Slashdot Mirror


User: Jane+Q.+Public

Jane+Q.+Public's activity in the archive.

Stories
0
Comments
16,672
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 16,672

  1. Re:Easy! on CCC Says Apple iPhone 5S TouchID Broken · · Score: 4, Insightful

    "sounds really trivial to break. I can see all kinds of kids doing this."

    It's straight out of the Mythbusters fingerprint scanning episode.

    They didn't find one they couldn't defeat, and many of them were ridiculously easy. They used exactly this technique.

    I've been saying it for years: at our currently level of technology, relying on fingerprints for security (or nearly any biometric for that matter) is asking for trouble. It's just not good enough.

  2. Re:In other news on Apple Starts Blocking Unauthorized Lightning Cables With iOS 7 · · Score: 2

    "Class-action lawsuit on what grounds?"

    I already stated the grounds: anti-competitive practices.

    There are ways to compete in markets, and there are ways to "lock in" your customers and reduce their choices. The former is generally considered good, and the latter is generally considered bad. Depending on how egregious the "lock in" is, it is sometimes ruled to be illegal.

    Example: suppose you built an automobile in such a way that it could only use YOUR brand of gasoline, which was only available at YOUR filling stations. And YOUR brand of oil, YOUR antifreeze, etc.

    Sure, it's arguable that people don't have to buy the car. That's nice and simple.

    But what if there were only 2 or 3 brands of cars available? Peoples' choices are reduced.

    What constitutes "anticompetitive practices" depends on the particular situation. But I would say Apple is pushing the envelope a bit. Maybe it's not illegal, YET. But if they keep it up, sooner or later they are bound to cross the line.

    They already have, in other areas. Like the price-fixing suit, for example.

  3. Re:The obligatory NSA question on RSA Warns Developers Not To Use RSA Products · · Score: 1

    "I suspect you're talking about some other DES."

    Pardon me. My eyes must have skipped over the DES part. No, of course what I was saying doesn't apply to DES.

    On the other hand, this situation has made a lot of people look at any government-approved encryption with a jaundiced eye.

  4. Re:Maybe they were accessing a cookie? on LinkedIn Accused of Hacking Customers' E-Mails To Slurp Up Contacts · · Score: 1

    Sure. But it's not baked into the system, as it is on many carriers' versions of Android.

    You CAN run location-aware apps, etc. But with Cyanogen you don't have to.

  5. Re:The obligatory NSA question on RSA Warns Developers Not To Use RSA Products · · Score: 1

    "The NSA had earned the trust of just about everybody in the community by improving DES with changes nobody understood until fifteen years later. "

    Are you being sarcastic? The "improvements" they made are now being looked at, 15 years later, as examples of Government backdoors in their encryption.

    (I know it's not every case, but the consensus is that it was in THIS case, and possibly several others. I have friends in the field and they knew about this particular instance of PRNG for elliptiical curve crypto way back when. Few trusted it except, apparently, RSA and its customers.)

    So any "improvements" from the NSA have to come with a grain of salt. You might have the best encryption system in the world, but if your credibility is shit (as the NSA's now is), it doesn't matter much because nobody will use it.

  6. Re:In other news on Apple Starts Blocking Unauthorized Lightning Cables With iOS 7 · · Score: 2

    "There are other licensed cables. I would embrace the chance to buy non-chinese local produced apple licensed cables. The middle ground is just hard too find."

    That is an argument AGAINST the lock-in I was referring to, not for it.

    Other LICENSED cables. Sure. But why are there cheap Chinese knockoffs in the first place? BECAUSE the costs of cables are being artificially inflated by the licensing scheme.

    You don't see this shit in competitive markets. In THOSE markets, products get BETTER, not worse, and the price continually goes DOWN.

  7. Re:No point pussy-footing around on RSA Warns Developers Not To Use RSA Products · · Score: 1

    I think we're on the same channel here. But the exact mix of brilliance and stupidity is really not so important. Whatever the magnitude of the individual parts, the end result is still that NSA can't be trusted to act in the public good.

  8. Re:Maybe they were accessing a cookie? on LinkedIn Accused of Hacking Customers' E-Mails To Slurp Up Contacts · · Score: 1

    Cyanogen does not have all the proprietary "bloatware" that carriers and manufacturers load on phones, which access your location and other data as you go about your daily activities.

    And yes, make no mistake, they DO phone home with that data. In the vast majority of cases.

  9. Re:No point pussy-footing around on RSA Warns Developers Not To Use RSA Products · · Score: 1

    "The dongles weren't hacked. Someone broke into RSA and stole the seed records, which is what goes inside the security dongle (and is supposedly impossible to extract from the dongle)."

    Technically correct. I almost wrote "but it's a distinction with no difference"... except that's wrong. It's actually WORSE. It means it wasn't just a bug... RSA was woefully irresponsible with vital user data.

  10. Re:No point pussy-footing around on RSA Warns Developers Not To Use RSA Products · · Score: 1

    "I can't tell, do you think the NSA is brilliant or stupid beyond belief?"

    I'm pretty sure it means a little bit of both.

  11. Re:In other news on Apple Starts Blocking Unauthorized Lightning Cables With iOS 7 · · Score: 3, Interesting

    "It's not about safety, it's about control."

    Unless I am mistaken, exactly this kind of "corporate lock-in", for safety or any other reason, has consistently been ruled by the courts to be "anti-competitive practice" and is outlawed.

    I *LIKE* Apple products. But I do not like the lock-in, or Apple's attitude about it. I would be happy to see a class-action lawsuit over this.

  12. Re:No point pussy-footing around on RSA Warns Developers Not To Use RSA Products · · Score: 4, Interesting

    "Therefore, RSA has proven themselves untrustworthy at best, corrupt at worst, and quite likely both."

    And don't forget that their "super security" ID dongles were hacked just a year or so ago.

    All in all, it's looking like RSA is a corporation to avoid.

  13. Re:Maybe they were accessing a cookie? on LinkedIn Accused of Hacking Customers' E-Mails To Slurp Up Contacts · · Score: 1

    "Personally I suspect the Linkedin Android App slurps your addresses from the phone, but I'n not about to install it and find out.
    My spam folder is full of Linkedin invitations."

    Good point. I hadn't considered the Android app. Those things need better security + privacy controls.

    The hell of it is, everybody denies it, but Google purposely designed Android to give access to users' data. (Just like it purposely designed Google to slurp users' data at every opportunity.)

    That's why I'm seriously considering CyanogenMod for my phone. It's an "open source" environment that really is open.

  14. Re:The obligatory NSA question on RSA Warns Developers Not To Use RSA Products · · Score: 4, Interesting

    "Is NSA finding this RNG hard to crack, or did NSA tell RSA to slip in a backdoor back in 2006 - and RSA folks are trying to crawl out of the hole they dug for themselves?"

    Evidence very strongly suggests the latter.

  15. Re:What the hell is "left open"? on LinkedIn Accused of Hacking Customers' E-Mails To Slurp Up Contacts · · Score: 2

    Funny. I hadn't read these comments but I came to the same conclusion. I think that's likely what they did, and yes that implies that they have users' passwords in plaintext.

  16. Re:Maybe they were accessing a cookie? on LinkedIn Accused of Hacking Customers' E-Mails To Slurp Up Contacts · · Score: 2

    "Maybe they used a cookie for an email session that was already opened by the browser?"

    Unlikely.

    If they were doing this at all, I'd give you 10 to 1 they were just trying the external email accounts using the same passwords the users use on LinkedIn. That's easy, and it would likely have a success rate of 50% or even more.

    More troubling: if that's what they did it implies that LinkedIn stores your password in plaintext somewhere.

  17. Re:Marination on Ask Slashdot: Does Your Work Schedule Make You Unproductive? · · Score: 1

    "Solving problems is like marinating meat. It takes time. If you rush it, you get a quick solution, but not the best. A quick solution might be acceptable for one meal, but not for future meals.
    The "Eureka effect" isn't something new."

    Have the managers read "The Mythical Man Month".

  18. Re:Marination on Ask Slashdot: Does Your Work Schedule Make You Unproductive? · · Score: 1

    "Be careful with this analogy... the way to speed up cooking is via higher pressure."

    Which simultaneously happens to risk an explosion in the kitchen.

  19. Re:Impractical? ... It's all BS on What Will Ubiquitous 3D Printing Do To IP Laws? · · Score: 1

    "3D printing could make intellectual property laws impossible or impractical to enforce."

    Bullshit.

    "IP" laws are quite practical and possible to enforce... at least, the reasonable parts of them are.

    Study after study after study have shown that personal copying HAS NOT HARMED either the music or software or music industries. If anything, their profits have gone up. The continued attacks against making personal (as opposed to for commercial sale) copies is nothing more than an attempt at absolute control.

    3D printing does not "threaten" so-called "intellectual property" laws in the least. Neither did Jacquard looms, or computer punch cards, or cassette tapes, or DVDs, or automated lathes, or injection molding, or CNC machines. All of the industries that depended on those things for manufacturing or distribution have been thriving. If anything, more so than if those things had not come along.

  20. Re:Still using 3.6 on Firefox 24 Arrives: WebRTC Support and NFC Sharing On Android · · Score: 0
    Immature, is it? Well, let me "maturely" dissect the questions you asked:

    "What are these "many" ways? Are they only superior in your opinion, or only in your particular use cases? Because I almost never people able to give me specifics on why OSX is superior to other OSes unless it's just a specific piece of software or some feature that only a few people would ever care about."

    Translation: "The only people I know who say this have no reason for saying it, so I'm pretty sure you don't know what you're talking about either. You only care about yourself."

    If that's the case, Windows and Linux are just as "superior", not to mention other operating systems nobody ever tries because the mainstream OSes are so damn "superior."

    Translation: "I'm putting 'superior' in quotes because I don't believe you and I'm going to argue with you because I think you're just talking out your ass."

    When you can learn to ask questions in a mature, civil manner, you might start getting what YOU consider to be "mature" answers.

    Don't bother to keep replying. I won't. You don't deserve any more of my time. Stop acting like an asshole and maybe people would actually answer your questions rather than being insulting in return. Note: that's the third time I've said that, in one way or another. I have no reason to keep saying it, even if you try to insult me yet again.

  21. Re:Still using 3.6 on Firefox 24 Arrives: WebRTC Support and NFC Sharing On Android · · Score: 1

    "Don't flatly say something's superior if you don't want to quantify it when you're challenged for your lack of insight."

    And don't try to blame me for your rude manner of asking the question.

    I repeat: as far as YOU are concerned (see that emphasis on YOU?), it is my opinion, about my use-case.

    Maybe, if one day you learn to ask questions politely instead if insinuating some kind of misfeasance by the other party at ever turn, they might deign to actually answer you.

    Until then, you don't deserve an answer.

  22. Re:42 on Physicists Discover Geometry Underlying Particle Physics · · Score: 1

    Estimates are an attempt to
    get around
    NP problems... they don't solve NP problems.

    There is a difference, and it is real.

  23. Re:No. on Emotional Attachment To Robots Could Affect Battlefield Outcome · · Score: 1

    "Just... no. "

    Exactly.

    I'm sad when a power tool breaks down, but that doesn't prompt me to want to bury it and hold a service. And I don't hesitate in the slightest to go get a new one.

  24. Re:No one needs a motivation to invent on The Man Who Created the Pencil Eraser and How Patents Have Changed · · Score: 1

    "You response to this point makes no sense. I have said nothing about any abuses here, and haven't blamed anything on anyone."

    Pardon me there; I had your remarks confused with someone else's. My mistake.

    " my point was that the only reason for a society to grant patents is to provide a viable alternative to the former system (closely held trade secrets) without the risk of the secret dying with the inventor?"

    I guess my question would be WHY you see ONLY this reason, and refuse to acknowledge the others. I mentioned at least one of them. But you have rejected it without any real argument or refutation, and simply repeated your original statement again.

    The fact that inventions were created before the motivation of patents existed, is not evidence that patents do not create motivation. The real question, which you have refused to even acknowledge so far, is: which is BETTER? A system with no patents, or a system with patents.

    By your argument, I could claim that firearms are not effective for hunting because animals were killed long before firearms came along. I don't buy it. It's not black and white, it's a matter of degree.

  25. Re:Still using 3.6 on Firefox 24 Arrives: WebRTC Support and NFC Sharing On Android · · Score: 1

    "What are these "many" ways? Are they only superior in your opinion, or only in your particular use cases? Because I almost never people able to give me specifics on why OSX is superior to other OSes unless it's just a specific piece of software or some feature that only a few people would ever care about. If that's the case, Windows and Linux are just as "superior", not to mention other operating systems nobody ever tries because the mainstream OSes are so damn "superior.""

    Are you arguing with me just for the sake of arguing with me?

    As far as YOU are concerned, it is my opinion, about my own use-case. I don't feel like going into further detail at this time.