Joe: So I was thinking of maybe taking a trip to Paris Bill: Yeah, I know, my google assistant briefed me on you profile on the car ride hear. Joe: Oh.... Joe: So, have you started to carve any new chainsaw sculptures. I mean after the pengiun, Siri told me about that one already. Bill: No, still finishing up the penguin.... Bill: Any thoughts on the- Joe:...no... Bill: the town referendum? Joe: Yeah I knew that's what you were asking. Not really. Bill: Oh.... Joe: Well, you should be getting on now, right? Bill: Oh right you are. Almost time.
If your system is using the right algorithms, your random 64-bit character password should be as safe as a random 32-bit password was pre-quantum. Quantum computers have theoretical limits.
Yes, preferably FIDO + password would be an option
If history repeats itself, people will just fight over whether to use passwords OR something else, and every major consumer implementation will make configuring both painful if not impossible. Witness every OS WPA supplicant save for wpa-supplicant, and every OS IKEv2 client save for strongswan.
Funny all the "lock down this or that" advice didn't include the obvious "Don't let packets spoofed with your own source addresses come in you Internet pipe." Not that that's a watertight seal, given internal footholds, but... a glaring omission.
You're not alone. I wonder if we're in better standing to sue the pants off someone.
(Congratulations, bleating sheep of America. You not only gave a huge social engineering war-chest to the evil corporations you ranted about on FaceBook, but also probably to the Evil Government you ranted about on FaceBook, and most certainly to the Evil Enemies of America you ranted about on FaceBook. I hope you are proud of yourselves.)
I bought a relatively well reviewed, one-cell-per-channel, moderately priced NiMH/NiCad charger that does all the A's and 9V and had a DC input in case I ever needed it.
I've had it for 15 years, pop cells in when they go dead, close the lid, leave them there for weeks until the next time I have a dead cell. It blinks when it sees the battery and stops blinking and goes solid when they are charged. Never a leak; never an exploded cell. Worst thing that ever happened was I had to once pre-charge a cell for a couple minutes that had gotten too low, using a cheaper charger that came with some batteries I bought, before the unit could see it.
I've been sticker-shocked at the retail level for 9V alkalines. Bought rechargeables online cheaper than shelf prices for alkaline.
It's really no surprise: prices do go up for obsolete things as they enter the market of things primarily bought by A) specialty niche users and B) indiscriminate consumers who are easy to part with their money.
Well, the original oligarchs got their starting capital through the inevitable corruption of the communist state... it's really a multi-factor disease. The only feet at which the blame can be firmly placed is the oligarchs themselves, and they don't care about blame one bit.
I think the point here is that there is a recent surge. I know here we've seen a big uptick in Russia-sourced phishing attempts. Kinda weird actually. They'll phish a user's account then try to use it to phish more accounts (in a very clumsy manner that alerts everyone to the problem and helps us find out who else was phished) in what seems to be a self-perpetuating activity with no apparent end-goal. Not an efficient way to run things. I suspect performance metrics at work.
For some reason, vendors seem to have a knack for producing devices with communications needs that do not fit into whatever scheme you come up with for network segregation. "Yeah it's an IoT device but this one in particular also needs to talk to...."
You're almost never staffed up enough to give this an appropriate level of attention on an ongoing basis.
I don't think you understand how TSS works. The supplicant's clock is never used. What a TSS proves is that didn't alter whatever you are timestamping after a certain time. If other evidence can build a reasonable case that you did not have the means or motive to produce a forgery before then, it has value as evidence.
That's correct. However, contemporaneous records have some legal standing in building an overall case of credibility. Especially if they were taken before there was a plausible reason or means to produce a forgery.
Without some kind of verification means, much information loses its value.
Trusted timestamping the screenshot is probably better proof even than having it in your inbox, as there's no telling how easy forgeries are to send through the system on a closed source SaaS.
Name one company that is as efficient as government services. I worked in the public sector for a while. I had a few horror stories to tell, but my friends that worked in the corporate sector could one-up me every time with truly appalling tales of graft and waste. Now I'm in the private not-for-profit sector and I have to say, waste-wise, we've still got the government beat with all the money we waste.
The real reason Republicans want to kill this quasi-public, self-funding agency is because they can't make money (off the little guy) by buying stock in it and sucking profits out through a golden straw. How dare the common man have a reliable way to deliver mail that doesn't pay for their yachts?
Slashdot Mirror
And that is precisely why I use Kaspersky software.
Something something frying pan something fire something.... dammit... now I want bacon!
Worst. Superhero. Ever.
Yeah, I noticed that last night after hitting submit. Point stands.
Typical conversation at a 2025 back-yard BBQ:
Joe: So I was thinking of maybe taking a trip to Paris ... ... ...no... ...
Bill: Yeah, I know, my google assistant briefed me on you profile on the car ride hear.
Joe: Oh.
Joe: So, have you started to carve any new chainsaw sculptures. I mean after the pengiun, Siri told me about that one already.
Bill: No, still finishing up the penguin.
Bill: Any thoughts on the-
Joe:
Bill: the town referendum?
Joe: Yeah I knew that's what you were asking. Not really.
Bill: Oh.
Joe: Well, you should be getting on now, right?
Bill: Oh right you are. Almost time.
I mean, personally, what would you as a typical slashdotter do with this data if you weren't too busy cleaning the I.T. closets?
See who can build the most efficient script to "find Waldo"?
If this keeps up he'll run out of names to namedrop during his speeches which don't result in "lock em up" chants.
If your system is using the right algorithms, your random 64-bit character password should be as safe as a random 32-bit password was pre-quantum. Quantum computers have theoretical limits.
Yes, preferably FIDO + password would be an option
If history repeats itself, people will just fight over whether to use passwords OR something else, and every major consumer implementation will make configuring both painful if not impossible. Witness every OS WPA supplicant save for wpa-supplicant, and every OS IKEv2 client save for strongswan.
The Ars article actually bothered to link the report.
Funny all the "lock down this or that" advice didn't include the obvious "Don't let packets spoofed with your own source addresses come in you Internet pipe." Not that that's a watertight seal, given internal footholds, but... a glaring omission.
You're not alone. I wonder if we're in better standing to sue the pants off someone.
(Congratulations, bleating sheep of America. You not only gave a huge social engineering war-chest to the evil corporations you ranted about on FaceBook, but also probably to the Evil Government you ranted about on FaceBook, and most certainly to the Evil Enemies of America you ranted about on FaceBook. I hope you are proud of yourselves.)
I bought a relatively well reviewed, one-cell-per-channel, moderately priced NiMH/NiCad charger that does all the A's and 9V and had a DC input in case I ever needed it.
I've had it for 15 years, pop cells in when they go dead, close the lid, leave them there for weeks until the next time I have a dead cell. It blinks when it sees the battery and stops blinking and goes solid when they are charged. Never a leak; never an exploded cell. Worst thing that ever happened was I had to once pre-charge a cell for a couple minutes that had gotten too low, using a cheaper charger that came with some batteries I bought, before the unit could see it.
I've been sticker-shocked at the retail level for 9V alkalines. Bought rechargeables online cheaper than shelf prices for alkaline.
It's really no surprise: prices do go up for obsolete things as they enter the market of things primarily bought by A) specialty niche users and B) indiscriminate consumers who are easy to part with their money.
Vast fortunes were made after the collapse of the USSR because there was a market for everything.
...and the people in position to be the sellers of that everything were the corrupt and connected people from before the fall.
That's mentioned in TFA. What isn't... is an actual link to the technical warning. Go figure.
Well, the original oligarchs got their starting capital through the inevitable corruption of the communist state... it's really a multi-factor disease. The only feet at which the blame can be firmly placed is the oligarchs themselves, and they don't care about blame one bit.
I think the point here is that there is a recent surge. I know here we've seen a big uptick in Russia-sourced phishing attempts. Kinda weird actually. They'll phish a user's account then try to use it to phish more accounts (in a very clumsy manner that alerts everyone to the problem and helps us find out who else was phished) in what seems to be a self-perpetuating activity with no apparent end-goal. Not an efficient way to run things. I suspect performance metrics at work.
For some reason, vendors seem to have a knack for producing devices with communications needs that do not fit into whatever scheme you come up with for network segregation. "Yeah it's an IoT device but this one in particular also needs to talk to...."
You're almost never staffed up enough to give this an appropriate level of attention on an ongoing basis.
I don't think you understand how TSS works. The supplicant's clock is never used. What a TSS proves is that didn't alter whatever you are timestamping after a certain time. If other evidence can build a reasonable case that you did not have the means or motive to produce a forgery before then, it has value as evidence.
That's correct. However, contemporaneous records have some legal standing in building an overall case of credibility. Especially if they were taken before there was a plausible reason or means to produce a forgery.
Without some kind of verification means, much information loses its value.
Trusted timestamping the screenshot is probably better proof even than having it in your inbox, as there's no telling how easy forgeries are to send through the system on a closed source SaaS.
He's right. I didn't deny them. I laughed at them. Heartily. Because they are absurd on their face.
Name one company that is as efficient as government services. I worked in the public sector for a while. I had a few horror stories to tell, but my friends that worked in the corporate sector could one-up me every time with truly appalling tales of graft and waste. Now I'm in the private not-for-profit sector and I have to say, waste-wise, we've still got the government beat with all the money we waste.
That's a pretty frickin thin "second side" to the story. Downright ridiculous, actually.
Is the USPS a private for-profit company? No.
The real reason Republicans want to kill this quasi-public, self-funding agency is
because they can't make money (off the little guy) by buying stock in it and sucking
profits out through a golden straw. How dare the common man have a reliable
way to deliver mail that doesn't pay for their yachts?
Oh don't worry, gasoline producers already have a competing solution.