Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?

Comment Re:Tried to Sign Up, Already Frustrated (Score 1) 644

A consultant, eh? I've run a consulting firm of my own. I'm not talking about my company in particular, either. Instead, I'm referring to the great many places I've seen both good and bad password management practices being employed. The difference between us in reference to the latter case is the fact that I've helped people find simple tools that would solve simple problems like these, thus preventing further issues down the road.

It's disturbing that you would attempt to use your work history as a consultant to reinforce (yet again) acceptance of bad information security practices. Perhaps your clients needed someone a bit more informed to help those in the trenches, and it makes me wonder what other bad practices you've spread around over the years.

Comment Re:Tried to Sign Up, Already Frustrated (Score 1) 644

Oh, the real world? Would that be the real world where multiple floors worth of offices at a company have employees using sound password management practices, frequently utilizing tools just like the ones I and others have pointed out?

Listen to yourself. You're trying to cover up for your own inability to take simple information security measures with baseless appeals to your imaginary view of what the world is like. You are dispensing security advice by attempting to continue to push that view, essentially making the case that it's perfectly normal and reasonable to continue doing stupid things because, hey, you do those stupid things.

Maybe the people around you share your attitude, but I assure you it isn't universal. So now you have a choice: either continue being ignorant and lazy, or do something useful with yourself and help those around you as well.

Comment Re:Tried to Sign Up, Already Frustrated (Score 1) 644

Based on comments like yours, you're not not a normal human being. You are a lazy human being. Normal people might ask "gee, how might I solve this problem?" Instead, you're adopting the "oh no, it's too hard" attitude.

I've been working with normal people who manage to memorize multiple passwords for fifteen years. They aren't programmers, either, although some people are naturally better at this than others. For those who have a lot of passwords to manage, there are a wealth of options available, including things like KeepPass, Password Safe, and many others. There are "local only" options, online options, portable options, etc.

Again, your fundamental problem is that you're lazy, and you're encouraging others to be lazy and adopt terrible security practices. Stop dispensing security advice, and stop attempting to speak for what others can or can't handle.

Comment Re:Tried to Sign Up, Already Frustrated (Score 1) 644

It just so happens that I use one of those characters in my standard secure password.

Why are you using the same password (or even very similar passwords) on multiple sites, especially for sites that involve sensitive personal healthcare and financial data? Are you aware that this very practice is the source of greatly increased rates of personal information compromise and identity theft, as compromising one set of credentials makes it much easier to access other systems? Further, are you aware that you're rolling the dice every time you create an account anywhere when it comes to whether the password you supply will even be properly hashed? Have you managed to entirely miss the nastier cases involving large organizations storing passwords in plaintext, or using deeply flawed hashing measures (outdated/weak algorithms, failing to use salt, etc) that fall to analysis within seconds?

With practices like yours, why are you dispensing security advice?

Comment Re:Alternatives to Flash? (Score 1) 241

The GP asked about vector animation, not embedded video. These are different things; you can make videos of vector animations, but you can also have vector animations presented and controlled as fully accessible trees of objects in the DOM. Why are you talking about videos?

It's worth noting the GP's response to your post is quite accurate, however.

Comment Re:Ghost transactions (Score 1) 167

Quoting the original text:

Was this transaction really intended to be secret? "Leaking" the identity seems like a positive PR move for the exchange

I don't think the poster was intending to imply that BTC transactions are anonymous. In reply to his/her post, reiterating the oft-missed point that the protocol has no design attributes intended to enforce anonymity isn't splitting hairs; it's more a conversational response referencing the GP above that post. Also, an entity doesn't have to directly link itself to BTC transactions to be revealed as a participant, given sufficient analysis of all transactions. 1-1 transactions don't do much to frustrate traffic analysis, either. These are points that other posters have made, and you have missed.

Comment Re:Quiz? (Score 3, Interesting) 121

and in fact he didn't since he wasn't planning on his destination being Russia

Prove it. It's likely he had a number of eventual destinations in mind, unless he's a complete idiot, which he doesn't appear to be.

why hold on to something that gives the USA reason to assassinate you and Russia reason to torture it out of you

This demonstrates extremely thin understanding of the conditions under which it would be useful to torture someone, and of the actual information that could be gained as a result.

as well as a matter of ensuring that info would be able to get out

There are many ways of ensuring information gets out in the event of your demise. Reference "dead man's switch." Cheers.

Comment Re:Quiz? (Score 4, Interesting) 121

Snowden no longer can be given credit for anything; He released everything he stole months ago.

A finite, but as of now undetermined, amount of data was conveyed to journalists. I am keenly interested in seeing objective proof that the sum of those disclosures is equal to the sum of all information in his possession. If you're planning on using Snowden's public statements in support of your view that everything he has is already in someone else's hands, I suggest you consult the dictionary for the definition of "naive."

I served in the United States Navy as a submariner, and I've been rather intimately involved with communications networks since around the age of eleven. You might be surprised to learn that I applaud Snowden's revelations regarding pervasive NSA surveillance of American citizens at home, abroad, and in interaction with allied nations. I doubt you have the depth of experience or context to fully appreciate why I applaud it, though, given your choice of the word "stole" to describe the materials in question. I prefer the term "returned," or perhaps "disclosed," as in "disclosed to the American people what their government had been doing in violation of their own Constitution," a document I swore an oath to uphold and defend against all enemies, foreign and domestic. Again, I doubt you truly understand what that means.

Slashdot Top Deals

Executive ability is deciding quickly and getting somebody else to do the work. -- John G. Pollard