Slashdot Mirror


User: khasim

khasim's activity in the archive.

Stories
0
Comments
5,818
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 5,818

  1. Most likely need cygwin. on DSPAM v3.6 Released · · Score: 1

    That was how earlier version worked. I don't know of anyone who actually got them to work natively under Windows.

  2. It's all a business decision. on Should RISC OS be Open Sourced? · · Score: 1

    Do you want to spend X amount of time and Y amount of money on Bob's Ultra-leet Linux Desktop (total users: 4)?

    Or do you spend the time and money in supporting a distribution with more users?

    Which is where the "Linux is too fragmented" claims break down.

    Businesses aren't looking at how many distributions there are. They're looking at how much profit there is. Which is why you see Oracle and Red Hat working together.

  3. Learn from the IBM case. on The Ups and Downs of MySQL AB · · Score: 5, Insightful

    MySQL AB has all the licenses to MySQL.

    They release it under a dual license.

    Now they're accepting SCO money to "partner" with them to develop MySQL so it works better on SCO's server software.

    Now, do a quick search for SCO & IBM & "Project Monterey". See the parallels? And SCO has sued THREE partners/customers over code use.

    The question will come down to what contracts cover what money being spent in what ways to write what code and who owns what rights to what code.

    Personally, I see this as just a way for SCO go try to get possession of the MySQL code base. Only an idiot would sign a developmental contract with SCO after everything that's been revealed from the court cases.

  4. You are an idiot. on Lloyds TSB Pushing New Online Security Protocol · · Score: 1
    I agree with this - but this is something the banks could actually improve. When I log into my account at natwest.com, it redirects to nwolb.com, which is completely unnecessary. Fixing things like this along with a bit of customer education could make a big difference.
    Again (and for the last time), user education has failed. The users do not correctly check the certificates. Got that, retard? They don't check or they don't do it correctly.

    Maybe in your little idiot mind you can think of a magical way to wish they would, but in the real world, they don't and there's no reason to believe they will.
    Er .. not mine actually as, sadly, I don't own a bank.
    Hey, Mr. Moron, you really do have a problem with basic English. It is your system because you proposed it. Maybe if you spend a bit more time on those special education course materials and less time trying to eat your own socks, you'd know that.
    Are you actually hoping to be taken seriously here? Maybe you should have stopped writing before that comment.
    Awwww, did I hurt the little 'tards feelings? Why don't you run and cry to your mommy? Mommy will tell you what a bright little boy you are and how other people are mean for saying you can't read basic English.

    But the fact is, you can't read basic English. You are an idiot.

    Gotta go now. You can have the last word.
  5. 1981 was years before even Gulf War I. on NASA Jet Propulsion Lab Lays Off 300 Engineers · · Score: 1
    I don't care what happened there 20 years ago.

    I care what was there when we invaded. That is what we're spending these troops' lives on (not to mention the money).
    ...with India and Pakistan going nuclear and North Korea, Iraq, and Iran on the brink.
    No. Iraq had ZERO nuclear capability. You've swallowed too much of propaganda.
    While I'm not exactly for the war, the issue is a bit more complicated than the "there were no terrorists in Iraq" crowd would disingeniously have the public believe, even if Bush disingeniously sold Iraq using the terrorist FUD (though he also sold in on the non-FUD proliferation issue).
    Again, Iraq did not have any nuclear capability. So your argument fails.
    I think those would have been much more effective investments for the money, since they address all nuclear threats, not just Iraq, with added bonus that the rest of the world would not harbor so much hatred and suspicion of us, either.
    And for the last time, Iraq had ZERO nuclear capability.

  6. I really don't care about those. on NASA Jet Propulsion Lab Lays Off 300 Engineers · · Score: 1, Informative
    These were written and voted on by U.N. nation members, who later voted for and approved of the use of force in removing the offending government in Iraq.
    No, the UN never approved the use of force or our invasion. The only time they did that was during the First Gulf War.

    You can believe what you want, but you're still wrong.
    This was a mistake on Bush's part for trying to "sell the war" with the possibility of WMDs, because it as since been portrayed (incorrectly) as the main reason for the war.
    Again, you can believe whatever you want, but it was the reason given for the war. You might want to re-read Rice's little bed time story about a "mushroom cloud".

    Play revisionist all you want, but their statements are on record.
    In Bush's defense though, the production of WMDs was a plausible possibility, since Saddam did kick out all the U.N. weapon inspectors.
    No he did not. We pulled them out and then he refused to let them back in.

    Again, play revisionist all you want, but the facts are a matter of record.

    Now, which of those UN resolutions was worth a single US death? Why?

    Which of them are worth the hundreds of billions of dollars we're spending? Why?
  7. You are an idiot. Got that? on Lloyds TSB Pushing New Online Security Protocol · · Score: 1
    Maybe I have too much faith in mankind, but I would think that most people can cope with 1) checking the website address 2) looking for the little padlock next to it.
    Think whatever you like to. But the fact is that current phishing scams work because the users are not checking those items.

    Got that? Your system is failing TODAY.
    It's certainly easier than remembering to dial some telephone number within 1 minute of transaction, or anything along those lines.
    The bank calls the user. The user does not call the bank.

    You got some basic problem with reading English? Maybe you're one of them people with a "learning disability"? Is that it? Or are you just stupid on your own?

    The majority of people are just like you. They can't read correctly either which is why so many people lose so much money to phishing schemes. And you think they're going to get smarter? You are an idiot, aren't you?
  8. I don't think anyone's forgotten. on NASA Jet Propulsion Lab Lays Off 300 Engineers · · Score: 3, Insightful

    But I'm not sure what you remember.

    Some terrorists flew planes into our buildings and killed a bunch of our people.

    So we invaded Afghanistan because that is where the group that they belonged to were headquartered at the time.

    Then, for some reason, we invaded Iraq. And we're still paying for Iraq. And our people are still dying in Iraq.

    What did Iraq have to do with those terrorists?

  9. Let me make it easier for you. on Lloyds TSB Pushing New Online Security Protocol · · Score: 1
    So if you any single channel communication can't work because of man-in-the-middle. And you aren't allowed to be able to educate the user (which seems to translate into using a second channel to give users info), what is your proposed solution?
    Educating the user to check the validity of certificates is a lost cause. If the user fails, the scam succeeds. Got that? User fail, scam succeed. That's the opposite of good security practices.

    Now, if the bank requires the user to press "1" on the phone within 1 minute of the transaction being processed, if the user fails, the transaction fails. User fail, transaction fail. That's what is known as "good security practices".

    In order for the user to be scammed in the second instance, the phisher would need to start a transaction, successfully, the bank calls the user and the user, for some reason, confirms that he did just enter and really does want to spend $10,000 on an item from some company in Poland.
  10. Tell me how it does that. on Lloyds TSB Pushing New Online Security Protocol · · Score: 1

    You connect to a phish site (my.ebaysecurity.com) which has a valid certificate for ebaysecurity.com so you have a "valid" SSL connection.

    That site (my.ebaysecurity.com) takes all your keystrokes and uses them to logon to ebay.com as you.

    That is what a man-in-the-middle attack is. And don't bother telling me that every user should check every certificate from every site and make sure that the site name is a legitimate site for that organization. Just look at citibank to see the problems with that.

    And if you're going that route, why not just expect every user to understand digitally signed and encrypted email and the details of the SMTP protocol so they can identify the phishing emails from the start?

    No. The solution has to work for everyone with the minimum of education on the systems.

  11. Timed response. on Lloyds TSB Pushing New Online Security Protocol · · Score: 1
    How do you verify that the person that called you is an official bank representative? I always wonder that every time my "credit card" company calls when it is actually some other company that the credit card company has hired to do marketing calls.
    Simple, the phisher/retailer won't have your phone number. So you enter a transaction, then receive a call within the next minute to confirm it.

    It wouldn't get the phisher anything to make random confirming phone calls. The calls have to be within a reasonable time frame from when you made the 1st confirmation online.
  12. SSL doesn't tell you enough. on Lloyds TSB Pushing New Online Security Protocol · · Score: 1

    SSL is used to encrypt the connection so no one outside can sniff it and collect things like your credit card info.

    SSL is achieved via certificates issued by an "trusted authority". But that does not mean that the site you are securely connected to has anything to do with the organization that you believe you are connected to.

    my.eBaySecurity.com ... for example. So, if I can get a certificate for that site, and the connection is a "secure" connection ... that means that it's not a phishing site, right? Wrong.

    And that's supposing that the user even considers that an SSL connection (I'm not using the word "secure" in that) is necessary. A lot of the people falling for the phishing are not that enlightened.

    And attempting to educate the end user is the most expensive and least effective approach to a problem.

  13. How about a different approach? on Lloyds TSB Pushing New Online Security Protocol · · Score: 1

    What are we really talking about here? Is it someone making online purchases with your credit card? Or is it someone tranfering your money out of your bank account?

    To me, those are both different aspects of the same issue and that issue. How do you correctly authenticate a person's identify from an anonymous terminal?

    I don't believe you can. No matter how many security keys they have, they'll all be travelling over the same connection and all of them will be vulnerable to a man-in-the-middle attack. Anything you do with one computer online can be captured with another computer.

    So, the solution is simple. Don't use a single avenue for all your authentication codes. Here are a couple of scenarios to illustrate that.

    # 1. You authenticate to your bank online. You want to transfer funds to an account in Eastern Europe for some reason. You fill out all the info for the transfer and then you have to wait by the phone for the bank to call the number they have on record for you and hit "1" to confirm the transaction. Even if the phishers get your login info, they can't do anything without access to your phone. You authenticate over the Internet with your username/password and you confirm over the phone.

    # 2. You want to order something from an online retailer. You fill up the shopping cart and go to checkout. At checkout, the retailer gives you a code number (right click to save to clipboard) identifying your purchase. You logon to your bank and paste that code into the online transaction field. The bank calls you to confirm the transaction. You press "1". The bank then sends the payment to the retailer so the retailer will NEVER see your credit card info. This also allows the bank to provide some historical data on disputes with that retailer.

    The key concept is that the bank already has the info it needs to more accurately confirm your identity. The bank also has the phone systems in place to do automated calling and confirming. Why not use those items, together, to make online transactions more secure by requiring non-online final authentication?

    Not only will this reduce phishing, but it will help reduce online scams from fake retailers.

    You could even set the max single purchase and max daily purchase amounts with your bank. Even if everything else failed, you'd only be out whatever amount you set. For each purchase (add $1 convinience fee), the bank would generate a snail mail letter to your address of record and remind you of how much you spent, on what day, with what vendor.

    Note: any online changes to your account info would likewise be confirmed via a phone call. If you're changing your phone number, you'd have to do it at a branch office and bring sufficient identification which would be scanned and stored.

  14. Still vulnerable to man-in-the-middle attacks. on Lloyds TSB Pushing New Online Security Protocol · · Score: 2, Insightful

    As long as the info is travelling over one channel (your Internet connection to that bank), you're still vulnerable to a man-in-the-middle attack.

    This method doesn't provide any more security, just more toys to lose.

    Now, if they tied those key-fobs to the cell network and you had to confirm the transaction that you entered via the Internet with a cell connection from the key-fob, that would be sufficient 2 factor security.

    But that costs even more than the key-fobs they have now and the key-fobs make the users FEEL more "secure" because they don't understand man-in-the-middle attacks.

  15. No. I said NO email. on Lloyds TSB Pushing New Online Security Protocol · · Score: 1, Insightful
    Why do you think that would help? Banks already tell their customers that they will NEVER send them emails requesting account information.
    The phishing messages do NOT ask for account info.

    The phishing messages say that there has been a problem with your account and that you need to login to fix the probem (click here).

    But that isn't the real bank's site. It's a phishing site setup to look just like the real bank's site and it will collect their login info when they try to login.

    Banks use email for all kinds of crap and their customers get used to the concept of receiving email from their bank with requests to click on links. This is because email is a very inexpensive way for banks to send ads and crap to their customers.

    In order to end phishing, the banks will have to give up the cheap advertising medium of email. No email at all. Ever. You will NEVER receive ANY email from ANYONE from this bank for ANY reason. EVER.

    If they really need to contact you, they have your phone numbers, your address, your social security number and so forth. They will NOT have a problem finding you and letting you know that there has been a problem.
  16. The fools do NOT understand 2 factor security. on Lloyds TSB Pushing New Online Security Protocol · · Score: 1

    When BOTH factors are sent over the SAME CHANNEL you do NOT increase the security of the system.

    You need a different channel, such as calling a phone number they have on file that the phisher would not be able to get from that communication.

  17. Just don't send email. on Lloyds TSB Pushing New Online Security Protocol · · Score: 0, Flamebait

    Don't give the customers something to lose. Out of 30,000 people, you know that some will be losing this every day.

    Instead, just publicly announce your policy that you will NEVER use external email to communicate with customers.

    Using a toy like this just means that the phishers will have to move to man-in-the-middle attacks.

    So what if your bank loses the ability to send ads to their customers? Your customer's security is more important.

    No email from banks or other financial institutions EVER.

  18. How about this? on Deciphering the Brain's Love Map · · Score: 2, Informative
    First off http://science.slashdot.org/article.pl?sid=04/10/2 2/0248247&tid=191&tid=14

    She's an anthropologist who implies that she can tell if you have high levels of serotonin just by asking you 100 questions about your past relationships and such.

    From TFA:
    One of the questions on Chemistry.com asks how long your index finger is compared to your ring finger. What's the significance of that?
    We are measuring how much testosterone you were exposed to in the womb. There is new data that shows that the brain is patterned before birth. The length of the finger can give some clues as to how assertive they might be.


    Now .... http://www.4-men.org/testosterone/testosterone-and -fingers.html A survey of the finger lengths of over 100 male and female academics at the University of Bath by senior Psychology lecturer Dr Mark Brosnan has found that those men teaching hard science like mathematics and physics tend to have index fingers as long as their ring fingers, a marker for unusually high estrogen levels for males.

    It also found the reverse: those male academics with longer ring fingers than index fingers - the usual male pattern - tended not to be in science but in social science subjects such as psychology and education.

    The study also found that these hormonal levels may make male scientists less likely to have children.


    That's some damn good science stuff!

    But (that's a joke, son!) there may be more to the reasoning why male scientists don't have children.....

    Finger length is linked to sexual orientation! http://flatrock.org.nz/topics/odds_and_oddities/fi nger_length_ratios.htm

    Great. This seems to be the more of the crap "science" so popular today. Just because two characteristics appear in one group does NOT mean that there is any correlation between those characteristics.
  19. Okay, I'm going off topic. on Top Advisory Panel Warns Erosion of U.S. Science · · Score: 1
    First - the concept of loyalty to the state vs loyalty to the individual is a relevant topic of discussion in social studies. The concept of a supernatural force is not a relevant topic of discussion in a science class.
    I hadn't thought about it like that before, but I think the current debate over requiring the Pledge of Allegiance in classes would fall under the concept of "Loyalty to the State" vs "Personal Liberty".

    I know, currently it is set as an issue about Church and State because of the clause "one nation, under God".

    But if it is framed in terms of Loyalty vs Liberty, it removes all the Church knee-jerk reactions (both for and against).

    Not that it would clear the issue. You'd still have the positive and negative arch-types for each side.
  20. Thanks, but I don't need more examples. on Top Advisory Panel Warns Erosion of U.S. Science · · Score: 1
    Ok. Do a google search on "relativity" and pretend that this means you've studied and understood it. I could quickly link to the Wikipedia, it wouldn't make me more correct.
    Nope. But it does mean that it is up to you to refute the material. Pointing out that you could link to material does not refute my reference.
    And non-uniform acceleration would be equivalent to a non-uniform gravitational field.
    Yes, that is what the first theory is about. The Special Theory of Relativity. Different accelerations mean that you cannot measure the events in one frame from the other.
    Inertial would be equivalent to being at rest. Therefore, any frame of reference can be taken to be stationary.
    No. Any frame of reference can be taken to be stationary ONLY FOR THOSE ITEMS WITHIN THAT FRAME OF REFERENCE.
    Good thing you've refuted the evil of "stupid people" who claim things that they can't prove.
    And you keep providing examples of such people.

    You make a claim that seems to contradict what I understand ... and then for "support" you reference an accepted scientific theory ... but you cannot explain how it supports your claim.

    Saying that any reference frame can be taken as stationary (for items in that frame) does not support your statement that the Sun revolves around the Earth.

    Since you haven't been able to support your claim, but you feel the need to keep repeating it ... well, thanks again for the demonstration of how those average people like to defend their incorrect beliefs when presented with verifiable facts. Since you haven't made any sense yet, I'll let you have the last word. Although I would recommend against spending your time here trying to defend your incorrect beliefs and instead, spend some time reading peer-reviewed studies.
  21. You make it too easy. on Top Advisory Panel Warns Erosion of U.S. Science · · Score: 1
    Are you at all familiar with the theory of general relativity? True, it's only been around for about a hundred years, but it's pretty well accepted these days.
    "The Theory of General Relativity"?

    http://www-groups.dcs.st-and.ac.uk/~history/HistTo pics/General_relativity.html
    So it was Einstein's second "Theory of Relativity" and it followed his first "Theory of Special Relativity". So, yes, I am familiar with it.
    The upshot of the whole thing is, any frame of reference can be taken as stationary (motionless) and the universe continues to make sense. Now, this doesn't mean that the earth has sufficient gravity to drag the sun around all over the place, however, within any bounded system, the motion of the unaccelerated objects within that system should be able to be accounted for (from any frame of reference) from inertia and sources of gravity. Someone correct me if I'm wrong here.
    No. You're wrong. What it says, simplified, is that a uniform gravitational field is equivalent to a uniform acceleration.

    This is a refinement of his "Special Theory of Relativity" which focused on the effects of acceleration on time.
    So, according to Einstein, you can take the earth as a stationary object and speak of the sun as moving around it. Don't like that? Argue with Einstein, not me.
    Since Einstein did not say that, why should I ask him to support it?

    You're the one making the claim. Either you provide support or you retract it.
    Further, even in Newtonian physics, the Earth doesn't properly revolve around the sun, but the earth and the sun both move around a common center. That's forgetting the other planets, asteroids, comets, galaxies, etc., which would, of course, complicate things.
    I'm not asking about Newton.

    You made a claim that the theory of relativity said that the Sun revolves around the Earth. Support it or retract it.
    Besides, what does "around" mean?
    Great. Now you're retreating into "what the meaning of 'is' is".

    Thanks for providing the support to my statement.
  22. Yes it has. on Top Advisory Panel Warns Erosion of U.S. Science · · Score: 1
    The second, macro-evolution, postulates that one species can diverge into two. This has not been proven, and there is some evidence against it (things like dogs, where un-natural selection has failed to produce multiple species).
    With the aforementioned common fruitfly.

    A colony can be split in two and, over time, members the two colonies will not be able to inter-breed with members of the other colony. They have become two different species.

    If not so, what criteria would you require to show that it was so?
  23. I want your opinion on something. on Top Advisory Panel Warns Erosion of U.S. Science · · Score: 1
    At the end of the day, the jobs will go to the qualified people who can do it the cheapest.
    I see that also. But I wonder about the specifics of the why of it.

    Would you ("you" personally), pay 10% more for a product if you knew (really knew, not just saw it as marketing) that:
    a. the product was 100% Made in your country
    b. the employees of the company that made it were paid a decent wage
    c. the executives of that company all made no more than 5 times the salary of the highest paid worker
    (Product quality and availability and all other factors are considered to be the same.)

    If so, why? Also, how much extra would you pay? 15%? 20%? 25%?

    If not, is there a reason other than pure "get the lowest price I can"?

    I'm trying to see if there's anything that makes a person actually (as opposed to simple voicing of platitudes) invest more in his/her country/economy rather than his/her own economic advantage.
  24. You got some support for that. on Top Advisory Panel Warns Erosion of U.S. Science · · Score: 1
    BTW, study up on your relativity, my boy, because the people who believe that the sun goes around the Earth aren't necessarily wrong.
    And you are now my 3rd example.

    Unless you can provide support that the Sun does revolve around the Earth
    or
    That in some circumstances, the Sun revolves around the Earth.
    If you have a sort of "intelligence" that causes you to believe yourself to be superior to everyone else, and therefore causes to be self-righteous in steamrolling over others' lives, and to be indignant when those people don't appreciate your "guidance", that sort of "intelligence" entitles you to be in charge of exactly jack and sh*t.
    And that is your opinion. And the opinion of someone who believes that the Sun revolves around the Earth (or does so under certain circumstances) is worth ... well, it's not worth "jack", that's for sure.
    A well justified emotional reaction. If someone came to you and said, "You're a moron, so I'm going to start telling you what's true," don't you think you'd be a little upset?
    Again, you believe that the Sun revolves (or does so under certain circumstances) around the Earth. I'm sure that you do consider it a "well justified" emotional response.

    That does not make that person, or you, any less wrong.

    So, why spend the time/effort/money making sure that people like you do not get your emotions hurt?

    If you don't like the fact that you're wrong (and no, relativity does NOT say that), then it is up to you to:
    a. Get hurt feelings
    b. Grow up and deal with it like a mature adult
  25. You're a good second example. on Top Advisory Panel Warns Erosion of U.S. Science · · Score: 2, Insightful
    Jesus, this should be modded WAY down.
    So ... what you're saying is that opinion doesn't match the opinion of people who have mod points right now. That's understandable.
    When the "intellectual elite" talk this way about the "average" people, why shouldn't they hate you?
    Because that is an emotional reaction. If those people who still believe that the Sun revolves around the Earth have a problem with someone telling them they're wrong and using them as an example of why the US is losing in this field, why should I care?

    Should I find a way to phrase it so I can protect their fragile egos? Maybe tell them that they aren't really "wrong"? Isn't that the approach that got us into this situation in the first place?
    My experience is that most people who think they are so qualified, aren't particularly impressive.
    And, in your "experience", does the Sun revolve around the Earth?
    If intellectual elitists are going to talk about average people like they're chimps, a the way people on slashdot usually do, how can you blame anyone for not wanting to listen to what you have to say?
    Again, you're confusing an emotional reaction with a fact.

    I don't care if you don't want to hear that the Earth revolves around the Sun.

    I don't care if you get upset when I tell you that you are wrong for believing anything other than that.

    I don't care if you don't like me for telling you that I don't care.

    The criteria should NOT be your feelings, but what the FACTS are.