Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 internet speed test! ×

Comment Re:Two words (Score 1) 849

I think the contribution of Nielsen's idea, if any, is to remind us all that security always involves tradeoffs. You're right that masking passwords provides some protection--most security measures, even the inane ones, provide some protection. You know, someone really could hide a bomb in their shoe.

But of course that is not the end of the story. Nielsen, and others such as Bruce Schneier, want us to ask how much security the solution provides, what the costs are, and whether it provides a good tradeoff. If shoulder surfing is relatively rare, and the possible harm for the site in question is small, and the costs are relatively large (lost customers etc), then maybe a site or program shouldn't mask passwords even if they provide some security.

Sure, Jakob Nielsen may be wrong about the tradeoff in this case, and may not have enough evidence to back up his arguments, but I would argue that pointing out that the solution provides a nonzero amount of security does not resolve the question.

Comment Re:Damn! That may stop my plan...... (Score 3, Interesting) 527

Have you heard of IP over DNS? The DNStunnel software sends IP packets as TXT records over a real DNS, the client sends data in the request itself. Since these are real resolvable DNS records, proxying port 53 won't work. When I tried this software, I could only get a single stream over the tunnel, so I ran SSH over the DNStunnel and used ssh to forward a TCP port that I then ran OpenVPN on. This actually works, but it is very slow. And I can imagine that people would eventually find out because the wifi provider's DNS cache will fill up with IP data.

United States

Submission + - McCarthyism 2.0?

An anonymous reader writes: The Register is running an interesting follow up story (previously mentioned on Slashdot) of the bomb scare in Boston this past Wednesday. For those of you who don't know, Boston was brought to a standstill on Wednesday by what amounts to a marketing misunderstanding when people mistook promotional neon signs as bombs. The blogosphere was abuzz with questions of the validity of these "bombs." What is dangerous here is the fact that these two non-American marketing freelancers may ultimately be punished (and possibly deported) when they very likely had no intent, nor even any reason to believe, that this marketing campaign would cause this type of commotion. If there intent was to create a marketing stunt where they designed a number of props that looked like bombs then this is something that should definitely be prosecuted. And, if these gorilla marketing agents knew that they were causing this scare and did not speak up, then this too should be prosecuted. Bomb threats should not be taken lightly, in all likelihood the city of Boston did the right thing. However, in their vigilance, these occasional bomb threat misfires will occur.

What is scarier here are the implications: "The government has ceased with even the formality of asking questions, instead deciding to take the most punitive route possible." Though it is very important that Mayor Menino is "going to take this seriously," this may very well be a situation where the city of Boston feels it has to prosecute-to-the-max because it has egg on its face. Taken a step further, if the government starts prosecuting without being thoughtful first, at what point does one go to jail because their neighbor "felt threatened" over the box of old electronic junk you accidentally left on your curb?

Submission + - Anti-Scientology Activist Keith Henson Arrested

kulakovich writes: "One of the founders of the L5 Society, Cryonics advocate, and well known anti-Scientology activist Keith Henson, was taken into custody yesterday in Arizona, on an outstanding warrant for picketing a Scientology office back in 2001. There is much concern over his current condition at this time due to medication requirements as well as fear for his well-being. He and his family had been receiving death-threats prior to the arrest. The Extropy Institute immediately set up a Henson Legal Defense Fund on his behalf. Henson is also known for his work with the US Congress on Lunar policy in the early 80s."

Is Computer Programming a Good Job for Retirees? 147

braindrainbahrain asks: "Ask Slashdot has been rife with career advice lately, so maybe I can get some too. I hit a milestone recently, the big five oh, and the realization of retirement is starting to settle in. The trouble is, I don't want to sit around, play golf, or even travel that much. I work in a technical field, but I have always enjoyed programming. Indeed, I do it as a hobby. I wonder what you readers would think about programming as a post retirement job. It seems well suited for a retiree, one could do contract work for a few months of the year, in some cases work from home even. By way of background, I have worked in hardware engineering for a very long time, and have pursued graduate study almost regularly (two Masters degrees so far). Should I begin preparing for a post-retirement career in computer science?"

Submission + - Vista the iPod Killer

JMB writes: You know how we all thought the Zune was Microsoft's attempt to kill off the iPod? Not so. According to this item on Apple's site all you have to do is upgrade to Vista and your iPod goes ka-boom. From the article: 'Ejecting an iPod from the Windows System Tray using the "Safely Remove Hardware" feature may corrupt your iPod.' Now that's a feature!
Technology (Apple)

Submission + - Apples reasons why a Mac is better than Vista.

antirelic writes: "I just got this advertisement from Apple in my email. "It's time to get a Mac. If you're thinking of upgrading to Vista, you'll probably need a new computer. Why not get a Mac? It's simpler, more secure, and way more fun. And it works with the stuff you already have, like printers and cameras. So before you upgrade anything, you owe it to yourself to check out a Mac." Is any of this true? Is a Mac more secure than Vista and really easier to use and more secure?"

Submission + - Runner-Up of Man of the Year Jailed For Pedophilia

An anonymous reader writes: Acclaimed geneticist William French Anderson, who was runner-up for Time Magazine's Man of the Year in 1995, was sentenced to a 14 year jail term for molesting his assistant's daughter. Prosecutors argued that Anderson began molesting the girl when she was 10. She has since suffered depression and considered suicide. Anderson's lawyers argued that he is too valuable to science and medical research to be put in jail. Many of Anderson's colleagues, including a Nobel Prize winner, have sent letters to the court in support of him. His lawyers will appeal the sentence.

Slashdot Top Deals

You may call me by my name, Wirth, or by my value, Worth. - Nicklaus Wirth