Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror

Comment: Re:Linking ID to Hardware (Score 1) 178

by whysanity (#41531041) Attached to: Graphics Cards: the Future of Online Authentication?

Not necessarily. Think about the implication of the hardware acting as a "something you have" token in two-factor authentication. Today, a common implementation is to prompt for additional information or receive an email/text to confirm identity before setting a cookie to allow the particular device to be recognized.

Doing the same with a unique profile of the hardware would allow that device to permanently exist as one part of two-factor authentication, with a password being the other piece. This would--by far--be the most common use case. A friend borrowing your computer? They could log into their account with a simple email/text verification (a la Facebook) and their standard credentials. But since you've already tied that hardware to your account, you get to skip that step.

It needn't be all doom & gloom. There are practical applications.

+ - What do you position between SSO and directories to allow password self-service?

Submitted by ToadMan8
ToadMan8 (521480) writes "My large public .edu is moving to http://en.wikipedia.org/wiki/Central_Authentication_Service for single sign-on. User information is stored in Open LDAP, Active Directory and other back-ends, none of which are considered authoritative. We are currently using a 10+ year old home-grown solution in between CAS and the directories to force users to change passwords, enforce password policy, provide password change/recovery self-service, display user agreements, etc. We wish to improve our password recovery self-service, and are trying to decide whether to request bids for custom programming or to find a commercial product. So, how do others handle this?"

Comment: One small problem... (Score 2) 969

by whysanity (#39377041) Attached to: Bring Back the 40-Hour Work Week

I don't expect many people would disagree with the assessment, except those pesky "people" called corporations. For many companies, their workforce is paid a flat salary and any concept of "overtime" doesn't mean more money paid out, let alone time and a half.

To hire an extra worker for those extra hours means spending more money, something that does not align with the capitalistic goal of earning as much as possible.

Comment: Flaw summary (Score 4, Informative) 49

by whysanity (#37571750) Attached to: Security Flaw Bypasses AT&T Samsung Galaxy S II Screen Lock

FTA: "If you have a PIN or an unlock pattern set, all you have to do in order to bypass it is simply tap the lock button to wake the display and then let the screen time out and go black. Tap the lock button again and low and behold, the unlock screen is gone and the phone can be accessed with no PIN or pattern input whatsoever."

Comment: Re:Stick with two bags (Score 1) 282

by whysanity (#37095920) Attached to: Ask Slashdot: Laptop + DSLR Backpacks

Just because you can't see the argument for a single bag doesn't mean that there isn't one. For example, when I recently traveled to Peru, I rarely let my backpack out of sight—I didn't random hostels enough to leave thousands of dollars of equipment there, nor did I have a vehicle. That said, I did very well with a single piece of luggage, the Calumet BP1500 Large Backpack. It fit my 13" Macbook Air (with plenty of room for a larger laptop), my DSLR with a couple lenses and requisite accessories, in addition to clothes and whatever else I needed to survive for 10 days. All with enough space to bring back souvenirs.

The simplicity of a single bag was a boon when cramming myself into a taxi colectivo for 2 hours with a dozen strangers. Honestly, I'm not sure there would have been room for extra luggage.

As for the author's request, most details can be found on the product page, but in my opinion, the best part of that bag was having a hip belt to take the admittedly heavy load off my shoulders while hiking.

Comment: Re:Yes (Score 1) 318

by ToadMan8 (#36999678) Attached to: Are 'Real Names' Policies an Abuse of Power?
I find product reviews made by different people who have done other product reviews on disparate types of goods much more valuable than product reviews on a website where users can make up names. I can think of other examples where, as a consumer of products and information on the Web, I appreciate the use of real names. Sending someone money would be an example, instead of sending money to some random email address.

Comment: Re:I stopped flying. (Score 1) 373

by ToadMan8 (#36461824) Attached to: Checkpoint of the Future Coming Soon To Airports
I believe our club pays a couple hundred bucks per month per T-hanger, which is nice but not strictly necessary, even in the winter. I've brushed snow off of the plane several times when I was using flight school planes tied-down outside. Tie-downs are much cheaper. But, our airport is on re-purposed farm land in SW Ohio. You SF Bay Area folks have to pay for your beautiful climate, culture, views, job market, etc., somehow ;)

Comment: Re:I stopped flying. (Score 1) 373

by ToadMan8 (#36461782) Attached to: Checkpoint of the Future Coming Soon To Airports
There is an official policy, I believe something like 3 hours / day on a long holiday weekend, 2 hours / day on a normal weekend, and 0.5 / day during the week or something, but I have taken a couple multi-day trips, haven't met the minimums, and it hasn't been a problem. I think it's one of those policies on the books to throw at people who are not aligned with the spirit of the club. There's also a 100 hr / year max rule as a result of someone essentially tying up one club plane the whole year by flying it for business. I don't think this rule has been enforced since that one guy.

Comment: Re:If You Are Right (Score 1) 232

by ToadMan8 (#36386826) Attached to: Why the US Govt Should Be Happy About Wikileaks
You only control your own decisions and motivations, not others'. So, unless you want to be taken advantage of, attempting to get the biggest savings and make the biggest profits is the best we can do. Furtively wishing that contract negotiation looks like the market scene opening Disney's Beauty and the Beast is not realistic.

Note that I am describing people negotiating on price. I do not suggest that people lie, cover up flaws, collude, or participate in other similar immoral activities to achieve this maximization.

Comment: Re:I stopped flying. (Score 1) 373

by ToadMan8 (#36379252) Attached to: Checkpoint of the Future Coming Soon To Airports
Depends on the club, I guess.

I paid a one-time fee of $650 to get in, $60 / month in dues, and that gives me access to two C-172s, (about $80 / hr), an Archer II (~$80), Dakota ($120) and Saratoga ($140). All rentals are "wet", meaning that they include fuel. The 172s and Archer cannot take full fuel and four people, but the Dakota and Saratoga certainly can - about 800 lbs of people and baggage with full fuel.

The 172s are great for two people though; my wife and I flew direct from the Cincinnati OH area to Raleigh NC a few weekends ago in a Skyhawk. 3 hours each way, about the same cost as airline tickets, beats the hell out of the 10 hour drive through Charleston WV (there is no good route by car), and the view was better.

Comment: Re:I stopped flying. (Score 3, Informative) 373

by ToadMan8 (#36365450) Attached to: Checkpoint of the Future Coming Soon To Airports
A hundred hours of flying in rented / club planes, instruction, FAA fees, etc., to get your Private and Instrument Rating will set you back around $10k - $12k. A 200 MPH kit like the RV-7 will set you back around $100k.

It's not cheap, to be sure, but it's not a millionaire sort of thing. I don't mean to be argumentative, just to realign the elitist image many non-pilots have of the small piston airplane crew.

If you are willing to settle with 130 mph instead of 200, a serviceable used Skyhawk can be had for less than the price of a decked-out F-150, and get similar fuel mileage.

Comment: Re:Not yet. (Score 1) 275

by ToadMan8 (#36106086) Attached to: Google Lobbies Nevada To Allow Self-Driving Cars
If you fly on the airlines into places with clouds under a thousand feet or so, the pilots likely have their arms crossed and are watching an airplane, designed and built by a private company, flying itself onto the runway. (It's called a CAT III ILS if you want to research.) Sure the FAA checked it out, maybe reviewed the code, etc., as would the NTSB or DOT with the Google cars.

You could successfully argue that people would balk even if the computer crashed the car 1/100 as frequently as humans do, but to say you wouldn't feel as safe with a calculated, reviewed computer system compared drunk, tired people with limited vision and slow reflexes texting and shaving their lady-bits while driving... that's silly.

6 Curses = 1 Hexahex

Working...