Follow Slashdot stories on Twitter


Forgot your password?

Comment Re:the actual problem is : a buffer overflow... (Score 1) 121

The white paper is actually very detailed. But the specific vulnerabilities that they discovered are not the meat and bones of the message. The message is that the Bluetooth specification is so overly complicated, and the attack surface so large, that there are almost certainly many more vulnerabilities yet to be identified. I suspect that Bluetooth is akin to Adobe Flash or ActiveX -- something so inherently flawed that the easiest and best thing to do will be to discard it and start over with something better.

Comment Re:Let me (Score 4, Informative) 140

This isn't anything "on your computer," it's MITM javascript injection by your ISP. You didn't need to reimage your computer (and, in fact, that's unlikely to change anything), rather you need to opt-out, since they decided to opt you in. Also, you should probably either up your technical proficiency, or else stop "doing your own security."

WTF, this is supposed to be a site for nerds. It says so right there at the top.

Comment Re:security software is a JOKE (Score 1) 132

That's not how it works. It's not a conspiracy between governments and security companies. The government mostly buys exclusive access to vulnerabilities through open markets, and sellers who want to do repeat business keep their discoveries secret.

Computer security companies don't aid in keeping these secret -- they don't know about them in the first place. Security companies only look for existing threats in the wild, they don't try to find vulns on their own. Even if they did, there's no guarantee they'd find the same ones. They only find threats that show up on their radar somehow, either through honeypots or user submissions. The targeted use of exploits will likely *never* cross their radar, unless they are the target. That's how their operations work -- by targeting specific systems and networks, not like criminals trying every possible computer on the internet. It's that promiscuous use of exploits that security companies can most easily identify and quickly stop before they become too widespread. So in that sense, they are useful.

Comment Re: I played the demo (Score 1) 313

It's not just reflexes -- bots are rife on any currently-played PC FPS, and some console titles as well. Just peruse "ArtificialAiming" or any of the dozens of other subscription-based aimbot sites that have been around for years. Hell, install one and play around for a while and watch the other aimbotters make impossible shots and win "reflex tests" 100% of the time. They will be the ones with better KDRs than you while you yourself are cheating because they're going to extremes to rack up their kill counts. I guarantee at least 5% of other players are cheating, although a given match can be much higher still. The upside, if there is one, is that aimbot users quickly identify one another and usually target each other -- other players are just collateral damage. They also can't be everywhere on the map at once -- at least not without getting caught. People like to think that it's much more rare than it is, and give other players the benefit of the doubt, because it preserves our subjective experience and enjoyment of the game, but the truth is that cheaters always win, and they're always at the top of the high scores.

Comment Re: Nothing (Score 1) 313

I feel like stories get in the way of good games. Chess? Catan? Poker? No stories to any of them. If I want a story, I'll read a book or watch a movie. But if there must be stories, they should be in service to the game, not the other way around. Give me just enough information to explain my in-game motivation for exploring the next section, and no more. Character development, intricate backstories, and plot twists in my games can all get stuffed.

Comment Re: bitcoin isn't real, either (Score 4, Insightful) 376

Exactly. Bitcoin will never have the core feature of a desirable currency, which is stability. The only people who transact in volatile currencies are those who must -- namely the citizens of the countries that issue them. If you own BTC, there's little incentive to spend it because you likely believe it will be worth more of a "real" currency in the future, so you're holding it. If you believe it's going to depreciate, then you're probably going to liquidate by selling all of it, not by buying a pizza and paying transaction fees. And if you believe it's going to remain relatively stable, then I want some of what you're smoking.

Comment Re: I have a similar problem (Score 1) 565

Every case I've seen has been someone receiving an email addressed *to* their address with (or without) dots, and presuming that an actual account exists or existed with that address. In no case has someone provided an email from an account with the same address plus or minus dots, which would be required to demonstrate the existence of such an account.

Comment Re: I have a similar problem (Score 1) 565

This happened to me. Some lady signed up as when in fact mine is the exact same but with no periods.

This is like speculating that you get wrong number calls because someone also has the same phone number.

Someone is either deliberately or accidentally providing or entering the wrong information. We can speculate why that's happening, but it's not because they actually created an account with with dots.

Comment Re:Reverse the role (Score 1) 565

Google hasn't released the details of their spam filters, for obvious reasons, but it stands to reason that it would take more than one person marking an item as spam for it to carry any weight outside of their personal account, and for account-level filtering, there's no indication that the content of the email is used when the message is flagged as spam, but rather just the sender.

Comment Same problem (Score 1) 565

My Gmail address is also used by some Australian who seems to be a freshly minted adult. Whenever they sign up for dating, or any other business site, I go to the site, click "forgot password," change it, unsubscribe from everything, disable the account/profile, and then flag it as "Spam" in Gmail. If they get a personal email, I ignore it the first time, and if I receive a second email, I respond with a message that I'm not the person they're trying to contact and flag it as spam.

Slashdot Top Deals

Life would be so much easier if we could just look at the source code. -- Dave Olson