Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror

Comment Re:Ken Thompson, Anyone? (Score 1) 472

Functionally identical. I highly doubt that the NSA has compromised GCC. They will have an enormous database of version numbers and working exploits for different systems though, and get are presently getting a good chuckle from all the all loudest people implementing their new "secure" platforms and most probably writing their own buggy and exploitable cryptocode.

If I wanted to fight terrorism, then convincing all the terrorists not to trust US government standards for top secret information sounds like a pretty good bit of social engineering to avoid arming my enemies.

Comment Re:Wait (Score 1) 196

Contact-less payments are a nightmare - the possibility of an unintentional scan is pretty damn high.

Spoken like someone who had never used contact-less payment before.

News for you, contact-less payment has been in use in Asian cities for over a decade (just one example http://www.octopus.com.hk/home/en/index.html launched 16 years ago), and most people has no nightmares of paying unintentionally.

And yes, they have watches also http://www.octopus.com.hk/get-your-octopus/choose-your-octopus/licensed-octopus-products/en/index.html

I use contact-less payment all the time in Australia these days. But I don't wear my credit cards on my risk, since my hand goes near a lot of contact-less scanners just as a part of interacting with the checkout. If I'm getting on a bus, it could gets even nearer routinely. A watch would be on my hand. Which puts it in the accidental scan zone. Unless I have to push a button to validate - which, with a phone, I can still do one handed. With a watch I have to use two hands.

Comment Re: how can you not play an audio file? (Score 1) 440

Not really. Torrent will back up "some version" of a lot of media but the nature of who's doing it and why means we don't get to keep master-cuts of stuff around so easily. But this is a problem that's rife on the internet right now - it's utterly maddening that there's no way to digitally purchase music in lossless CD-quality format, nevermind 24-bit HD or better. It just straight up doesn't exist.

Comment Re:Wait (Score 3, Informative) 196

Most of those things you mentioned fail for the watch use case though.

Contact-less payments are a nightmare - the possibility of an unintentional scan is pretty damn high. Ah you say, but you'll require you to authenticate - well ok, but now you've turned a one-handed action (remove phone from pocket, press "allow" and swipe) into a two-handed action (hold hand against scanner, use other hand to press "allow" on the watch face").

The Watch is a really terrible form factor for pretty much anything that's not passive, because there is no possible way to control it with the hand of the arm it's worn on - it takes things which only need one hand on your smart phone to implicitly involving two.

Comment Re:Sounds like John Gilmore has called it accurate (Score 1) 362

On my LAN it is a lot faster - it's part of HPN-SSH which speeds up SSH over a gigabit network enormously for me (2 mb/s -> 30 mb/s with parallel AES ciphers). If I then use the none cipher I get 80-90 mb/s, which is closing in on the practical line speed for the network.

Comment Re:Sounds like John Gilmore has called it accurate (Score 1) 362

NULL algorithms are also handy when you just want to do secure authentication but nothing else. I have an SSH implementation with the none cipher enabled because it means I get packet verification and secure authentication without the overhead of AES when I'm just moving a bunch of non-secure log files (or don't want to install a totally different daemon on a machine on a local network).

Comment Re:Sounds like John Gilmore has called it accurate (Score 0) 362

In all seriousness this guy has written an incredibly vague article, dropped Snowden's name and let the geek community's intellectual blindspot for the emotions they convince themselves they don't have do the rest of the work for them.

Within a few weeks this article, like all the others, will be walked back once it turns out the guy had little if any clue of what he was talking about or reading, and it will turn out he was simply making huge leaps of logic not unlike the previous Guardian articles like Greenwald.

Comment Re:Except ... (Score 1) 250

How is that a bad solution?

When your problem is having a lot of people who by definition can't be limited in any real fashion of their access in order to their job, a good answer is, depending on what you think the cost of a breach is, to centralize and reduce the numbers to a level which is manageable for near constant surveillance.

Maybe you can't keep a close eye on 1000 sysadmins (reasonable, its a number well above the monkey-sphere size of a human brain, so there's a espirit de corps issue there) but if you could get that number down to 100, then that's low enough that you could run them all in the same department, where everyone would "know" everyone as a real person with some room to spare for management and oversight.

It might not be an ideal or cheap solution, but it would work. Maybe they're weighting off the increased scope of a potential breach against the reductions in likelihood or speed with which it could be caught? Maybe, just maybe, you, Slashdot poster, aren't actually smarter then everyone else in the world.

Comment Re:No need for that anymore... (Score 1) 250

The fact we usually know what Mossad has done doesn't speak well of their effectivness. You want your secret intelligence services to do things that remain secret.

The other thing to remember is that by and large the CIA are spies. Mossad is notable because they kill a lot of people, but that's hardly what an intelligence agency is actually all about.

Comment Re:But but but...... (Score 4, Interesting) 262

Elon is _not_ the kind of guy to bow to conventional wisdom. SpaceX is one giant experiment to reevaluate 'conventional wisdom' about access to space, from the ground up. They're learning that while certain corners cannot be cut, there _are_ ways to economise.

Tom Markusic has come right out and said that they can develop Merlin 2 (engine for their super-heavy lift vehicle) in three years for $1b. I don't know the odds of a company the size of SpaceX getting their hands on that kind of money any time soon.

The thing about SpaceX is that it would be really great if NASA could get out of the business of getting access to low-earth orbit, and focus instead on the types of platforms that get us from LEO to the moon or other planets. The best way forward I can see for the immediate future of manned exploration is definitely going to be figuring out what can be done with SpaceX platforms - and Elon Musk at least seems super onboard with anything involving sending people to Mars.

Comment Re:Is anybody surprised? (Score 1) 147

But the thing is this is all digital: it can be data-mined easily. You're not going around to businesses collecting receipts, or having to even mangle data so it can be correlated from different sources. Everything's in the same format, and easily analyzable by computer.

Part of the difficulty of normal forensic accounting is that the data formats suck. But for pure tracking purposes, BitCoin is a dream - all the data is owned by everyone all the time as a nature of the protocol, so you can build social graphs and run correlation functions as much as you want.

Slashdot Top Deals

"Card readers? We don't need no stinking card readers." -- Peter da Silva (at the National Academy of Sciencies, 1965, in a particularly vivid fantasy)

Working...