Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror

Comment Re:Unimpressed (Score 1) 95

And if Mallory captures their computing devices, you don't want him to be able to forge messages using their private keys that make it look like they said something they didn't.

Then I guess you don't want to be using OTR then, because this is one of its features.

From the OTR site:

The messages you send do not have digital signatures that are checkable by a third party. Anyone can forge messages after a conversation to make them look like they came from you.

This is actually what gives you deniability. After the chat is completed, anyone can forge additional content. This means that no particular piece of content can be proven to be a part of the original conversation.

Comment Re:read carefully (Score 1) 140

Apparently SSL encryption at all of the large internet corps is handled by dedicated front-ends - and the network between the SSL front-ends and the real guts of entities like facebook, google, etc are all in the clear. That makes for a perfect location for the NSA to drop their sniffers in, no need to compromise any SSL certs at all, no forward secrecy, etc, just wide open traffic perfect for raw harvesting.

Even if they are using SSL between the front end and the middle tier, self signed certs are probably used between those layers and its "game over" anyway in that case.

Comment Re:Of course. (Score 1) 749

But if he isn't given a suitable brutal treatment, it could inspire future leakers. National security demands he not only be caught wherever he may run, but then be given the most blatantly unfair trial possible and subjected to the harshest public punishment to serve as an example to others: Don't screw with the US government, for they don't play by their own rules.

He will be given a fair trial, after which he will be shot.

Comment Ask Slashdot (Score 2) 75

Why do we even have an "ask slashdot" section if none of the editors are ever going to post a story there? Of course the story is relevant in other sections or it wouldn't be posted here at all. That's not a reason to post it to a different section ough. Either post question type stories to the "ask slashdot" section or get rid of it. And no, putting "ask slashdot" in the title or adding it as a tag is not an acceptable alternative. It's a section for a reason.

/me steps down from the soapbox

Submission + - Apple, betrayed by its own law firm (arstechnica.com)

Fnord666 writes: When a company called FlatWorld Interactives LLC filed suit against Apple just over a year ago, it looked like a typical "patent troll" lawsuit against a tech company, brought by someone who no longer had much of a business beyond lawsuits.
Court documents unsealed this week reveal who's behind FlatWorld, and it's anything but typical. FlatWorld is partly owned by the named inventor on the patents, a Philadelphia design professor named Slavko Milekic. But 35 percent of the company has been quietly controlled by an attorney at one of Apple's own go-to law firms, Morgan, Lewis & Bockius. E-mail logs show that the attorney, John McAleese, worked together with his wife and began planning a wide-ranging patent attack against Apple's touch-screen products in January 2007—just days after the iPhone was revealed to the world.

Comment Ask Slashdot (Score 2) 66

Timothy,
I know you know how to post "ask slashdot" stories to the Ask Slashdot section. I see other articles in that section that have been posted by you. If the submission is an "Ask Slashdot", then it belongs in that section. Otherwise what is the point in having sections and the ability to set a filter?

Slashdot Top Deals

Never put off till run-time what you can do at compile-time. -- D. Gries

Working...