Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 internet speed test! ×

Comment It depends what you mean by 'site wide' (Score 2) 151

If you want your files encrypted 'at rest' so that if someone comes and pulls your HDD (or software equivalent) then you can implement a strategy similar to:

(a)Encrypt all content with individual symmetric keys (one key per piece of content) - prefix each piece of content with a key ID (for key lookup on exit) - there are many ways to associate content with a key - prefixing is just the simplest
(b)Encrypt those keys (which you'll need stored locally for performance reasons) with a randomly generated one-time pad stored on a removable hardware device (HSM/USB for example)
(c)Decrypt files as appropriate as they exit your webserver - observe the key ID of the content, ask a process on your machine to give you the symmetric key for that ID, decrypt the content, send it back to the requesting connection.

Don't store the master key and/or one time pad locally, simply have a daemon/service/long running process on your web server require (at startup) you to plugin your hardware device (e.g. read a file from a mount that is only there when you plug the thing in.) This means that stealing the content doesn't do them much good (if they crack a key it's only for that particular piece of content, they'll have to crack lots of keys), and if they get the locally stored symmetric key file it doesn't do them much good either because you're protecting that with a VERY strong key and/or cipher which is stored air-gapped - they'd have to not only steal all the files involved, they'd have to inject into the service/daemon that issues symmetric keys.

This type of approach has performance implications of course, and to make it truly close to unbreakable requires more specifics (process injection prevention, signing and impersonation attack prevention, both on the key request side and the service/daemon unlocking scheme, et cetera) - this would be quite a discouraging system to attempt to break.

My $0.02, YMMV

Comment Why do people pay attention to Kurzweil? (Score 3, Interesting) 161

He's the absolute king at predicting stuff that never happens. He's always talking 10 years ahead - everything with him is "In , is going to happen..."

He's absolute crap - he reminds me of guys who talk all kinds of bollocks about crypto and don't actually understand modular arithmetic ;).

Government

The Most Striking Thing About the WikiLeaks CIA Data Dump Is How Little Most People Cared (qz.com) 308

Last week, WikiLeaks released a trove of web pages describing sophisticated software tools and techniques used by the C.I.A to break into smartphones, computers, and IoT devices including smart TVs. Despite the initial media coverage, it appears normal people don't really care much about it, reports Quartz. An anonymous reader shares the report: There's also one other big difference between now and 2013. Snowden's NSA revelations sent shockwaves around the world. Despite WikiLeaks' best efforts at theatrics -- distributing an encrypted folder and tweeting the password "SplinterItIntoAThousandPiecesAndScatterItIntoTheWinds" -- the Vault 7 leak has elicited little more than a shrug from the media and the public, even if the spooks are seriously worried. Maybe it's because we already assume the government can listen to everything.

Comment Re:Comparision with competition (Score 1) 353

Ridiculous. You can run nVidia installs silently on Windows if you choose. I have also seen executable based installers on Linux that show advertisements.

It's the same silly argument where people blame Microsoft for all BSODs when, again nVidia being the majority culprit, bad drivers are the root cause - then people like yourself say "well, Microsoft should build a driver model that doesn't allow for BSODs."

Comment Re:Translation (Score 1) 203

That's kind of funny because I had heard there were problems with vs 2012 - especially the betas, but they'd been fixed by the time is moved to it. That was about 8 months into it's lifecycle. Never experienced your problems - again, on all the OS variants I have to support today. Kind of curious that you're using vs 2012 when it's 2017 and anyone who paid for MSDN was eligible for 2013. If you're using the express version, that's even weirder. I'm not aware of any libraries or frameworks that are stuck on vs 2012. Almost seems unbelievable...

Comment Re:Translation (Score 3, Informative) 203

Visual Studio crashes on a whim? Weird, I use it every single day across multiple machines and virtual machines (Win 7,8.1,10, x86 and x64) when debugging Qt applications, and for writing tools for the Windows side of the house - the last crash I experienced was in a 3rd party plugin for Visual Studio 2010 over 5 years ago. I've been using it on the Windows side for decades (all the way back to Visual C++ 1.5 days when I used it and Borland C++) and never had problems with crashing (not that it never crashed, but it rare.)

Graphics

Ask Slashdot: Why Are There No Huge Leaps Forward In CPU/GPU Power? 474

dryriver writes: We all know that CPUs and GPUs and other electronic chips get a little faster with each generation produced. But one thing never seems to happen -- a CPU/GPU manufacturer suddenly announcing a next generation chip that is, say, 4-8 times faster than the fastest model they had 2 years ago. There are moderate leaps forward all the time, but seemingly never a HUGE leap forward due to, say, someone clever in R&D discovering a much faster way to process computing instructions. Is this because huge leaps forward in computing power are technically or physically impossible/improbable? Or is nobody in R&D looking for that huge leap forward, and rather focused on delivering a moderate leap forward every 2 years? Maybe striving for that "rare huge leap forward in computing power" is simply too expensive for chip manufacturers? Precisely what is the reason that there is never a next-gen CPU or GPU that is, say, advertised as being 16 times faster than the one that came 2 years before it due to some major breakthrough in chip engineering and manufacturing?

Submission + - Google has demonstrated a successful practical attack against SHA-1 (googleblog.com)

Artem Tashkinov writes: Ten years after of SHA-1 was first introduced, Google has announced the first practical technique for generating an SHA-1 collision. It required two years of research between the CWI Institute in Amsterdam and Google. As a proof of the attack, Google has released two PDF files that have identical SHA-1 hashes but different content. The amount of computations required to carry out the attack is staggering: nine quintillion (9,223,372,036,854,775,808) SHA1 computations in total which took 6,500 years of CPU computation to complete the attack first phase and 110 years of GPU computation to complete the second phase.

Google says that people should migrate to newer hashing algorithms like SHA-256 and SHA-3, however it's worth noting that there are currently no ways of finding a collision for both MD5 and SHA-1 hashes simultaneously which means that we still can use old proven hardware accelerated hash functions to be on the safe side.

Transportation

Father of Driver In Violent Tesla Crash Blames Sedan's 'Rocket-Ship' Acceleration (autoweek.com) 641

"A Tesla crash that resulted in the deaths of the driver and a passenger in Indianapolis last November is drawing new controversy after the father of one of the victims made comments regarding the role of the Model S in the incident," Autoweek reports. "The crash occurred in downtown Indianapolis on Nov. 3, 2016, with the Model S driven by 27-year-old Casey Speckman striking a tree and catching fire. Speckman was pronounced dead at the scene while her passenger, 44-year-old Kevin McCarthy, succumbed to his injuries after being taken to the hospital." From the report: A report released last week by the Indianapolis Metropolitan Police Department disclosed that Speckman had a blood-alcohol level of 0.21, almost three times the legal limit in the state of Indiana, The Indianapolis Star reports. Another new detail has emerged since the violent crash was first reported: The Tesla could have been been trying to maneuver around a vehicle traveling on the wrong side of the street, suggested by closed-circuit footage obtained by the attorney of the driver's father, Jon Speckman. The coroner's report cited blunt-force injuries caused by the crash as the causes of death for both victims, noting the vehicle's fire as a contributing factor, according to The Indianapolis Star. Jon Speckman recently made comments to the newspaper blaming the acceleration of the Tesla Model S. "Had she been in another vehicle, she would have been alive for me to yell at her for driving after drinking," Speckman told The Indianapolis Star in an interview at his attorney's office. "This is a vehicle that travels from 0 to 60 in 3.1 seconds," Speckman also said during the interview. "She's clearly having to swerve to miss a vehicle going the wrong way on a one-way street. If her foot should happen to hit the accelerator, it's like a rocket ship. I don't know why they have to make a car that does that."
Earth

First Human-Pig 'Chimera' Created in Milestone Study (theguardian.com) 158

Scientists have created a human-pig hybrid in a milestone study that raises the prospect of being able to grow human organs inside animals for use in transplants. From a report: It marks the first time that embryos combining two large, distantly-related species have been produced. The creation of this so-called chimera -- named after the cross-species beast of Greek mythology -- has been hailed as a significant first step towards generating human hearts, livers and kidneys from scratch. Juan Carlos Izpisua Belmonte, who led the work on the part-pig, part-human embryos at the Salk Institute for Biological Studies in La Jolla, California, said: "The ultimate goal is to grow functional and transplantable tissue or organs, but we are far away from that. This is an important first step." The study has reignited ethical concerns that have threatened to overshadow the field's clinical promise. The work inevitably raises the spectre of intelligent animals with humanised brains and also the potential for bizarre hybrid creatures to be accidentally released into the wild. The US National Institutes of Health (NIH) placed a moratorium on funding for the controversial experiments last year while these risks were considered.

Slashdot Top Deals

You cannot have a science without measurement. -- R. W. Hamming

Working...