Please create an account to participate in the Slashdot moderation system


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 Internet speed test! ×

Comment Re:Numbers (Score 1) 575

How does this absolve them of the fact that they were revoking his seat entirely for their own convenience? The captain may be in charge, but the airline should still be held liable for his decisions.

Choosing to not honor his ticket may be their right, but I don't see why that absolves them of any and all responsibility. They took his money and then denied him service entirely for their own convenience. That is 100% on them.

Comment Re: Soooo missleading Title... (Score 1) 120

How does "not as bad" fit into this at all? We are liberties pretenders.

The ability to complain is requisite for freedom; not sufficient alone. As long as people can be imprisoned, and are at terribly frightening rates; the highest in the world, we are not free.

As long as all the government needs to do to put you in prison is produce a physical object and claim you had it, whether that object is guns, or drugs, or religious symbols or any simple thing....we have no freedom.

As long as we can be survieled and have evidence trails "Constructed" to deny us the right to a fair trial, hell, while the president can deny us a fair trial.... we have no freedom.

Being able to complain about it is....nice. I will give you that.

Comment Re: Soooo missleading Title... (Score 2) 120

> What part of individual freedom and limited government as written in the US Constitution is morally wrong?

You are putting words in his mouth. I live here in the US and I certainly don't look at our country and say "paragons of freedom and limited government", not by a long shot.

If anything, the betrayal of those principles is why I would agree, there is no reason to love the US. We are liberties pretenders. We have made an entire industries out of imprisoning people for what they would choose to put in their own body, then used it to justify more and more surviellance and restrictions on liberty.

That is before even getting to the murderous terrorism we call foreign policy.

Comment Re:This! (Score 1) 126

Not going to lie, I miss keepass and its autotype function. I tried to mock something up with xdotool but never really worked right.

That is mostly what I did, though instead of a thumb drive I just used git to keep some copies around...though, on windows I just used scp because I had trouble with git-annex. I never trusted thumb drives that much. I have lost data from them and if a backup procedure is too manual, I know I wont follow it.

Then I bought a yubikey, and the more I looked at it, the more attractive the password-store model was. Worst case scenario, the only tools I really need are ssh, git, and opengpg. The only backup data, aside from my multiply-replicated repo is my restoration keyring, which can be copied to several USB sticks and is valid for potentially a decade or more. I can toss one in a bank safe deposit box (and some day I will get around to doing that!)

You CAN setup a yubikey in OTP mode with keepass via a plugin, but, OTP mode is suboptimal and could be very problematic if you have sync/backup issues.

Comment Re:This! (Score 1) 126

1. Yes but, you can have many git servers. Each repo is a full copy so central repos are basically throwaway. Lose one, make a new one, push to it.

2. The amount of available resources is amazing but, still, nobody cracks gpg encrypted files, nobody is dumb enough to try. Keeping up with the tool chain and updating keys every few years as the recomendations and capabilities change should do you fine.

generally the weak point anyone would assault a gpg based setup is either key storage or end point usage.

Nothing will stop a malware you don't know about from scraping the decrypted passwords as you decrypt them. If you store keys locally in an exportable form and type the decryption passphrase, then it can all be stolen by maleware as well.

However, if you store subkeys on hardware that can't export them, and requires a touch, so it can't be used as an oracle easily.... then the best they can do is that.

In this scheme each password has its own decryption session key, and that key is the only sensitive data that the hardware key works with. At best they get one message at a time, as you use them; and that requires that they own your endpoint in some way.

Comment Re:This! (Score 1) 126

In a twisted way it makes sense. File loss is more common a problem than actual compromise. This absolves them of needing to offer a solution.

Personally I ditched even keepass for password store because it solves this by supporting git for sync.

Its cross platform, uses gnupg in the back end, meaning no custom encryption code and a well known, trusted code base. Plus, because it is gpg based, all but a couple of special snowflake implementations natively get the benefit of hardware keys that gpg supports.

Since the gpg keys can be used as ssh keys, the whole process becomes seamless.

Comment Re:Cash (Score 1) 270

Sure they do, society often is is piss poor at determining who should be classified as a criminal. I shudder to think how terrible it would be if law were perfectly enforcable; especially since its creation remains so imperfect.

Society loses a ton when bad laws are enforced and criminality is used as a weapon to subjugate it.

Comment Re:Poor Governance (Score 1) 63

> It amazes me in this day and time that there are still rogue accounts in large enterprises

I would like to be shocked but, I got over that years ago. I actually got called to a desktop support case once that turned out to be "someone broke in". Did some random damage to equipment that didn't make sense (looked like they had a go at the floppy drive of an old laptop with a screwdriver, in a rather rude way)

Before I updated my ticket and left it up to security to deal with though.... I did think to check who the last logon was on the PC. My jaw hit the floor when I saw the name was clearly a test account. In a slight rage I typed the name of the test account in as the password and it logged me in.

Right there from the users desk I looked up the name of someone in the domain admin group and called them up to confirm.... the new production domain.... the new one that was going to banish all the shared accounts with bad passwords.... had well known test accounts with obvious names and passwords.

Comment Re:Scammers don't use real numbers (Score 1) 97

Right, I don't actually DO any of the things I was claiming, I just lie to him. Its so much easier than actually going through with it. I put him on speakerphone and go about my business while I fuck with him.

No videos, but one dude totally caught on and started singing to me before he hung up.

Comment Re:Scammers don't use real numbers (Score 1) 97

> The scammers have become wise to this. They refuse to deal with Windows 98 and Windows XP on grounds that Microsoft has announced their end of support.

So much effort anyway....its easier to not setup a VM and...get this.... Lie to them.

Its fun. Treat it like a video game. Its role playing practice. Your just rolled a new character "stupid user". Just pretend to be the dumbest user you ever tried to help, and imagine what issues they might encounter. Feel free to be "too smart for your own good".

My favorite was when one guy asked me to open a link "in chrome", I agree. 3 mins later he is asking "whats going on now?" "oh I am installing chrome" "oh so you have a web....ok" He waited another 5 minutes before checking in again.

Hint: I wasn't installing chrome

Comment Re:Old movies (Score 2) 257

I love Dr Who but I had to come to terms with the fact that it is not really science fiction so much as science fiction themed fantasy. It is well written fantasy and it plays at being science fiction but, they really just do whatever.

In fact, we are not alone, I recently found a rant that sums it up well; I still watch the show but, its a good steady fuck buddy, not really relationship material:

Slashdot Top Deals

Too much of everything is just enough. -- Bob Wier