Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Comment Re:Totally. (Score 4, Interesting) 122

Well considering that only Americans could be dumb enough to think this kind of low level data is "such sensitive information"

Apparently, you don't understand anything about the physical security of dignitaries and top officials.

Travel plans, routes, and details about the stops of heads of state are always considered highly sensitive security information. This country is full of extremely stupid, gullible, and ridiculously-overarmed people, and a small subset of whom probably thinks it would be a good thing to bring harm to the First Lady. The Secret Service plans the routes, the stops, provides decoy vehicles, and secures each of those locations to an incredible degree; but no amount of effort can secure every location against a patient, well-camouflaged, entrenched sniper. Uncertainty in the travel routes is one of the best ways to keep the lone wolves from being able to plant themselves along the route.

So yes, it is highly sensitive information.

Comment Re:They've already tacitly admitted the breach (Score 1) 169

I remember I also had to change passwords on Yahoo! about two years ago.

I believe there's a clue in their "Breach FAQ" where they state "the vast majority of passwords were hashed with bcrypt". It could be that their old passwords were protected with a less-secure older salting-and-hashing system, (maybe something like the original crypt() ) and by 2014 they had replaced it with bcrypt.

But even an old crypt() hash can't simply be broken on demand without a lot of CPU grinding for every password recovered. Because the old passwords were hashed, there would have been no easy way for Yahoo! to automatically migrate them into bcrypt. So after the system conversion was complete, they prompted all users to change their old passwords so they would migrate themselves to the new bcrypt-based system. People who haven't logged in since 2014 probably still have the old original hashed passwords on file somewhere at Yahoo HQ..

Comment Re:200 Million Yahoo "Users" (Score 1) 169

According to their breach FAQ, the stolen data included "hashed passwords (the vast majority with bcrypt) ". I don't know what "the vast majority" means, nor do I know what alternate form of hashing may have been done prior to their adoption of bcrypt that they're still hanging on to.

I do know that the only reason I still have an active Yahoo! account is because of their OAuth support. Well that's pretty much in the crapper now, isn't it?

Comment Re:28 websites? (Score 4, Funny) 137

If we went back in time to when there only was 28 domains, I'd bet you a Mars Bar that there were only 28 websites.

You'd lose that bet, if only because from 1973 defines 81 existing hostnames on the Internet, and the Web wasn't online until 1991.

Thus if you did go back in time to when there were only 28 domains, there wouldn't be a web, and hence no websites.

FYI, I prefer the traditional Mars bar (no almonds or peanut butter or whatever). Snack-size is acceptable.


Comment Re:The Self Reward Syndrome (Score 1) 210

First, congratulations on dropping 100 pounds! That is a remarkable achievement for anyone.

Next, I think our stories sound somewhat similar. I, too, look at data and outcomes, and as I know I'm lazy, I'm constantly turning to technology to make the mundane business of data logging as painless as possible. I have a wifi connected scale that also measures body fat, and logs every reading automatically. I weigh myself daily. And yes, I also recognized that lots of people get discouraged by the daily up and down fluctuations in weight. My motivation there is to look at the three month chart, and to see the weight line steadily descending into a healthier range. It doesn't matter that this morning I was up a pound over the previous day when the overall trend line is still on a good trajectory. Every individual measurement shows a bump up or down from the previous day; the insignificance of any one day's measurement is obvious to anyone when looking at the data in aggregation.

I also have logged everything (well, everything except for a few days while on a vacation) I have eaten since I started this journey. What helps me there is a smartphone app that scans barcodes, looks up foods in a crowdsourced database, and populates the day's journal with the data. Yes, I do have to evaluate and select the data more carefully than I'd like, but it's still easier than typing in a pile of numbers. Knowing what went in enables me to stop before I reach the day's limit. Being honest with the data is critical there. So far it seems that I could maintain this pace indefinitely, but I do see how it occasionally requires returning to the touchstone of motivation.

I know that nutrition info is always an average; so I don't get all worried about exact portion sizes, or logging a few carrots or lettuce unless they exceed a reasonable threshold. I'm interested only in a good outcome, not precision in data measurements. Along with this I do know that I have to either carefully log or avoid certain types of foods entirely - sweets and snacks are not something I can write off as not worth logging.

The activity tracker study was a bit odd. I am interested and motivated to use technology and data to drive positive changes, but I ironically ended up in their control group. So I wore their tracker, but did not have access to their step counts. I continued to wear the personal tracker I've worn for the past three years, but in the interest of the study I deliberately ignored it. After the study ended, I looked and could see that my daily counts were averaging much lower than they were when I was actively trying to meet a daily step goal. Incidentally, I also discovered that the wrist-worn tracker is far less accurate in step-counting than the hip-worn tracker.

One of the biggest hurdles I had to overcome at the beginning of this was entrusting my personal health data to random companies operating cloud services. How do I know that my data won't be used against me in some way? But I decided that my long-term health concerns had to trump the fears of unknown (and possibly imaginary) consequences.

Another thing that is important to me is that I don't have a plan, but a goal. I didn't start with an artificial "drop 60 pounds by New Years" resolution; instead I know I have to continue to lose weight until I reach the target weight my doctor and I agreed to. So far, I've lost 50 pounds in the past 7 months, with about 15 to go. And as long as the one month slope of the weight line remains negative, I have high confidence I'll get there.

Finally, buying new clothes was not nearly as motivating as afterwards when I emptied my closet and donated every single stitch of old clothes to a local charity. Now I know that if I gain weight, it's going to cost me a fortune to buy a size larger! :-)

Comment Re:The Self Reward Syndrome (Score 5, Insightful) 210

As much as this explanation appears to make sense, like anything in a social study, the results are likely virtually meaningless at the individual level. How any one person reacts to a tracker will not be predictable.

Success at improving someone's health will always be based entirely on the motivation of the person, not on which electronic toys they wear or which brand of granola they gnaw upon. Perhaps they'll find a correlation where buying Garmin branded devices is indicative of people who are more motivated than people who buy Apple branded devices, but that certainly doesn't mean buying a Garmin or an Apple will alter your chances of success.

I participated in a clinical activity tracker study earlier this year. There were so many holes in the testing methodology that I'm not sure the results will be worth the PDF they'll be printed on. Yet they'll be publishing results soon enough, and no doubt will contribute to the collective misinformation already encompassing the 'get healthy' rackets.

Comment Re:Works because of one very important fact- few t (Score 1) 111

It appears to be tied to a word count. I think that if I had cut back to one instance of the T-word, it would have been fine.

But it appears to be following the same pattern as any authoritarian's response to criticism: whether it be Chinese citizens talking about Falun Gong, or slashdotters complaining about trolls, those in charge trot out the Great Firewall and censor them.

Comment Re:universal clipboard wtf (Score 3, Informative) 200

How does it get between machines logged-in to the same iCloud account if not through the Internet?

Bluetooth and/or local WiFi. The WiFi login isn't used for communication between the devices, but only for pairing the devices together locally (that is, the devices find each other via Bluetooth and/or WiFi on the local network. A handshake is done to verify that both have successfully authenticated against the same account ID on iCloud. Then local communications is permitted. iCloud isn't involved in the data transfer, nor in the setup of a communications channel between devices).


Comment Re:Optimized storage (Score 2) 200

Please tell me "optimized storage" can be turned off wholesale. If there is one thing I definitely don't need it's a "whole bunch" more of background processes uploading random files to the remote server and deleting them from my local drive. I will manage what I store and where, thank you very much.

I guess I am sounding like an old fart I am, but MacOS is going too far in dumbing it down.

During the first post-install reboot, the OS configuration assistant asked me if I wanted to enable this (well, at least the part that makes your desktop available to other Macs and iOS devices via iCloud). For the rest I had to find the configuration in "About this Mac" -> Storage (which seems an odd place to put such a thing).


Slashdot Top Deals

If in any problem you find yourself doing an immense amount of work, the answer can be obtained by simple inspection.