Slashdot Mirror


User: blair1q

blair1q's activity in the archive.

Stories
0
Comments
9,324
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 9,324

  1. As often as the software insists. on How Often Should You Change Your Password? · · Score: 2, Insightful

    I have in excess of 10 passwords just for work (and I'm not an admin, just an end-user, here).

    Every one of those pieces of software has different rules and timeouts. Some have aging enabled, some don't. Some prohibit reuse, some don't.

    I keep a spreadsheet with the rules for all of them (not the actual passwords; those I memorize), and change them en masse when the shortest-lived one nags me.

    So the question is moot. It's not reasonable to believe that in our lifetimes we'll get all of the makers of various pieces of software to change the way they control passwords. Many of these software packages have designs that are ingrained in contracts. Not that the details of the password system are called-out in a contract, but changing anything about the software is a matter of reopening requirements specifications that were locked-down according to a process that is defined and referenced in a Software Development Plan that is released and signed and referenced in a contract. Times the thousand instances of the software at the software vendors' various customer sites. And it's not possible to make a companywide decision to turn off password aging or protection on some of the software, as it's built-in turned-on by the vendor to protect their licenses.

    So the answer is, I need to change my passwords as often as the software insists. Not that I want to, or that it makes any sense, but that it's how it is, and I can change that no more than I can change the commute routes available to me.

  2. Re:Expiration? pfft on How Often Should You Change Your Password? · · Score: 1

    Meaning anyone with your RSA token has access to everything, and you won't know it until you get to work in the morning and the one they swapped it for looks suspiciously new.

    Last I checked, memories were harder to slip off a keychain.

  3. As often as you need to. on How Often Should You Change Your Password? · · Score: 1

    A = average number of people targeting you via password attacks at any time.
    B = average time it takes for your password to be hacked by one person.

    T_expire B/A

    So you can improve security by

    1. Heeding T_expire
    2. Increasing B by using trickier passwords
    3. Reducing A by nuking China

  4. Re:Let me guess... on Disguised Asian Male Caught At Canadian Airport · · Score: 1

    No, no, no.

    Like this:

    "Geht you oss to Mozz!"

  5. 2000 packages? 85% more code? on Red Hat Releases RHEL 6 · · Score: 3, Funny

    RH6: software you can weigh...

  6. Re:Doesn't make sense on NSA Says Its Secure Dev Methods Are Publicly Known · · Score: 1

    IOW, if you go here you'll get what they have.

    Not their code. Just their style.

  7. Re:Doesn't make sense on NSA Says Its Secure Dev Methods Are Publicly Known · · Score: 1

    I'm willing to bet they have a code base that's been fully developed using secure methodologies.

    Most people don't.

  8. Re:Social engineering always wins on NSA Says Its Secure Dev Methods Are Publicly Known · · Score: 2, Insightful

    But that's expensive, slow, and labor-intensive.

    Trojan bots are cheap, easy to distribute, and hard to double against you.

  9. Re:I see it more like a proof that on NSA Says Its Secure Dev Methods Are Publicly Known · · Score: 1

    Disagree. Having a correct methodology is more efficient than having many extra eyes that aren't following any particular methodology.

    The trick is having a correct methodology, and applying it correctly.

  10. I've never played Donkey Kong on Nintendo Seeks To Trademarks "It's On Like Donkey Kong" · · Score: 0, Troll

    Nor any of the Mario Bros. titles.

    Ever.

    Well, maybe for a few seconds in a store. Maybe.

    So, whatever it is they think is on, I'm changing the channel.

  11. Re:Shocking... on Sex Drugs and Texting · · Score: 2, Funny

    When I was a kid, trouble was everywhere, and the cops were busy.

    Get offa my bunk.

  12. Re:Can I just say... on Google Asks Users To Complain Against Facebook · · Score: 1

    Dude. I'm not even on your lawn.

  13. Re:Just stop it! on Google Give Searchers 'Instant Previews' of Result Pages · · Score: 1

    I think they're doing that in lieu of the frame thing, that caused problems if you started browsing at the page and later dismissed the frame. I hated that more than the new thing, which gives you a large version of the picture you wanted, rather than another thumbnail that probably 80% of people clicked to get the large version because they wanted the picture, not the page.

  14. Re:It's just a jet contrail on Mystery Missile Launched Near LA · · Score: 1

    It could be a contrail in a wind-shear. But that implies the pilot of the plane is a masochist and/or sadist, or he's found the curl on a wave just above the shear and is riding it all the way across the ocean.

  15. Re:It's automation, not laziness! on Google Give Searchers 'Instant Previews' of Result Pages · · Score: 1

    I've finally got a look at the "preview" and, honestly, it just gets in the way.

    It's too dim and unfocussed to tell me what's there, and it highlights things that don't add to what I got from the regular excerpt.

    Google's losing its plot.

  16. Re:Oh common.. on Real-Life Gadgets For Real-Life Superheroes · · Score: 1

    And some states let you kill people who are about to break something that doesn't belong to you.

    At least, that's what the statute says.

    The case law probably has a line drawn somewhere between throwing a rock through a window and burning your grain silo.

  17. Re:Why be surprised? on Apache Declares War On Oracle Over Java · · Score: 1

    Oh. No. Sorry. Thought of my second guess the second I guessed.

    But would I have if I hadn't made the first guess?

  18. Re:Why be surprised? on Apache Declares War On Oracle Over Java · · Score: 2, Funny

    Bruce Almighty?

  19. I was about to say on Apache Declares War On Oracle Over Java · · Score: 3, Funny

    I was about to say "how the hell is Sun still in business?" for about the thousandth time.

    Then I remembered...

  20. Re:It's just a jet contrail on Mystery Missile Launched Near LA · · Score: 3, Insightful

    You are correct, I meant perspective.

    I ain't buying it about the wider=older thing, though.

    It takes some pretty special circumstances to make a contrail spread anisotropically. Once the hot vapor from the engines has expanded, condensed, and been contained by the vortices from the wings, it's a pretty stable situation with little spread unless something else gets involved.

    really cool pick at an iffy link here:

    http://3.bp.blogspot.com/_rkPt7JME0-8/SbZndqgc2bI/AAAAAAAAAWI/8UVhtw4fwOU/s320/boeing+747+jumbo+contrail.jpg

    I want that in a glossy 8x10 for my office.

    To get the sort of triangular spread you're thinking of you'd need to have the contrail in a wind-shear, and wind-shear means turbulent flight, and a pilot wouldn't hang out in that for that long, so it should happens to the tails of a contrail, not to the whole contrail starting from the head, as we're looking at in the article's picture.

    sheared contrail:
    http://www.mdbsite.com/skies/contrails/info-3.jpg

    So I'm sticking with perspective, not diffusion.

  21. Re:It's automation, not laziness! on Google Give Searchers 'Instant Previews' of Result Pages · · Score: 4, Insightful

    But in this case you need a machine and an internet connection, and not inconsiderable muscle built into both.

    The point of the enter button was that you could construct your query, send it once, and let the big iron at google do all the work for you, instead of plowing all the intermediate results into your battery- and bandwidth-challenged device.

    So while Google is meeting your goal of automating repetitive tasks, it's also making work for itself, mostly just to impress you, but costing you more than you think in the process.

    Google must be a consultant.

  22. Re:We're not there yet on Google Give Searchers 'Instant Previews' of Result Pages · · Score: 1

    The number of combinations = 2^(256*128) ~ 10^100000

    Which is a google to the 100th power.

    FTW.

  23. Re:Why fix what is not broken? I'm going to hate i on Google Give Searchers 'Instant Previews' of Result Pages · · Score: 1

    Because the people who invented it are billionaires, and have hundreds if not thousands of wage-hungry peons doing the work, now, and every one of them wants a way to make a name for themselves.

    The billionaires at Google still, apparently, have editorial control over that front page, but they're vastly outnumbered by people who have lots of time to come up with arguments that can convince billionaires to spend an uptick in word count.

    Regardless, 90% of Google's functions are hidden under that "even more" link which is at the end of the "more" menu that's at the end of the menu bar.

  24. Re:Just stop it! on Google Give Searchers 'Instant Previews' of Result Pages · · Score: 1

    Setting your default number of results and image-size binning were there before.

    But they added the mouseover thing, some page-aligning feature of unknown purpose that interacts with scrolling. I have a mouse with a frictionless scrollwheel (almost; it probably goes 20+ full revolutions with one spin). On Google's image results page, it flops a bit but refuses to scroll past magic boundaries. I have to scroll it manually, as though I was using a $2 microsoft mouse.

  25. Re:Trying to find the words... on Real-Life Gadgets For Real-Life Superheroes · · Score: 1

    I was thinking "Guardian Angels".

    So, basically, same thing.