Slashdot Mirror


User: GigsVT

GigsVT's activity in the archive.

Stories
0
Comments
7,440
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 7,440

  1. Slashvertisements on Firefly Premieres Tonight · · Score: 0, Offtopic

    So... When is code going to be added to Slash to allow users to block Slashvertisements? I know OSDN is getting desperate, but really!

  2. Re:I've tried many things on David Sorkin on Internet Law and Spam · · Score: 1

    SMTP is fine. There is no way around the fact that if you have an email address that anyone can send mail to, spammers will send mail to it any way they can.

    I don't see what changing SMTP will solve. I also don't see any flaws in SMTP that suggest it needs to be replaced.

  3. Re:Spam police? on David Sorkin on Internet Law and Spam · · Score: 1

    freedom fighters enforcing laws.

    That's all the A-Team did. They just enforced the laws by shooting at a lot of people with fully automatic weapons (they never actually hit anyone).

    Funny, the A-Team would be considered terrorists now.

  4. Re:Defeats one of the purposes of smart cards on Crypto with Epoxy Tokens, Glass Balls and Lasers · · Score: 1

    you have changed your numbers to bolster your argument.

    Just note that I did not change my numbers, I said that it takes 20-30 seconds when the terminal has to dial in (on demand). Most terminals are already connected, in which case it takes 5-10 seconds, or less, to be honest, I never noticed a delay when using a CC unless I actually heard the terminal dial in especially for my transaction, so it may be less than the quoted 5-10 seconds, I am just giving it the benefit of the doubt.

  5. Re:Defeats one of the purposes of smart cards on Crypto with Epoxy Tokens, Glass Balls and Lasers · · Score: 1

    It's only the small shops with few transactions that dial-on-demand. In any store that has a line waiting, the terminal would already be dialled in and connected, reducing the time to 5-10 seconds or so in my experience.

    Are you really so caught up in our society that 5 seconds a couple times a day is that important to you? Some unsolicited advice: slow down. You are going to give yourself a heart attack.

  6. Re:Defeats one of the purposes of smart cards on Crypto with Epoxy Tokens, Glass Balls and Lasers · · Score: 1

    . So the speedup from a smartcard is lost.

    I don't know about you, but when I use my credit card in a swipe terminal, even if it has to dial in, the transaction still takes less than 20 or 30 seconds. Most stores have permanant connections to the clearing house anyway.

    It could reduce cost to not have to connect for each transaction, but probably not a lot in most cases. I'd bet that all but the largest stores could use a single modem to clear all transactions for credit cards... Hell, last I checked, most clearinghouses only supported 2400 bps modems, nothing faster.

  7. Re: yep 40 accounts, is so simple... on Passport vs. Plan 9 · · Score: 1

    You just succeeded in a single post to define the very opposite of KISS. I'm impressed.

    It's very simple, for the end user.

    When they install their OS/SingleSignOnSoftwareThingy, it says, "We will now generate the keys that you will use to access sites on the Internet, Enter a good passphrase".... It then generates your keys, and makes sure you picked a strong passphrase.

    Then the software just uploads your public key when you sign up for a new site that supports this. Seamless for an end user.

    If the public key is lost, or the passphrase forgetten, then of course the user is going to have to go through the hassle of proving they are who they are to sites that have the old public key, but that is necessary in any case. It could be as simple as most sites do these days, they confirm you by your email address, or it could be as complicated as faxing them your ID, as some registrars require... It all depends on the level of security needed.

    To deal with public terminals or for higher security at home, the private key could be loaded onto a smart card, still protected by passphrase, the smart card never transmits the key to the computer, it only answers encrypted challenges.

    Many things are technically complex, but seamless for the end user. Technical complexity isn't the issue, it's complexity for the end user that matters. This isn't even all that technically complex, it's all existing technology.

  8. Re:tv commercial on Effects of the Patriot Act on Librarians · · Score: 2

    It begins with a teenager who approaches the help counter at a library. He tells the librarian that he can't find the books he has on a list, which he hands her. She looks them up in the computer, and replies, "These books are no longer available... may I have your name, please?" When the kid walks away from the counter without giving his name, he's approached by two men in suits (one of whom takes his arm) appearing from behind some shelves, who "just have a couple of questions" for him. Meanwhile, the librarian is watching with a look of sadness and concern.

    A tagline appears: "What if America wasn't America?

    Freedom. Appreciate it. Cherish it. Protect it." Definitely one of the most chilling (and unfortunately appropriate) ads I've ever seen.

    Ripped off from boingboing.net

  9. Re: yep 40 accounts, is so simple... on Passport vs. Plan 9 · · Score: 1

    If it gets compromised, the cracker unfortunately gets the system silently under his control and your passphrase gets stolen very soon.

    Yes, it is possible they could insert some low level trojan to grab your passphrase, but it is significantly more difficult that any centralized server scheme. A cracker would have to go to great lengths just to get one person's valuable information, as opposed breaking into one computer and getting potentially thousands of accounts.

  10. Re: yep 40 accounts, is so simple... on Passport vs. Plan 9 · · Score: 2, Insightful

    Then what we need is a small hardware device that the private key resides in, which only responds to the challenge-reponse of challenges generated by your public key. A smart card could easily fill this purpose. This device would only be used if you needed to use public terminals, for home use, you could just use your hard disk to store the encrypted private key.

  11. Re:Double sign on? Sign-on and a half? on Passport vs. Plan 9 · · Score: 2

    Single sign on, where you log in once and can get straight into a load of different accounts (webmail, credit card, bank, local council benefits office, etc.) is clearly a bad idea, because of the single-point-of-failure problem.

    That's what's great about the way SSH does it. Basically, you upload your public key to any server you want to authenticate to, your private key resides on your computer and is encrypted with a passphrase. ssh-agent is a resident program that manages your private keys. It will ask you for your private key passphrase the first time you use it, then you don't have to type it again, unless you step away from your computer, after a time-out interval, ssh-agent will forget your passphrase for security purposes.

    For having multiple levels of security, you just have multiple keysets, you upload the public key for one private key to the throwaway sites, and set a relatively weak passphrase for it, since it isn't as important, and have another private/public pair that you use for high security sites, which has a really hard password on it.

    In case of a local compromise, your private keys are protected by the passphrase encryption, in the case of a compromise of the Internet host, the attacker gets nothing but your public key, which is useless anyway.

    These problems are already solved. I don't see what the debate is about, and why people are afraid of single sign on... after all, one really really hard password that never leaves your local computer is way more secure than 10 easy to remember passwords, some of which may be the same password.

  12. Re: yep 40 accounts, is so simple... on Passport vs. Plan 9 · · Score: 5, Informative

    haahhhhahahah

    i love keeping track of 40 accounts/passwords.


    Who said you had to do that?

    We have already solved the problem of single password authentication, it is built right into SSH. Basically, you send you public key to anyone you want to authenticate to. Your private key resides on your computer and is password protected. A local key agent manages your private key. When you authenticate the first time, your key agent asks you for your private key's password. Note that this password is never transmitted over the network, neither is the private key. The key agent makes it unnecessary to enter the password again for any site that has your public key, a real single sign on for any system that has your public key.

    Even if your system is compromised, your private key is protected by the passphrase you set for it. If the Internet sites are compromised, all the attacker gets are worthless public keys.

    Why hasn't someone implemented this instead of this passport silliness? The technology has been around to do this right, why do people keep trying to do it wrong?

  13. Re:Old Technology, new twist on Crypto with Epoxy Tokens, Glass Balls and Lasers · · Score: 1

    create pseudo-randomness themselves (invariably according to some algorithm, like creditcard numbers)

    How are credit cards even pseudo-random? There is a checksumming algorithm that all card numbers conform to, which is mostly to prevent typos, but they cannot be generated from a pseudo-random algorithm directly since there must be zero chance of a duplicate. I guess to avoid issuing them in predictable sequences, a pseudo-random algorithm is used to choose which number out of the pool of numbers that complies with the checksum is used, but calling them pseudo-random numbers is kind of inaccurate.

    As far as engineering matching pairs... that seems like it would be as difficult as duplicating a known key. If you can generate a matching pair that is a non-trivial example, then you can duplicate a key.

    The only advantage to matching pair is if you could create keys with very little randomness, which increases the chance of a matching pair forming. I'm sure the software to do the checking would require a key to have a certain amount of randomness, either that or the key would appear different to the naked eye, if it wasn't anywhere near as random as a normal key.

  14. Re:Where do I start? on How The DMCA Is Enforced · · Score: 1

    Did your stat class cover Type I and Type II errors?

    Yes

    So you mean there is a correlation.. my problem with the article is that is seemed to imply causation with flawed logic; Post hoc ergo prompter hoc.

  15. Funny MS Ad on Blizzard Announces New Starcraft Game · · Score: 1

    Yeah yeah, offtopic, mod me down, but the intersitial ad under the story was from MS...

    "Get Microsoft behind your business"

    Is that so they can more easily fuck you in the ass?

  16. Re:Where do I start? on How The DMCA Is Enforced · · Score: 1

    You are arguing in different directions from my original point, but I will bite.

    The fact that someone is sharing kiddie porn on his FTP server significantly increases the likelihood that he is pedophile

    How does that imply that the person is any more or less likely to commit a serious violent crime like abduction?

    Also, note that posession and distribution are crimes themselves, which you seem to be ignoring to argue about causality.

    As someone else pointed out, nearly all people convicted of car theft have had previous speeding tickets... Should that relationship be used to justify actions related to speeding ticket enforcement? Of course not.

  17. Re:Where do I start? on How The DMCA Is Enforced · · Score: 1

    Collecting Kiddy Porn is illegal in most states though, so there's still a crime.

    It is illegal federally in any case, if you are transmitting it over state lines.

    That's not the point, the point is that he is justifying his actions with this dubious logic about crimes that have yet to happen.

  18. Re:Where do I start? on How The DMCA Is Enforced · · Score: 1

    Mod parent AC up, he seems to have another address that may be more correct than my original post.

  19. Re:Who's rights we talking about? on WorldCom Forced To Block Questionable Sites · · Score: 1

    Uh, I think you were agreeing with me.. :)

  20. Re:Yeah but surely this is different on WorldCom Forced To Block Questionable Sites · · Score: 1

    There may have been a miscommunication at some point... I'm not really sure of the point you are trying to make anymore.

  21. Re:On a side note... on Is UnitedLinux Violating The GPL? · · Score: 1

    But all major distros are running kernels that are heavily patched from vanilla... I don't see how AS is different in this regard, it's just another heavily patched kernel you have to deal with. I don't see how you could complain about AS but not about the normal Red Hat kernels, or Mandrake, or any other big distro that uses their own kernels.

  22. Re:The kind of computer that can filter that fast. on WorldCom Forced To Block Questionable Sites · · Score: 1

    You could just not route it if all you are doing is dropping it. However, routing tables are already bloating to unmanagable size, do you really think they could handle several thousand more entries of single IP addresses? As it is, you have a hard time getting peering if you are a holder of a class C or less due to this.

  23. Re:Common Carrier Sueing Frenzy? on WorldCom Forced To Block Questionable Sites · · Score: 1

    Umm..I'm not sure I really am just a simple conduit of bits and bytes, like, say, a telephone company. Data resides, for some TBD period, on my hardware.

    How so? Unless you are running some form of caching proxy, you hold onto the data no longer than the telco holds on to voice data in conversations.

  24. Re:Where do I start? on How The DMCA Is Enforced · · Score: 1

    and when the abductors are caught and you look on their home computers, you inevitably find kiddy porn. So it is a precursor to this bad behavior

    Argh, I just can't stop thinking about how stupid this logic is. Let me give you an example my stats professor gave.

    Nearly 100% of people who do drugs as adults drank milk as kids, at least once. Therefore, drinking milk is a "precursor" to drug use.

  25. Re:Welcome to my firewall! on How The DMCA Is Enforced · · Score: 1

    Their nameserver is running on the same IP as their web site, it's probably some cheesy single IP DSL.

    He probably has multiple ISPs, so good luck blocking him, you would have to block every ISP that gives DSL or higher service to the bay area.