Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror

Comment Re:You readers are lame (Score 1) 114

The squirrel on speed is part of the problem, the other is turning around, which is going to be needed in pretty much any FPS.

Something as simple as walking around corners in HL2 doesn't work. On the first turn you can sort of manage, but it's uncomfortable. On reaching the second corner in the same direction you have to look backwards from where you started, and are getting tangled in whatever wires you're attached to. Using a keyboard doesn't work.

So the alternative is using the mouse and moving the camera while your head is in place -- that's right when nausea starts setting in.

Navigating a 3D world comfortably seems to almost require an omnidirectional treadmill, unfortunately.

Comment Re:You readers are lame (Score 2) 114

Yep, I agree. HL2 is a bad fit for the Oculus.

My findings so far is that anything that's like a FPS where you have to run around like mad and turn around constantly is going to make you very sick, very fast. And HL2 also has things like the screen freezing when the next area is being loaded, which is absolutely vomit inducing.

What seems to work best is constant linear movement, like the roller coaster. The next best thing is slow, reflexive games, where you move at human speeds and have time to gawk at the environment.

I think FPSes are going to need something like the Virtuix Omni. With that, you can turn around completely without forcing the camera to move out of sync, and that should fix most of the problem.

Comment Does it actually print, or does it cut? (Score 1) 199

It's not really clear what it's doing. The photos show square bits of metal, and no signs of any kind of additive manufacturing. This looks more like a computer controlled metal cutter. Which is nice and all, but not really a 3D printer.

When I heard "metal printer" I thought it was a laser sintering machine or something of that kind.

Comment Re:Is it working? (Score 1) 520

Assuming there's indeed no benefit to them, I don't see the point to this.

All it does is to maintain ideological purity for its own sake. This alternative is less convenient, a slower means towards the same end, and on the long term has the same result, just slower.

Why go with the least efficient approach?

Comment Re:Am I imagining it? (Score 4, Insightful) 230

Nope, not solved. All it means is that the 100000 morons using "password" as the password won't have the same hash. So the attackers won't be able to find out which accounts share the same password and focus on those, and won't be able to use a pre-computed dictionary.

It is however trivial to hash "password" 38 million times for each salt, on modern hardware probably in seconds.

The salting does provide an improvement, but when you have 38 million accounts, breaking even 1% already gives you a huge amount of successes. Salting doesn't do much against checking the list against the 100 best known passwords. 3800 million is a small number for a GPU accelerated password cracker.

Comment Re:Am I imagining it? (Score 1) 230

Hashing doesn't help that much with a database this large.

Simply check the 38 million for "password", "secret", and the username. Guaranteed to have an enormous amount of successful hits that way.

I wouldn't be surprised if a million were trivially breakable in this manner, in just a few minutes if not less. If you can make $1 from each, that's a nice chunk of cash you just got.

Comment I really like the idea (Score 4, Interesting) 235

The main advantage of this is moving protocol knowledge out of the kernel into userspace.

Which means that the kernel doesn't need a million modules that understand the various bits of various protocols. If something new comes up, the userspace compiler can patched to deal with it.

It should also make the kernel part much smaller and easier to make secure.

Comment Re:I know it's another stereotypical diss on Bing (Score 2) 146

Whatever your problem is, it's not with SSL.

AES-256 on my old laptop works at 65 MB/s. AES-128 goes at 90MB/s. This might be a bit of a problem if you've got a gigabit LAN and are using it to full capacity, but given that googling stuff amounts to about 24K there's no way that is making a noticeable difference.

Comment Re:Why do we even go to these orgs anymore... (Score 2) 169

Because the US government has requirements about what it accepts.

You can't just implement whatever algorithm you like, then sell a router with that to the government. It must comply with whatever standard the government decided to adopt. And given that the government buys a lot of things, it wouldn't make economical sense to make equipment you could never sell to them.

This snowballs, and effectively sets a global standard for encryption. Sure, in your home you can do whatever you like, but the important thing is the security of the internet as a whole, and all of that is made of hardware and software that wants to be able to be used by the US government, and as such must support whatever standard it decides to adopt.

Comment Re:Illusion of privacy (Score 2) 224

It's got nothing to do with the private key.

NSA goes to Verisign (for instance). Says "please sign our key for google.com". Verisign signs it. NSA intercepts traffic between google.com and you. Browser deems cert as valid, as Verisign signed it, and you seem to be connecting to google.com.

The CA system is weak because so long the connection is signed by a CA in the browser's list, the browser doesn't care which it is, even if it changes on a daily basis. If you can convince any CA in the list to sign what you need, you have a way to set up a MITM attack the browser won't warn you about.

Comment Re:Illusion of privacy (Score 1) 224

The important thing isn't Google's servers, but the Certificate Authorities.

All that the NSA has to do is to get some CA to emit certificates for Google's domains. Then they can easily place themselves as a man in the middle, and the user won't notice.

No access to Google's servers necessary, then.

Slashdot Top Deals

What's the difference between a computer salesman and a used car salesman? A used car salesman knows when he's lying.

Working...