Slashdot Mirror


User: schon

schon's activity in the archive.

Stories
0
Comments
4,413
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 4,413

  1. Re:Wha??? (OT) on Boeing Gets FCC Approval For Broadband Service · · Score: 1

    the World Series was originally the "New York World Series", named after the "New York World" that sponsored it.

    Yes, I know that - and you know that, but how many other people (especially in the US) know that? Everyone I've talked to seems to believe it's because it decides the world's best baseball team.

    To paraphrase John Cleese:
    One of the things that makes the UK better than the US is that when we hold the world championship for a sport, we invite teams from other countries.

  2. Wha??? on Boeing Gets FCC Approval For Broadband Service · · Score: 5, Funny

    We Americans are the most wired country in the world

    Can you back that up with a reference?

    A quick search tells me that Finland is #1.

    Or were you using the term "world" as in "world series" (which apparently means "USA - and maybe Canada occasionally if we're feeling particularly generous")?

  3. *sigh* on Pictorial Passwords · · Score: 2

    OK, sounds like a good idea at first, but reminds me of the "date problem"

    The "date problem" arises because humans like to assign significance to round numbers (like all the "end of the world" stuff surrounding the year 2000).. to combat this, a former Discordian decided that he would create his own calendar, using letters instead of numbers - you pick an arbitrary year, and this becomes year "A", next year is year "B", etc.. after 26 years, you get "AA", and then "AB", then "AC", etc.. the rationale behind this is that the lack of nice, even numbers means that people can't say "year 2000 is special", because there is no year 2000.

    So far so good, right?

    The problem with this is that humans have an (instictive?) desire to attach significance to unrelated objects.. so nobody can say that "year 2000" is important, but they will simply adapt this impulse to the new frame of reference: like "year DEATH", or "year SATAN" or year "ITSTHEENDOFTHEWORLDASWEKNOWITANDIFEELFINE" (this isn't my bit, but paraphrased from something I read a long time ago - my apologies to the original author, I don't remember where I read it.)

    So back to the topic at hand...

    People frequently use the name of their signficant other as a password - so we change the method, thinking it will solve the problem.. but it won't because all you're doing is moving the reference - now instead of using the name of their SO, or "1234", people will pick objects that have significance to them - such as picking pictures which feature their favourite color, or faces of people who look like thier SO.

    And an even bigger problem with this (besides dealing with visually impaired people) is that people will be told "this is more secure than a password", so people will be even MORE inclined to make bad choices, which means that it's worse than sticking with the old way..

    In short, it's an interesting idea, but the techies who came up with it should have run it by the psych department.

  4. My favourite change: on Kernel 2.4.17 Out · · Score: 2, Funny

    From pre1:

    - Speeling fix for rd.c

    Gotta love that sense of humor (at least I HOPE it was intentional :o)

  5. Re:I Loved this bit... on Interview With Microsoft's Chief of Security · · Score: 2

    if you shout fire in a movie theater full of people, most will panic and there will be injuries and maybe deaths from being trampled upon by people.

    And if you go pull the fire alarm, these same people will panic in the same way.

    What's the difference?

  6. I Loved this bit... on Interview With Microsoft's Chief of Security · · Score: 5, Interesting

    (When asked about full disclosure, and publishing of exploits)

    In some cases, it's tantamount to screaming "fire!" in a crowded movie theater.

    Yeah, except there really IS a fire.

    So when there is a fire in a movie theatre, he's suggesting the person who notice it just quietly go and tell the management (who will wait to see if it's really a big fire, and then assign some staff to attempt to put it out), instead of telling the people whose lives are in danger?

    Yeah, GREAT analogy.

  7. Re:Doesn't seem likely on al Qaeda Hacks XP? · · Score: 1

    They have well educated, smart people well capable of getting jobs at Microsoft.

    [sarcasm]
    Doesn't being well-educated and smart immediately disqualify you from working at MS? :o)
    [/sarcasm]

    Sorry, had to be said :o)

  8. Re:This might be very dangerous for a company. on Constructing a Windows-Less Office · · Score: 1

    I can save the file in the old format with a couple of clicks.

    Is this a problem? I mean, really.


    Yes. Really. And the problem lies with you.

    YOU can save in the old format, but most (99%?) users don't know how

    Part of the reason why MS apps are buggy and bloated ... is because they make an effort, ... to retain backward compatibility with earlier formats.

    BWahahahahahaha

    This is completely beside the point, which is why does the file format change in the first place?

    The data exchange problem exists, as you point out, but it is much easier to surmount if you're using MS products than if you're using something completely alien.

    BULLSHIT.

    Stop being a MS Shill/Astroturfer.

  9. Re:Checkpoint SecureRemote v. Nortel VPN client on VPN Clients Not Allowed On Residential Service · · Score: 1

    It's a configuration issue.

    Whenever I use it, no matter if it is here at home or at the office, it will pretty much kill anything not pointing towards the network we were connecting to.

    Most likely it's setting your default gateway to point to the VPN server, and blocking outbound connections there.

    You can probably work around it by modifying the routes by hand after you connect (delete the default route, add a route to the remote network through the VPN adaptor, and add a default route through your normal adaptor gateway.)

  10. Re:Open-source tools for creating a vpn on VPN Clients Not Allowed On Residential Service · · Score: 1

    I've been looking at setting up a ssh-tunnel, is this the easiest way? Or should I look into other tools?

    Unless you can absolutely not avoid it, don't use SSH.

    SSH runs over TCP, which when used for tunnelling, will amplify any problems you have with your home line. TCP is reliable (it has failsafes to ensure that the packets will reach the other end intact) and serialized (the data will come out the other end in the same order it was transmitted), IP isn't, so when you attempt to use other TCP-based protocols (including, but not limited to HTTP, SMB, SMTP, POP, etc..) these failsafes "conflict". (The failsafes include packet retransmission - both TCP tunnels will retransmit the packets if there is a delay or dropped packets - and if the delay is caused by congestion, this means even MORE congestion, which means even more dropped packets..)

    Best bet is to go with protocols that are designed for tunneling, such as GRE/ESP, or an unreliable protocol, such as UDP. My personal favourite is VTun, although it's Unix only (there is no Windows support.)

  11. Re:This is a bug in 2.2.20 on Stable 2.2.x Linux Kernels and Older i386 Boxen? · · Score: 1

    the kernel doesnt make much(any?) use of libc

    Yes, but the compiler does.

  12. Re:How it works on UDP + Math = Fast File Transfers · · Score: 1

    The technique used by Digital Fountain is called Forward Error Correction. It allows a message M with m parts to be encoded into n parts, where n > m

    No, that's called parity, and it's been used for decades. If anything, it's even LESS revolutionary than compression.

  13. Re:Compression on UDP + Math = Fast File Transfers · · Score: 1

    OK, so the sender has to send more data than the original file, the receiver has to receive the same amount as the original file..

    tell me again how this makes the file transfer faster?

    If you're sending more data, you're using more bandwidth - why not just use TCP?

  14. There is a problem with the testing method... on DVD Player Chipsets To Support Windows Media Files · · Score: 2

    The test isn't completely blind - the listeners are told in advance which of the samples is the original.

    In order to be completely blind, the original recordings should have been included in the test, to eliminate listener bias (If one person consistenly rated the original as worse than the encoded samples, then that person's results should be taken with a grain of salt.)

    But it is a far step ahead of the other "test".

  15. Your points? on Another Gaping Microsoft Security Hole Goes Unpatched · · Score: 1

    From the article:

    "Microsoft will patch a flaw in its Web browser...


    Yes, that's correct.

    From the article's intro:

    "Microsoft has known about it since November 19; they refuse to provide any information about when a patch might be made available, if ever."


    OK, I'm still waiting for you to make a point...

    Hint: they still didn't say WHEN; Sure, they've said they WILL, but they didn't give any information about when the patch will be available.

    Looks like the article intro is correct.

  16. Re:TigerDirect security issues on Another $99 Web Terminal · · Score: 2

    I've sent them several emails regarding this security issue, and they've ignored me

    Have you considered posting a bulletin to one of the security mailing lists, such as Bugtraq? Several websites who have ignored private notification have fixed holes after the holes were posted on Bugtraq.

  17. Don't laugh.. on States Filing Alternate Remedy Proposal for MS Anti-Trust Case · · Score: 1

    1. It would only run as root.

    IIRC, the Solaris version of IE would only work (properly) if you ran it as root.

  18. Re:This might be very dangerous for a company. on Constructing a Windows-Less Office · · Score: 1

    When a company switches to 100 percent MS free they might have very much problems to exchange data with their customers.

    Another way to look at it: "When a company uses 100% MS software, they very much have problems exchanging data with their customers because of the forced upgrade path."

    A customer of ours tried to send me a network diagram (created with Visio). None of our Windows computers could open it (even the ones with Visio.)

    The data exchange problem exists whether you use Linux or not.

    The rest of your post is just trollish FUD, which I won't bother to address.

  19. Wrong on Constructing a Windows-Less Office · · Score: 2, Informative

    "Linux is only cheaper than windows if you don't value your time"

    Wrong. Both in the quote, and in your assertion that it's true.

    The quote is actually something like "Linux is only free if you don't value your time."

    Windows costs much, much more, both in initial purchase price, and in administration costs. (Downtime, fixing problems that shouldn't be there in the first place, etc.)

  20. I'm glad I'm not using @home anymore on Most @Home Customers Still Connected -- For Now · · Score: 1

    @home sold my old email address (and probably everyone else's) to spammers.

    I've been using @home for 2 years - I have my own domain, which I (primarily) use for email - I redirect email destined to my domain name to my "real" email account (I'm sure lots of people here do the same thing.)

    About 2 months ago, I started getting TONS of spam - before then, I would get one or two spams every month - since then, over 90% of my email was spam.

    Turns out that the spam was directed to my @home email address - the same email address that I'd never given to ANYONE (I ALWAYS use my domain name.)

    My cable company dumped @home, and since I've switched over two weeks ago, no more spam.

    My guess is that @home sold their subscriber list to raise some cash. (my old mailbox name is essentially random letters and numbers, so it's doubtful I got caught in a rumplestiltskin attack.)

    As far as I'm concerned, @home can rot in hell.

  21. My Story on 3Com's 10/100 Switching... Wallplate · · Score: 1

    The office next to us was undergoing renovations for new tenants; one morning our phones all go dead.. everyone (especially the sales guys) is in a panic, because every phone is dead..

    A few minutes later, a guy in overalls comes in and says "do your phones work?" We tell him no, and ask if he knows what happened..

    He says "Well, I was doing some work next door, and I ran my saw through these wires so I could put in some new drywall. Gosh, those wires sure didn't LOOK important!"

    The Darwinist in me wishes they were electrical wires, instead of telephone.

  22. Re:Wha?!?! on Apple Cease-And-Desists Stupidity Leak · · Score: 1

    EULAs are "signed" whenever you open a piece of software

    The point is that the letter claims you've "signed" it when you bought the software (not when you've opened it.)

    But the REAL point is : what if they guy clicked "I DO NOT ACCEPT" (or whatever it said), and then proceeded to modify it?

  23. Wha?!?! on Apple Cease-And-Desists Stupidity Leak · · Score: 1

    Apple's license agreement, which you accepted upon purchasing a copy of the Software

    Huh?

    So Apple makes you sign a license agreement when you buy their software? (you're not actually BUYING it, they're giving it to you for free!) Never seen that before.

    If there's a "click-wrap", how do they know the person posting this info to the web is the same person who clicked "Accept"?

    Sounds fishy to me.

  24. This is a bug in 2.2.20 on Stable 2.2.x Linux Kernels and Older i386 Boxen? · · Score: 3, Informative

    It's not your computer, it's 2.2.20 I've had the exact same problem with every build I tried. 2.2.19 works fine, and "make bzImage" works fine. However with the exact same config, 2.2.20 "make zImage" hacks when booting with an "out of memory" error. (On machines with 64 t0 256MB of RAM, kernel built with both glibc and libc5.)

    Two solutions:
    Run 2.2.19, with appropriate security patches.

    Use "make bzImage" instead.

  25. Re:Hate to state the obvious but on Ask Ed Felten About Watermarking Analysis And More · · Score: 1

    Imagine for a moment that I post the magical Triple-DES crack on the Internet. Wham, bad guys now have access to everything from credit card numbers to troop movements.

    Ehrm, No, they don't. (Even assuming that 3DES was used to encrypt this information.)

    They have the potential ability to decrypt the information if they already have the access. Being magically able to decrypt a specific protocol doesn't mean that you automatically have the information to decrypt.

    I have no idea about troop movements (but I somehow doubt that they're being broadcast on some civilain-network) but in order to decrypt SSL (to get credit cards), you still need to be able to listen to the packets during transmission - which (for anyone outside of a NOC) is extremely difficult. I'm guessing that troop movements would be similarly hard to get access to.