Slashdot Mirror


User: Just+Some+Guy

Just+Some+Guy's activity in the archive.

Stories
0
Comments
11,329
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 11,329

  1. Re:okay that was freaky... on Quantum Random Numbers For Download · · Score: 1
    my base rate salary

    For what unit of time? If per week, give me a call. If per year, how's that Ramen taste?

  2. Re:Single point of failure on Quantum Random Numbers For Download · · Score: 1
    Want to compromise any cryptographic system that uses this "pure" RNG? Man-in-the-middle the data connection, or just spoof DNS/IP addresses. Suddenly, you're in control of session key generation...

    Using this as the sole random source is criminally negligent, but I see know reason at all why you couldn't use it an yet another input source for a local PRNG. Even if this source were completely 0wn3d, it wouldn't decrease that amount of entropy in the user's pool - it just wouldn't add to it.

    In much the same way, someone monitoring my network could theoretically predict the stream of information that my FreeBSD server is pulling from one of its interface's interrupts. That doesn't make my PRNG less secure than if I weren't using that interrupt as an entropy source.

    Randomness is good. Compromised randomness as a discrete entropy source to a well-designed PRNG is not bad for the system, it's just less good.

  3. Re:the story behind the story... on RMS to Move Into Bill Gates Building Today · · Score: 1
    But it gives the employer new abilities while not diminishing the abilities of the employees, and I don't see that as a bad thing. I guess my main question is this: what rights or capabilities to the RFID keytags remove from the employees (or in the case of RMS, squatters) that they should reasonably expect to have?

    I like RMS. I appreciate what he's done, and agree with even his strongest statements 99% of the time. He even sent me a personal reply when I emailed my first child's birth announcement to him. Having said all that, this is one of those 1% of the times when I understand that he's campaigning for a Freedom, but I just can't tell which Freedom is being infringed.

  4. And here's how I'd block you... on Online Publisher Blocks LinuxToday Referrals · · Score: 1
    ...if I wanted to be a 'referer' jackboot:

    Put a nonce in the URL of each page you view, like:

    http://slashdot.org/comments.pl?nonce=deadbeef
    Then, every time you'd click a link, I'd do two things:
    1. Verify that the nonce in the HTTP_REFERER is valid, then delete it from the "current session" database.
    2. Generate a new nonce and append it to the end of every internal link rendered in the new page.
    Alternatively, I'd start each page by looking for a session cookie, and if one doesn't exist, then you get a picture of a naked fat lady or something else not typically desirable.

    Your idea is simple, elegant, and trivially easy to defeat by any webmaster who really doesn't want you deep linking into their site. Is that a stupid thing for them to do? Yes. Will that stop a gang of dedicated idiots? No way.

  5. Don't block tcp on port 81 on Nasty New Virus Variants · · Score: 1
    There is one firewall setting that offers reasonable protection from outside attacks: block by default. If you're technically competent enough to be configuring firewalls, then there's no excuse at all for rejecting all incoming connections except for those you explicitly want to allow.

    Don't just randomly block ports that new worms happen to exploit. It's overly complex, not future-proof, and is a pain to keep updated.

  6. Re:the story behind the story... on RMS to Move Into Bill Gates Building Today · · Score: 3, Interesting
    Privacy concerns aside, mechanical locks are established technology that works reliably.

    I have some sympathy to that view, but I can also see the counterargument. My company just moved into a new building with a freshly-installed RFID key system. All employees had to hand in their old metal keys to the old building and get a new card or keyfob (their choice) to get into the new building.

    In our application, the new keys increase security and increase trust of the employees. First, a metal key only supports authorization, not authentication or accounting (one "A" of "AAA"). It can let people in, but leaves no record who or when it allowed to pass. There is an obvious security advantage to RFID keys.

    However, they also build a more trusting environment. If anything comes up missing overnight or over the weekend, it's trivial to know whom to start talking to - there's no shadow of doubt over the rest of the company. Since keys can be revoked at will, even new employees can be given the keys to the office without a loss of accountability, and lost keys can be disabled immediately.

    I don't see any real downsides to the new system. It's easier to use (no fumbling for a specific key during bad weather), gives more control to the employeer, and gives more access to the employees. I respect RMS' opinion, but I just don't really agree with it here.

  7. Re:Andreesssen - Why I'm an idiot in 103 words. on Andreesssen: Why Open Source Will Boom - in 103 Words · · Score: 1
    It's kinda like getting political backing from Nixon.

    On the other hand, that particular endorsement may carry some weight with John Edward and Shirley Maclaine followers...

  8. Re:DivX popularity on Xiph Releases Ogg Theora Alpha-3 · · Score: 1
    Xvid is GPL

    ...which is, by itself, enough of a problem to hinder uptake. Proprietary manufacturers can use the Vorbis codecs (under a BSD license) in their products without having to open their code. They can't legally do that with the GPL'ed Xvid (remember, GPL != LGPL).

    I use a Free Software-only workstation, but I have zero expectation of buying a hardware media player and getting access to the source code.

  9. Re:Speaking of the cost of addons... on Why iPod Can't Save Apple · · Score: 1
    I'm not paying that much money for any portable music player, much less one that locks me into Apple

    I'd never pay that much to be locked into a particular vendor, either. Good thing that iPods can sync against MacOS, Windows, and (most recently) Unix, and that they can play both Apple's proprietary files and MP3s. Whew, dodged a bullet with that one, didn't they?

  10. I *hate* OSNews reviews on OS Review: NetBSD 1.6.2 on SPARC64 · · Score: 5, Insightful
    Why, oh why, do I keep letting myself be suckered into reading these piles of drivel? I know I'll lose an IQ point every time I do, but I just can't keep from looking.

    For example, I have no idea why you would ever not use pkgsrc (or ports) to build packages whenever possible. The reviewer goes on for half a page about his troubles compiling OpenSSL from source. No kidding? That's why we have pkgsrc and ports - someone else has already solved all the little problems for you!

    Likewise, he's incredulous that his locally-built package using uber-elite optimization flags runs faster than the downloadable binary package. Frankly, that's like being amazed that a locally-built Debian package may be faster than the generic i386 package that you can download.

    I honestly don't know why they label these diatribes as "reviews", when they should be called "a day spent with a system I don't understand".

  11. Re:American Education Period.... on 'Civilization on Mars' Claims Debunked · · Score: 4, Insightful
    snake oil

    You realize, of course, that you're able to use the term "snake oil" because its salesman were so common (and presumably at least a little profitable) that everyone knew what it meant.

    In other words, back when people really were selling snake oil, there was a large enough percentage of the population who were willing to buy the stuff that it actually had a market.

    There have always been stupid people, and each generation has always thought that the next was headed toward certain doom. Just something to think about.

  12. Re:Err Darwin? on Broadband Access Leading to Internet Breakdown? · · Score: 1
    Yes, until a worm can "mutate" randomly into different strains, and if some of these mutations prove to be beneficial, then we have Darwinian evolution.

    Since you put it like that, what's the major difference between random mutation and virus development?

    • Ultraviolet light causes random mutations - some h4xx04 makes random edits.
    • Some mutations are fatal and cause the organism to die - some code won't compile and gets replaced.
    • Weakening mutations inhibit propagation - weakening mutations inhibit propagation.
    • Strengthening mutations increase propagation - strengthening mutations increase propagation.

    The main difference is that random radiation from a nearby star is replaced by the soft glow of a CRT in some kids' bedroom. Other than that, they look pretty similar to me.

  13. Re:Meanwhile, MySQL does transactions on New SQL Server Release Slips to 2005 · · Score: 1
    I have no idea whether or not MS-SQL's ability to store characters in a variety of different sets is part of the SQL standard, ASNI 92 or otherwise, I am merely selfishly interested in the fact that it is a common feature available by default to MS SQL users, that is not available in any useable format to Postgres users.

    The point is, though, that you could make the same argument against Mozilla for not supporting the non-standard extensions to Internet Explorer. It's not that those extensions are inherently bad, but that they're not standard, and exist mainly to lock customers into a Windows solution.

  14. Martian "Star Wars" on UFO Streaks Through Martian sky · · Score: 1

    It was a misfire of Mars' Strategic Defense Initiative to intercept incoming ballistics. Still, you have to admit that they've been pretty darn accurate so far.

  15. Re:First get your arithmetic up to scratch on Improving Your Mental Math Skills? · · Score: 1
    I picked up that habit when I was a pizza delivery driver at a store that involved a lot of miles on underused freeways to distant customers. One night, I realized that I was almost halfway into my shift, and wondered what the ratio was of (time worked) / (time left). Solving that using integer number of hours was interesting for about a night or two (I mostly smoked and played my radio loudly on these long drives and didn't spend too much time being intelligent).

    I quickly upped the accuracy to (minutes worked) / (minutes left) and good pretty good at solving those problems to two decimal places. Then, I challenged myself to increase the precision to three decimal places, and to solve each problem in under one minute (so that I always knew the correct answer to the closest minute). That led to additionally tracking the difference between subsequent values - in other words, calculating the numeric value of the derivative.

    Now it's just reflex to multiply or divide any two 3-digit numbers I see, but it took years of geekery to get to this point. I picked up a lot of handy shortcuts, such as the fact that 7*11*13=1001, so that dividing by 77 is nearly the same as multiplying by 13 and moving the decimal.

    Sorry ladies, but I'm already taken.

  16. Re:Best way on Improving Your Mental Math Skills? · · Score: 1
    95*23

    I factor stuff quickly. I'd see that as (19*5)*23, or (19*23)*5. If I hadn't memorized that 19*23=437 (yeah, I memorized the multiplication tables through 200, I'm a geek), then I'd calculate that as (21-2)*(21+2)==21*21-2*2=441-4=437. Tack on the "divide by 2" trick to multiply by five and you get 2185.

  17. Re:Explaining the difference... on Anand Reviews Athlon 64 FX-53 · · Score: 3, Interesting
    arctic silver compound

    Just for the record, you do know that it's a very good insulator, and that if you have more than just a bare film of the stuff then you've basically wrapped your CPU in a sweater, right?

    Perhaps you do, but it seems like Arctic Silver is the computing equivalent of low-profile tires: if a little bit is good, a whole lot must be better! It's almost the computing equivalent of a whaletail on a Sentra, although some people do actually use it correctly and see some benefit.

  18. Re:Why does it have to change? on Modernizing the Save Icon? · · Score: 1
    Names and icons don't have to be literal to have meaning: floppy disks aren't really floppy anymore, are they?

    Furthermore, when was the last time you asked saved to a floppy instead of some path on your drive or network?

    Having said that, I was amazed last week when I sent a copy of my Quickbooks ledger to my accountant via email, and his secretary was having a hard time receiving it. Why? Because she was saving the attachment directly to floppy, then going into My Computer, opening the A: drive, and dragging the icon out onto the desktop, and my file was just barely smaller than a completely empty floppy. Nice lady, quite smart, and otherwise very good at what she does. In other words, a perfect target for heckling when I next see her in person.

  19. Re:Floppies on Modernizing the Save Icon? · · Score: 1
    If you're involved in an accident that will break the cd in your pocket or purse, you should be worrying more about your spine than your lost data.

    I had the same conversation with a cow-orker regarding my choice of a shock-proof neoprene hip case for my Palm instead of a Titanium crush-resistant bomb-proof data-flight-recorder style unit. Basically, I can foresee dropping my Palm and needing some impact absorption, but if something attached to my hip ever needs to be encased in titanium to avoid damage, then I have other things to worry about - such as the steamroller parked on my ribcage:

    "Yeah, that semi-truck really did a number on the poor guy. Good thing his widow can still play Bejeweled, at least once we dig his Palm out of his liver."

  20. Re:Yet another modern feature added to *BSD on SMP On OpenBSD, Coming Soon · · Score: 1
    There's not a lot of crypto going on if I'm on the local machine from the console.

    You'd think, but you'd be wrong. From Cryptography in OpenBSD, a PRNG is used for:

    • Dynamic sin_port allocation in bind(2).
    • PIDs of processes.
    • IP datagram IDs.
    • RPC transaction IDs (XID).
    • NFS RPC transaction IDs (XID).
    • DNS Query-IDs.
    • Inode generation numbers, see getfh(2) and fsirand(8).
    • Timing perturbance in traceroute(8).
    • Stronger temporary names for mktemp(3) and mkstemp(3)
    • Randomness added to the TCP ISS value for protection against spoofing attacks.
    • random padding in IPsec esp_old packets.
    • To generate salts for the various password algorithms.
    • For generating fake S/Key challenges.
    • In isakmpd(8) to provide liveness proof of key exchanges.
    Several of those (random PIDs, for example) directly impact local system performance, particularly on something fork-heavy like a large build. OpenBSD gives you strong randomness in places most people never even thought to look for it, but you have to pay for it.
  21. Re:Yet another modern feature added to *BSD on SMP On OpenBSD, Coming Soon · · Score: 1
    I sincerely appreciate the pointer. I'd seen crypto cards selling for multiple thousands of dollars and had assumed that this was something beyond my reach. I'm very pleased to be proven wrong. :)

    I'm using an older Alpha with FreeBSD as a firewall (OpenBSD explicitly does not support that particular model), and if that card is compatible, that may make a nice upgrade for the little server.

  22. Re:Yet another modern feature added to *BSD on SMP On OpenBSD, Coming Soon · · Score: 1

    So, you actually own one of these? It works as advertised? Which model, and where can you get them?

  23. Re:Yet another modern feature added to *BSD on SMP On OpenBSD, Coming Soon · · Score: 2, Informative
    Add to that the fact that a BSD system will not automatically upgrade your /etc, then you have the best reasons that say, a Debian box is easier to maintain.

    Qualify that: FreeBSD has had "mergemaster", which semi-automatically upgrades your /etc (and even walks you through merging changes) for a long time. I'm not sure with Open and Net haven't imported it yet, or at least hadn't when I last looked, but at least one BSD currently enjoys easy /etc upgrades.

  24. Re:Yet another modern feature added to *BSD on SMP On OpenBSD, Coming Soon · · Score: 3, Interesting
    OpenBSD is hardly the leader of the pack as far as performance goes.

    I think it's pretty fast, given that it's doing much more than most other systems. All that crypto and random goodness doesn't come for free. From "Practical Cryptography": "There are already enough fast, insecure systems. The world doesn't need another one."

    Even on UP systems, it's still slower than almost everything else in key areas (disk performance being the big one).

    Have you tested that with softupdates enabled? OpenBSD's default disk performance reminds me of FreeBSD's old performances before softupdates became a standard setting. It's another security-vs.-performance tradeoff: the BSDs mount their filesystems in synchronous mode and highly discourage using async, while most Linux systems use async by default.

  25. New class of OSS on Mozilla Cracks Down On Merchandise Sellers · · Score: 1

    We have Free As In Speech, and Free As In Beer. Could Firefox be filed under a new category, Free As In Qmail - you can download it and alter it, but if you call it Free Software on Slashdot, then 100 people get to loudly correct you?