Slashdot Mirror


User: sexconker

sexconker's activity in the archive.

Stories
0
Comments
13,379
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 13,379

  1. Re:Some bozo from the past called it an electric e on Electric Eel Shocks Like a Taser · · Score: 1, Flamebait

    I cannot form any opinions on this matter until Bennett Haselton (frequent contributor) tells me what to think.

  2. Re:Good God! on The Sony Pictures Hack Was Even Worse Than Everyone Thought · · Score: 2

    This is either bullshit, or you're doing it very, very wrong.
    Even assuming a dumbass flat file at 4 KB per row for 62 days, that's over a thousand rows per second.

  3. Re:Sad? Saddest? on The Sony Pictures Hack Was Even Worse Than Everyone Thought · · Score: -1, Troll

    Hiding behind orders, a badge, or a job isn't an excuse. If you do terrible shit or work for people who do terrible shit, expect retaliation. You're free to weigh said "terrible shit" however you wish.
    Taken to an extreme. the Nazis were everyday folk just earning a living - many probably sharing your view on the matter of the war, holocaust, etc.

  4. Re:good security on Ask Slashdot: Convincing My Company To Stop Using Passwords? · · Score: 1

    This is not three-factor authentication. Username is not a factor because it is not considered secret.

    A username is not a secret piece of information.
    A stored hash is not a secret piece of information.
    A password is a secret piece of information.
    A salt is not a secret piece of information.
    An RSA clock's seed is a secret piece of information, but the user doesn't know it, and it lies exposed on the validating server.

    The only thing RSA clocks prevent is remote, delayed attacks. An attacker acting at the same time a user is doing shit will be able to sniff/MITM and use the output of the RSA clock just as the user would. Note that this attacker can be fully automated software that is always awake and watching the compromised boxes.

    Actual two-factor security would be you going somewhere, someone verifying that you look like you and are behaving normally, and the system verifying your password/pin/etc.

  5. Re:Damn Dirty Apes on New Effort To Grant Legal Rights To Chimpanzees Fails · · Score: 1

    The only thing that works is a board with a nail in it.

  6. Nope. on Pizza Hut Tests New "Subconscious Menu" That Reads Your Mind · · Score: 1

    How do I use my eyes to tell them I want sausage, EXTRA cheese, a shitload of garlic, mushrooms on ONLY HALF of the pizza, and for them to cook it "well done" (aka, properly)?

  7. Re:Baity question on 18th Century Law Dredged Up To Force Decryption of Devices · · Score: 1

    0: The source code for Android is not available to the end user. AOSP is not Android.

    1: In 99.999999% of cases, the OS is not compiled from source by the end user.

    2: In the handful of cases where the end user compiles everything from source (OS, bootloader, radios, everything), the end user won't have reviewed the source code.

    3: Any phone with Google's services can be controlled by Google remotely. You can lock your phone right now and you'll be able to remote-install programs from the play store via the web. Even if you trust this encryption, it only works while your phone is encrypted. As soon as you boot your phone you'll be prompted to decrypt it and it stays decrypted until you re-encrypt it (by turning it off). If you are picked up while your phone is on, you're screwed. If you are targeted before you're picked up, they'll push malware to your phone to grab your key or otherwise disable the encryption.

    4: You'll simply rot in a cell if you refuse to unlock (and decrypt) your seized device.

    5: While you rot in a cell, the manufacturer is getting your phone and a national security letter instructing them to try any and all means to decrypt the device.

    As far as the specific backdoors Google/Apple have implemented, I couldn't tell you, but as a person who has been paying attention for the last 15 years, I'm absolutely sure that they have them.

  8. Re:Baity question on 18th Century Law Dredged Up To Force Decryption of Devices · · Score: 3, Insightful

    Of course they can. Google and Apple absolutely have ways in. Anyone believing otherwise is a fool.

  9. Re:5th Admendment? on 18th Century Law Dredged Up To Force Decryption of Devices · · Score: 2

    Somebody downloaded Predestination over the weekend.

  10. Re:I believe forking it is still possible on A Mismatch Between Wikimedia's Pledge Drive and Its Cash On Hand? · · Score: 1

    Encyclopedia Dramatica is the only one worth anything.

  11. Re:512-bit self-signed certs (e.g. DD-WRT) on Firefox 34 Arrives With Video Chat, Yahoo Search As Default · · Score: 1

    even though shitty operating systems won't fucking recognize the shitty certificate in their shitty default browsers

    Install the certificate and make sure it's resolvable all the way up to a trusted root CA.

  12. Re:512-bit self-signed certs (e.g. DD-WRT) on Firefox 34 Arrives With Video Chat, Yahoo Search As Default · · Score: 1

    The separate cert store is separate from certificate pinning.
    Chrome has certificate pinning, and MS supports it via EMET (and pinning rules set up through EMET will work for any program that uses the OS cert store properly).

  13. Re:512-bit self-signed certs (e.g. DD-WRT) on Firefox 34 Arrives With Video Chat, Yahoo Search As Default · · Score: 1

    Learn to read, retard. This is Firefox's shitty design. It's working as intended. It's a feature, not a bug. Etc.

  14. Re:512-bit self-signed certs (e.g. DD-WRT) on Firefox 34 Arrives With Video Chat, Yahoo Search As Default · · Score: 5, Interesting

    Not only that, but they fucking maintain their own DB of certs instead of relying on the OS.
    So I can install and trust a cert on my machine (or everyone's machine by policy) but Firefox won't fucking play by the rules.
    You have to find and use an obscure tool just to manage certs for Firefox. No thanks, assholes.

  15. Re:video chat on Firefox 34 Arrives With Video Chat, Yahoo Search As Default · · Score: 2, Insightful

    This is based on WebRTC which is a W3C draft that both Safari and Internet Explorer have committed to implement. There has to be a first browser to implement any proposed standard.

    Not all proposed standards should be implemented.
    This one shouldn't, nor should the DRM one, etc.

  16. Re: Recommendation for a good browser? on Firefox 34 Arrives With Video Chat, Yahoo Search As Default · · Score: 1, Interesting

    Every single keystroke and mouse click is sent to Google. This includes while using the "private" modes.

  17. Re:Steve Jobs vs. Vladimir Lenin on 10-Year-Old iTunes DRM Lawsuit Heading To Trial · · Score: 2

    Must.
    Crush.
    Capitalism.
    http://vimeo.com/87962641

  18. Re:sane units - FYI on Graphene May Top Kevlar As a Bullet-Stopping Material · · Score: 1

    A mile is a discreet unit equal to 5280 feet. 2000 MPH is exactly 10560000 feet per hour, regardless of how many significant figures you think "2000 MPH" has. (Hint: It has 4. Zeros are significant. If they aren't, you're not supposed to write them.) An hour is equal to 3600 seconds, regardless of whether you write it as 3.6 x 10^3 s or 3600 seconds or 1 hour or .001 khour. Or do you believe an hour is 3 kilo seconds?

    Unit conversion does not involve significant figures unless the conversion factor itself is expressed to a specific significance. 15 MPH is EXACTLY 22 FPS.
    You do not perform truncating due to significant figures during calculations not involving other significant figures. Truncation is to be performed after all calculation.

    Further, if you performed truncating due to significant figures in my calculation (2000 * 22 FPS / 15 MPH) you would end up with 2933 feet.
    If you wanted to claim "2000 MPH" really meant "between 2000 and 3000 MPH" then it should have been written as "2x10^3 MPH or 2 kMPH)

  19. Re:Bit torrent in dire need of fixing on Music Publishers Sue Cox Communications Over Piracy · · Score: 1

    You cannot have Bittorrent work (distributing files to anyone who wants to get them) while blocking the bad guys from participating because the bad guys can be anyone.
    Alternatively, you can't have Bittorrent be efficient (fast) if you plug it full of fake data.

    Bittorrent connects hosts to hosts to distribute files. these hosts don't know each other so they must communicate publicly to some degree. Anyone (including the bad guys) can and must do so for Bittorrent to work. The ONLY way to solve it is as I have stated. This is how the internet works. It's the fundamental design of the thing.

  20. Re:sane units - FYI on Graphene May Top Kevlar As a Bullet-Stopping Material · · Score: 1

    No one but a reporter talks about bullets in miles per hour. 2000 MPH is about 3000 feet per second.

    2933 feet, 4 inches per second. Exactly. 15 MPH = 22 FPS.

  21. Re:Best Bullet Stopping Methodology on Graphene May Top Kevlar As a Bullet-Stopping Material · · Score: 2

    Shooting first.

  22. Re:Bit torrent in dire need of fixing on Music Publishers Sue Cox Communications Over Piracy · · Score: 1

    Problem is any actor with money who wants it is able to extract a more or less complete picture of activity occurring on bit torrent.

    The system as it exists today is simply too open and too transparent creating a lightning rod from intelligence being wielded to justify all manner of legislative unpleasantries.

    If exposure issues are not fixed in bit torrent eventually we will see legislative reality that harms everyone more than any illegal activity.

    This is how the entire internet works, not just bittorrent.
    The only way to securely encrypt communication over the internet is end-to-end with pre-shared (SHARED OFFLINE) keys (keys, passwords, certificates, etc. all work as long as you don't use the established certificate authorities).
    The only way to hide your activity (as opposed to encrypting the contents) is to never use the same MAC address or connection twice.

    The internet connects hosts to hosts.
    Every single packet touching a major ISP is logged and tracked by the government.
    Every single certificate authority can be leveraged against you (the government has access to their keys) making anything any cert chain involving them vulnerable to MITM.

    If you want SECURE communication establish the security OFFLINE. You CANNOT trust the channel.
    If you want HIDDEN communication then ACTUALLY HIDE IT - don't connect from your home connection that's billed in your name, and don't rely on VPNs or proxies for anonymity - they're a speed bump at best, not even a hurdle.

  23. Re:Which is why girls dominate game making... on In UK Study, Girls Best Boys At Making Computer Games · · Score: 1

    Girls have developed faster then boys at that age since always. It is a well known trait.

    It's a popular myth.

  24. Re:Summary of Trailer on First Star War Episode 7 Trailer Released · · Score: 1

    Thus accounting for the fact that they suddenly can't hit the broadside of a barn anymore...

    Only Imperial Stormtroopers are this precise.

  25. Re:I agree, except: on First Star War Episode 7 Trailer Released · · Score: 1

    Not canon.