Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Comment Re:Thanks, *hats (Score 1) 57

It's worse than this. LTE downgrade attacks have been known about for many years. The lack of mitigation against such attacks is also the reasons stingrays work so well. If devices could authenticate the basestation and prevent downgrades to weak encryption schemes like was suggested in ... I think I heard about this personally 3 years ago the first time... then neither stingrays nor this current attack would be an issue.

Comment Re:Thanks, *hats (Score 1) 57

I disagree. If people would make their shit secure in the first place, it wouldn't be a problem.

A typical LTE connection will have multiple levels of security including private encrypted identification tokens, security on SIM cards, Air interface protection, and security in the backhaul. This is protected by no less than 7 different cryptographic keys in the process.

But yes the standard was designed without any security in mind. What were these "experts" thinking and why didn't they consult A.Coward here who has the answer to everything.

Comment Re:Not who... but what should we blame? (Score 1) 145

Unless, of course, you expect the same users who won't even change default passwords to learn about and configure firewalls.

That's the wonderful thing about defaults. Every router I've seen shipped has a default password, and a stateful firewall ENABLED BY DEFAULT.
You don't need users to configure things in a secure way. There's no configuration for NAT so there's no reason to assume that by going to IPv6 the internet would be any less secure.

Comment Re:WRONG (Score 2) 145

Lately I've seen a trend from ISPs for their router admin pages and wifi access points: they come pre-configured with a randomly generated password for each ...
This keeps the burden of security within the realm of those who know what they are doing and making good decisions

Next time you look at the device compare the randomly generated password with the mac address. I would put it to you that many of the ISP provided routers with "random passwords" were not at all designed by people who know what they are doing. :-)

Comment Re:Compact Florescents would like a word (Score 1) 147

I seem to recall some time ago that Compact Florescent bulbs would be the future and last upwards of 5years. Since those initial promises I have yet to find a CF bulb that lasts any longer than a standard incandescent bulb.

And they do last just fine. I'm going to say that either you're buying them from Aliexpress for 10c per pop (pun intended), or that you're putting them in fittings which concentrate heat around the electronics. Personally the only CFL that's failed on my was one I dropped while getting out of the car.

Plus the CF bulbs are chock full of mercury ..... so you can't even throw them away tho I'm more than sure most people still do.... which makes them a small to medium scale environmental disaster.

Can't wait to see how these next gen batteries manage to over promise and ultimately disappoint.

If by chock full of mercury you mean 800micrograms, of which 70nanograms is in a gaseous phase then sure. If this troubles you don't ever eat fish as you will ingest the same dose of mercury if you eat a nice healthy tuna salad. Fish is CHOCK FULL of mercury by your definition and they are (a tasty) environmental disaster.

There's no environmental disaster in CFLs. Even if you just throw them in the bin there's no environmental disaster. If however you take them to a hardware store for recycling they can recover approximately 100% of all the solid mercury in the glass and phosphor, and you can feel good about the environment while eating your healthy tuna salad.

Comment Re:Oh Boy (Score 1) 147

Things simply use less power these days. Long gone are the times you needed 2x D batteries to power a flashlight.

No. Flashlights use less power these days. Kids electronic toys of 30-40 years ago either went duf duf duf (there few if any class-D amplifiers in toys, so they haven't increased in efficiency), or they went vreeeeeeeeeeeeeeuwwwww (and small DC motors powering moving toys haven't changed in efficiency in the best part of 50 years either). If you buy a little remote control car now you'll get the same 15minute run time as you did back then if you get a cheap one powered by AA or C cells.

But test your theory. Throw 3 C cells into a quadrocopter and see how long it flies. I'm going to place my bets on not at all because you won't be able to draw enough current out of the batteries to get it off the ground, but please let me know. You may get lucky and get it to above height if you throw it first, and then your batteries will be flat within a couple of minutes.

Comment Re:Why does the ESA have a worse record of landing (Score 1) 90

NASA has has 6 failures on mars missions.
The ESA has had 1.5. The most recent of which was not one. Remember what this mission was called? "ExoMars Trace Gas Orbiter (TGO)" and the "Schiaparelli EDM lander"

The key word there being Orbiter. The orbiter is working just fine. The other key part is in the acronym EDM "Entry, Descent and Landing Demonstrator Module" The key word there is being Demonstrator. Schiaparelli wasn't on any major science mission.

The only purpose of the lander was to test and provide data on how to land on mars for the 2020 ExoMars Rover. Unless the Rover crashes then so far this mission has been a success.

Comment Re:State Sponsored vs Rogue Agent? (Score 0) 184

So when a Russian, allegedly, does it to the DNC it's because Putin.

When an American does it to Russia it's "Oh, look at that vigilante that we don't condone at all".

Why not? What's so hard to believe about a foreign power doing something to influence an election in a way that has direct benefit to them, followed by a vigilante doing something very minor in return?

Are you implying that the DNC hack wasn't putin (if so what's the point, and why wasn't Putin involved, and has that person now been disappeared?)
Or are you implying that this attack was actually the work of the USA government, in which case that level of effort is just plain embarrassing.

Slashdot Top Deals

The confusion of a staff member is measured by the length of his memos. -- New York Times, Jan. 20, 1981