Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?

Comment Re:You need a phone number to sign up for Facebook (Score 1) 146

Trying to explain my points a bit more explicitly:

People who don't have Internet rarely signup on random websites, so I fail see your point.

Some might claim that people with home Internet are more likely to have a cell phone.

I don't really care what you need to signup on Facebook. We're talking about

One of the possibilities was that might either A. adopt similar auth to Facebook or B. just rely on Facebook login.

Comment Phone as CA (Score 1) 156

sensible service that uses the email address known from account creation.

Facebook is relying on the telephone number as a unique key to identify real people. Anybody can generate trillions of e-mail addresses by registering a domain and using catch-all forwarding. It's supposed to be cost-prohibitive to register a phone number just to create a single Facebook account.

Comment If you consider life in prison acceptable (Score 1) 156

You are free not to use Facebook if you don't like their security policy (indeed, there are many similar reasons not to use Facebook). It is hardly "reprehensible". If the government required you to have a mobile phone to live in this country, that would be reprehensible.

The government requires people to find a job in order to live outside prison. If all employers in the field for which one is trained require a mobile phone, then the government requires a mobile phone.

Comment Why bring in aptitude? (Score 1) 146

aptitude for package management (which brings in X windows)

Why bring in aptitude? I thought that from the command line, apt-get did the same thing.

Talking about a "base install" for such a system is like talking about [camping]

How much does OpenSSH + the basic LAMP stack add to the base install?

Comment Facebook verification is already premium (Score 2) 156

I thought Facebook was already premium. In order to skip the friend request CAPTCHA, post videos, add a page, or even to log in to your account after a while, you have to verify your account, which requires having a unique mobile phone number. A house phone won't work if you share this phone with another Facebook user in your household, and a lot of house phone carriers can't receive texts anyway.

Comment When a server authenticates to another server (Score 1) 146

I agree with you that something reversible like encryption is not the best primitive to protect a shared secret when users are logging in to a server, such as the case in the article. But when the server is itself logging in to another server, it still needs to store a shared secret reversibly. For example, this secret might be an API key used by the payment processor to charge a credit card or a transaction ID used by the payment processor to refund a charge.

Comment Re:Ummm... (Score 1) 146

Generally, I hate forums that build their own password systems rather than using OpenID or Google Sign In or even Facebook login

This shopping cart uses OpenID and Google sign-in, but OpenID sign-in doesn't work for Yahoo! because Yahoo!'s OpenID provider uses redirects for the verification step and PHP cURL doesn't follow redirects if an open_basedir is set.

Comment Not everyone has a public key or cell phone (Score 1) 146

The link can be made such that it only works once.

For the attacker before the mail even gets to the intended user.

The email can be sent encrypted to your public key.

For those people who have the discretionary income to fly to key signing parties.

The pasword-change code can be sent to your cellphone number

For people who already pay hundreds of dollars a month for cell phone service. A lot of households still share a POTS house phone among members because it's cheaper than a cell phone with unlimited minutes per person.

Comment Voice votes (Score 1) 106

True, bipartisan support is hard to find since the rise of the Tea Party, but it takes only 67 senators and two-thirds of the House to override President Obama's veto. Anything passed through a voice vote, such as the Copyright Term Extension Act of 1998 and the Digital Millennium Copyright Act of 1998, can be assumed to have at least 80 percent assent and should easily pass once it goes back for a roll-call.

Comment Make a successful PC game then get a publisher (Score 1) 198

The replacement is native code.

I'm certain that experienced developers of mouse-driven games for Windows on PCs can still obtain Xbox One devkits through an accredited disc game publisher. Of course this requires you to conceive, implement, ship, and market a game in a mouse-driven genre to demonstrate your competence. And you'll need certain professional social networking skills, which don't come easily to people with some disabilities that correlate with programming skill, to negotiate with a publisher. But as another Slashdot user has repeated to me over the years: "them's the breaks."

Slashdot Top Deals

A meeting is an event at which the minutes are kept and the hours are lost.
