Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
Get HideMyAss! VPN, PC Mag's Top 10 VPNs of 2016 for 55% off for a Limited Time ×

Comment Re:Er (Score 1) 564

Might as well ask if they'd like to lose their pilot's license. They're required by law (and ethics) to always be prepared to take control away from the Autopilot, in a fraction of a second.

So what is the purpose of autopilot then? Specifically, what is the purpose of autopilot when it doesn't prevent you from running broadside into a truck?

Comment Re:Same vulnerability every password manager has (Score 1) 128

It's a slightly different problem. Imagine a site with a hidden login form that impersonated Twitter and made Lastpass auto-fill your Twitter username and password. So at a minimum you should disable auto form filling in Lastpass.

Now imagine an ad network serving up this malware to millions of people.

Comment Re:Who is spying on me? (Score 2) 85

This feature runs on the phone, built in to the telephone app, so to use it for spying your phone would already have to be compromised. In which case they can already turn your GPS on whenever they like anyway.

Generally speaking though there is no need for them to bother hacking your device. The phone company is legally required to track your phone at all times anyway.

Comment Re:Why not a password hasher? (Score 2) 128

True, but how exactly would they get your master password? You never need to enter it anywhere online, just your offline, one-way hashing algorithm.

Exactly the same as an offline password manager, so no benefit.

Except this file does not need to be secure in any way.

It does. If someone has your salt and the URL of the site, and say that site gets compromised so they have the hash of your hash too. Now they can brute force your master password, and then get into every other site you used it with, and your file has a handy list of URLs where it will work.

It's actually worse than using the master password to encrypt the password file. It's less convenient too; with an encrypted file you can store the user name, secret question answers etc.

Comment Re:Why not a password hasher? (Score 4, Informative) 128

Because password hashers are no more secure than password managers that auto-generate long random passwords. If an attacker steals your master password they still get everything. Due to the requirement to meet password length and other requirements, and to allow for changing compromised passwords you still need a file containing those details. There is no benefit over simply encrypting that file with the master password.

You are right about online password managers though, they are an absolutely terrible idea as multiple Lastpass breaches go to show. Use an offline password manager, optionally storing the encrypted file in the cloud if you need it to be portable, but with all the decryption happening outside your browser.

Comment Re:Solution found (Score 1) 82

Even with batteries my wireless keyboard at work goes for about a year on a set, and the mouse maybe 6 months. It's worth it to just be able to chuck the keyboard out of the way when I want to write, and to free up some space where cables would need to pass.

As for security, while it's obviously quite important I'd point out that I rarely type any of my passwords these days. They are mostly very long and impossible to remember, and simply copy/pasted out of Keepass.

Comment Re: Reminds me... (Score 1) 51

As usual, the truth is somewhere in between. The increased sales from two years ago are due to moving into new markets like China. The fall is due to declining sales in their original western markets.

Since the Chinese market is growing fast they would be doing badly if they weren't increasing their sales rapidly too. But actually, when you look at the numbers, they are getting some stiff competition from Chinese manufacturers and from the usual Samsung/HTC/Sony/etc. block. Investors tend to be good at maths so they consider this to be bad news. Not terrible or a sign of impending disaster or anything like that, but not a good sign either.

Comment Re:a BAD sports team will pay for GOOD players (Score 1) 168

The fallacy is that paying more gets you a better CEO. It really depends on your industry, for example Yahoo would have done better to get someone who understands their business and the internet in general.

Most of the best CEOs are not professional CEOs, they are people who started out at the bottom and who continue to take a hands-on active role in the company's day-to-day operations. Steve Jobs and to some extent Tim Cook, Larry Page and Sergey Brin, or Carlos Ghosn. You don't attract people like that with massive salaries, you attract them by having a business they are interested in and engaging them in it.

Comment Re:Netflix v. Cable? How about Netflix v. HBO (Score 1) 172

I prefer to get my news online in text format and I'm not that interested in most sports (apart from Sumo, which is free to air). For me cable is insanely expensive and offers nothing of value over Netflix, less in fact since I need their stupid, buggy and slow equipment.

Slashdot Top Deals

Never let someone who says it cannot be done interrupt the person who is doing it.

Working...