Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Comment Re:So much for public charging locations (Score 2) 165

Get one of those "USB powerbank"s.

They're dirt cheap. If you don't know what they are, they are one or two 16850 LI-ion cells, a mini-USB port, and a USB-A port. The mini-USB port is used to charge the cells in the powerbank, and then you can plug your gadgets into the USB-A port, to charge them later.

Use the powerbank to suck the power from a public port first, then plug in your devices. The downside is that the whole process takes longer. The upside is that all you're risking is blowing up your powerbank. That sucks, but as I said, they're dirt cheap, and you just get another one.

Comment Desperate users (Score 2) 141

Many years ago I wrote a simple webmail server. My email address wasn't even on the login screen, just my company name. There have been more than one occasion over the years when some customer of an internet provider that used my webmail server needed technical support, and apparently managed to Google the company name, find my email address, and ask me for a password reset, or something along those lines...

Comment Re:Google is being dumb (Score 1) 90

No. USB-PD is not a "firehose". That is not how electricity works. USB-PD specifies certain discrete voltage levels, but you can draw as much or as little current as you want. Devices are supposed to have a buck converter to adapt the voltage of the input to the voltage of the battery, and they can do so at a wide range of input voltages.

The only reason to raise the voltage at the USB connector is to reduce resistive losses in the cable by reducing the required current. Once the electricity arrives at the device it can be converted to whatever voltage is appropriate for the battery, and it can deliver exactly as much current as it should. There is absolutely no reason whatsoever why USB-PD would cause more damage to a battery than Qualcomm QC, in a correctly designed device.

Comment Re:I don't hate on systemd but this is really bad (Score 1) 508

#define _XOPEN_SOURCE 700
#include <signal.h>
#include <unistd.h>
int main() {
        sigset_t set; int status; if (getpid() != 1) return 1;
        sigfillset(&set); sigprocmask(SIG_BLOCK, &set, 0);
        if (fork()) for (;;) wait(&status);
        sigprocmask(SIG_UNBLOCK, &set, 0); setsid(); setpgid(0, 0);
        return execve("/etc/rc", (char *[]){ "rc", 0 }, (char *[]){ 0 });
}

Comment Re:It's not that bad. (Score 1) 111

It's not a year-long suspension. It's a permanent suspension of trust in their current roots. They can, however, re-apply after one year - with extra auditing over what is normally required - and if and when they pass that they may be let in again. If they do nothing, they don't get back in for free after a year.

Comment Re:Fabrice Bellard is awesome. (Score 4, Informative) 92

Too bad this isn't his.

Fabian Hemmer (http://copy.sh/, copy@copy.sh)

I have no idea where the submitter got Fabrice Bellard from. This is hosted on a completely different site and authored by a completely different person. Yes, more than one person is capable of implementing an x86 emulator in Javascript. Bellard wrote his and never released the (editable) source; this guy, OTOH, wrote a more compatible emulator of his own (runs more than Linux) and open sourced it.

This is also old news, I remember seeing it quite some time ago. The site has been up since 2014. Slow news day much?

Comment Google (Score 1) 149

Dunno if that could ever possibly happen, but consider the following scenario

1. A poorly administered ISP ignores the fact that it's infested with zombie DDOS proxies.

2. Google starts returning a static web page stating "Your internet provider is unable to reach Google, please contact your Internet provider for support." message, instead of their home page, for queries from that ISP's IP address ranges.

Probably just a pipe dream for a lazy Sunday afternoon.

Comment Re:The solution is horribly obvious (Score 1) 84

The problem is not "trusting" the proprietary crap, the problem is trusting it to improve security in any measurable way.

Android full disk encryption is just as secure as LUKS (in fact, under the hood it's dm-crypt just like LUKS, the key derivation is just different). This doesn't break the FDE. You still need the passphrase. What this does is break the "you need the hardware to access the FDE and we're going to impose additional non-provable restrictions such that you can keep using your 4-digit PIN and it'll be secure, promise" bunch of hot air that vendors like to sell you. Just like the FBI cracked that iPhone's FDE - by bruteforcing the passcode. This lets you bruteforce Android's FDE offline after a one-time attack on the hardware.

I use CyanogenMod on my phone. I have my FDE passphrase set to a long string, independent of my (shorter) unlock code. This attack doesn't affect me because my FDE passphrase is not bruteforceable in a reasonable amount of time. This only affects people who still think using a 4-digit PIN to secure FDE on their phone is a good idea because Apple and Qualcomm pinkie-promise that their secure tamperproof hardware can limit bruteforce attempts enough to make that a reality.

Comment Re:Blantant? (Score 5, Interesting) 181

A security researcher who goes around looking for ATM skimmers should know that the magstripe reader always goes along with a camera for the PIN pad, and that the electronics inside the card reader part aren't the whole story.

It's completely obvious once you look for it, once you know a skimmer was installed on the card slot, especially having another pristine ATM right next to it to compare. Nobody's going to blame someone for not noticing a skimmer in the first place, but once you know one was installed, yes, the PIN pad part is blatant.

Slashdot Top Deals

"The chain which can be yanked is not the eternal chain." -- G. Fitch

Working...