Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
Get HideMyAss! VPN, PC Mag's Top 10 VPNs of 2016 for 55% off for a Limited Time ×

Comment Re:cert isn't required for secrecy, only authentic (Score 1) 142

Without authentication, how do you know it's *me* doing the DH negotiation on the other end? That's the root of trust problem that certificates (and webs of trust) try to solve (and don't do a very good job of).

To have a truly reliable system, we need something that "square's Zooki's triangle": https://en.wikipedia.org/wiki/...

There is promise in newer systems that use Bitcoin-like blockchains (like Namecoin).

Comment Re:What we need is a mechanism (Score 1) 197

Typically you just verify that the sourcecode you build from matches the published source through the use of checksums and/or gpg signatures...

And how do you know that *your compiler* can be trusted? http://cm.bell-labs.com/who/ke... (Reflections on Trusting Trust). Any way you slice it, this is a *hard* problem.

Comment Codify common sense... (Score 1) 804

I wholeheartedly agree. If we can't get rid of zero-tolerance or "THE RULES", perhaps the "bright guys" at the top could try to codify common sense. Something like:

Here are "THE RULES" 1-N...

Rule N+1 is: You must make a good faith attempt to understand the context of and apply common sense to each individual situation. If you do not, these rules hold you to be just as accountable (or more at fault?) as if you had completely disregarded them.

Then perhaps they could write in to the official HR description of all administrative jobs: #1 required job qualification: Common Sense.

...might work. Uh, never mind...

-N.

Comment Re:Well, what did they expect? (Score 5, Interesting) 667

This essay from Bruce Schneier goes directly to this issue:
http://www.schneier.com/essay-208.html

Government has a lot of power over you. Whereas you as an individual have very little power over the government. To balance things out, large/powerful entities should be transparent. Smaller entities and individuals get to have secrets (privacy).

Slashdot Top Deals

Veni, Vidi, VISA: I came, I saw, I did a little shopping.

Working...