Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 Internet speed test! ×

Comment Re:3des (Score 1) 213

From the first article linked:

The PIN information is encrypted within Target’s systems and can only be decrypted when it is received by our external, independent payment processor. What this means is that the “key” necessary to decrypt that data has never existed within Target’s system and could not have been taken during this incident.

Comment Re:Can encyption experts chime in? (Score 3, Insightful) 213

You're assuming the PIN was in any way related to the 3DES key. That's almost certainly not the case. More likely, Target requests a transaction key from the bank which is then used to encrypt the PIN and sent the encrypted PIN to the bank. The bank then decrypts the PIN using the 3DES key and verifies the PIN.

They probably should switch to RSA or some other public key algorithm. With 3DES, both parties need to share the key. With RSA, there is a public key and a matched private key. If the public key is compromised, it's no big deal. Since the bank retains the private key and doesn't share it, it's at least theoretically more secure for this kind of transaction.

Comment Re:3des (Score 1) 213

The article also says "Target does not have access to nor does it store the encryption key within our system." The problem is that 3DES is a symmetric encryption algorithm; both parties need to share the same key to encrypt or decrypt anything. So at some point, they needed to have a key for the transaction.

Comment Re:Most of this will be about internal politics (Score 1) 519

I think you'll find the Japanese consider China's intent to wrest control of the Senkakus from Japan's administrative control as an aggressive act... or do you consider Japan to be "on the other side of the planet" from China? The U.S. considers it aggressive (to the extent the Obama administration has a coherent foreign policy which can be differentiated from abject appeasement at least) because it has important strategic allies in the area, namely Japan, South Korea, Taiwan, the Philippines and other Southeast Asian nations. In economic terms China is also an important trading partner to the U.S., and anything which destabilizes the area, or interferes with the flow of trade will impact this partnership to the detriment of both. And lastly, the U.S. has a possession in the area (i.e. Guam), not to mention its treaty obligations to assist the Japanese from outside threats.

Failure to recognize these and to take them into account, while may be good from a "rose colored glasses" perspective, is nonetheless both naive and ignorant.

Comment Re:Most of this will be about internal politics (Score 4, Informative) 519

It's more than purely symbolic. There are extensive undeveloped natural resources in the area which the Chinese would like to control. The islands also lie at a strategic location between the Pacific and the East China Sea, and just north of Taiwan. If the Japanese, Americans and Taiwanese do nothing to abate this, the Chinese will be emboldened to act more aggressively in the area.

Submission + - Anonymous Hacks Federal Sentencing Commission website -- Posts Video ( 2

anagama writes: ""This time there will be change, or there will be chaos." In response to the disproportionate prosecution of Swartz, Anonymous hacked the US. Sentencing Commission website and posted a video. One interesting thing discussed in the video, is an encrypted file that it is hoped will spread far and wide (mirror list — appears to be files related to Supreme Court Justices), the key for which would be released if reforms are not enacted. As for the statement itself, the text is available in the ZDNet article and mirror list linked above, and includes this clearly self-aware statement: "We [who] make this statement do not expect to be negotiated with; we do not desire to be negotiated with. We understand that due to the actions we take we exclude ourselves from the system within which solutions are found. There are others who serve that purpose, people far more respectable than us, people whose voices emerge from the light, and not the shadows. These voices are already making clear the reforms that have been necessary for some time, and are outright required now.""

Submission + - Operation Last Resort-Anonymous takes revenge for Swartz (

emil writes: "Late evening Friday, January 25, U.S. Sentencing Commission website ( was hacked and encryped government files distributed by Anonymous, which threatens to release decryption passwords should the government not comply with demands for legal reforms. Anonymous cited the recent suicide of hacktivist Aaron Swartz as a "line that has been crossed" in the retaliatory defacement. Anonymous has not specified exactly what files they have obtained. The various files were named after Supreme Court judges. At a regular interval commencing today, Anonymous will choose one media outlet and supply them with heavily redacted partial contents. Anonymous called the launch of it new campaign a "warhead."!"


Submission + - Anonymous Warhead Targets US Sentencing Commission

theodp writes: Late Friday, Violet Blue reports, the U.S. Sentencing Commission website was hacked and government files distributed by Anonymous in 'Operation Last Resort.' The U.S. Sentencing Commission sets guidelines for sentencing in United States Federal courts, and on the defaced website Anonymous cited the recent suicide of Aaron Swartz as 'a line that has been crossed.' Calling the launch of its new campaign a "warhead," Anonymous vowed, 'This time there will be change, or there will be chaos.'

Submission + - H.265 Codec Standard Has Been Approved (

An anonymous reader writes: The H.265 codec standard, the successor of H.264, has been approved, promising support for 8k UHD and lower bandwidth, but the patent issues plaguing H.264 remain.

Slashdot Top Deals

Your computer account is overdrawn. Please see Big Brother.