Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror

Comment Re:C/C++ operator = (Score 1) 360

I actually fixed one of these bugs in the kernel last month.

But you are right that these are very rare. I have did a git search of patches which only add a single '=' character and there are normally two kernel bugs like this per year. In other words, we have 50,000 patches per year and only 2 patches have this sort of bug.

I have spent quite a few days auditing for these bugs in the kernel. They were rare the first time I audited in 2002 but these days we have several ways to make them even more rare.

Imagine you have "if (x = foo) {":
1) GCC suggests using extra parenthesis around the assignment like "if ((x = foo)) {"
2) Checkpatch.pl suggests breaking it up into two statements. "x == foo; if (x) {".
3) Static checkers complain about it if foo is a constant, or if the checker is in verbose mode, then it complains if foo is not a function call. (A lot of static checkers complain. It's a favorite thing to look for).

One thing that I have just thought of is that we should have a warning where checkpatch.pl complains if people do: "if ((x == foo) || (x == bar)) {". Sometimes it's hard to know where to add parenthesis for readability, but for comparison operations the parenthesis are obviously bad style.

Comment Re:Thus: (Score 1) 237

I don't know why people pick that line, for those two characters. I always thought "Perhaps you think you're being treated unfairly?" was waaaaay better. Long before Vader demanded the wookie and the princess, he made it very clear to Lando who had the real power, and he forced Lando to acknowledge it! It was so cold, so perfect, so tyrannical. It was awesome.

Before Vader's "alter" line, it was already made crystal clear that no "deal" truly existed at all. There was nothing to "alter."

Comment Re:Is F2P/P2W the future of gaming? (Score 1) 109

There are plenty of games out there that meet your criteria if you're willing to look around a bit. For example, just about Valve's entire catalog has consistently had plenty of new material included for free at later dates. Sometimes in addition to DLC that required a payment, sometimes not.

Tripwire Interactive does the same thing with the Red Orchestra series. They recently released an expansion to Red Orchestra 2: Heroes of Stalingrad that not only added a whole new campaign called Rising Storm based on the Pacific Theater, but also added several maps to HoS.

There are plenty of publishers out there with established track records for doing this kind of thing. Just look around a little.

Comment Did you invert the Luddite-Techie axis? (Score 1) 674

I thought it was us techies, who keep promising that tech advances will kill jobs.

(Keeping in mind that killing jobs is a desirable; achieving a near-100% unemployment rate is part of how resources (labor, in this case) could cease to be scarce, thereby overturning all previous economic theory (e.g. Adam Smith and Karl Marx become irrelevant), and allowing people to live like the characters on ST:TNG. Sure, it's a fantasy ideal, but fantasy ideals are what you always aim at, right? It's not like Adam Smith and Karl Marx don't also target fantasy ideals.)

It sounds like it's the luddites who have (metaphorically) thrown a wrench into the plan, showing that no matter how well we automate, some asshole somewhere will find a way to keep people wasting their brief limited lifetimes on toil rather than hedonism.

Comment Re: Keyboard sounds (Score 1) 92

Speaking of Windows sounds: Ever hear a person say "h", "t", "t", "p", "colon", "slash", "slash", ... ?

FTFY ...What? Am I the only one who remembers which was designated which back when typewriters and terminals ruled the world? Just because Microsoft chose to confuse people yet again doesn't mean we should perpetuate the mistake! :-)

Comment In for a penny, in for a pound (Score 1) 408

What an idiot.

Yes, BUT...

You're listening to a priest, whose entire authority and stature is based upon knowledge of paranormal things, mystic phenomena that no person has ever seen or measured, but that he happens to know about, thanks to his special lore or insight. IF you've already accepted that (it's a big "if" but actually very common!), then there's nothing unreasonable about the gods or a god choosing to inflict damage upon ovaries upon women who drive, but choosing to abstain from harming women who sit at home.

That is why his statement, as absurd as it is, is totally valid within the FUCKED UP CONTEXT (that people listen to that guy about anything at all).

Why wouldn't Allah mess with some women's organs and not others? Do you know something special about Allah's motives and thoughts and capabilities that I don't? WHO ARE YOU to tell the Flying Spaghetti Monster what kinds of sauces are appropriate for Him to cover Himself in? Are you FSM's controller? It is blaspemous arrogance for you to say His priests are incorrect, as foolish at their statements may seem to you, puny human!

There's nothing crazier about believing this stuff, than believing that Xenu threw aliens into volcanos, or that Jehova parted a Red sea, or that Cthulhu will rise from the depths when the stars are right. Maybe some of it is true and some false (and I can't begin to prove anything about any of them) (and no, actually none of it is true) but from a "what an idiot" perspective they all have exactly equal what-an-idiot-ness. If we assume the statement "1==3" is true, then don't start trying to logically convince me the statement "4==2" is stupid. It's not any stupider than where we started from.

Comment Re:If Google can do it (Score 1) 325

then why can't the USPS open letters, scan them, then reseal and deliver them?

When a person uses USPS, they think they're using a system intended for The People and their communications needs. It's a system created as a public service by an act of .. uh, by the ratification of the Constitution. :-)

When a person uses gmail, they think they're using a commercial system primarily intended to make Google money at the users' expense. And since they don't pay money directly for it, they know the expense is going to involve all the myriad ways a person can be treated as a product rather than as a customer.

No gmail user believes that gmail's primary purpose is to serve the user, or that they have privacy. When gmail appeared, the first thing everyone thought was, "Oh, this weird idea, exists to increase Google's ad revenue."

FWIW, if the USPS had actually been initially established by an advertising company, for the purpose of opening and reading everyone's mail, and if all USPS' users knew that was happening, then it would be ok for them to do that. (Well, sort of ok. I would definitely want the prohibitions against direct competition removed...) Call it "SpyPost" and actually brag about how you read people's snailmails and insert related ads into them, and I really don't think there would be a problem. Just be up-front about it.

It's the whole up-frontness and lack of sneakiness and informed consent that makes it not be wiretapping. Unless... shit. Gmail's been around for a few years now. Might there be new kids who grew up, not realizing what it was or why it started? Could there actually exist some strange subset of population, who thinks gmail is normal email, rather than the bizarre exception to email that all of Slashdot knows it is? If there's a problem here, it's all going to come down to whether or not the signup pages help to make this obvious to laymen.

Comment Re:Convergence and Perspectives (Score 3, Interesting) 233

When will you guys get it through your heads that 'distributed everything' doesn't work. Central authorities are needed to mediate and ensure everyone is on the same page.

Those central authorities are welcome to join in, and become highly valued nodes in the WoT.

Central authorities also come with the risk that they can be compromised, but its far easier to deal with one compromised CA than several billion.

Aha, now I get it... could it really be this simple? Are X.509 advocates merely bad at math? The terms in your risk assessment formula are wrong.

If a signer has a probability p of being accurate/trustworthy, then the chance of its attestation being correct, is p. That's how X.509 certs work and of course you understand that very well. Cool. With PGP, if signer1's probability of being accurate is p1, and signer2's probability of being accurate is p2, then the chances their joint attestation of an identity is accurate, is 1-((1-p1)*(1-p2)). Dude, that's a number which is greater than either p1 or p2.

For example, say you think it's 90% likely that Verisign is telling you the truth about a key belonging to a certain website. They're the one and only signer for some website (because one signature is all this shitty tech can handle), so you think it's about 90% likely you're talking to that site, and 10% likely you're talking to the NSA. If that's your estimate of Verisign's reliability/trustworthiness, then 90% is the best you can do with that tech.

Now let's say we upgrade from that garbage to 1991 technology: the PGP WoT. Suppose Verisign and CNNIC have both signed something, and you think Verisign is 90% reliable and CNNIC is 60% reliable. (Those sneaky Chinese bastards!)

You're 1-( (1-0.9)*(1-0.6) ) = 0.96 , that is, 96% confident that you're talking to the website you wanted to, and 4% worried that you're talking to someone who is involved in a join US-China conspiracy (which, now that you think of it, is less than 4% likely to really occur). You have just wiped the floor with X.509's security performance.

Suppose I signed it too. You don't know me. While it seems absurd at first that I'm less trustworthy than the Chinese government (they're known badguys; I'm merely some internet asshole) at least you know something of their loyalties or lack thereof, and very little of my competence and motivations. It's reasonable to assume I am probably more likely to conspire with your adversaries than they are. Some guy with US government might be holding a gun to my head, right now! So you decide to only trust me 1%. Ok. Guess what? You can work with that!

Now my super-weak signature is on there. You trust the identity 1-( (1-0.9)*(1-0.6)*(1-0.01) ) = 96.04%. My super-weak nearly-completely-untrusted attestation made it stronger.

This is why were totally wrong when you said one compromised CA is easier to deal with than a billion. A billion compromised CAs are easier to deal with than one. Distributed authentication is more fault-tolerant, and we're now in a situation where the mainstream finally "gets it" that the faults really do occur, rather than it simply being a tinfoil hat thing that cypherpunk SciFi authors pretend to worry about. X.509 is based on the idea that Verisign is telling you the truth 100% of the time, and cannot model the idea that you think they sometimes fail. PGP, on the other hand, is based on reality: that grey world where sometimes things work and sometimes they don't, where you sort of trust some people some of the time, etc. You know, that world that you actually live in.

Comment Re:Why do we trust SSL? (Score 1) 233

Encryption without authentication is useless.

Is plaintext useless? We're having an unauthenticated discussion here on Slashdot right now.

Encryption without authentication is useful. It's at least as useful as plaintext (that's the lower bound, the worst possible case), except that on top of that, it has the advantage of preventing passive risk-free snooping.

That's why unauthenticated encryption should not display any warnings that you wouldn't also display to plaintext users. Any such warnings can only serve to mislead the user into thinking plaintext (where they don't see as many warnings) is safer. And plaintext isn't safer; plaintext is worse.

Nobody's saying don't authenticate. They're saying that failure to authentication still isn't as bad as the default behavior, which for some reason, doesn't show warnings every time someone loads an unencrypted page. If you can explain why plaintext users shouldn't get scary warnings, then your same explanation will work for why unauthenticated encryption shouldn't result in warnings.

Comment Re:Revocation --- or Redundancy? (Score 4, Insightful) 233

Now think it through. If Verisign is owned by the NSA, and a Russian CA is owned by FSB, and a Chinese CA is owned by that government, and all three of these compromised CAs agree on a cert, what does it mean?

It means the cert is probably accurate, or about as accurate as you can possibly get, without going over to the server certing it yourself. If those three parties are conspiring to disrupt your Amazon order, then I'm afraid you're not going to get your package, no matter what crypto you use. :-)

Comment Re:Revocation --- or Redundancy? (Score 3, Insightful) 233

Are you really suggesting that?! Do you even know how PKI works?

It sounds like he does indeed know how it works very well. It's actually a great idea, which is why PGP defaults (I think) to requiring about three "moderately trusted" CAs to agree, in order to confirm an identity. Upgrading from our current luddite stuff to gleaming new 1991 tech would be fantastic, and is pretty warranted, when you think about how silly our current situation is. Treating something like Verisign as a fully trusted introducer? ha! They're not that trustworthy, but they're not useless, either. PGP's concept of differing degrees of trust, gets it about right and would be a huge step forward.

Slashdot Top Deals

Sigmund Freud is alleged to have said that in the last analysis the entire field of psychology may reduce to biological electrochemistry.

Working...