Follow Slashdot stories on Twitter


Forgot your password?

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).


Comment: Re:Dear Michael Rogers, (Score 1) 399

by whoever57 (#49123593) Attached to: NSA Director Wants Legal Right To Snoop On Encrypted Data

(e.g. "Hey, you might want to keep an eye on those Tsarnaev brothers -- see attached description of the stuff they were doing while they were still here in Russia.")

With my most elaborate tinfoil hat on, I wonder if the FBI delberately did not stop the Tsarnaev brothers.

In what field does one get more resources because you failed? Perhaps some people think that the price of the FBI having better tools (and the rest of us having less privacy) is the death of a small number of people at a high profile event?

Perhaps someone thinks that the price of stopping the next 9/11 plot is to let a smaller plot go ahead.

Comment: Re:"Fairness" (Score 1) 303

by whoever57 (#49112549) Attached to: Pandora Pays Artists $0.001 Per Stream, Thinks This Is "Very Fair"

the songs I hear on Pandora are often ones I've never heard before. I've bought CD's based on its generated recommendations

I have "trained" Pandora such that it doesn't play anything new any more. However, in the process of "training", I did find quite a few new artists and bought CDs or MP3 downloads.

Comment: Re:Soo soo tired..... (Score 2) 143

I mean, it's important and all, but there's different levels of issues. Heartbleed and shellshock are one thing- this is a sketchy manufacturer doing something sketchy.

Did you miss the part about how this software breaks the whole certifcate validation process? This is worse than Heartbeat for anyone who has an infected laptop. Any HTTPS website can masquerade as another HTTPS website and, because of the way Superfish works, the browser won't detect anything wrong.

Comment: Re:What about the online use of these cards? (Score 1) 448

by whoever57 (#49085197) Attached to: Credit Card Fraud Could Peak In 2015 As the US Moves To EMV

Great question! I had wondered about this myself - How does C&P really make the card more secure if you still basically just need a photocopy of it to use it? Or do they have an entirely different mode of operation when used online (like easy generation of disposable one-use card numbers)?

If I want to send money from my UK bank account to a destination account that I haven't sent money to recently (using the bank's website), I have a little card reader that reads my card, validates the PIN (offline) and then processes a number from the website into a response that I put back into the web page to validate that I have the physical card and know the PIN.

Comment: Re:someone explain for the ignorant (Score 1) 448

by whoever57 (#49085095) Attached to: Credit Card Fraud Could Peak In 2015 As the US Moves To EMV

Your next creditcard (in a couple years) will probably have a chip-and-pin system,

My Citibank card (issued a year or more ago) has a chip, but it's not a chip-and-pin card: it's chip-and-signature. That's right, push the card into a chip reader (not in the USA, naturally) and the machine prints out a form to sign.

Comment: Re:Is This a Pump And Dump Press Release? (Score 2) 73

by whoever57 (#49068133) Attached to: Cellphone Start-Ups Handle Calls With Wi-Fi

I have a T-Mobile phone with Wi-Fi calling; it keeps turning the feature on by itself; and it sucks with dropped calls continually.

T-Mobile has had this service for years, and it used to work really well. In-call switching between cellular and WiFi, etc..

My current phone has the same feature, but I can set it to use the cell network if possible and only make calls over WiFi if the cell network isn't available. Because of this setting, I don't use the WiFi calling very much, but it is great for making and receiving calls while abroad without paying huge roaming fees.

Comment: Re:What do you mean, modern? (Score 1) 716

by whoever57 (#49035693) Attached to: Is Modern Linux Becoming Too Complex?

Each entry is digitally signed with the hash of the previous entry. So any attacker that gets root can rewrite an entry, but in order to make the digital signatures pass verification he's got to rewrite the digital signature ....

Or, I could just send the logs to a remote, hardened log server so that an attacker has no way to modify the logs immediately prior to the compromise.

Technology is dominated by those who manage what they do not understand.