Become a fan of Slashdot on Facebook


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 Internet speed test! ×

Comment Re:Non-sequitor (Score 2) 150

I agree, if your concern is possession of the phone, then soft tokens are almost equal to SMS. The big difference is the ability to intercept the code out on the network (VoIP, Google Voice, etc...).

One thing that I have seen done with RSA tokens that could be done with software tokens as well as SMS tokens would be appending a PIN to the token. That way even if the token is stolen, the thief would need to know the PIN and where to append it. You don't need a biometric to unlock the token, just a password or PIN to be the 2nd factor.

Comment Re:Better vs. Perfect (Score 2) 150

Context here - NIST is setting standards for government security. If you are running a government system or are the vendor selling to the government, this will apply to you. DoD and IRS shouldn't be using SMS 2-factor authentication for users of their systems. DoD is not really the problem here, since 2-factor to them is certificates on smart cards (CAC), but I wouldn't be surprised to see IRS using SMS based 2-factor for some kinds of password recovery.

SMS based 2-factor for taxpayers accessing the IRS...that could be harder to replace.

So Google and the rest of us don't have to abandon SMS for 2 factor, but I'm kinda in agreement with NIST - not the best idea due to the ability to intercept the authentication code.


Lego MMO Delayed 32

LEGO Universe, the MMOG currently under development by NetDevil, will not be coming out this year, as was previously expected. Mark Hansen, a LEGO Group exec, would not specify a new time frame, and attributed the delay to avoiding competition between some of their other upcoming products. Hansen did comment on the possibility of a console version of the game, claiming that they're just waiting for the right time. IGN did a related piece on the past and future of console MMOGs, exploring where early attempts failed and what needs to be done for them to succeed. Many game developers and publishers are still hesitant due to the massive financial investment required to get such a game up and running in a market that has yet to prove itself.

Comment Re:"tricked into" (Score 4, Interesting) 88

I think that my wife was tricked into this one. I'm not sure if it is the same company, but here is what happened to her:

1. Bought Tickets on (paid 50% in "fees" - bastards)
2. After she finished paying she was sent to a site where they offered a "free trial" for some kind of discount service. Being that it came after the checkout she just closed the web browser.
3. Company starts billing the card she paid TicketMaster with several months later.
4. We notice the change and have it charged back.
5. They claim we signed up by _NOT_ explicitly doing anything on that page after the checkout. We should have unchecked the "sign me up" and then submitted the form to not sign up.
6. We and our bank disagree and charge them back anyway.

The real kicker is that they never even tried to deliver the login details to their "discount" website to her. I never thought that I could have a lower opinon of TicketMaster, but that did it. Bunch of rat sucking, baby raping, bastards.

The Courts

Submission + - SCO does not own UNIX copyrights, owes Novell $$

BaronM writes: From Ars Technica:

SCO does not and never did own the copyrights to UNIX. They have no case, never had a case, and by the way, own Novell 95% of the licensing revenue they collected from Sun and Microsoft for SysV licenses.

Slashdot Top Deals

"Our vision is to speed up time, eventually eliminating it." -- Alex Schure