Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 internet speed test! ×

Comment Re:Next up... (Score 2, Interesting) 303

1) That's the least-useful Wikipedia page I've ever seen. It doesn't even discuss proposed methodologies for implementing its subject - it just has an extremely short definition.

2) This is a scenario in which the users (the students) have no issue with giving their private keys away to their mates. That's actually the point, in this case. ZKPP is of little value here.

3) Yeah, I know that you brought up ZKPP to respond to the issue with RFID scanning. I'm curious to see how you're going to get the RFID chip to cough up enough information to verify that it knows the private key, without giving away enough information to allow key determination through heuristic analysis anyway. In order for the knowledge exchange to work, the information has to be deterministic - yet, it has to change from query to query, or else I can simply re-transmit whatever the RFID chip last transmitted, and I'm in.

Comment Re:I wonder.... (Score 2, Funny) 635

Yeah, you have to work on your delivery. Note that you were modded 5, Interesting, and not 5, Yankin'-yer-chain.

Right this second on some discussion forum, an ignorant twit is ranting about the unstoppable-super-neutrino-radiation-killing-force that no one cares about that is killing our kids and OBAMA KNOWS!!!!!

And it's your fault. Just sayin'


Comment Re:I wonder.... (Score 1) 635

Are you being serious, or are you just trolling? Your entire comment is nonsense.

Trillions of neutrinos pass through you every single day, generated from that enormous ball of radioactive gasses around which we orbit. They react with matter so rarely, that even though so many pass through the earth, we can only detect one or two a day, under the most carefully controlled circumstances deep underground. It's pure luck that we can get one to "transmute matter" enough to prove that it exists.

No, they do not make an attempt to shield the neutrinos that come out of reactors - it would take many times more mass than exists on the Earth to do so. Yes, everyone who has been exposed to neutrinos will die - largely of old age. By your logic, every person who has ever worked in, around, or within several light years of a nuclear reactor should now be dead, since we're not shielding against them.


NHS Should Stop Funding Homeopathy, Says Parliamentary Committee 507

An anonymous reader writes "Homeopathic remedies work no better than placebos, and so should no longer be paid for by the UK National Health Service, a committee of British members of parliament has concluded. In preparing its report, the committee, which scrutinizes the evidence behind government policies, took evidence from scientists and homeopaths, and reviewed numerous reports and scientific investigations into homeopathy. It found no evidence that such treatments work beyond providing a placebo effect." Updated 201025 19:40 GMT by timothy: This recommendation has some people up in arms.

Verizon Sued After Tech Punches Customer In Face 493

suraj.sun writes "A Verizon customer filed a lawsuit after the tech the company sent out got a little punchy. Instead of fixing the customer's problem, the tech allegedly hit him in the face. The New York Post says the tech attacked the customer after he asked to see some ID before allowing access to the apartment. From the article, '"You want to know my name? Here's my name," Benjamin snarled, slapping his ID card into Isakson's face, according to Isakson's account of the December 2008 confrontation. "The guy essentially snapped. He cold-cocked me, hit me two or three solid shots to the head while my hands were down," said Isakson, a limo driver. He said the pounding bloodied his face and broke his glasses. But things got uglier, Isakson said, when Benjamin squeezed him around the neck and pressed him up against the wall. "He's prepared to kill me," Isakson said. "That's all I could think of." The customer broke free and ran away. The Verizon tech then chased the customer until he was subdued by a neighbor who was an off-duty cop.'"

Comment Re:Any encrypted transmission protocol actually (Score 1) 536

Yeah, you're right. I got myself spun off on a tangent and lost the point. Your original point was that SSH wasn't sufficient to protect the data in transit - my point is that it is, but I articulated that very poorly. As a result, while mocking your incorrect use of "MD5 Checksum" (sorry, I don't accept that a majority use of an inaccurate term means that it's somehow accurate) I did something very similar.

To reiterate - you're right. Encryption by itself does not protect the data from modification. Actually, nothing short of physical control protects the data from modification - that's also a bad turn of phrase. But with encryption alone you can only tell that the data's been modified by the fact that an application using it no longer recognizes the data format, since you now have essentially random data. This is almost always noticeable, but it's not adequate for data protection, and I shouldn't have implied that it was.

However, the thing that got me started in the first place is the fact that SSH2 also provides a MAC over each data packet, and if the MAC doesn't match, requests that the packet be re-sent. Thus, it provides both data confidentiality via encryption, and data integrity via MAC. When I said that you're guaranteed that the garbage out is the same as the garbage that went in, I was referring to the integrity provided by SSH as a whole, not encryption per se. Then instead of clarifying that, I wandered off and started babbling nonsense.

SSH also claims to provide non-repudiation, since the original handshake involves private/public key pairs, but the whole question of non-repudiation is better left to the lawyers. I believe that SSH2 provides either a SHA1 or MD5 hash over the data packet, which only makes it suitable for non-classified work (I'm assuming the poster's data is unclassified, or his customer would have insisted on encryption already).

Comment Re:Any encrypted transmission protocol actually (Score 1) 536

[[shrug]] You said checksum - perhaps I made an error in assuming that you meant what you said. I've been building client/server apps that use crypto for 8 years, and I've never once referred to an MD5 hash as a checksum, though I recognize that some might. Of course, MD5 also falls into that category of "useless for assuring data integrity", so that's a moot point.

Not all encryption algorithms break... Show me where it says this...

Sorry, I'm not going to do your homework for you. Yes, if data is encrypted, and that data is munged, the encryption breaks, and the decryption fails. That is the nature of encryption. Whether you notice that the decryption fails is another issue, but when decryption fails, it tends to fail spectacularly, and the data that results is truly garbage and recognizable as such, since your application no longer knows what to do with it. I'm curious as to which of the algorithms used by SSH would not result in this behaviour. AES? 3DES? Blowfish? If so, then the Internet is horribly broken, and you should never bank online again.

Comment Re:Any encrypted transmission protocol actually (Score 2, Interesting) 536

Poster isn't concerned about whether the data has errors. That's a problem for the data creators. He's worried about it getting screwed up in transmission, either accidentally or maliciously, and encryption absolutely solves that issue. Yes, garbage in returns garbage out, but you're guaranteed (within collision space boundaries) that the garbage that comes out is exactly the same as the garbage that went in. And that's the point here.

Starting a comment off by explaining that you're not familiar enough with the subject matter to intelligently comment is a very handy flag, and I appreciate your warning the rest of us that what you were saying was going to be wrong ;)

BTW, checksum hasn't been considered a trustworthy means of ensuring data integrity for more than a decade. I invite you to have a discussion with Google regarding checksum collisions.

Comment Re:Vatican. (Score 1) 1161

>>"What I explicitly meant to say is that the Bible is a difficult book to understand and requires a scholarly approach to parse appropriately."

Respectfully, I disagree. I've read it, cover to cover, several times, and it's very straightforward. To me, it seems that those who tell me that it's more complex are simply trying to build a reason for it to be something more than it is.

Still, we're speaking around the original question. The bible was presented, by those who started the various churches, as being the true, unadulterated word of god. That includes Genesis, Leviticus, and Deuteronomy. I've been told by new Christians that this is not so, that the stories told in those books are merely parables, fables, fictions told to represent a greater truth. It can't be both ways - and why is your opinion more correct than the men who created the tome? You both can't be right, and you're re-interpreting the work long after it was originally put together.

Comment Re:Vatican. (Score 1) 1161

>>"Homosexuality is the same as any other sexual sin in the bible, like adultery."

I'm not supposed to hate those who sin? By the way, here's the King James version of an appropriate passage - "If a man also lie with mankind, as he lieth with a woman, both of them have committed an abomination: they shall surely be put to death. Their blood shall be upon them." That doesn't sound like hate to you?

>>"The bible does not advocate killing people of other religions."

"Suffer ye not..." Also, read Deuteronomy 13. True, this is more focused towards killing anyone (and their families, and the people around them) who tried to seduce you away from that god, but the point is still pretty clear.

Your last two paragraphs actually speak clearly to my point - the bible, as it exists today, is almost impossible to be taken literally, or as a godly truth. The problem is that many still do, and are willing to enact violence on those who do not. And you haven't spoken to my underlying point: If parts of the bible are not true, which are and which are not? And more to the point, why do you put any credence in this tome at all if you're convinced that it is at least partially inaccurate?

>>"Beating your wife is not recommended either." Okay, I'll give you that one. Sometimes, it's tough to remember which of the many violences that occurred in the name of god came directly from this bible, or were merely inspired by it.

Comment Re:Vatican. (Score 1) 1161

>>"The Canaanites slaughtered their own children for sexual gratification during ceremonies designed to inspire ecstatic communion with their deity. Pederasty was a practice of their religion as well. They held human sacrifice of innocents as a sacred part of their worship orgies. They practiced a policy of genocide against other tribes weaker than themselves and practiced cultural subversion against those stronger to bring them down. Violence, debauchery, and lasciviousness were the norm for their culture and those that practiced them abundantly were rewarded."

Could you please provide history evidence for these statements?

Slashdot Top Deals

Why won't sharks eat lawyers? Professional courtesy.