Comment Re:Tethering (Score 1) 126
Of course you don't have a driver - you bought a $35,000 car.
Comment Re:Who doesn't hash/encrypt passwords? (Score 1) 304
I assume that you can copy and paste, so apparently the article has been updated. It now reads: "On some systems, the server will check a cryptographic signature on a token...".
But the answer to your question is yes, it matters. When the place it fails to match changes, this information is leaked by the response time. This is how an attacker extracts information from random guesses.
Comment Re:And that attitude is the whole problem (Score 1) 773
You know, attitudes like yours are IMHO the root of all that's wrong with computers today. And I'm saying that as a programmer, not as Jane Grandma. The whole idiotic OCD idea that you _must_ make up rules about everything, and that your rules are more important than what people are actually trying to do. The idea that if even someone's name doesn't fit "your" database, then you can just brush them off and have a beer.
Your message is more than 140 characters long, and doesn't fit in my database.
Comment Re:This is a random comment. (Score 1) 395
> it can be a small problem, I think, when "non-random" sequences are removed from possible random number generations. [...] it may take a fair slice out of the available keyspace
This is true, and could be a problem if everyone's PIN were randomly generated. Since most PINs are selected by users and conform to a known, decidedly non-uniform distribution, this actually makes sense. If it's known that e.g. 1234 is over-represented in the pool of PINs, that would be one of the first ones an attacker would try. Therefore, it makes sense to filter that out. But note that it's the over-representation of the PIN and the fact that attackers are aware of this skew that makes it worth avoiding, and not anything inherently insecure about "runs" or "pairs".
Comment Re:But better than not finding out at all. (Score 1) 199
Well, here's one from 5 days ago. I think he beat you.
Revisiting the "Holy Trinity" of MMORPG Classes 362
A feature at Gamasutra examines one of the foundations of many MMORPGs — the idea that class roles within such a game fall into three basic categories: tank, healer, and damage dealer. The article evaluates the pros and cons of such an arrangement and takes a look at some alternatives.
"Eliminating specialized roles means that we do away with boxing a class into a single role. Without Tanks, each class would have features that would help them participate in and survive many different encounters like heavy armor, strong avoidance, or some class or magical abilities that allow them to disengage from direct combat. Without specialized DPS, all classes should be able to do damage in order to defeat enemies. Some classes might specialize in damage type, like area of effect (AoE) damage; others might be able to exploit enemy weaknesses, and some might just be good at swinging a sharpened bit of metal in the right direction at a rapid rate. This design isn't just about having each class able to fill any trinity role. MMO combat would feel more dynamic in this system. Every player would have to react to combat events and defend against attacks."
Comment Re:And where did he get the password? (Score 2, Funny) 445
Either the FBI are wrong, or the article summary is.
The summary is wrong? That's unpossible!
Comment Re:Seriously, Slashdot? (Score 4, Funny) 237
they come here for (sometimes) informative, enlightened, or humorous discussion of the article and related topics.
I come here for the depressingly predictable jokes. Where's my "I for one..."? Ah, there it is.
Comment Re:Less vulnerabilities? Yeah, right! (Score 1) 230
Not sure about that.
GP is probably referring to things like address randomization, which make many types of vulnerabilities harder to exploit. I think Matasano Chargen has a good writeup if you're interested in more.
Comment Re:URL Shortners Are Bad (Score 2, Funny) 145
Initially, URL shorteners were a solution to a problem nobody had. Fortunately, Twitter came along and created a problem!
Comment Re:Kansas is unsafe but Long Island isn't? (Score 1) 275
There is no bridge to Plum Island.
Comment Re:The simple one. (Score 1) 678
> I've been rick rolled plenty, but thankfully there are no memes that involve duping people into going to NSFW sites and getting written up by HR.
Apparently too young to remember when slashdot comments would link to goatse. That was long before "rick rolling".
Comment Re:Three options (Score 1) 1032
Absolutely. I find myself using most of my moderator points marking posts as off-topic. A reply (even an insightful, informative, funny one) to an off-topic comment is itself off-topic. I've even considered saying so in my sig. And yes, I am aware of the irony of posting this, as it has nothing to do with rats or cables.
Comment Re:"Least popular"? What about Windows ME? (Score 1) 672
Totally. My home machine came with ME. I wiped it and replaced it with 2K. It was my primary machine until I got a laptop last year, and I never had a single problem with it for 8 years. I'd still use it, but the hardware gave out a few months ago.
Slashdot Top Deals
Take care of the luxuries and the necessities will take care of themselves. -- Lazarus Long
