Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Comment Re:Help Me (Score 1) 253

I guarantee you that I can find a piece of paper older than 25 years quite easily. I probably have one in my attic.

I can find you a microscope and telescope even older.
Or if we're talking electronics, electronic games and games older than 25 years.

25 years is, to be honest, pathetic in terms of longevity. I have electronic toys from my childhood that haven't been particularly looked after which still work just fine.

To be honest, I'm sitting here thinking "Only 25 years?". I have a 1960's memory chip on my desk. It's the size of a dinner plate. If I had the room-sized supercomputer that went with it, I might even be able to tell you if it's working. I see no reason for it not to as it's in perfect condition and still in the original box.

25 years is really pathetic.
And how much tech has lasted that long? A handful of things across the world.

How much is going to last 50-100 years? Almost nothing.

And there goes entire periods of history with no permanent record, of technology or data.

To give you a clue, this memory chip only has the code C630-5150-T001 on it. Find me a spec sheet. A manufacturer. Tell me what it does or how to interface with it.

It's pretty, but it's completely dead technology without spending literally tens of thousands to analyse how it works and destroying it in the process.

Now consider what's going to happen to everything else by the time they are that old. It's only another 20 years that you're asking of this C64. By then, even the generation that grew up with it and now enjoy it on emulators will have started to forget about it, and certainly how it works. You think your grandchild's generation are going to care at all, even the archivists and museum curators?

Comment Re:The problem with privitization? Or just no shit (Score 2) 448

Was the first Arctic traversal a government mission?
How about the first summit of Mount Everest?
How about the first flight?

Nope.

Either private enterprise or not-for-profit groups.

Government does little in the way of firsts as they are bound by health and safety laws and sending people on fact-gathering missions is generally a waste of money. Technically the moon missions would come under military, even then, wouldn't they?

Don't wait for your government to be the first to cross the Atlantic or swim the English Channel. It ain't going to happen.

To quote XKCD: "For Man has earned his right to hold this planet against all comers, by virtue of occasionally producing someone totally batshit insane."

Comment Re:The answer (Score 1) 114

Where's that "So you think you have a way to block spam?" fill-out-form joke?

A website, or a game server, is EXACTLY the kind of machine that receives a significant portion of its requests from people it's never seen before.

On top of that, a DDoS doesn't care if you "block" it. It's still consumed 1Tb of traffic. Even if every single packet never reaches the server, the DDoS will knock you offline by swamping your connection.

You can "firewall" it right at the first point that your connection comes in. It still consumes your connection.

You have to ask your upstream to block it - who have EXACTLY the same problem. They block it, but it still consumes Terabytes of otherwise-usable bandwidth to do so.

I'm afraid your suggestion would tick almost every one of the the "Will not work because" boxes.

Comment None of the above. (Score 3, Insightful) 78

"So what will be the impact of this? Will we see cheaper, lower-power encryption devices? Or maybe quicker cracking times in brute force attacks?"

Neither.

It's a method to discover primes using elimination of non-primes up to the square root of the number you're after.

If you can get that far, you can get to the prime itself quite easily. It's not going to help discover new large primes without eliminating BILLIONS of numbers in between.

And from there it has nothing to do with cracking encryption whatsoever.

The impact of this is that a child's method of eliminating factorisable numbers slowly takes up slightly less storage space (i.e. slightly less variables held in RAM) than before. It's not a breakthrough in maths, but a slight efficiency saving in the computer science to perform the algorithm in practical terms.

Comment Control and management (Score 2) 277

Though it doesn't seem to apply to home networks, how can you be an IT professional of any kind and NOT know what's coming into or going out of your network?

If nothing else, precisely because of things like this where your CCTV NVR or your thermostat could be hacked and doing whatever it likes. In fact, DDoS of someone else is the LEAST of your worries if someone is able to coax your devices into running arbitrary code on your local network.

Sorry, but this kind of thing needs management and there isn't a home router on this planet that does things like send you an email when a "new" device connects, or alerts you to unusual activity from your local network devices.

Comment Really? (Score 1) 199

So the US are openly picking battles with Russia AND North Korea now?

Guys, seriously, has the terrorist thing worn thin or something? Or have you realised that piling into other people's countries and "fixing" them achieves fuck-all that people in that country consider "fixing"?

If you want another hundred billion for the military just say so, stop picking fights with people who either do - or may soon - have the capability to fight back once and for all.

And if the Russians are manipulating your election and affecting your candidates, maybe you should look at your election and candidates instead of the Russians. Because, for sure, you'd do exactly the same if you could over in their country.

How about fixing your election system and having news channels that report on real things, like who's taking backhanders, what crappy laws have been slipped into completely unrelated bills, and such-like?

Oh, sorry, that would involve having impartial news channels not already owned by the people in charge, right?

Comment Re:200 Million Yahoo "Users" (Score 2) 169

They should.

It's literally best practice and the way any sensible organistion should do it. An authentication server is just that - it authenticates. Whether that's RADIUS or whatever else, it should do one job and do it well and have the minimum amount of access necessary to do that job.

With someone like Yahoo's money and resources there is no excuse.

And with an auth server farm, how do you get hacked? It has to be deliberate insider intrusion (i.e. someone who works on those machines). Done properly, even sniffing the entire network around it wouldn't do much and certainly wouldn't be able to affect older logons.

If the auth servers were just doing auth, and nothing else, and isolated, and had a single "auth" port exposed that ran a limited-scope protocol that only returns the bare minimum of data, the scope for attack is almost zero. And you literally lock them away and don't let anyone but your most trusted engineers touch them.

So it's quite obvious that all these places that do get hacked AREN'T running proper auth servers at all.

Even Steam, when it had credit card data stolen, the data was encrypted (so nothing ever came of the data leak) but... how did they get that? Why is that not stored on a completely isolated system? Why were they able to get historical records rather than only those flying over the live network (which is, I admit, harder to secure)? It means it wasn't isolated and secured.

Even CA's have had their root certificates compromised and you'd expect that to be the most secure thing in the world. Literally, make them on an offline computer, generate and sign some other root certs that you actually use, and then switch that thing off and never turn it on again unless you need it.

But, in real life, despite all the posturing about security, none of this ever happens.

The curse of general-purpose operating systems, general-purpose computers and even - as could happen in real life if people took your suggestion - using VM hypervisors as the gateway between your data and the VMs running the outside services (nothing wrong with VMs themselves, so long as the entire server farm was completely isolated from all the others - personally, for an auth farm, I'd use physical servers only to reduce the attack area even more).

Comment Re:200 Million Yahoo "Users" (Score 1, Informative) 169

200m user details stored in one place that can get hacked?

I wouldn't hold your breath here.

At most, you'd expect some kind of isolated authentication service, separate from the rest of their servers but I doubt it.

If someone has just sucked it out of a SQL table, the chances of it being properly hashed and salted are minimal. And the chances they used MD5 - which even hashed and salted is cracked beyond belief nowadays - rather than something sensible? Minimal.

Comment Re:how is this still relevant? (Score 1) 382

Because this is new evidence that may show someone lied to the court, or provide new avenues for charges?

If this guy was asked "Did you delete emails?" and said no, this case is wide-open again because he could be found to be lying based on this discovery. If his competency was used as a factor in ensuring the regulations were met, that might be brought into question by experts if the court interprets this evidence in certain ways.

Double-jeopardy doesn't apply if new evidence is brought in most countries.

But then, most countries don't have nonsense laws like that anyway, or prescribe them in such a way that they only stop harassment of a defendant rather than letting murderers get off because the lawyers were stupid but it doesn't quite qualify as a mistrial.

Comment What an oversight. (Score 1) 382

I'm just laughing.

A House Oversight Committee.

To me, that just sounds like a committee that looks and sees what it can forget to check or do, not a committee that watches and manages a set of people.

I know that, technically, the word also means to manage people but... that's not what I think when I read it.

And the summary headline just makes it worse. It makes it sounds like it's happened by accident.

Slashdot Top Deals

I THINK MAN INVENTED THE CAR by instinct. -- Jack Handley, The New Mexican, 1988.

Working...