Slashdot Mirror


User: TechyImmigrant

TechyImmigrant's activity in the archive.

Stories
0
Comments
5,917
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 5,917

  1. Re:I'll get flak for this on Ask Slashdot: Communication With Locked-in Syndrome Patient? · · Score: 1

    Everyone needs a hobby.

  2. Re:I'll get flak for this on Ask Slashdot: Communication With Locked-in Syndrome Patient? · · Score: -1, Troll

    Yes. Once we rid the world of theism, the world will be a better place.
    Necessary isn't necessarily nice.

  3. Re:I'll get flak for this on Ask Slashdot: Communication With Locked-in Syndrome Patient? · · Score: 0, Troll

    Theism is evil. It is right to call it every time.

  4. Re:Go die on With the Surface Pro, Microsoft Is Trying To Recreate the PC Market · · Score: 2

    For a superior Apple 2 experience I recommend this.

  5. Re:Will it run Linux? on With the Surface Pro, Microsoft Is Trying To Recreate the PC Market · · Score: 1

    If it's Intel based, yes, as long as you control the secure boot keys.

  6. Re:Go die on With the Surface Pro, Microsoft Is Trying To Recreate the PC Market · · Score: 2

    > try out Integer Basic in an emulator and then try AppleSoft Basic.

    Why in an emulator? I just run them directly on my Apple 2e. The Integer ROM is great because it comes with the mini assembler and sweet 16.

  7. Re:a group representing independent musicians on Google Using YouTube Threat As Leverage For Cheaper Streaming Rights · · Score: 1

    If the contracts are very similar, why do you need to give money to leaches like ASCAP and agents to do it for you?

  8. Re:Perhaps it's just... fun? on Even In the Wild Mice Run In Wheels · · Score: 1

    The ROKU 3 RF remote cures the swinging reaction after a few days.

  9. Re:link? on eBay Compromised · · Score: 1

    Not until the sex change.

  10. Re:link? on eBay Compromised · · Score: 1

    Well I looked many places and found that after the third go round. Not hard, but not obvious.

  11. Re:link? on eBay Compromised · · Score: 1

    OK. I found it on the third go round, behind the locked door with the sign saying "beware of the leopard".
     

  12. Re:link? on eBay Compromised · · Score: 1

    Better yet. I just logged in and I cannot find where to change my password.

  13. Re:Not much to see here. on Discrete Logarithm Problem Partly Solved -- Time To Drop Some Crypto Methods? · · Score: 2

    Unless you're talking about the Dual EC DRBG.
      Prime fields are safer, but they are inconvenient. Elements in a GF(2**n) field map nicely to n bits.

  14. Re:Not much to see here. on Discrete Logarithm Problem Partly Solved -- Time To Drop Some Crypto Methods? · · Score: 1

    >are moving away from finite fields altogether in favor of elliptic curves
    Umm, what about all the elliptic curves in finite fields?

  15. No SQL on New PostgreSQL Guns For NoSQL Market · · Score: 2

    It would be nice if noSQL databases adhered to the promise in the name. They replace the query language with something sane and secure.

  16. Re:Special Projects? on Head of MS Research On Special Projects, Google X and Win 9 · · Score: 1

    Never worked there. I could name some other techy corps where executives were moved to "Special Projects" while the terms of their firing were worked out.

  17. Special Projects? on Head of MS Research On Special Projects, Google X and Win 9 · · Score: 4, Insightful

    Does the author know that "Special Projects" is corporate speak for "Taken off of primary responsibilities prior to being fired".

  18. Re:As if Canon/Nikon do this better on Samsung 'Smart' Camera Easily Hackable · · Score: 1

    What difference does it make when after taking the photo, you just upload it to Facebook?

  19. Re:I'm Safe. on Samsung 'Smart' Camera Easily Hackable · · Score: 0

    No. That's "omelette à l'oignon et jambon"

    I think the primary thing that makes a omelette a Denver omelette is that it is too large.

  20. Re:Static DH is not better than Static RSA on TLS 1.3 Draft Prepares to Drop Static RSA Key Exchange · · Score: 1

    But to replace RC4, new software had to be written and released. Interworking with old implementations is still broken today. TLS is a life raft for broken crypto.

    Given that you know new software has to be released just tie one algorithm for each purpose to one version.

    --> HI_MY_MAX_VERSION_IS_X
    -- HI_MY_MAX_VERSION_IS_Y
    Chosen cipher == Lookup_cipher(min(X,Y))
    Refuse or allow based on whether we are willing to do min(X,Y).
    MAC the whole exchange, continue.

    This looks like ciphersuite negotiation, but it isn't. It's protocol version negotiation which happens anyway.

    As has been pointed out in many forums, the problem with ciphersuites is not just getting new ciphers in. It's getting old ciphers out. Getting old crypto out is just one of TLS's many failings.

  21. Re:Static DH is not better than Static RSA on TLS 1.3 Draft Prepares to Drop Static RSA Key Exchange · · Score: 1

    It's notable that in the current draft they still don't get it right.
    IV
                The Initialization Vector (IV) SHOULD be chosen at random, and
                MUST be unpredictable. Note that in versions of TLS prior to 1.1,
                there was no IV field, and the last ciphertext block of the
                previous record (the "CBC residue") was used as the IV. This was
                changed to prevent the attacks described in [CBCATT]. For block
                ciphers, the IV length is of length
                SecurityParameters.record_iv_length, which is equal to the
                SecurityParameters.block_size.

    The implementer is left to interpret 'random' and 'unpredictable' in ways that are useful for an effective cryptographic outcome.
    Unpredictable to who? Certainly not to the generating end if a CSPRNG is being used.

    What kind of random? There are many definitions of random that don't fall into the cryptographically useful set.

    We know much more about randomness than we did 5 years ago. It doesn't seem like the TLS authors have really kept up.

    I'm not interested in helping TLS by fixing their spec. I'm only interested in destroying it and replacing it with something sane.

  22. Re:Static DH is not better than Static RSA on TLS 1.3 Draft Prepares to Drop Static RSA Key Exchange · · Score: 1

    And yet, the underlying crypto was sound. The composition was broken. If they had specified a proper random IV and not allowed alternatives, beast could not have happened.

    The weight of TLS made the details of the CBC implementation appear minor. But in fact getting that right is a primary task.

    If there was less work on the bucket full of protocol, perhaps there would have been time for people to listen to the crypto guys when they say your IV must be random. If CBC was the only privacy mode, you can be sure that someone would have commented on the IV issue because that is pretty much the only requirement on external inputs to CBC.

  23. Re:Ironic on Jon 'maddog' Hall On the Future of Free Software (Video) · · Score: 1

    Do you enjoy building strawmen to attack?

    Apple were very open with their products back then. They didn't conform to any notion of free software though. The claim was they represent nothing free and open. I pointed out that they used to be open. I made no claims about the freedom of their software.

  24. Re:Ironic on Jon 'maddog' Hall On the Future of Free Software (Video) · · Score: 1

    Not that I'm defending Apple's inflexibility, but why would fixed entry points limit the size of the subroutines? Let each entry point have a single instruction "JMP start_of_actual_subroutine". The previous instruction can then be "JMP current_instruction_address + 2" in order to skip over the redirection, and all the surrounding ROM can be used however you see fit.

    That was done. I think the Beagle Bros did exactly that with their improved images.

  25. Re:Ironic on Jon 'maddog' Hall On the Future of Free Software (Video) · · Score: 1

    >Apple does not represent anything free and open.

    Any more. My apple ][ comes with the schematics and ROM listing.