Slashdot Mirror


User: blueg3

blueg3's activity in the archive.

Stories
0
Comments
4,435
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 4,435

  1. Re:Cow Farts... wrong end! on Removing CO2 From the Air Efficiently · · Score: 2, Insightful

    How do we kill countless billions?

    I mean, we kill lots of delicious cows, sure -- but you'd think the people whose business it was to sell us the delicious cow meat would be counting them.

  2. Re:Natural device? on Removing CO2 From the Air Efficiently · · Score: 2, Informative

    They don't respirate as much CO2 as they take up. The carbon from the difference is used to build more tree.

  3. Re:Hybrid disks - not a novel idea after all! on PC Historian Finds Puzzling Game Diskette Image · · Score: 2, Informative

    See my response above -- "Mac/PC" hybrid disks actually use two different filesystems. Macintosh CDs use the HFS/HFS+ filesystem. People took advantage of this to make dual-filesystem hybrid disks. (On the other hand, having two partitions with different filesystems on one disk was old hat by the time data CDs were around.)

  4. Re:Hybrid disks - not a novel idea after all! on PC Historian Finds Puzzling Game Diskette Image · · Score: 5, Interesting

    The "Macintosh-format" CDs don't use ISO, they actually use HFS/HFS+. The dual-format disks actually contain an ISO and an HFS partition, but they're engineered so that they share data. You can have ISO-only files, HFS-only files, and shared files; the shared files are only stored once. The ISO partition is used to store data for windows; the HFS partition is used to store data for Mac OS.

    The interesting thing about those disks isn't that they're formatted to have two different filesystems on them -- by the time the dual-format CDs were around, putting two partitions on a disk was no big shocker. The interesting part was that they were designed to have two partitions own the same data.

    Compare with the disk mentioned in the article. It sounds like the data for the IBM and C64 are entirely separate. The interesting feature is making what is essentially a two-partition disk out of a disk that's designed to be single-partition.

  5. Re:Technically . . . on RIAA Loses $222K Verdict · · Score: 3, Informative

    Possibly, but the primary goal of the DMCA was to target companies or individuals who produce tools to assist consumers in copyright violations, not the copyright-violators themselves.

  6. Re:Let the flood gates be opened on RIAA Loses $222K Verdict · · Score: 2, Insightful

    It is (sometimes) entrapment if the police do it. It's not entrapment if people who are not the police nor working on behalf of the police do it.

  7. Re:Undisclosed? on EA Hit By Class-Action Suit Over Spore DRM · · Score: 1

    You can't "go in" to the game publisher, only to a retail store. As I mentioned, the retail store might not offer a refund, but the publisher will.

  8. Re:can't discuss SecuRom on EA Hit By Class-Action Suit Over Spore DRM · · Score: 1

    You certainly can -- you just can't use the forums that they're providing (and paying for) to discuss it.

  9. Re:Undisclosed? on EA Hit By Class-Action Suit Over Spore DRM · · Score: 1

    Generally, if you disagree with the EULA, the company will refund your money if you return the product. Now, Best Buy might not. But placing a legal agreement where it cannot be read before purchase and refusing a fair return if you reject that agreement is making you a prime target for a successful lawsuit.

    I know for a fact that if you refuse the EULA, Microsoft will do a return of Windows.

  10. Re:830 days? China? on China To Run Out of IPv4 Addresses In 830 Days · · Score: 1

    No, see, if I was addressing the article/summary, I would've written,

    "Didn't anyone ever teach you that just because your extrapolation model is precise to the day, your results aren't necessarily that precise or accurate?"

    Of course, I generally dismiss future-prediction models that give numbers but don't include error margins or a word like "approximately". (And, as you would presumably agree, "approximately 823.2 days" doesn't count.)

  11. Re:SSL, anyone? on Feds Tighten DNS Security On .Gov · · Score: 1

    In case you didn't read, I did mention that a successful attack requires neither access to the internal network nor BGP hijacking.

    Considering BGP hijacking has also been successfully done (recently) and is an excellent way to get access to communications, I'd hardly call it specious. Yet secure protocols like DNSSEC and HTTPS provide security in the case where your route goes through hostile nodes.

    Again, by hijacking the MX record for a domain -- an attack that doesn't require any particularly privileged access on the target's network -- mail to that domain can be sent instead to an arbitrary third party. Applying SSL to the SMTP connection does not in any way protect against this, because there's no guaranteed connection between the name of the domain you are e-mailing and the name of the server handling its mail other than the information provided in the MX record. Securing the DNS lookup is necessary.

  12. Re:What benifit anway? (A landfill full of TVs?) on Complaints Pour In After Digital TV Test · · Score: 1

    Digital signals of a quality similar to analog television take up substantially less bandwidth. HD television signals, if I remember correctly, take up roughly the same bandwidth as an analog signal. They can't share space on the spectrum, so if you're transmitting both analog and HD, you take up twice as much of the spectrum per channel. In many areas, there's simply not enough broadcast spectrum to hold both analog and HD transmissions of each channel.

  13. Re:Yawn on Complaints Pour In After Digital TV Test · · Score: 1

    They actually only lay copyright claim to their particular collection of facts (that is, the grouping of station names into categories that they created). This, as it turns out, is quite copyrightable.

  14. Re:SSL, anyone? on Feds Tighten DNS Security On .Gov · · Score: 1

    You (a) shouldn't base a security approach on having no malicious computers on your subnet (b) don't need access to the subnet to execute this attack and (c) don't even need access to the routing path (which you could obtain without being on the same subnet with BGP hacks, among others).

    All the information the MX record contains is the address of a machine you can control. It doesn't have to be yours, as long as you control it.

    Using MX forging to redirect mail traffic in exactly this manner has been used in the wild (against unnamed US government organizations, for that matter), so I'd say the chances of this happening are 100%.

  15. Re:830 days? China? on China To Run Out of IPv4 Addresses In 830 Days · · Score: 2, Funny

    On a separate note, didn't anyone ever teach you that just because your calculator displays all those digits, it doesn't mean they're significant?

  16. Re:SSL, anyone? on Feds Tighten DNS Security On .Gov · · Score: 1

    It's perfectly valid for the MX record to specify that the mail handler for foo.com is mail.foo.com, or even mail.bar.com. Valid and common. To send the mail, then, you're connecting to mail.bar.com. Say this SSL connection is authenticated such that you're sure you're talking to mail.bar.com.

    So, the attacker just changes the MX record to mail.evil.com. (Through, for example, DNS cache poisoning.) So, now you set up an SSL connection to mail.evil.com, and you're sure you're talking to mail.evil.com.

    The SSL connection is completely valid, yet your mail has been hijacked.

  17. Re:Study confirms most popups are idiotic on Popup Study Confirms Most Users Are Idiots · · Score: 1

    How do you reproduce the effect of Vista's UAC dialogs from a browser?

    Or is there, in fact, a way of displaying windows that only the OS can use?

  18. Re:SSL, anyone? on Feds Tighten DNS Security On .Gov · · Score: 1

    It's unwise to run a DNS server on the same machine as an HTTP/HTTPS server anyway, so DNSSEC will put no additional load on those servers. (They will put additional load on DNS servers, and that limits adoption.)

    The US government doesn't administer any of this, and they're not by any means the first mover on this. They just happen to control quite a few websites and make press releases.

    As far as sending e-mail via SSL, are you familiar with what MX records do? It should be clear that SSL provides absolutely no protection for MX record poisoning.

  19. Re:SSL, anyone? on Feds Tighten DNS Security On .Gov · · Score: 1

    DNSSEC protects things that aren't secured by https, like MX records. I suspect it's also easier to implement than forcing everyone to move to HTTPS and other encrypted protocols.

    The parts of the Web where you don't care about security are built around HTTP, but there's still value in preventing them from being hijacked.

  20. Re:SSL, anyone? on Feds Tighten DNS Security On .Gov · · Score: 1

    Except that automatic-update systems, such as what you would use to patch the browser against the user's will, only accept signed packages. You can hijack the domain name and send them all the malicious data you want, but they won't install it for you, because the browser doesn't implicitly trust the domain name.

    DNS does not *have* to be secure. It just makes it much more convenient.

  21. Re:SSL, anyone? on Feds Tighten DNS Security On .Gov · · Score: 1

    This is the well-known "login page is not over https" problem.

  22. Re:I guess the old saying is true, then... on Political Viewpoints Linked To Fear · · Score: 2, Insightful

    I'm not actually advocating anything, I'm explaining a logical fallacy. The fallacy is that compromise is necessarily better.

    What you're saying is, incidentally, another fallacy -- you're claiming that since I say "compromise is not necessarily better than a non-compromise" that I also mean "non-compromise is necessarily better than a compromise". They are distinct statements.

  23. Re:Is this indicative of something? on Second Snag This Week Could Delay LHC for Weeks · · Score: 2, Informative

    Having worked on one of these, two failures this early on is par for the course. There's a lot of work to be done even after the thing is build and initial testing is done before it's stable and working (and even then, most particular accelerators are only somewhat "stable" with very heavy maintainance).

  24. Re:I guess the old saying is true, then... on Political Viewpoints Linked To Fear · · Score: 4, Insightful

    Actually, it's not a straw-man argument, it's an illustration of a fallacy. A well-known fallacy, in fact -- the fallacy of compromise. While some sort of compromise is very often useful or effective, it does not follow logically that a compromise between two arbitrary suggestions is necessarily superior. In many cases, a "compromise solution" makes no sense; in others, it's clearly not the "fair" choice.

    There is no innate "middle ground". If you define it as a "reasonable compromise", you're imposing a particular person's arbitrary sense of "reasonable" anyway.

    Anyway, yes. Fallacy of compromise.

  25. Re:NPR has the scoop on Political Viewpoints Linked To Fear · · Score: 1

    To be fair, I think he's saying that their being Republican doesn't really count, not that their charity doesn't count. If they're duped into voting Republican, they don't really "count" as Republican.