Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
Compare cell phone plans using Wirefly's innovative plan comparison tool ×

Comment A few obvious corrections (Score 1) 43

First, DES is 56 bit (near enough 60). Triple DES as per first mode (the authorised standard) is 168 bits. The article fails to distinguish, implying the authors are just a little bit naff. 3DES seems to be quite safe, as long as not used in DES emulation mode. And who the hell emulates a mode that was broken in the 80s?

Second, Blowfish was replaced by TwoFish, ThreeFish and Speck. Skein, an entrant to the DES3 challenge, makes use of ThreeFish.

Third, the Wikipedia page states it has been known for a long time that weak keys are bad. This particular attack, though, is a birthday attack. You can find all the ciphers vulnerable or free that you should be using. Anything not on the list is something you are solely responsible for.

http://csrc.nist.gov/archive/a...

In other words, this information is about as useful as telling up that Model T Fords weren't good at cornering at highway speeds. Below are some links, I can't be buggered to HTML-ify them.

https://en.m.wikipedia.org/wik...
http://www.skein-hash.info/
https://en.m.wikipedia.org/wik...
https://en.m.wikipedia.org/wik...

I do not trust most encryption software these days, but that's because programmers these days are sloppy and arrogant.

Comment Regular folk logic (Score 1) 510

You don't use BleachBit for yoga emails or bridesmaids emails. When you're using BleachBit, it is something you really do not want the world to see

But being the Clintons, aggressive Foxnews-like snoops would love to get their hands on yoga and bridesmaids info also. Look how many conservatives sites are claiming a health conspiracy. Why give conspiracy nuts more fuel? They'll weave yoga into their narrative also.

Comment Re:Decommissioning servers (Score 1) 510

I still disagree with you.

When I decommission a hard drive, best practices state you wipe the entire hard drive.

You don't go and delete specific files like exchanges .EDS data store files and your web browser cache only.

In fact the way BleachBit deletes data, even though recovery of emails on these drives would be impossible, the windows SAM file remains undeleted and in perfect operating condition along with the entire OS.

I could easily extract password hashes from those untouched files and brute force them.
There could be many other files left littered around the HD that would provide or point to other authentication credentials, not to mention all the saved passwords in the windows password store and all the applications that do it on their own.

No, wiping the entire hard drive with something like DBAN is the only way to properly decommission a hard drive if you are concerned it may leave your possession (selling or disposal doesn't matter)

BleachBit is absolutely nothing like a paper shredder. It is more like using a black marker to redact lines printed on those papers and then leaving the entire stack of paper out so anyone can still read the rest and see there is text redacted.

Shredding the whole paper would plausibly be proper disposal. Marking out lines while keeping the paper is not.

Comment Re: "Millions of dollars"? (Score 4, Informative) 110

They arrested this guy because he had a server located somewhere in the USA. The same way they went after Kim Dotcom.

KAT had all their servers located in Canada-America and Sweden-America, while Kim Dotcom had his servers located in America-America.

While it's been obvious from legal history over the past couple years that Canada and Sweden operate under American law only now, many people are not yet used to that and incorrectly assume those are other countries with their own laws.

That confusion is what lead the parent poster to ask their question. It's just your explanation is equally as confusing of an explanation as it implies the servers were located within the old traditional US borders when that is obviously an incorrect statement.

Instead you should have explained that the servers located in Canada are fully held under US law as if they were located somewhere in the USA.

Comment Democracy [Re:Finally!] (Score 2) 60

Don't get your hopes up: bots can be programmed to stiff ya and be annoying also. Instead of chit-chat, you'll get pop-up ads. Right now there's too much press and scrutiny, but in the future when it becomes routine, tricks and slack will slide in.

On a different note, Singapore has an advantage over the USA for roll-out in that they are not a democracy* and have fewer checks and balances: if something goes wrong, the gov't can tell the victims and lawyers to STFU and everyone is used to that.

* The USA arguably isn't either, but not to Singapore's level.

Slashdot Top Deals

The computer can't tell you the emotional story. It can give you the exact mathematical design, but what's missing is the eyebrows. - Frank Zappa

Working...