Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 Internet speed test! ×

Comment Re:Reusing the same password is actually better (Score 1) 146

Yes, re-using two different passwords it better. Three is better than that. You can continue that argument until you end up with a password for each site. Then you'll probably want a password management service, unless you have perfect recall.

You seem to be describing the "surface area" of the impact after an exploit has occurred. I was trying to describe the attack surface area the would allow an exploit in the first place. This is limited to a single site for the manager scenario - the main password site. In the reuse scenario, you are impacted if any one site has an exploit against it (Twitter, Facebook, Slashdot, site XYZ, etc...) - thus much larger attack surface area.

The number of your accounts exposed after a successful attack is the same (assuming you reuse the password on all sites that would otherwise be kept in the management site). You're correct that the management site would give your attacker a nice convenient list of sites to target. I'm guessing without that the attacker would have a end-target in mind anyway. Perhaps they'd check all the mail services (GMail, Outlook, etc). Then move on to social media (Facebook, Twitter, etc). They might even check financial sites (Paypal, banks, etc).

Comment Re:Reusing the same password is actually better (Score 1) 146

Relying on a single re-used password is worse than relying on a single password service. If a re-used password is compromised, all of your services are compromised - the same result as if your password service is compromised. However, the "surface area" for attacking the re-used password is much larger. To compromise the re-used password, you only need to compromise one of the sites on which it is used, so the attacker has more sites to pick and choose from and more potential vulnerabilities.

Comment Re:Only if you use App Cards with APPS! (Score 1) 317

I think in many cases convenience will trump security

If you want convenience, you should check out PayPass or PayWave (one is Visa, the other Mastercard, I forget which). Here in Australia for purchases under $100 you can just tap your card on the payment terminal. No signature, no PIN, no buttons to press. It's also much faster than paying cash and/or getting change. If the purchase is $100 or over, then you tap and punch in your PIN, which is still pretty quick and no messing with cash.

Comment Choice of games (Score 1) 221

I've been playing PC games one handed lately (nursing an infant with the other) and I've been choosing games that suit. I've got a mouse with the following buttons/actions: left, middle, right, thumb1, thumb2, wheelUp, wheelDown.

If you're working with your non-dominant hand then innately mouse-only turn based strategy, adventure or management games are going to be your friend. At least while you retrain your mouse usage. Things like Civilization, Hero Academy, SimCity and Monkey Island.

I've also found action RPG games with a small amount of keyboard commands are extremely playable if you remap the keys to your mouse's spare commands. I've been playing Diablo 3 with all six skills and health potions mapped to the mouse. It works really well and I only feel disadvantaged when I want to shift click to stand still and attack - which I'm one button shy of being able to map. With good character and skiill choice you could probably offload a 5-minute buff to the keyboard (numpad-enter or tab).

I haven't figured out how to play FPS games competitively yet, but binding move forward and one side-strafe to the mouse might get you started.

Slashdot Top Deals

Economists can certainly disappoint you. One said that the economy would turn up by the last quarter. Well, I'm down to mine and it hasn't. -- Robert Orben