WhiteKnight07 - Slashdot User

Comment Re:Make that the next eight years (Score 1) 1010

by WhiteKnight07 on Tuesday July 05, 2016 @04:56PM (#52451757) Attached to: The FBI Recommends Not To Indict Hillary Clinton For Email Misconduct

William H Taft - Intensely disliked even by his own party to the point that over half of them backed a third party candidate instead (Teddy Roosevelt).

And you seriously can't see this happening with Trump? Really?

Comment Re:Vulnerability Warriors meet EOL (Score 2) 76

by WhiteKnight07 on Wednesday April 06, 2016 @11:12AM (#51853201) Attached to: Quanta LTE Router May Be Most Unsecure Router Ever Made

Unless of course that router is in a hospital or medical insurance office. Then someone very well could die due to incorrect treatment or lack of treatment.

Comment HTTPS Privacy Rules (Score 3, Insightful) 29

by WhiteKnight07 on Wednesday January 20, 2016 @01:50PM (#51337505) Attached to: Rights Groups Push For Strong Broadband Privacy Rules

HTTPS is the only real answer. Rules like what are being proposed are hard to enforce. But properly implemented authentication and encryption will make such rules unnecessary.

Comment Re:I have been roling my own for years (Score 1) 247

by WhiteKnight07 on Wednesday January 20, 2016 @09:56AM (#51335319) Attached to: Benefits of a Homebrew Router

I have a pfSense router built on a C2758 Atom CPU (specifically this board: http://www.supermicro.com/prod...) paired to a couple of Unifi APs (http://www.amazon.com/Ubiquiti-Networks-Enterprise-Unifi-UAP/dp/B00HXT8R2O). Its the best home network I have ever had. And that is including some DD-WRT stuff that I used to use for wifi in conjunction with some actual Cisco gear that I used to use. (ASA 5505 firewall, 3745 router, ect...) I can't see myself ever going back to a consumer grade wifi router. Sure its total overkill. But being able to set up a Site to Site VPN to my friend's place and an OpenVPN server for remote access without having to worry about CPU usage is pretty nice. Being able to have separate SSIDs and corresponding VLANs for guests and my kids and such is also nice. The Unifi APs give better wifi than any consumer grade device I have ever used. I am seriously considering upgrading to dual band AC models.

Comment Re:Eligible for upgrade? (Score 4, Informative) 720

by WhiteKnight07 on Monday January 11, 2016 @01:56PM (#51279175) Attached to: 'Get Windows 10' Turns Itself On and Nags Win 7 and 8.1 Users Twice a Day

Apply an activation crack or join it to a domain. Either one will do the trick just fine.

Comment Re:SHA1 and Secure Hashing of Data (Score 1) 87

by WhiteKnight07 on Friday January 08, 2016 @05:30PM (#51264973) Attached to: Deprecation of MD5 and SHA1 -- Just in Time?

The fact that you say you are "encrypting" something with SHA1 tells me that you are not qualified to work on any product that uses encryption. If you must do something like this at least use bcrypt or pbkdf2. SHA1 and SHA2 are both not the best choice for what you are doing.

Comment Re:It Depends on Why You Are Using Hash Codes (Score 1) 87

by WhiteKnight07 on Friday January 08, 2016 @02:18PM (#51263341) Attached to: Deprecation of MD5 and SHA1 -- Just in Time?

And TLS 1.0 and 1.1 both use md5(data).sha1(data) to sign the initial handshake. And since concatenating hashes provides no real additional security this lets an attacker muck around with the initial TLS exchange and perform a protocol downgrade attack by defeating TLS_FALLBACK_SCSV and/or also choose the symmetric cipher used in the TLS session. While its not a full plaintext recovery of the TLS session contents it is certainly not a good thing.

Comment Re:You shouldn't use one hash. (Score 5, Informative) 87

by WhiteKnight07 on Friday January 08, 2016 @11:41AM (#51262091) Attached to: Deprecation of MD5 and SHA1 -- Just in Time?

Actually concatenating hashes together doesn't do much for security at all. In fact it does almost nothing. See: http://link.springer.com/chapt...

Comment Re:Let's Encrypt is only for encryption (Score 2) 123

by WhiteKnight07 on Thursday January 07, 2016 @11:58AM (#51255869) Attached to: Malvertising Campaign Used a Free Certificate From Let's Encrypt

99.99% of internet users are not like you. They do not understand, nor do they care about, how TLS and certificate authorities work. If they see a little lock in their address bar then they are "safe" as far as they are concerned. To most people a StartSSL cert is exactly the same as an EV cert used by a banking site. The fact that one creates a green address bar or whatever and the other does not is totally lost on them and makes no difference. Granted this is a problem. But I don't think it is one that can be solved via technical means. Lets face it. Most people just don't know enough about how the internet works to be able to use it safely.

Submission + - US Supply of IPv4 Addresses To Run Out Soon (newsfactor.com)

Submitted by gunner_von_diamond on Friday May 15, 2015 @08:10AM

gunner_von_diamond writes: The U.S. is on track to run out of IPv4 addresses sometime this summer, although most everyday Internet users aren't likely to notice any changes. For Internet service providers (ISPs), however, IPv4 exhaustion means they have to begin — if they haven't already — making plans to transition to IPv6.
Such IP address exhaustion should no longer be a problem once ISPs and enterprises convert to IPv6, the 128-bit number protocol first deployed in 1999 to replace IPv4. IPv6 will support 340 trillion trillion trillion possible addresses, but organizations currently using IPv4 will have to upgrade their networks to be able to take advantage of that much larger address pool.

Comment Re:Don't fix what ain't broke (Score 2, Insightful) 184

by WhiteKnight07 on Tuesday April 14, 2015 @11:16AM (#49470589) Attached to: Kludgey Electronic Health Records Are Becoming Fodder For Malpractice Suits

I don't think the VA is a model other healthcare providers should be trying to emulate.

Comment Re:Amazing (Score 2) 73

by WhiteKnight07 on Monday February 16, 2015 @05:26PM (#49069295) Attached to: Cellphone Start-Ups Handle Calls With Wi-Fi

This closely mirrors my own experience with Republic Wireless. I have been using their Moto G on the $25 a month plan for about a year and it has been flawless. The only wifi networks I use are at home and at the office (and the occasional free wifi at a a coffee shop, hotel, or the like) but that covers something like 70% of my phone usage anyway. I stream Pandora over the cell network every day while commuting to and from work and I have never even come close to data cap. Call hand-offs between wifi and cell and seamless and the phone is very smart about avoiding bad wifi connections or access points with blocked ports. The only real downside is the limited selection of phones. The Moto X, Moto G, and Moto E are all they offer so if you are in love with the latest iPhone or Samsung Galaxy you are out of luck. However the Moto phones are reasonable high end, mid range, and entry level devices respectively.

Comment Re:MATE's nice (Score 1) 611

by WhiteKnight07 on Friday May 30, 2014 @06:15PM (#47132517) Attached to: Which desktop environment do you like the best?

I am running three screens on two Nvidia GeForce 210s in Mate on Mint 16. (Two screens on one card and one screen on the other.) Once I installed the binary Nvidia driver and ran Nvidia's X Server Settings tool everything worked flawlessly.

Facebook Bug Exposed 6 Million Users 75

Posted by Soulskill on Saturday June 22, 2013 @09:25AM from the just-a-handful dept.

jamaicaplain sends this quote from the NY Times: "Facebook has inadvertently exposed six million users' phone numbers and e-mail addresses to unauthorized viewers over the last year, the company said late Friday. Facebook blamed the data leaks, which began in 2012, on a technical flaw in its huge archive of contact information collected from its 1.1 billion users worldwide. As a result of the problem, Facebook users who downloaded contact data for their list of friends obtained additional information that they were not supposed to have. Facebook's security team was alerted to the problem last week and fixed it within 24 hours. But Facebook did not publicly acknowledge the flaw until Friday afternoon, when it published a message on its blog explaining the situation."

Submission + - Scientists Are Cracking the Primordial Soup Mystery (vice.com) 1

Submitted by derekmead on Saturday April 13, 2013 @01:13PM

derekmead writes: Scientists have had a basic understanding of how life first popped up on Earth for a while. The so-called "primordial soup" was sitting around, stagnant but containing the basic building blocks of life. Then magic happened and we ended up with life. It's that "magic" that has been the sticking point for scientists, but new research from a team of scientists at the University of Leeds has started to shed light on the mystery, explaining just how objects from space might have kindled the reaction that sparked life on Earth.

It's generally accepted that space rocks played an important role in life's genesis on Earth. Meteorites bombarding the planet early in its history delivered some of the necessary materials for life but none brought life as we know it. How inanimate rocks transformed into the building blocks of life has been a mystery.

But this latest research suggests an answer. If meteorites containing phosphorus landed in the hot, acidic pools that surrounded young volcanoes on the early Earth, there could have been a reaction that produced a chemical similar one that's found in all living cells and is vital in producing the energy that makes something alive.

Slashdot Top Deals