Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?

Comment Re:don't let your stuff be used for criminal stuff (Score 1) 252

Two words: "common carrier". They get to escape liability but the trade-off is that they are regulated and have to cooperate with law enforcement. You can of course run a Tor node, and claim you are cooperating but unable to trace the connection. I can almost guarantee that some enterprising prosecutor will eventually decide that this is obstruction of justice, or aiding and abetting, and then you will be charged for someone else's criminal activity. Why anyone would want to take this risk is beyond me. You won't even be able to cut a plea bargain because you can't figure out who the crook is to give up.

Comment Re:Good idea to ban common passwords (Score 1) 140

Only the most paranoid can remember if they last logged in at 8:15 or 8:25. It's not a credible method of deterring casual logins when the attacker already has the login info. Also, some form factors don't provide a simple means of returning additional information upon a successful login. Think of a Web service where the username and password are included in the request. You'll get a success or failure response and that's it. Even if the service returns more detail, there isn't always a sensible way to alert the actual user, other than denying access on a failure.

Comment Re:Good idea to ban common passwords (Score 1) 140

I never understood the reasoning behind the time based password change. No one expects people to get a new key every six months for their home lock. No one expects someone to get a new ATM card every 6 months.

Physical tokens like keys don't require such frequent replacement because (in general) they are difficult to compromise without alerting the holder. Someone has to actually steal your key and take it to the hardware store without you noticing. Passwords, on the other hand, can be shoulder surfed, socially engineered, stolen with malware, stored in plain text in the database, shared with someone else, etc., and the user may have no clue his password is compromised. Also, if someone steals your key and robs your house, and there was no sign of forced entry, you probably would change the locks. But someone with your password could log in as you without you noticing for... well, maybe forever, depending on the system. I agree it can be overdone, but it is a good security practice and there is some logic behind it.

Comment Re:hands down (Score 1) 477

I'll second that and also put in my own vote for Flip Cup. It's a drinking game; I'm sure everyone has their own way of playing, but the rules are not terribly important. The reason I vote for Flip Cup is because it finally got my wife to start drinking beer. "AT LAST! Now we can share everything!"

Slashdot Top Deals

There are two kinds of egotists: 1) Those who admit it 2) The rest of us