hazard - Slashdot User

Comment Re: how realistic is this? (Score 1) 49

by hazard on Sunday August 19, 2018 @02:35AM (#57152884) Attached to: New VORACLE Attack Can Recover HTTP Data From Some VPN Connections

They would send the same cookies - but packet length would be different also, so as I understand you'd need to open each URL at least twice to make one brute force attempt.

I agree that if attacker is already sitting in the middle of your traffic, and moreover can direct you to his malicious site, there are a lot of other attack vectors to worry about.

Comment Re:how realistic is this? (Score 1) 49

by hazard on Sunday August 19, 2018 @02:30AM (#57152870) Attached to: New VORACLE Attack Can Recover HTTP Data From Some VPN Connections

You mean it is possible to force loading of the parent URL from cross-domain child? I was under impression that it won't work without specific code to support that on the parent side.

Comment how realistic is this? (Score 2) 49

by hazard on Saturday August 18, 2018 @05:56PM (#57151384) Attached to: New VORACLE Attack Can Recover HTTP Data From Some VPN Connections

It seems that the attack requires the victim to load the same page many times, in order to measure differences in packet length? In real life, how often one visits the same page (and this page doesn't change)? If I understand this correctly, the attack will be very slow in real life, apart from some specific cases where user visits a website which reloads itself continuously.

Also, in this day and age, would anyone trust authenticated sites which do not use https? These sites themselves are the main problem.

Comment Isn't for stupid people (Score 2) 472

by hazard on Wednesday November 01, 2017 @02:53PM (#55471133) Attached to: Perl is the Most Hated Programming Language, Developers Say

Perl simply throws your incompetence straight in your face, while other languages will not hurt your ego so much.

Yes guys & gals, complex constructs will take time to grasp. In return, Perl allows to write good & compact code and professionals will understand it much quicker compared to other languages, simply due to a smaller amount of code they have to read.

Comment Re:Thanks for all the Fish Wrapper (Score 1) 1521

by hazard on Thursday August 25, 2011 @04:57PM (#37212128) Attached to: Rob "CmdrTaco" Malda Resigns From Slashdot

This story made me realize that I have been following Slashdot since 1998, e.g. ~57% of my life. Wow, what a waste. :)

Seriously, CmdrTaco, congrats. It must be special to be part of something that has literally changed the world.

P.S. And it sucks to be in the 4 digit UID club.

Comment Iridium/Globalstar/Thuraya (Score 1) 232

by hazard on Sunday June 21, 2009 @04:01AM (#28408733) Attached to: Best Handset For Freedom?

Your best handset for freedom is the one which does not pass through the government-controlled networks. E.g., Iridium, Globalstar, Thuraya. I'm sure that this is the way at least some of the information is leaking out to the West. If somebody catches you with it - well, don't let them do that. Newer handsets are pretty small and look like normal mobile phones.

Comment The computers are not Russian, but European (Score 5, Informative) 324

by hazard on Tuesday October 16, 2007 @03:02AM (#20992145) Attached to: Why ISS Computers Failed

The article is misleading. The computers are not actually of Russian make, they were supplied to Russians by Europeans (EADS). See here.

Slashdot Top Deals