Slashdot Mirror


User: mlts

mlts's activity in the archive.

Stories
0
Comments
5,534
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 5,534

  1. Anything like this is a good thing on America's First Cellulosic Ethanol Plant · · Score: 1

    This is a good step, but what is needed is work on thermal depolymerization technologies. These can turn waste, be it plastic bottles, dead goats, papers, or pretty much any organic item and turn it into usable crude oil.

    Long term, its still just a patch... what is really needed are batteries with far more energy density than what we have now, and more research into fission, fusion, solar, and other energy generating technologies that don't spew carbon into the air.

  2. ActiveSync and SPB backup for me on How to Backup Your Smart Phone · · Score: 1

    Until carriers do some Mozy-like encryption system that encrypts the data on a phone before shooting up to their servers (not a password, but a true encryption key separate from the username/PW auth mechanism), I would not put my cellphone info on their servers, no matter how secure the carrier's servers are.

    I just don't get what's wrong with the old standbys that suddenly people are supposed to be backing up to their cellphone carrier all of a sudden. ActiveSync and SPB Backup have been working for me for a while now, allowing me to restore data across multiple flashes of my PocketPC. If plugging into a USB cable is such a hassle, ActiveSync does work with Bluetooth.

    If I wanted Sidekick-like backup services, I'd buy a Sidekick. For the security of the stuff on my phone, I much rather pack my own parachute.

  3. Re:Which DRM to use? on Universal Refuses To Renew On iTunes · · Score: 1

    When MS made the Zune from a totally difference code and DRM base (well, not totally different... PlaysForSure and Zune's DRM are both technically WM-DRM format), I fear they fragmented their market.

    Now, if a person purchased a Zune and another PlaysForSure device, they would have to subscribe to the Zune Marketplace and URGE to have unlimited all you can download subscriptions.

    I wish MS could merge Windows Mobile and the Zune codebases, mainly because WM5/WM6 already has all the functionality of the Zune in it, excepting the FM tuner and some of the UI. I just see no reason to have a quite excellent OS that has been working for years for PDAs, then start from scratch with a "1.0" codebase for digital audio players. I also don't see why the DRM is incompatible, unless its due to contract or licensing issues.

  4. Re:Why do Businesses hate this already? I'll tell on The Perfect Phone Storm? · · Score: 1

    On Windows Mobile phones, running WM 5.0 AKU 2 or greater, one can set policy on the phone to have it auto-hard reset (wiping all data on the internal memory) if someone attempts too many passwords.

    I have a third party utility that is part of a custom cooked flash load which, if the SIM card is replaced, will automatically zero out the cellphone and inserted memory card. I'm 99.99% sure that a thief who obtains a cellphone isn't likely to flash it (forcing a hard reset anyway) before inserting in a new SIM card.

    But in any case, you are 100% right about database security. If the data needs to be secure, it should either not be physically residing on an electronic device that can be taken anywhere. If the info has to be residing on the portable device, the device (and its memory card) should be protected with a whole disk encryption program, whose password is different from the one to unlock the device, and the SIM card's PIN.

  5. Re:Massive switch to https on ISPs Inserting Ads Into Your Pages · · Score: 1

    I'm beginning to think that every website out there should have https available, even if its a website showing off someone's harmonica collection.

  6. A new business niche for ASPs? on ISPs Inserting Ads Into Your Pages · · Score: 1

    I am thinking that there likely will be a business niche for a provider called an ASP. Not an application service provider, but an anonymity service provider.

    Anonymity not in the sense of a cryptographically secure Cypherpunks remailer or a TOR network, but protection from snooping from the local ISP that people are forced to use. Traffic from an ASP can still be logged, but for some ad site to track a person's web viewing habits for marketing purposes, they would have to snarf logs from both the ASP, and the origin ISP.

    There are a couple places which offer SSL based proxying via stunnel, and I'm pretty sure one can use stunnel with most existing SSL based web proxying services. This is probably the best bet for general Web use, as stunnel can be easily installed as a Windows service, configured, and forgotten about after configuring the Web browser to use it.

    Of course, one can use a full pptp/l2tp VPN, but the advantage of stunnel based proxying is that one doesn't have to worry about their VPN being up to do basic web stuff.

  7. Re:Other options... on Best Non-Subscription DVR? · · Score: 1

    Thank you for the Snapstream link. I am going to recommend it to a friend of mine who is Windows savvy to turn one of his older PCs into a DVR. The option to allow burning of recorded shows to DVD is a great item as well.

  8. Is the clear array sensitive across the spectrum? on Kodak Unveils Brighter CMOS Color Filters · · Score: 1

    This gets me wondering:

    Does the clear array have a flat sensitivity level across the spectrum? Where it will give the same data value for the same number of photons striking it with a 700nm wavelength as it would for photons striking it that vibrate at 400nm?

    If the sensor (for example here) was more sensitive to red, then this would skew the picture results significantly, especially if it picked up and added infrared light to the picture's data which isn't visible to the human eye.

  9. Re:Some info on Details and Rumors of iPhone Restrictions Emerging · · Score: 2, Interesting

    If the SIM card is not removable, what happens if someone accidentally locks the SIM card by typoing their PIN, then the PUC (unblock code) too many times? On GSM phones, it would require a new SIM card, which isn't too expensive, around $20 or so at a T-Mobile or AT&T store. However, if the SIM card is not removable on an iPhone would mean that too many typos would permanently brick the phone.

    Hopefully this isn't the case.

  10. Anything that gets people investing in space... on Europe Unveils New Space Plane for Tourist Market · · Score: 2, Insightful

    For me, anything that gets people investing in space is a good thing.

    IMHO, and this does sound a bit corny, but there are two technologies that are the key to the survival for humans long-term... Energy and space, so people can get self-sustaining colonies on the moon, Mars, and outwards.

  11. It will come, don't worry. on DRAM Makers Suffer Due to Lackluster Vista Adoption · · Score: 5, Insightful

    I'm not saying this is good or bad, but DRAM sales may lag now, but eventually people will be moving to Vista when it becomes the sole option on new machines.

    RAM getting cheaper is always a good thing, mainly because on 95% of most people's machines, the biggest performance bottleneck is RAM (or lack of) forcing apps to swap.

  12. Re:My solution on Syncing Music Players In Linux? · · Score: 1

    That is the absolute best (IMHO) way to find a player. I wish someone could make a list of players that could function 100% driverless, where the player just mounts as a USB drive.

    My choice in MP3 players is similar. #1 is exactly what you specified -- the player should be able to mount as a generic hard disk, requiring zero specialized software.

    #2 would be nice. Some sort of lossless audio compression helps a lot.

    #3 is less of an issue for me, if they have the option to play DRM files. For example I have a cheap Flash MP3 player which is PlaysForSure compatible, but yet allows for mounting as a USB hard disk, and requires no specific software to copy normal music onto it. However, a player forces DRM on me (one player I remember transcodes all music copied to it to encrypted WMA, and another encrypted all music copied to it), it will not be a choice, period.

    Adding a couple entries:

    #4: I would like to see the player be specifically for audio. I'm not intending to watch movies on it, nor show people slideshows of my cat. I am going to be using it for playing music and storing files. So the player needs to have a high quality DAC, and be able to have a decent battery life even when playing uncompressed WAV files.

    #5: A hard disk over 20-30 gigs if possible. Archos has a form factor which is small and perfect for audio playing with their 200 series players. However, for a large music collection, 20GB is fairly cramped, and there are larger hard disks that can fit in that form factor.

  13. Re:She has it easy on MMOG Industry Community Vet Speaks Out · · Score: 1

    I have been impressed with the Everquest 2 community myself. Of course you have the occasional munchkin or two, but all and all, communication is very civil.

    DAoC I've heard very good things about too, have been tempted to play it, but try to curtail my MMO addictions to only one at a time.

  14. Good looking technology. on Holographic Storage Slated to Hit Market This Fall · · Score: 2, Interesting

    I hope InPhase can net some capital on their end so they can work on lowering the price.

    I can see installing an autochanger using Inphase Tapestry based technology as a dedicated solution in large corporations to permanently archive large amounts of data. This would be installed side-by-side with existing technologies such as DLT 600 tape which would be used for rewritability.

    I'm just glad to see something on the market after the decades of idle promises on holographic storage.

  15. Status lights are good... on A "Bill of Lights" to Restrict LEDs on Gadgets? · · Score: 1

    Meaningful LEDs are good, necessary for troubleshooting equipment. For example, life would suck troubleshooting an Ethernet hub without status LEDs to show which ports were active versus which were dead.

    Even with servers, LEDs help at a glance. For example, new Dell servers have a faceplate that glows blue when everything is OK, but changes color if something has an issue (RAID in degraded mode, failed power supply), so its easy to find the failing server in a dense rack.

    I personally detest "dumbed down" devices that have no ability to tell you if they are working or not at a glance. The more meaningful LEDs, the better.

  16. Re:Day one Sale on AMD Promises Open Source Graphics Drivers · · Score: 2, Interesting

    Same here. If ATI acts on this promise and gives out open source drivers which allow use of all features at normal speed, I'll be making the switch back to ATI.

    Otherwise, its nVidia for me, period.

    Now, if both ATI and nVidia make truly open source drivers, that will make the choice difficult, though it would be a quite pleasant situation to be in.

  17. Re:Modding on Games of the Future - User Generated Content · · Score: 1

    Even before Quake, there used to be thousands of maps available for DOOM (a game that didn't have an official .WAD/level editor at the time.) ID even shipped a CD, and I forgot the name, which had both a top 10 list for WADS to play, as well as a directory with hundreds of levels.

    I love games which are easily moddable. For example, if C&C: Generals or NWN were not so easy to modify, I would have played it for about 24 hours or so, then uninstalled for space. However, just writing maps and modules for both have given those two games play value far beyond the included campaigns.

  18. We already have existing tech for this... on A Chip on DVDs Could Prevent Theft · · Score: 1

    There is the company that makes the locking DVD cases for Blockbuster (where the cases have a locking bar, but its removed at the cashier, and the case just works as a normal DVD case for the customer, and there is this:

    http://www.clear-vu.com/default.asp?contentID=565

    These two technologies are as secure if not more secure than the chip idea, and require zero modification to the DVD or CD media.

    Yes, its not 100% secure, but the decoupler for this will likely be the same difficulty to obtain as the item that zaps the chip. To boot, its existing technology, and doesn't cost much more.

  19. I applaud any solar breakthroughs regardless on Quantum Dot Recipe May Lead To Cheaper Solar Panels · · Score: 3, Interesting

    Regardless if they seem to be just vapor, the more advances in getting solar panels made cheaper, with less material and less energy, and when deployed, the more electrons it can push per photon hitting it, is a definite improvement in my book.

    I'm glad people are putting money into solar, because if done right, it can turn regions of the globe which are otherwise unused (West Texas for example) into very productive areas for energy use.

    Research into solar, coupled with innovations in batteries to allow for storage of energy will go a long way into making oil into "just" a raw material for plastics as opposed to a vital fuel source.

  20. Maybe impossible but... someone needs to fund it on Home Secretary Requests Fingerprint-Activated iPods · · Score: 1

    It will take a lot of money to fund, but there has to be a way to make a fingerprint scanner that won't be fooled by wet gummi bears and other obvious hacks, but yet cheap enough to be used in low cost consumer devices (USB sticks, etc.)

    Biometrics as a whole just seems to still be great for James Bond movies, but still hasn't seemed to move out of the Stone Age for reliability, compared to the tried and true system of a key and a PIN.

  21. A true open source CA with secure practices is $$$ on Is It Time For an Open Source Certificate Authority? · · Score: 1

    A true "open source" CA is almost an oxymoron. You want a CA that you trust enough that you put its cert in your browser and let introduce you to people to do the following:

    1: Screen companies/people. If an applicant out of nowhere says they want a cert saying they are bigcompany.com, they better have proof of this that can stand up in a jury trial, or your CA will immediately lose trust, get hit by civil/criminal charges, and be an avenue for phishers.

    2: Store the CA signing certificates in a hardened FIPS 140-2 level 3 or so HSM. The CA's private key, because its so critical to everyone in the infrastructure will end up being a big fat juicy target for hackers and physical thieves around the globe. You can't just stick it in your Windows keystorage and call it secure, you have to have hardware which is physically tamper resistant that meets up to very strict standards. Smart cards do have protection, but attackers will have enough money to throw to be able to find a way to physically decode each cell's contents on the card. Also, the private key will be used a lot, so the HSM will have to be very fast for all the transactions.

    3: Browser vendors, to have a root cert, will demand auditing by an independent third party annually or semi-annually. This is expensive, in the five digit range.

    Since all the above are expensive, this is why CAs have to charge, as the capital for the hardware and internal audit processes will easily top six figures, possibly seven if you factor in bandwidth, hosting, physical secure location (building with access cards).

  22. I wish FDE were more common with UNIXs on Full Disk Encryption - Xen, Windows and Linux? · · Score: 1

    I sort of wish FDE were more common with UNIXs, where the only real point of attack would be the small amount of code in the MBR. With a TPM chip, even that is protected, so an attacker would have to physically disassemble the TPM chip and pull the key out of its physical RAM cells (which is pretty hard on even an unprotected chip, unless you are a large corp or government with an up to date chip fab.) /boot can be compromised fairly easily with a clever keylogger and some way to store the decryption key covertly until picked up by an attacker. Carrying a "trusted" USB stick or a CD with /boot on it is a kludge. There needs to be a solution out there which narrows the amount of code that can be attacked to the small amount of boot code that takes the password (or decrypts the main hard disk key on an eToken or similar) then passes control to the OS for the rest of the boot process. Preferably, this code can use a TPM chip if its present to ensure that that small attack surface isn't tampered with.

    This is not to say that FDE programs are easy to write. They need a number of major components to be written, and the components have to be rock solid. First, is the MBR code that takes the password or token, decrypts the volume key, then passes control to the OS for the rest of the boot process. Second is the low level kernel driver that has to be loaded before filesystems get a chance to load, and be 100% transparent with all reads and writes. Lastly, there is the control program which encrypts/decrypts the disk, and allows for password changes. All this needs to be virtually 100% bug free, else people will suffer massive data loss on a routine basis.

    However, with all the new corporate regs coming out REQUIRING full disk encryption on not just laptops, but sensitive servers and even some workstations, Linux, BSD, and MacOS will need to start getting a solution to this soon, else they will end up getting edged out of workplaces by Windows, not for technical merit, but legal.

  23. Compusec by CE-Infosys on Full Disk Encryption - Xen, Windows and Linux? · · Score: 1

    I have seen a product for FDE for Linux, although its not open sourced at all. CE-Infosys's Compusec. The nice thing, its usable at no charge, so it may be worth a look on a non-production box. However, I don't know much about it, and have not tested it.

  24. Its going to be an uphill battle on Wal-Mart Begins Massive Push For HD DVD · · Score: 1

    Getting people to pay the premium for HD-DVD will be difficult at Wal-Mart unless the prices for HD-DVD players are almost the same as regular DVD players. For Joe Sixpack who has a standard def TV, he will balk at paying more for the same movie, and more likely will just buy the DVD because it works on all his players.

    Both HD-DVD and Blu-Ray have promise as an alternative to tape drives on the low end, but not until the drives get under $200-$300, and the 50GB media gets to a price per gigabyte ratio comparable to existing DVDs. I hope they can do this... Ten BD disks for an offsite backup with a program like Retrospect would be a blessing for most SOHOs, compared to using 100 or so DVD+Rs.

  25. S&G, HID are standard on What Electronic Door Lock Would You Buy? · · Score: 4, Informative

    Most companies I see use HID or S&G for card access. I personally would recommend HID (one of their newer card reader lines that use two-way authentication).

    For mechanical lock backup, go with Medeco, Mul-T-Lock, or Abloy. All of which are immune to bumping, are restricted in key duplication, but keys are still decently available when you need copies made at a locksmith with your card.

    Lastly, if you want a solution that is a hybrid, requiring only cylinders changed rather than lock hardware, you might consider the Mul-T-Lock CLIQ series. The CLIQ keys are mechanical and electronic, and the reader is in the cylinder, so no wiring of doors is needed. To remove a key from the authorized list, you just code the programmer key to remove it, then walk around and stick the key in the appropriate doors.