Follow Slashdot blog updates by subscribing to our blog RSS feed


Forgot your password?
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. ×

Comment Re:don't get confused (Score 1) 94

But as a more practical matter anyway, 10 tries of different people's fingerprints, and the phone will be wiped regardless... so there's a limit to how useful the technique would've been to begin with.


On iOS, you get 3 tries to use the fingerprint reader. If you fail, it reverts to the backup security method (PIN, etc). You cannot use the fingerprint reader until the phone is successfully unlocked via this backup method.

Comment Might want to move providers... (Score 2) 51

It might be a good idea to change art hosting providers then... I'm sure every artist has given deviantArt a (non-exclusive0 icense to commercially display and use the artwork shown on the site, which means Wix can use that. And chances are, they'll let customers use some of that artwork on their website, both as a hook and a retainer (because the art can only be used on Wix hosted websites without obtaining a license).

And only Wix has access to unique artwork that only Wix customers can use, so it's more attractive to join Wix.

Meanwhile, everyone who posted art on the site sees their work ripped off and used on customer's web sites.

Comment Re:Social media? (Score 4, Interesting) 149

Because really, however bad the news was, 20 years ago you'd be waiting for the nightly news to find out about it. Several decades before that, you'd be waiting for the following day's newspaper. Now, we're getting constant updates, and those updates may be causing a device in your pocket to vibrate and make noise every time something new comes out. We know that checking all of those notifications is addictive, and not checking causes stress. However, constantly feeling the need to check also causes stress. (human nature)

It's the reason we have the term "FOMO", or Fear of Missing Out. By not being attached to our phones 24/7 we fear we're going to miss big news about something (... almost always trivial in the big scheme of things).

If you hate that term, get used to it - it's a root of the term for the phobia, and as a medical diagnosis.

Comment Re:Are two hashes better than one? (Score 1) 119

Taking the MD5 and the SHA1 of something isn't significantly more secure than just taking the SHA1 of said something. This was demonstrated in 2004 here: This was then further elaborated and improved upon here: So, don't concatenate hashes kids. It doesn't do what you think it does. Using a proper hash from the start is the only safe way to do things. Even if nobody has figured out how to do it yet the math conclusively shows that breaking SHA1+MD5 is not significantly harder than just breaking SHA1. This is why TLS 1.1 and earlier need to go away.

That's for concatenated hashes. As in, you hash the two hashes to form one number, usually by XOR'ing the numbers together. Which can be shown to increase the solution space considerably.

What I've been curious about, is if you maintain two hashes separately.

You have blob X here, with SHA-1 of S(X) and MD5 M(X). Can you find a blob Y with both a SHA-1 of S(X) and MD5 of M(X)?

It's easy to see if you XOR S(X) and M(X) you make it much easier - but what if we kept them separate, so the SHA-1 AND MD5 has to match. (With concatenation, you don't have to match, the final result has to match, but individually inside you have to find a S(Y)+M(Y) that equals S(X)+M(X), and not S(Y)==S(X) AND M(Y)==M(X).

The only concatenation that wouldn't be easier is if you literally concatenated the bytes together - so 128 bits of MD5 followed by 160 bits of SHA-1 to form a 288 bit MD5/SHA-1 hash that enforces the property that the two hashes individually MUST match simultaneously.

Comment Re:mode complexity (Score 4, Insightful) 134

Besides, we already have all the technology we need to keep our data private. It's just that current law won't *allow* us to keep it private. As such, the *laws* need fixing, not the technology.

No amount of technology can keep public information private. And no amount of "privacy controls" will make public information private. (See a pattern?).

In fact, "social networks" and "privacy" are an oxymoron. There is no such thing as "privacy controls". "Privacy Controls" are marketspeak for "encouraging marks to over-share". Yes, Facebook and everyone has done their research - people will share more if they get the illusion their data is protected.

In the end, everything you post on a third party website, is public. Thanks to people screen shotting, re-posting, etc, anything you post is public. Even if it's a party for selected individuals, the people you didn't invite will find out anyways.

The only "technology" to keep our data private is to ... keep it private.

Not that I agree with the border proection asking for passwords. But that's a legal issue that can really only be dealt with legally.

Comment Re:The story of Geohot's autopilot (Score 1) 129

Are there regulations and procedures to prove that it's safe? There were a number of one and two person entries into the DARPA grand challenge.

It's not a terribly difficult problem to get to work 99.5% of the time, but with lives at risk most people aren't too happy with that number. The airline industry has a failure rate of 1 in 10^-13 deaths per passenger mile or something like that.

They weren't even regulations. The government was halds-off the entire thing. They were merely inquiry questions meant to help facilitate the discussion on safe automated driving. The authorities asked because well, they were curious how this system would respond. It was the same set of questions that got Uber's cars out of San Francisco.

It was questions like how would the backup driver system operate in case someone needs to take over, or how to prevent the system from being misused (given the system only worked in a few car models, they were wondering how the hardware would limit itself to those models).

Basically it posed a few questions on how the system would handle safety issues. The NHTSA doesn't care how the system works, what the core technology behind it is, etc. Just a few open-ended questions.

Comment Re:Candy Crush Spotify Tinder Clash Clans (Score 1) 148

You missed a bunch.

Basically check out any app that's advertised on prime time. A prime-time TV 30-second ad slot costs around half of the quarter million (on average - TV prime time slots are usually around $100-150k).

Hell, weren't there a few that advertised during the superbowl ($5M/slot)?

Comment Re:Hi buddy I'm jail over seas and I need you to (Score 1) 33

Hi buddy I'm jail over seas and I need you to Facebook the guard some cash as a bribe so I can get out.

I think that's what we'll start seeing on posts.

You can tag a post and then put on a simple "Pay me now" button so people can read your plea for money and simply get it by clicking a link.

It's one of those things you really wonder why it hasn't happened before. It's one of those its so obvious now it's done things.

Soon you'll have dozens of posts in your news feed "My car broke down and it'll cost $2000 to fix it! [Send Money]" and other woe-is-me stories...

Comment Re:And, I might start buying more from them again. (Score 1) 183

Do you drive 20 miles to go pick up a $3 jug of milk? Probably not, but if you have a larger list, it may be worthwhile to drive to a more distant store. Most add-on items are similar. Under $10 (most under $5). It is just not feasible to ship that for free by it self. The handling costs and even the deeply discounted shipping costs Amazon recieves would eat mor than the profit on an item that small.

It is not that hard to add items like that to your cart or a wishlist, then buy them all at once or on a larger order. All it takes is a little planning. Otherwise, local stores are good for impulse buys.

Does amazon not let you do the pre-order trick?

Pre-order something - preferably something far out in the future (or no specified release date). Then add all those items to your cart. Check out. Once you get all the addons, cancel the preorder.

Heck, I've done the "order something that will no longer be available" or "order something already cancelled" which works as well. Given Nintendo recently cancelled a lot of Wii U stuff, there's a lot ow Wii U games that are NEVER coming out. Order those and you'll get your addon items without paying for something extra.

Comment Re:Distraction (Score 1) 140

Too bad the German government isn't as vigilant against the far more serious threat of the invasion of third world criminals.

While Egypt may be close to third world status now, I'm sure Saudi Arabia and UAE are far from it. I mean, those three countries alone have created many known terrorists. Even the French bombing was an Egyptian national in Saudi Arabia who got a travel visa from Dubai. Perhaps we should increase the "muslim blockage" to include countries known to harbour terrorists? But no, UAE, Saudi Arabia and Egypt have very important US business interests.

Money Trumps Terrorism.

Even ISIL isn't stupid enough to send middle eastern people to North America - they just recruit locals to do their bidding. (Maybe consider banning Americans from travelling to Turkey and other countries in the region as well, for good measure. They may be recruiting local US born citizens as sleeper agents).

Comment Re:dealership only sales and service coming soon? (Score 1) 102

I presently have a vehicle with driving 'assists' and it's an effing nightmare when they trigger. There should be only one driver at the wheel thank you.

That would be an improvement over the current situation where there is less than one driver per vehicle.

Between people yakking on their phones, texting or using apps on their phones, driving is the last priority for them.

Comment Re:Registered Mail (Score 1) 170

I don't know if you can use registered mail for parcels originating in Germany.

But the real fuckup is that it was sent via DHL. It got fucked in the handover from DHL to USPS (the delivery agent) somewhere in New Jersey.

Registered airmail with Deutsche Post, if even possible, would've cost a fortune. But then the box was worth a fortune, so...

You can send registered mail between most countries these days - many first world ones participate in a worldwide tracking system so you can actually track a package through borders. With other countries, you get a proof of delivery.

And what do you think the "D" in DHL stands for? Yes, DHL is headquartered in Germany, and in every continent outside of North America, is considered to be a top-tier delivery service. FedEx and UPS are considered second rate services.

Anyhow, if you're wrapping stuff for delivery, the postal service is quite good given the volume. (USPS handles more mail in 3 days than FedEx in a year, and in 7 days they beat UPS). It's exceptionally good if you package stuff properly.

And by properly, you have to anticipate the address label falling off. If this happens, they will open the box to see if maybe there's something with an address inside (a packing list inside the box, and not just in a packet on the outside is a good idea, but only if you include both the sender and recipient addresses on it.

If it's particularly valuable, and composed of a lot of pieces, it wouldn't hurt to individually wrap and address each item. doesn't have to be fancy - inserting each cartridge in a plastic self-sealing bag with an address inside the bag works just fine. In case the box gets totally ripped apart because of machinery or handling and all the parts fall out, each one is individually labelled and can be forwarded on.

Comment Re:Why not right away? (Score 3, Informative) 158

"We're committed to providing a better ads experience for users online. As part of that, we've decided to stop supporting 30-second unskippable ads as of 2018 and focus instead on formats that work well for both users and advertisers,"

I'd like to know why they do not implement this right away. It cannot be because they do not know what works well well for both users and advertisers now.

Because of contractual obligations.

People have already bought the ad time and if they haven't shown yet, may still be in production. Should YouTube feel like getting rid of the ad spots, the advertisers might pack up and leave especially if they cannot get compensation for the money spent producting the ad that would not show.

So Google simply looked at the calendar and either no one's bought any ad space for 2018, or it's sufficiently far out that cancelling is not a big deal since the ads would likely only be in the concept stages and thus cheap to adapt to their new advertising format.

Comment Re:100% his fault (Score 1) 143

The guy in question didn't make any arguments about legal privacy protections. He instead made arguments about legal *copyright* protections. He remained the copyright owner, notwithstanding uploading it or broadcasting it. He argued that, as copyright holder, he can deny ABC and other networks from redistributing his video. This in general is a valid legal copyright claim. But ABC argued that it was a news story of public significance, and so when they broadcast a clip of it, that fell under fair use. This is a valid legal exception to copyright, which is why they won.

ABC argued it was a newsworthy story AND that it was fair use - they only showed a 45 second clip of the full video (which was a few hours long, I believe).

There's no test for whether a clip is "sufficiently short", but 45 seconds out of a few hours is generally considered an acceptable length snippet under fair use.

Had ABC broadcast the whole thing, yes, they'd be in violation of copyright (there's no fair use protection for that). But they created a snippet around a newsworthy event - the story itself is copyright ABC, and the video to complement it is considered fair use.

Slashdot Top Deals

One man's "magic" is another man's engineering. "Supernatural" is a null word. -- Robert Heinlein