Slashdot Mirror


User: TechyImmigrant

TechyImmigrant's activity in the archive.

Stories
0
Comments
5,917
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 5,917

  1. Re:A bit???? on Austin Airport Tracks Cell Phones To Measure Security Line Wait · · Score: 2

    >How do probes with random macs break it? If a known network it wants to connect to is present it can use its real address.
    You can probe with a random mac all you like.

    But you can't then connect with a random mac and expect the connectivity to work. Not when the mac is changing faster than the network attachment. If it isn't changing that fast (like in Apple's products) it can work, but it doesn't stop a broad class of tracking.

    So yes, you can probe all day with a random mac. Just expect to have to reveal a session-consistent mac when you try to connect.

    I asked a friend in the middle of this in 802 and he dumped a pile of documents on me. It was quite an entertaining read.

  2. At PDX and other places a TSA guy gives you a little colored card with a number on it.
    At the other end of the line a TSA guy takes it from you.
    They time of the line is measured by the transit time of the card.

    Is this more or less creepy?

  3. Re:A bit???? on Austin Airport Tracks Cell Phones To Measure Security Line Wait · · Score: 4, Informative

    MAC address randomization is currently being argued back and forth in IEEE 802.

    It breaks many things. It might work randomizing between sessions on a simple LAN, but in the presence of the the 802.1 network features (bridges, vlans, STP, provider bridges etc. etc.) it simply breaks.

    It doesn't sit well with the various authentication schemes that mix the MAC address into the security header and key derivation.
    It doesn't sit will with MAC based routing entities that are not on the local segment.

    People with a deep knowledge of 802 protocols are looking at this and it isn't simple or easy.

  4. I don't always.. on The Classic Control Panel In Windows May Be Gone · · Score: 1

    ..run a program that takes longer than a week to complete.

    But when I do, I unplug the ethernet.

  5. He'll Never.. on What It Took For SpaceX To Become a Serious Space Company · · Score: 1

    find a battery charging station on Mars.

  6. Re:You could see this coming on Despite Patent Settlement, Apple Pulls Bose Merchandise From Its Stores · · Score: 1

    A commercial litigator saying it's OK the sue. Whoodathunk?

  7. I don't frequent those places, but if it is that loud, active cancelation audio headphones do not make good ear defenders.

  8. Re:You could see this coming on Despite Patent Settlement, Apple Pulls Bose Merchandise From Its Stores · · Score: 3, Insightful

    > I have a feeling that Bose' CFO is not happy but not unhappy. It's business.
    I have a feeling that setting the lawyers on an effective retail outlet for your goods is really bad for business.

    If someone sued me, I'm certainly not going to do business with them in the future.

  9. Re:Clueless on Despite Patent Settlement, Apple Pulls Bose Merchandise From Its Stores · · Score: 1

    Can to tell us the brand/model of your better-than-active-noise-cancellation headphones?

    He's deluding himself. What he's using is ear defenders.

    Try this... Stick your finger in your ear. Create a good seal so outside sound is well blocked.
    Do you hear nothing? No, you hear a background roar of muffly rumblings.

    Or try putting ear plugs in and sit still. Do you hear less? Yes.
    Now move your head. Say just slowly move it around. You hear a bunch of noise from the ear plug itself rubbing in your ear canal.

    A sealed cavity around your ears traps in all the local noise. It's worse than nothing.

  10. Re:lol on Despite Patent Settlement, Apple Pulls Bose Merchandise From Its Stores · · Score: 2, Interesting

    I call BS. The Sony's barely worked. I tried them back to back with the Bose.

    Active noise cancellation is not about HiFi. It's about high background noise environments like on airplanes or in offices.

    Try a set of Bose QC3s in a quiet environment, listening to music through a stereo of any quality will not be better than something with a large seal and a half decent speaker, but that's not the point. I doubt people could actually tell the difference in a quiet environment. If there's nothing to cancel, cancellation doesn't help. But in a high noise environment, the Bose are clearly better.

  11. Re:lol on Despite Patent Settlement, Apple Pulls Bose Merchandise From Its Stores · · Score: 3, Insightful

    Bose noise cancelling headphones are not a scam. They were qualitatively far far better than anything else on the market when they came out and they still seem to be better today.

    I'll be taking my rather ancient set of QC3s on the plane tomorrow.

  12. Re:Really? on Kickstarter Cancels Anonabox Funding Campaign · · Score: 2

    Designing and building a 6 layer board, 3 iterations to get right, using your own time is 10-30 grand, depending on the components and manufacturer fees. Any board of takes 6 months. It just does. String together all the things to do for a manufacturable board and it takes 6 months.

    Doing a one off, for your own amusement, or a PoC, I managed that in 2 very long days once.

  13. Re:Gamer Gate Why ? on For Game Developers, It's About the Labor of Love · · Score: 1

    >Language and labels change meaning

    Yes, it seems like that interpretation requires that you interpret the word 'Gamer' to mean lowlife male basement dwellers who yell into microphones.
    Being competent in English I interpret 'Gamer' in this context to mean 'People who play computer games'.

    So I'm a gamer. I like a good FPS. I've has my arse whipped in Starcraft. I've shot lots of zombies and Nazis in Sniper Elite .*, I've been top of the pile on master mode on Rocksmith, But I'm also a crypto hardware engineer in my late 40s with grandchildren and no tendency to yell into microphones.

  14. 10 more on Warner Brothers Announces 10 New DC Comics Movies · · Score: 1

    movies that I won't go to see.

  15. Re:Not an April Fools joke? on For Game Developers, It's About the Labor of Love · · Score: 3, Funny

    I played with it for a while, was initially amused and then got bored.

    But my 5 year old grandson loves it and keeps coming back. It's the game on which he finally cracked the WASD/Mouse thing, which is a pretty important life skill in my book.

  16. Re:Gamer Gate Why ? on For Game Developers, It's About the Labor of Love · · Score: 3, Insightful

    > Who the fuck cares
    I don't, but the author's of the offensive articles really screwed up.

    They took a demographic they considered male, teenage basement dwellers and wrote a couple of astonishingly offensive articles, on a website aimed at that demographic. Then they found out that 'gamer' != that demographic. It cuts right across all levels of society and all genders. So they managed to write something offensive to everyone. When the story broke out of bubble of that one website, sympathy for the authors was heavily muted by the fact that everyone who plays computer games, myself included, think they brought it upon themselves, because they can see plainly how offensive the articles were and how they articles are talking squarely about them, regardless of where they sit in society.

    Not being the sort of person to take offense at random things on the internet, I really don't care, but it's still pretty obvious the authors screwed up and got a predictable response. Society has people who live on a broad distribution of extremism. If you uniformly offend people across the distribution, you're going to offend the sort of people who send death threats over the internet for fun.

  17. Re:China, home to government sponsored thieves? on FBI Warns Industry of Chinese Cyber Campaign · · Score: 1

    >This is important news.
    I'm not criticizing the reporting. I'm criticizing the FBI for putting out blatantly manipulative, fear mongering press releases.

    > If China is stepping up it's state sponsored spying and digital theft
    They are. So is everyone else. That isn't new news.

    >If you have no use for it
    If they told us something we could take action on, like a way to distinguish these 'new' bad actors from anyone else, that would be news I could use.

    >clearly you aren't a nerd
    Yes clearly. I'll hand my nerd card into the local nerd management office and take up accounting rather than crypto.

  18. What's the difference? on FBI Warns Industry of Chinese Cyber Campaign · · Score: 2

    I presume the company I work for is a target, but it's no less a target from any other government.

    This isn't news I can use. There's no behavior change that is a rational response to this. It's not like we didn't already know there are several governments trying to get access to all out stuff.

  19. So they're great at killing and spying. They don't have a track record in doing 'good' things like providing cheap, clean energy.

  20. Re:No Carriers on ISPs Violating Net Neutrality To Block Encryption · · Score: 4, Informative

    Agree. A good article would explain how it happens, such as on Cisco gear and how it may or may not be deliberate and would explain what you can do about it, e.g. use a VPN service.

  21. Re:No Carriers on ISPs Violating Net Neutrality To Block Encryption · · Score: 5, Insightful

    Isn't the end result the same?
    If a transparent proxy changes the TLS messages, it's filtering encrypted traffic so it's a MITM attack.

    Still evil.

  22. The "It's not working" attack on ISPs Violating Net Neutrality To Block Encryption · · Score: 5, Interesting

    This was discussed when we were writing the 802.11i security specs. If an attacker can selectively DoS the link/network/whatever when security is enabled, you can fool the user to conclude the security is the problem and turn it off, whereupon everything starts to work.

    There is a collision of two principles
    1) Silently drop bad packets.
    2) Let the user know something bad is happening.

    These are opposing goals. In the case of this attack, we want #2, because we know they have evil intent and plaintext is not ok and we need the user to not turn off TLS.
    In other cases, like front door attacks (as opposed to MITM), #1 is the way.

    This is why designing a good security protocol is hard and TLS still does the wrong thing at the wrong time.

  23. Re:Questiona re a bit sexists on Statisticians Uncover What Makes For a Stable Marriage · · Score: -1, Flamebait

    I myself am Christian, but not in the annoying way that many are.

    Why do you think your irrational belief in ghosts is less annoying than someone else's?

    Ultimately, the willingness to believe things because "someone said so" is what leads to the ills of religion in its many forms. Your religion is no less irrational or annoying than someone else's.

  24. Re:Problematic for Linux too on How Poor Punctuation Can Break Windows · · Score: 1, Insightful

    At least you can diagnose and fix issues with shell scripts with vi and a bit of knowledge. Try that with a binary blob that stores its data in a binary store.

    Well with the source code of the binary blob, you could diagnose and fix issues with vi and a bit of knowledge.

  25. Re:They _Should_ Replace It on CSS Proposed 20 Years Ago Today · · Score: 1

    >I’m sure this won’t be the only "css" sucks comment.
    You're not wrong. Can I mention inheritance, or the lack thereof?
    FFS, I want to say - "This is like that but with this thing changed"
    This is probably why every CSS preprocessor adds inheritance. Because it's missing from CSS.

    My analysis is that the authors who drafted it were browser writers, not web content developers, who wanted something that slotted right into their data model.