Slashdot Mirror


User: mark-t

mark-t's activity in the archive.

Stories
0
Comments
15,598
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 15,598

  1. Re:Even worse.... on Unhashable: Why Fingerprints Are Weaker Security Than Passwords (hackaday.com) · · Score: 1

    It's not so much that one might have secrets that are worth so much them, as much as that they may have secrets that are worth so much to whomever is wanting to get the information... if they kill the person, then they *cannot* divulge the information, and for certain rather broad classes of neurologically atypical people, most notably certain kinds of mental illness sufferers who might otherwise be capable of functioning in regular society (presumably with medication), subjecting the person to abnormal levels of stress such as what might be endured during torture or even brainwashing can be entirely counterproductive to obtaining any factual information.

    Fingerprints can be taken from a dead man... the secrets that are locked by them may be obtained without any cooperation on the part of a person whatsoever.

  2. Re:You can't change your fingerprint on Unhashable: Why Fingerprints Are Weaker Security Than Passwords (hackaday.com) · · Score: 1

    An offline attack is only viable if you have a local copy of their password data. A four digit pin is therefore no weaker than the banks own security, since the latter must be defeated first to obtain such a copy, and even then, it must be done without the bank beng aware of it or the bank may alert its users.

    My point being that the security in short length PINs isn't as particularly weak as one may think.

  3. Re:You naively ignore the $5 extraction technique on Unhashable: Why Fingerprints Are Weaker Security Than Passwords (hackaday.com) · · Score: 1

    You can't forcibly extract a password... it must be given. Y The most someone else can do to "extract" it is do things to a person that might coerce them into volunteering that information or cooperating, and even then there will never truly be any guarantee. You see, nobody really knows for sure exactly how the brain works, and every human mind is ultimately different. Torture and brainwashing, for example, would be entirely ineffective against certain classes of neurologically atypical people, not because they are necessarily strong willed, but simply because their minds work so differently than most. Some might even entirely mentally shut down under such conditions, or enter a completely catatonic state, incapable of performing any conscious act or even speaking, making it impossible to gain any useful information from them.

    No.... passwords cannot be forcibly extracted. Fingerprints can be taken from you without any of your cooperation.... they can be taken from you when you are dead, even. Can't exactly do that with a password now, can you?

  4. Re:You naively ignore the $5 extraction technique on Unhashable: Why Fingerprints Are Weaker Security Than Passwords (hackaday.com) · · Score: 1

    You still have to give the passwords willingly... whether you are willing only because you are being tortured or under extreme duress is irrelevant, another party must take measures to directly influence your mental state in order to obtain the password, and even then, there is no guarantee of success. Your fingerprints, however, can be taken whether you object to them being taken or not, and do not require your cooperation to obtain.

  5. Re:You can't change your fingerprint on Unhashable: Why Fingerprints Are Weaker Security Than Passwords (hackaday.com) · · Score: 1
    I agree with your general point, but 4 digit pins are not entirely worthless.... they have the significant advantage that they are short enough to easily remember, and while this is undeniably also an advantage from a hackability perspective, a card that is used for too many invalid pin attempts is always temporarily deactivated, and typically, the owner of the card is contacted by telephone. They will only reactivate the account when they have confirmed that the owner has the card. If it were to occur again, they would probably cancel the card and just issue a brand new one.

    Of course, that doesn't stop people from using keyloggers or something similar to discover your password....but then no length of code is secure against such techniques unless the password is never the same.

  6. Even worse.... on Unhashable: Why Fingerprints Are Weaker Security Than Passwords (hackaday.com) · · Score: 3, Insightful

    .... there is absolutely nothing that you can actually do, barring the use of what would probably amount to excessive physical violence, to prevent someone from taking your fingerprints who is intent upon doing so.

    You can, at least, refuse to divulge your passwords.

  7. Linus is a genius? on Harnessing Conflict in the Workplace (video) · · Score: 2

    I mean I don't doubt that he may be very smart, but is he actually a genius?

    And since when does being a genius somehow give one a free pass on being "prickly"? If anything, I think any forgiveness in that area which may be offered by the public would have more to do with what a person is known for, and how much they have actually done than it would to do with the person's intelligence.

  8. Re:Just to note... on Proof-of-Concept Ransomware Affects Macs (vice.com) · · Score: 1
    Perhaps.... but that's entirely beside the point that I was addressing.

    And the reason such a warning may get ignored on certain other platforms is because that warning comes up for practically everything that a person might want to install... That is not the case with OSX, if ones primary source of applications is from the app store.

  9. Re:Just to note... on Proof-of-Concept Ransomware Affects Macs (vice.com) · · Score: 0

    How would you propose that the the program disable those warnings, exactly?

    Here's a tip for you that you evidently were not aware of, those warnings that pop up aren't being issued by the software.

  10. Slow news day or something? on Symbolic vs. Mnemonic Relational Operators: Is "GT" Greater Than ">"? · · Score: 1

    [nt]

  11. "Revealing" the existence... on UK Gov't Can Demand Backdoors, Give Prison Sentences For Disclosing Them (arstechnica.co.uk) · · Score: 1

    ... of the backdoor can easily be done off the record, so there is no paper trail identifying one specific individual, ensuring that nobody goes to jail, or who specifically to issue a fine to. You can't even necessarily fine the company, because as far as anyone may know, the back door's existence was discovered by somebody outside of the company, and could have even been announced to incriminate them, unless you also make it illegal for companies to make software that might get reverse engineered by somebody else. I'm not too sure how enforceable that is....

  12. Re:Legality? on The Internet Falls For Rumblr, a Fake "Tinder For Fighting" App · · Score: 1

    They are also regulated by a judge, and have proven to take enough precautions to prevent or at least mitigate any genuinely serious injury.

  13. Re:How can there be? on No Such Thing As 'Unlimited' Data (wired.com) · · Score: 1

    I get unlimited long distance calling for a flat fee every month. "Unlimited" for a flat fee works just fine.

    One could make an argument that they really mean by "unlimited" is "unmetered"... that is either literally unmetered, or else any usage that might be recorded will not affect either what one is charged or what services will continue to be available to the subscriber at the same levels.

  14. And if an infrastructure for electric vehicles nationwide existed? And batteries, are thare never going to be any improvements? Seems to be happening pretty regularly these days.

    If a sufficient infrastructure for electric cars existed, as well as a brief enough recharge time that does not significantly impact the the overall duration of an otherwise unpaused trip, sure...

    But more to my point, there are places in the american west that you better plan your trip around some available fuel stations. That "Last Chance Gas" station meme is real.

    Of course, but you still only need to stop at such a last chance station for 5 minutes and you are good to go for another 6 to 7 hours of nonstop driving if you so choose.

  15. So tell me, exactly which vehicles have unlimited range?

    Gasoline vehicles effectively do, owing to a sufficiently large infrastructure of gas stations, and a sufficiently low refill time that it does not significantly impact the duration of a trip that is long enough that requiring such range would matter.

  16. Re:I don't understand.... what was preventing them on Muzzled Canadian Scientists Can Now Speak Freely With Public (thestar.com) · · Score: 1

    Thats easy....try " If you talk to the media your employment will be terminated forthwith..."

    There are loads of ways of getting information into public knowledge without using the media. Word of mouth works suprisingly well.

    But my point is that given that the only "enforcement" possible was duress, the scientists must have been complicit in these restrictions, and they ultimately must have been convinced that the public didn't really need to know anyways. Really, if the science really mattered, they'd publish anyways, and just start looking for another job. Also, when the employer fired them, the public would know what the reason was, since they had published, and the employer might face a PR backlash from the general public if they believed the matter to be important enough.

  17. Re:Offer paid support? on Corporations and OSS Do Not Mix (coglib.com) · · Score: 3, Insightful

    Presumably, they have chosen OSS over alternative projects in the first place for a reason, so them switching to another product just because a bug isn't fixed as soon as they might like would be their own loss on that level.

  18. Re:Fixed immediately? on Corporations and OSS Do Not Mix (coglib.com) · · Score: 1

    Seriously? Having dealt with all sorts of bugs in commercial, closed-source software for more than a decade, I've never heard anyone make threats if a bug isn't fixed in 24 hours.

    Really? Not even an implied one that you might not still have a job otherwise? I've had that happen a few times, unfortunately.

  19. Threats? on Corporations and OSS Do Not Mix (coglib.com) · · Score: 1

    "Well if you're not going to take this seriously, we'll have to start using another project."

    Presumably, they chose the OSS software over another project in the first place for a reason, so starting to use another project would be their own loss. In actuality, that's not really a threat, that's just petty spite. I would have a hard time taking any company seriously that acted so unprofessional.

  20. Re: I don't understand.... what was preventing the on Muzzled Canadian Scientists Can Now Speak Freely With Public (thestar.com) · · Score: 1

    I don't see how the employer would necessarily know if the public is not told through any kind of official channels.

  21. Re:I don't understand.... what was preventing them on Muzzled Canadian Scientists Can Now Speak Freely With Public (thestar.com) · · Score: 1

    Who says that a scientist has to talk to the media just to talk to the public?

  22. The point of self-driving cars.... on Autonomous Cars Aren't As Smart as They're Cracked Up To Be (computerworld.com) · · Score: 2

    .... is not to literally drive the car, it is to prevent accidents.

    Any autonomy that an automobile might appear to exhibit should be seen as a side effect of that goal, and not a direct manifestation of intent.

  23. I don't understand.... what was preventing them... on Muzzled Canadian Scientists Can Now Speak Freely With Public (thestar.com) · · Score: 1

    ... from speaking with the public exactly? Were all scientists that might have showed inclination about speaking on the matter put under house arrest for the past 6 years or something, and all internet and phone communications monitored? I find numerous mention of so-called strict rules in the past, and while I don't dispute their existence, I can't find any info at all on exactly how those rules were enforced.

  24. Re:Cell phones today are a status symbol? on When Slide Rules Were Like Cellphones (hackaday.com) · · Score: 1

    Evidently I made a bad analogy.... My point is that cell phones are so common that the only status I can imagine they might represent is that the user probably isn't entirely technophobic,

  25. Cell phones today are a status symbol? on When Slide Rules Were Like Cellphones (hackaday.com) · · Score: 2

    Of what? Seriously... As ubiquitous as they are, they are about as much of a status symbol as shoes.