Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror

Comment Re:What they *should* do is enable PIN-priority (Score 1) 170

Europe has this right: Any in-person transaction requires you to enter your chosen PIN.

How can I use an American credit card in Europe?

Apple pay, Google Pay, Android Pay or some other semi proprietary payment conduit seems to work in some places. Hotels will accept everything. For everything else, carry cash.

Comment Re:What did you THINK would happen? (Score 2) 422

My observation of two people I know who became police officers is that the job and their colleagues changed them from nice people into utter bastards who prejudge everyone.

1% is bullshit. There might be 1% who maintain a reasonable outlook and don't prejudge people and situations. But the rest do not. They didn't get into the police by getting straight As.

Comment Re:Reminds me of the 2009 flu pandemic (Score 1) 59

Patching browsers will kill practically all vectors for the Spectre attack. Even that is a little less urgent than fixing meltdown simply because it will take longer to get from POC to practical exploit.

That was kind of my point. Meltdown is a short term attack with a short term fix. Spectre is a long term attack strategy which can be deployed in many contexts.

Let's say you are an application developer in a popular application, but you have an evil streak. You could employ Spectre in a difficult to find way to attack one of the many other bits of software on a machine. This will go on and on an on. So there's a urgency to changing software development practices to adapt to this new reality.
 

Comment Re:Reminds me of the 2009 flu pandemic (Score 2) 59

It doesn't help that Intel spread some confusion. Meltdown is very serious and really does need a quick fix. Spectre needs addressing but isn't as urgent since it is quite hard to exploit successfully. Meltdown workarounds should NOT be deployed on AMD systems.

As best as I can tell, the microcode updates (BIOS) are for spectre, not meltdown.

That depends on your definition of urgent. Spectre is the problem with legs and it's going to keep running. Fix meltdown once and it's fixed. But unlike meltdown, which is a poor target, because it's being addressed, Spectre presents thousands of targets on many platforms and there is no shortage of governments and criminals sharpening their attacks right now.

There is a lot more to do to address Spectre and it involves some kind of magic where all the software engineers suddenly learn how to both develop effective threat models and develop effective mitigations. Intel gave software engineers a safe place to put secrets and they didn't do it. SGX is there for a reason. If you're squealing "Oh noes! Teh Malwarez can read secrets in my process state", why the hell are you not using the tools in place to protect those secrets?

Comment Re:This is why I will never be selected for Jury (Score 1) 185

If I was selected for a jury the prosecutor had better bring a lot more to the table than that. If that's the best evidence for their case I would acquit.

Though I might consider that slightly better than eye witness testimony.

I doubt that is all they would use. It could be used to corroborate other facts in the case as to further prove this person actually committed the crime; for example it could fill in for missing pieces in the surveillance video if it correlated with his actions in the available videos. The defense would offer some alternate explanation and it would be up to jury to decide which facts seem most plausible and thus wether or not to convict. As a side note, he has apparently admitted to the murder.

You can't trust a murderer. If he admitted to it, he might be lying.

Comment Re:Just like everything else (Score 1) 225

>The problem with learning any language is that if you don't use it, you will lose it. There is absolutely no reason to learn anything if you can't continuously apply it.

I retained enough French from school (30 years ago) buy croissants and booze in Paris on a recent trip. Hardly useless. The croissants were very nice.

Slashdot Top Deals

I judge a religion as being good or bad based on whether its adherents become better people as a result of practicing it. - Joe Mullally, computer salesman

Working...