AlphaGremlin - Slashdot User

Comment Re:"encrypted" my ass (Score 1) 51

by AlphaGremlin on Friday July 29, 2011 @05:17AM (#36918998) Attached to: 35 Million SK Telecom Accounts Stolen By Chinese Hackers

Either way, it's highly unlikely the "encryption" scheme is much more sophisticated than a single XOR operation. Decrypting that field for a substantial portion of the database SELECT statements would be a huge overhead.

Or you encrypt the value you want to look for before using it in your WHERE clause. Unless the key is individually salted for each person, you can do a much quicker binary comparison with encrypted value against encrypted value. If it IS individually salted, you could store a hash to compare with rather than the full value, decreasing the amount of work that needs to be done. As far as I'm aware, performing a hash operation + compare would be quicker than full decryption + compare. If you don't salt the hash, it's even faster, though an attacker would be able to use a rainbow table then.

Besides, CSRs and billing would only need the encrypted data occasionally anyway. It wouldn't be a huge overhead to decrypt if you only run billing once a month - let it go overnight. You could even split it across the month, running portions at a time depending on the billing date for each customer.

Comment Re:Java or Visual Studio 2010 anyone? (Score 1) 297

by AlphaGremlin on Wednesday May 04, 2011 @04:51AM (#36021616) Attached to: The Insidious Creep of Latency Hell

I'd venture a guess that you're not using:

TFS - lag on every operation that gets worse the more files you have checked out, and the larger your source tree is. I've had it take several minutes to rename a single file. As soon as you do a check-in, suddenly it's back to instantaneous.
Database projects - lag that gets worse the more complex the project is. Save a file, wait 20 seconds. Save a lot of files, you might as well go to lunch. Don't even think about referencing other projects. And if Visual Studio crashes, you lose an hour whilst it regenerates the database model.
Silverlight projects - Start getting to a decent size, and you'll endure multi-second lags every time you switch tabs. Make that double if the tab is a XAML designer. And the build times are glacial.

I should note these experiences were all on a quad-core, 8gb of RAM 64-bit version of Vista, but we had developers on XP and Windows 7 finding exactly the same.

Thank goodness I don't have to deal with Visual Studio any more. It's fine for small projects, but as soon as you start having large, enterprise-scale applications, the constant freezes and lag become unbearable.

Comment Optus Australia - $0.15/kb (Score 1) 339

by AlphaGremlin on Wednesday April 13, 2011 @05:33AM (#35805332) Attached to: AT&T Lowers Data Access To Just $500/GB

Optus Australia had (until a few months ago) plans that were 15 cents per KB over the limit. I'm on one, with 500mb of data allowance... heaven help me if I go over that.

Comment Fringe and Sanctuary (Score 1) 762

by AlphaGremlin on Friday December 17, 2010 @08:27PM (#34595286) Attached to: Stargate Universe Cancelled

Exactly. There's also Sanctuary, leaving at least two more sci-fi shows on at the moment. Still, it's a pretty sad state of affairs. What's the point of a sci-fi channel that shows barely any sci-fi?

Comment Openmoko didn't work! (Score 1) 628

by AlphaGremlin on Tuesday March 16, 2010 @10:31PM (#31504246) Attached to: XML Co-Founder Joins Google, Blasts iPhone

I'd argue Openmoko failed because they were too busy making shiny user interfaces to get the thing working.

It had nothing to do with the level of lock-down and everything to do with the thing not even covering the essentials of being a phone, let alone smartphone. Just the little things, like... say, making and receiving phone calls reliably, or being able to have it suspend and actually work when it woke up.

The hardware wasn't so bad, but they seemed to think that being open source would magically provide them with functioning software.

FBI Vaguely Warns of Asterisk Vishing Vulnerability 57

Posted by kdawson on Saturday December 06, 2008 @04:32PM from the do-not-call-back dept.

coondoggie writes in to let us know about a fraud alert issued by the FBI's Internet Crime Complaint Center, warning that an unspecified bug in unspecified versions of Asterisk IP PBX software could allow criminals to generate "thousands of vishing telephone calls to consumers within one hour." PC World checked with Digium, developer of Asterisk, and found some puzzlement as to what bug the FBI had in mind. "In March, researchers at Mu Security reported a bug that could allow an attacker to take control of an Asterisk system. Digium wasn't certain what vulnerability the FBI was referencing in its advisory. However John Todd, the company's Asterisk open-source community director, believes that it was probably this March bug. That vulnerability 'basically allowed you to take over the account of one individual,' he said. ... However, the attack described by the FBI would be extremely hard to pull off, Todd said." Update: 12/09 02:54 GMT by KD : Digium has put out a statement on the IC3 warning (further details), confirming that what the FBI had in mind was an old bug and difficult in the extreme to exploit.

Comment Re: so freaking what? (Score 1) 432

by AlphaGremlin on Wednesday October 22, 2008 @11:54PM (#25478217) Attached to: Linux Kernel Surpasses 10 Million Lines of Code

Personally I thought the news was that no one knows what 0.3% of the linux kernel is written in.

Most likely the missing 0.3% is makefiles and miscellaneous scripts.

Slashdot Top Deals