Follow Slashdot blog updates by subscribing to our blog RSS feed


Forgot your password?

Comment Re: or watch the movie? more documents than peopl (Score 1) 166

In fairness, I do agree with you that it is very different and since different news sources exist, it should be easier to see what the views of the day were, but other things still apply. For example while quotes may be accurate, they can quote or not quote who they like. With or current level of perspective we can fairly easily pick this out, but the entire point of news media has become to present views in a certain light and without the perspective of the times it may be very hard to sort out these biases and pull the gems from the noise.

In the past we had a few pieces of information regardless of quality. In the future they will have overwhelming amounts of information of mixed quality and bias to the point that practically sorting out the truth may be difficult.

It will be interesting to see what happens though, even if none of us are here to see it.

Comment Re:The TRUE test (Score 1) 125

If we make it SD cards, it's about 64 GB per gram. That's 500*1000*64 GB or 32 million Gigabytes. That works out to the equivilent of a 494 gigabit link, so yeah, even if we use a more realistic speed of 100km/h, we're still talking 30 times faster. Fill a tractor trailer would be faster though and a container ship full of SD cards is much, much faster.

Comment Ignores that subscriptions are radio (Score 1) 221

Music subscriptions are effectively a radio station that you can choose the music on. Nobody ever claimed that radio was a bad thing. Digital distribution of actual files will always be an option as well. The only way that subscriptions could become a problem is if one monolithic company gains control of it all and starts trying to force those who play ball on it to give up any other form of sale. But getting to that point would be next to impossible.

The fact is that for the most part, with fairly few exceptions, most people listen to music for a while and then move on to new music. This is why radio has done so well historically. It's also why subscription services are so fantastic. For less than the cost of a CD a month, I can get access to as many new albums as I want. This is a good deal for the consumer and a good deal for the content creators because it cuts out the need for the middle man that's traditionally made their money as a storefront. Competition will keep costs down as long as there is competition between content providers because they are going to want to have the best chance of getting money for their work and if one subscription service is more expensive, it will lose share so content providers need to make their content available on multiple platforms.

Could we end up in a dystopian future where media is controlled by one company that charges an arm and a leg for it? Sure, it might be possible, but it is going to take a whole lot more than subscription services to get it there and if we can't see the writing on the wall as it's happening, we will deserve what we get, because there isn't much of a way it couldn't be obvious that it is coming.

Comment Re:Encryption (Score 1) 127

Put another way, calling an HSM security by obscurity is a bit like saying that having a server protected by armed guards 24/7 with a block of C4 strapped to it inside the basement of the Pentagon is security through obscurity, since, if someone knew every security measure and was very, very lucky, they might be able to make it through everything.

For that matter, by the same token, encryption itself is security through obscurity since there might be some technology or math trick out there that can decrypt it quickly. In security, we have to deal with risk and mitigation. The traditional sense of security through obscurity being no security only applies when there are known vulnerabilities that you are counting on someone not knowing. In the case of an HSM, there is no known vulnerability for extracting the key, even with physical access. Thus, it isn't security through obscurity.

Comment Re:Encryption (Score 1) 127

I don't disagree that it is not relying on the encryption exclusively. You have to trust the HSM to do it's job correctly. It's a little more than obfuscation though as it is an independent, hardened system with limited I/O, intrusion detection and a hair trigger for self destruction. It may be possible to still extract the key, but there would be a fair degree of luck involved and there is no redo button if you make a mistake trying to extract it. That's a fair bit better than simple obscurity, particularly since it is designed to be as near impossible as possible to remove the key.

Comment Re:Encryption (Score 1) 127

You don't physically enter the key, you physically enter credentials that activate the HSM. Even if you have the ability to activate the HSM, getting the key out is (near) impossible. It is limited to doing decryptions with whatever restrictions are on the data (for example, you could require that user password be entered to access user data if the system stores data accessed by user accounts.)

Also, even if you do have to use a network based device, it means that they have to either a) steal the networked device (which could have further security than the entire server room has and could even be remote) or b) have to fake the device into providing the key. Even if they could steal the device that did the remote authorization of the HSM on boot, if that device required authorization to perform the remote authorization then it would be useless. It wouldn't be that hard or inconvenient to require an administrator to authorize a server restart.

Slashdot Top Deals

The first version always gets thrown away.