Follow Slashdot stories on Twitter


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 internet speed test! ×

Comment Re:Personally I disagree (Score 1) 99

But what do you *do* during those mini-breaks? I'm speaking from experience and intuition here, without data to back me up, but I doubt you would find yourself any more prepared to tackle the task if you were switching to another of similar importance & difficulty, as opposed to doing something relaxing. I find there is a big difference between a conscious decision to take a break from doing something, and having things intrude on your time and attention in an uncontrolled manner.

Concentrating on something for a long time, taking a break, then coming back to it is not the same thing as trying to concentrate on multiple things at once, or having a constant stream of distractions.

Comment Re:Use a passphrase (Score 1) 167

As opposed to the zero attempts required to unlock a private key file which is not protected. OP is concerned about both loss and theft of their keys; if theft is a serious possibility, I fail to see how setting a passphrase will make things less secure. Also, a passphrase is not necessarily a single word; it is - as the name implies - an entire phrase, of arbitrary length, punctuation included.

Comment Use a passphrase (Score 3, Informative) 167

Simple: require a passphrase to access the private keys, then back then up like any other file. PGP utilities allow this, and it should suffice for anything interactive.

For anything non-interactive, it may be still be possible to use a passphrase if there is a way to load the passphrase from disk (rather then keyboard); keep the files containing passphrases as private as they keys themselves, but just recreate them if they're lost. *Something* along the line has to be committed to human memory, otherwise you fall foul to the cryptographic equivalent of the "analogue hole" (I.e. if everything needed to decrypt the data is available without human intervention, an attacker just needs that data, they don't need you).

Comment Compared to the ITER? (Score 1) 182

I know this is a summary, and I expect the full figures will be behind one of the links; but honestly, if you aren't going to provide the actual comparison, don't tease us. The ARC reactor (which stands for what, I might ask?) would take 4 or 5 years and around $5 billion to build, compared to the ITER, which is expected to take how long, and cost how much?

Apples are a mixture of red and green in colour, have a crunchy texture, and provide roughly 52 calories each; compared to oranges, which are also a thing which exist.

Comment Re:Karma! It IS a bitch! (Score 1) 245

I think "cynic" is an understatement. What exactly do you think "the 1%" is? A made-up term for a group of particularly well-off individuals, or a secret society who actually meet and organise under that name, and could orchestrate this entire thing in the name of controlling public opinion?

Stay on the medication.

Comment Re:How does it work (Score 2) 247

Not if that key is created and stored at rest on remote infrastructure (e.g. the servers of Apple, Google, Facebook, Microsoft, and so on). Think about that for a moment or two, and you begin to realise why such backdoors undermine security so fundamentally: the only way to ensure users can't simply delete (or, more realistically, prevent transmission of) the second copy of the key is to mandate that the encryption happens on the server, not the client; so not only is it a bad idea for these second copies to exist in the first place (providing a new target for attackers, who now only have to crack a single master key to decrypt their entire haul, rather than a key per user), but it also reopens all the security and privacy concerns of transmitting a plaintext payload (encrypted in flight, but in the clear at both ends) and trusting "the cloud" not to abuse it.

You get the worst of all worlds: your data is officially readable by the government; attackers gain new, promising attack surfaces; and you get to go back to worrying about what the corporations might be doing with your trade secrets. Enjoy!

Comment Re:This is really wierd (Score 1) 184

And as a result of Paris, there is a lot of racism directed at muslims the last couple days, or at least it suddenly feels like so. Nobody yet realizes that calling for the mass execution of muslims because they are evil and rape and murder sounds stunningly like Nazi rhetoric against the Jewish (just as untrue), and worse, it appears as though now it's culturally acceptable.

I have noticed the same thing. Whilst it does not appear to be universally acceptable, unfortunately it seems to me that it is the viewpoint of those who are most outspoken, particularly on social media, which turns it into an echo chamber. How do we combat this without simply getting into an argument with such people? There is no evidence that trying to reason with these people via the Internet achieves anything - in fact, there are countless forum posts and article comment sections which point to the exact opposite; arguing with anyone with such vehement beliefs in an environment without tone of voice, body language, and face-to-face contact only degrades into name-calling.

How do we *effectively* communicate that we do not wish such a thing to become culturally acceptable? Is it even possible, when mass media is intent on only ever reporting bad things?

Comment Re:Bottom line (Score 1) 86

That may be how it is, but it is not necessarily how it has to be. It is possible to build a system where the data is encrypted with per-user private keys, which never leave the user's device(s) - at least, not in the clear, and ideally only when being migrated/copied to other devices. Do all the crypto on the device, transmit & store it with private keys unknown to the owners of the infrastructure.

For all I know, this might in fact already be how iTunes & iCloud work already; that certainly seems to be the implication in the statement that data is "placed under the protection of your passcode ... [therefore] it's not technically feasible for us to respond to government warrants for the extraction of this data" (from your link). I'm pretty sure various online back-up services work this way.

Of course, there has to be a certain level of plaintext metadata: the fact that you have an account is not secret, nor are the amount of data stored, the access times, and the network addresses of devices used to access it. But the data itself? A system in which the service provider doesn't have centralised private keys is absolutely, completely feasible.

Comment Re: Bottom line (Score 1) 86

Could you clarify? References to Skype may or may not be relevant, but direct end-to-end communications is most certainly not impossible. It may be difficult in practice with contemporary IPv4 deployments (most devices are not directly addressable from the public Internet due to NAT), but of course it can be done: as long as it is possible for two devices to connect (which evidently it is, or we couldn't have an Internet at all), there is no "magic" which mandates that one or other of those devices be a corporate-controlled central server.

Central servers - effectively, brokers - do provide a lot of convenience: one place to publish & discover user presence, no need to bypass NAT at the endpoints because both connections are outbound, store & forward of messages for offline users, etc. But you *could* have a purely peer-to-peer network with offline exchange of contact details, or a central server used for nothing but storing details by which a user's device can be directly contacted.

Unless you count "routers" as "servers" - but with suitably randomised addressing and strong encryption, all that router logs will tell you is "device A sent some data to device B", nothing about the *meaning* of the data or the people behind it.

Slashdot Top Deals

(1) Never draw what you can copy. (2) Never copy what you can trace. (3) Never trace what you can cut out and paste down.