Catch up on stories from the past week (and beyond) at the Slashdot story archive

 


Forgot your password?
Close
typodupeerror
×

Submission + - Slashdot Forgets to Renew SSL Certificate (slashdot.org)

Submitted by jeek
jeek writes: It expired yesterday.

Starting Nmap 6.40 ( http://nmap.org/ ) at 2014-05-24 16:01 UTC
Nmap scan report for www.slashdot.org (216.34.181.48)
Host is up (0.050s latency).
rDNS record for 216.34.181.48: star.slashdot.org
PORT STATE SERVICE
443/tcp open https
| ssl-cert: Subject: commonName=*.slashdot.org/organizationName=Dice Holdings, Inc/stateOrProvinceName=New York/countryName=US
| Issuer: commonName=GeoTrust SSL CA/organizationName=GeoTrust, Inc./countryName=US
| Public Key type: rsa
| Public Key bits: 2048
| Not valid before: 2013-04-21T04:25:05+00:00
| Not valid after: 2014-05-23T22:49:50+00:00
| MD5: 485c ed76 9008 56be 3820 849c 2d2e ee73
|_SHA-1: 18f2 bcaa a238 bbf3 429e 6d2b 9d2c bd74 6085 02e4

Nmap done: 1 IP address (1 host up) scanned in 0.41 seconds

Comment Re:I can order "Giga" power... but havent (Score 2) 129

by trampel (#46818643) Attached to: AT&T's Gigabit Smokescreen

Austinite here as well.

What really pissed me off was that the deep packet inspection requirement is very well hidden on their webpage and promotional material. They only mention that the offer comes with "internet options" (!), and it takes you several clicks to discover what this implies.

While $70 + $5 for a VPN service is pretty competitive pricing, I really don't feel like giving them my money.

Submission + - Ten Steps You Can Take Against Internet Surveillance

Submitted by Hugh Pickens DOT Com
Hugh Pickens DOT Com writes: Danny O'Brien writes at EFF that as NSA's spying has spread, more and more ordinary people want to know how they can defend themselves from surveillance online. "The bad news is: if you're being personally targeted by a powerful intelligence agency like the NSA, it's very, very difficult to defend yourself," writes O'Brien. "The good news, if you can call it that, is that much of what the NSA is doing is mass surveillance on everybody. With a few small steps, you can make that kind of surveillance a lot more difficult and expensive, both against you individually, and more generally against everyone." Here's ten steps you can take to make your own devices secure: Use end-to-end encryption; Encrypt as much communications as you can; Encrypt your hard drive; Use Strong passwords; Use Tor; Turn on two-factor (or two-step) authentication; Don't click on attachments; Keep software updated and use anti-virus software; Keep extra secret information extra secure with Truecrypt; and Teach others what you've learned. "Ask [your friends] to sign up to Stop Watching Us and other campaigns against bulk spying. Run a Tor node; or hold a cryptoparty. They need to stop watching us; and we need to start making it much harder for them to get away with it."

Comment Re:This is only possible at the moment (Score 2) 153

by trampel (#44288677) Attached to: Angela Merkel Tells US Firms To Meet German Privacy Rules

Keep in mind that to Google and Facebook, each user is a product, not a customer.

They do have business presences in most European countries to interact with their real customers, i.e. advertisers. It sounds reasonable to expect them to adhere to local laws in countries that they do business in.

Comment Practical impact? (Score 1, Insightful) 138

by trampel (#42756567) Attached to: EU Citizens Warned Not To Use US Cloud Services Over Spying Fears

Taking Google's service as an example, how is the FBI to know whether john.doe@gmail.com is a U.S. citizen or not? When signing up for service, all Google asks for is the location, not the country of citizenship.

Even if John Doe accesses his email from a non-US ISP, he might well be a citizen traveling abroad.

Comment Re:Thankfully... (Score 5, Informative) 193

by trampel (#42595511) Attached to: RIM Attracts 15,000 Apps For BlackBerry 10 In 2 Days

That's my thinking. If all you have to do is a quick rejig and recompile because the APIs are so close to the Android ones, then it's a near-zero effort situation. I don't know much about the new platform, but I thought I had read that it would support Android apps out of the box, so it may literally may be just pushing a button.

Not that there's a damned wrong with that. If Android compatibility or portability is good enough, then you already have thousands of apps ready to go and you don't need to put massive amounts of effort into convincing developers to support your platform (like Redmond is doing).

BB10 contains the Android Player, which essentially runs repackaged Android APK files (I'm don't know if the reason for the different package format is technical or not). This is different from the native APIs, but the user experience is quite seamless. I "ported" one of my apps to the Playbook, and it was not even a recompile - it is a package converter.

Comment Re:A long time ago... (Score 2) 109

by trampel (#37713404) Attached to: Android Phones Get Dual Accounts

Android already uses different Unix user IDs ("accounts" if you will) to isolate different applications from each other. This gives you better protection than a desktop operation system, because applications running on the same screen are more isolated from each other.

I'm pretty certain every app under this Toggle scheme will also run in its own context.

Comment Re:This is why (Score 2) 119

by trampel (#36429714) Attached to: First Challenge To US Domain Seizures Filed

I buy the "decentralized" part, but regarding the non-US part: rojadirecta.com has been registered with godaddy.com (a US company for all that I know) since 2005. Correct me if I'm wrong, but I assume that they could have used a non-US registrar, and further assume that that would have made it more difficult to seize the domain.

Slashdot Top Deals

Work is the crab grass in the lawn of life. -- Schulz

Close