Slashdot Mirror


User: GameboyRMH

GameboyRMH's activity in the archive.

Stories
0
Comments
15,672
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 15,672

  1. Re:Article Correction on P2P Traffic Drops 10% After New NZ Law · · Score: 1

    Yep everyone in NZ just set the encryption on their torrent clients to "forced," thereby making it impossible for the ISPs to see what's going on unless they start monitoring swarms (and swarms with dynamic IPs in the same pool as their clients, if they don't want to be defeated by PeerBlock). Kiwis are known for their ingenuity and cleverness, and this isn't rocket science.

  2. Re:Time Indeed for the Cypher Revolution on P2P Traffic Drops 10% After New NZ Law · · Score: 1

    A few places above Sweden and Canada? That doesn't say a whole lot IMO.

  3. Re:Gee no bias here. on TSA Groper Files Suit Against Blogger · · Score: 1

    "Bias" is like "natural medicine." It's a real thing, but the words are most often used for spreading bullshit, so when you say it my bullshit detector goes on alert.

  4. Re:Gee no bias here. on TSA Groper Files Suit Against Blogger · · Score: 1

    I'm seeing 197 results for "TSA smurf" (the quotation marks are important, that way you're searching for the exact phrase "TSA smurf" rather than "TSA" and/or "Smurf")

  5. Re:Ah wonderful on BMW Working On Laser Headlamps · · Score: 1

    I measured my AE92 the other day and it's about 123cm, HAW! :-P

  6. Re:each with a resolution of about 16 feet. on Satellite Captures Burning Man From Space · · Score: 1

    Yeah I've seen places on Google Earth that are a few inches per pixel, even back in the early days before Google had their quadcopters. But I suppose those could have been aerial photography vs. satellite images.

  7. Re:nice headline on Satellite Captures Burning Man From Space · · Score: 1

    Within a half-second of seeing the title I knew they were talking about the Burning Man festival. But for some tiny sliver of time in there, I thought they had recorded video of an astronaut burning up on re-entry from space.

  8. Re:Self Signed Certificates on GlobalSign Suspends Issuance of SSL Certificates · · Score: 1

    The problem with spreading lists around is that it requires creating another messy system that requires trust in some authority - the one compiling the list. The same way someone could intercept the website serving your Linux distros and give you an infected one, with a matching hash so it still looks A-OK, someone could intercept the list and the corresponding hash. It's a lighter version of the same kind of mess we've had with CAs.

    Using torrents to distribute the list would at least prevent sabotage, if the torrent file can be handed out securely, but that's just clustering the requirement for trust at the pinnacle of the "trust pyramid" - and also creating a single weak point that can compromise the whole system.

    Actually after just writing that I had an idea. The site distributing the list could be hosted on a darknet like an .onion site. This would make the pinnacle of the pyramid much harder to subvert or impersonate, and now the only point of trust required from the client side is that the correct darknet site and public key are embedded in the browser (which could be verified on any open source browser).

    Now from the administration side, if a site wants to register info on their public key on this identity list, here is a process that could be used that prevents impersonation:

    1. The site owner puts a file on their site, following a filename convention, that contains the line that will be added to the identity list. A part of this information is a string and a hash, let's call this string A and hash H.

    2. The site owner sends a PGP-encrypted email to the darknet site, originating from a registered MX IP for the domain, containing only string B. StrongHashFunction(String A + String B) = Hash H, else the darknet site doesn't process the request. This way it's only possible to impersonate a site if you've taken full control of the server - a much bigger problem anyways. So, if everything checks out, the darknet site uses the info it retrieved (via HTTPS connection) to add a line to the identity list.

    DNS hijacks alone will become useless since the identity is checked for every site before a secure connection is made to send confidential information - they'd need the SSL private key that matches the public key to make any sense of the data that comes in, so without that a DNS hijack is useless and an SSL connection can't be established.

    So, weak points:

    1. The darknet site hosting the identity list: This is the single point of blind trust in this system, the integrity of the site itself. It would have to be locked down with paranoid security and in the control of a trusted party. But at least this trust can be easily verified, if a site operator finds that their identity info on the site is wrong they can cry foul.

    2. It would be impossible to fully trust closed-source browsers - but that is an inherent and unavoidable problem we have even today.

    It's still a lighter version of the same problem we've had with CAs but I've lightened it up much more. Verifying identity without sending out-of-band information will always require some trust unfortunately. You can detect MITMs without trust but not verify identity.

  9. Re:Self Signed Certificates on GlobalSign Suspends Issuance of SSL Certificates · · Score: 1

    I don't think the distributed lists is a good idea. Just stick to distributed verification / SSL notaries.

  10. Just how much money is Groupon losing? on Groupon Puts IPO On Hold · · Score: 2

    In 2010 Groupon lost $456M.

    Let's put that money in perspective:

    - That's like crashing a Bugatti Veyron nearly once per day. Almost exactly once per day if you assume they get their money for the scrap metal back.

    - That's like crashing a Cessna Citation X (high-end business jet) roughly once every 18 days.

    - That's roughly equal to crashing an A380, then getting another one half-built, and setting it on fire within a year.

    - That's nearly 1/3rd the cost of the Burj Khalifa, except with nothing to show for it.

  11. Re:Steam policy on account bans on AMD Accidentally Leaks 1.7 Million DiRT 3 Keys · · Score: 1

    That's true in the UK and many other countries but I'm not sure if US law is the same.

  12. Re:'Zero tolerance policy' - i find this funny ... on AMD Accidentally Leaks 1.7 Million DiRT 3 Keys · · Score: 3, Informative

    Apparently, if you close your ears, hold your hands to you ears and yell LALALALALALA all problems instantly disappear.

    I think this also explains how people who are normally anti-DRM see Steam as acceptable.

  13. Via MasterCard and Visa? Sure! on Rent Your Own Botnet · · Score: 2

    Yeah you can buy whatever you want with MC/Visa: nazi/white supremacist paraphernalia, a donation to the KKK, some botnet time, whatever, just don't try to donate to Wikileaks or buy anything of questionable copyright status!

  14. Re:Only Money matters: Bing in China, renren, GOT, on Microsoft Training May Have Helped Tunisian Regime To Spy On Citizens · · Score: 1

    They run Windows ME and MSSQL in hell, I don't think anyone around here is going to question that. Now if the devil wants to spread more evil is he going to pump money into a big evil monopolistic corporation and make Steve Ballmer richer, or is he going to pirate it, removing the trouble of managing licenses from the backs of hell's sysadmins?

  15. Re:How sad is this on NASA Reveals New Images of Apollo Landing Sites · · Score: 1

    If it makes you feel any better, the only moon landing deniers I know are 50+ years old.

  16. Re:How sad is this on NASA Reveals New Images of Apollo Landing Sites · · Score: 1

    If the US economy hadn't been pillaged by 1%ers and bled dry by the specter of some religious nuts who live in caves, they'd be in a space-faring dickwaving competition with China right now. Sad to think of what could have been...

  17. Re:Poor NASA server on NASA Reveals New Images of Apollo Landing Sites · · Score: 1

    Oh good for them. It bogged down pretty hard when the article was first posted but I was finally able to load it about a minute ago.

  18. Poor NASA server on NASA Reveals New Images of Apollo Landing Sites · · Score: 5, Funny

    That image is a hotlinked, bigass JPEG.

    A bunch of admins are probably running into the server room with fire extinguishers at this moment. And hopefully one with a Scottish accent is yelling over a cell phone that the server is overloaded and can't take any more.

  19. Re:Also good for interrogation? on Paralyzed Patients Control Robot With Brain Waves · · Score: 1

    That was my point.

  20. Re:Wired on Kevin Kelly Answers Your Questions · · Score: 1

    That's only the Danger Room section.

  21. Re:IS IT WEIRD OUT HERE - OR IS IT JUST ME? on Kevin Kelly Answers Your Questions · · Score: 1

    Care to give a little hint about what in that book is eugenicist? I can't tell from the summary of topics it touches on.

    Also I'm sacrificing some potential future lulz by revealing this, but the author of that book has been called a climate science denier.

  22. Re:Also good for interrogation? on Paralyzed Patients Control Robot With Brain Waves · · Score: 1

    ...and we've come full circle back to the polygraph machine.

  23. Re:Only three real sources of power on Ask Slashdot: Classroom Eco-Projects Suited To Alaska? · · Score: 1

    It's been said that getting a 100% of all our energy needs for the next thousand years wouldn't reduce the Earth's core temperature one degree so it's a potential long term solution.

    Wow, makes you think...even if that's assuming no increase in energy use that's damn impressive.

  24. Re:/me checks Crackpot-o-meter [........../] on Ask Slashdot: Classroom Eco-Projects Suited To Alaska? · · Score: 1

    Mine exploded about half way down this page, I'm gonna stop buying the expensive ones :-(

  25. Re:science proojects and TSA don't mix on Ask Slashdot: Classroom Eco-Projects Suited To Alaska? · · Score: 1

    Depends on whether he's flying in a commercial airliner, or more likely, in some dude's little 2-seater, in which case it wouldn't be a problem.