Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Comment Re:OpenVPN port tcp/443 (Score 2) 26

To be fair, OpenVPN isn't really designed to obfuscate the nature of the traffic any more than IPSec does. Both are about creating secure tunnels, with OpenVPN being very easy to configure and maintain as opposed to the pain that is IPSec. I use OpenVPN a lot, both for our road warriors, and to create the secure tunnels between our locations. In that role it really is an incredibly nice piece of software. But if I were looking at making something whose intent was to disguise that I was encrypting traffic at all, it's not the tool to use. Now as I understand it OpenVPN is pretty modular, so I would imagine if someone were to come up with some other encryption mechanism meant more to get around deep pack inspection, that would probably work, but as I said, such methods will inevitably make for a slower tunnel, and as OpenVPN is more of an infrastructure VPN, I'm not sure it's quite the right tool for that job.

Comment Re:Through democracy, careful planning (Score 1) 250

The trouble with all that is branding. When the right wing start a debate they've got simple answers to complex problems. They're always the wrong answers, because if a problem has a simple answer then, well, by definition it's not complex. But those simple answers feel good, sound good, and just got a Demagogue elected President of the United States...

Norwegian here, you don't think socialists have simple answers? Some people have a [something] problem, let's regulate [something]. Which means that right now at 8:30 PM on a Monday I can't buy a damn beer at the store. We need more money for [good cause]? Increase taxes. I could work harder, but I don't. Why? Because on my marginal dollar I pay 25% + 8.7% + 8.2% = 40% taxes and 25% VAT on most things mean I lose another 15%. Sorry for 45 cents to the dollar I'll just get an easy job (37.5 hours/week, paid overtime, flexible hours) and be lower middle class. If was in the US I'd probably work 50-60 hours/week and make $200k.

Getting kickback from creating value is not a socialist virtue, if you got lots of money you can pay lots of money is their thinking. The day we run out of oil all hell will break loose because we're lazy and think everybody deserves good pay just for showing up at work or doing meaningless paper pusher jobs. And since I can't change the public opinion and tax system to reward hard work, I've decided if you can't beat them then join them. Even on cruise control I seem to get praise for good work, which is both cushy and a bit creepy at the same time. Maybe it's just that I can't stand all the stupid and make actual working solutions from time to time.

Comment Re:OpenVPN port tcp/443 (Score 3, Informative) 26

It's actually not all that difficult to spot vpn traffic. Run some DPI and just simply look at the size of the packets being exchanged. L2TP/IPSEC/etc will all have very regular size exchanges that virtually uniquely identify them. Doesn't matter how you encrypt or tunnel it if you don't change the payload sizes.

It's like saying "You can't block my bittorrent client if I just change my port!" Actually, yes we can. And we do. Quiet easily actually.

I haven't looked closely into TOR to see if it pads with random size data, (betting they DO) but that's what they need to do with vpn to seriously defend against traffic analysis.

Even with that, it's still not bulletproof, but it dramatically increases the work and false positives on the detection side of the fence.

Comment Re:OpenVPN port tcp/443 (Score 1) 26

My understanding is that some deep packet inspection methods can determine if potentially encrypted data is being passed through a filter. Obviously it's going to be error prone, but what does that matter when the general plan is to sufficiently inconvenience people so they don't even try. I doubt the PRC cares that maybe the odd innocent bystander's data gets hit as a false positive.

As a counter to that, I have read of encryption schemes that will bypass this kind of filtering, but it's going to be a lot slower as a lot more junk data has to be thrown in to fool detection. Good for low-bandwidth needs like passing text-based emails and the like, but not much good for anything high bandwidth like voice communications.

Comment Re:DMCA is a federal law (Score 1) 186

There were a few skirmishes, sure. But notice how the feds didn't go on a crazy all out assault in spite of the location of each and every dispensary being well known and there being thousands of them.

Instead, they picked on a few where they had some shred of evidence (often bogus, but still) that the state law wasn't being strictly followed.

In return, they lost support of state law enforcement and their costs shot up.

Comment Re:What is up with airlines IT structure (Score 1) 108

It was more or less comparable if we consider aircraft from the same era - it would be dishonest comparing today's accident rates with the rates of the 1970ies, no matter which aircraft. The reasons, however, were quite different - pilot errors and general technical backwardness were the most prominent reasons - soviet passenger aircraft was technically about a decade behind. Soviet aircraft designed shortly before the breakup (Il-96, Tu-204) caught up and are generally about as safe as western aircraft and have all the modern (as in late 1980ies) airframe features, but the engines aren't as economical, hence very few of them were ever built.

Comment Re: News for Nazis (Score 1) 1527

With respect, I don't want to put a dampener on you telling people that they do not matter but it was from visitors from Israel so that would make it the " Israeli Israeli community". Perhaps they would know something of the topic Mr "just google it".

I am sure the world wants to know more about your scout master

From your childish behaviour I would guess that he died thirty years before you were born.

Since I have a modicum of politeness

From your spamming earlier full of utterly vile insults - no you clearly do not.

6th or 7th in a row

You did more than that in parallel when you decided to target me earlier.

Comment Re:Not so fast. (Score 4, Insightful) 186

Actually, lets.

It is perfectly legal for me to repair my own brakes or steering. People have done so for decades even though a failure while driving could be very bad. The upshot is simple, if you're going to work on safety critical parts of your car, you'll want to make sure you know what you're doing. If you screw up, you might face significant liability.

Comment Re:DMCA is a federal law (Score 4, Interesting) 186

He did that because he HAD to. Otherwise, he starts a small scale war where the state then makes most activities that might support enforcing the federal law illegal. Next thing you know, there are DEA agents sitting in jail while it all winds it's way slowly through the courts. Worst case (for the president), the legitimacy of invoking interstate commerce to permit the federal laws to exist ends up in court with an opponent that can actually afford to fight it.

Slashdot Top Deals

Nothing ever becomes real until it is experienced. - John Keats