to absolutely anybody using self-signed certs.

Comment: Re:Bad Idea (Score 1) 160

by vux984 (#49330545) Attached to: Energy Company Trials Computer Servers To Heat Homes

A server needs a regulated environment not 110 degrees in the summer and -10 in the winter

I keep my furnace and hot water tank in a dedicated room like most people. There aren't ever 5 year olds and hot chocolate in it.

It also tends to be pretty constant temperature; not ranging wildly from 110 to -10 on any scale.

It needs humility and dust control.

Honestly even average smb server rooms/closets lack anything beyond rudimentary ventilation.

No competent insurer would even give insurance for commercial server in a residential house.

Yet they'll insure a $10- $20,000 worth of home theatre gear in the living room without batting an eyebrow. I'm pretty sure they won't blink at a couple feet worth of cheap dell blades in a dedicated ventilated room.

There is no economical way to distribute servers into residential houses

Maybe. Maybe not.

I'm a bit confused as to who owns the servers and processes on them here; and who would be willing to have a server in such an environment. (I mean... if I fire up an amazon cloud server I don't really care where it is... but that's still under the assumption that its in a proper secured data center somewhere and not in joe the hackers basement...

But for big data / open computing clusters working on weather simulation for public universities etc... then yeah, there probably is a market for cheap computing server power or perhaps a virtual host for your cat's blog ... where you don't care in the least even if it might be in joe-the-hackers basement.

Comment: Re:froggy? snazzy? Your adjectives are painful (Score 1) 252

by vux984 (#49292853) Attached to: Ask Slashdot: Building a Home Media Center/Small Server In a Crawlspace?

Reason I mentioned it, is that it happened to me. Some sort or hard drive failure during the backup. Main drive was ruined, and the backups having not completed were useless.

Had to pay $800+ for one of those data recovery companies to work on, transplant the platters to a different mechanism in a clean room deal.

Comment: Re:froggy? snazzy? Your adjectives are painful (Score 1) 252

by vux984 (#49288301) Attached to: Ask Slashdot: Building a Home Media Center/Small Server In a Crawlspace?

. I know someone who just duplicates his array to a second set of disks once a month. If he's not doing the backup the disks are in the safety deposit box.

So if something goes badly wrong with the computer during the creation of the backup set, he's got nothing.

If you one is going to the trouble of a safety deposit box. Have at least 2 separate sets of disks in it, and rotate which set you use from month to month. That way all 3 sets are never in the same place, and NEVER all hooked up to the same computer at the same time.

"One Architecture, One OS" also translates as "One Egg, One Basket".