Slashdot Mirror


User: v1

v1's activity in the archive.

Stories
0
Comments
4,784
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 4,784

  1. Re:It's visible in Europe too! on U. Washington Crypto Course Now Online for Free · · Score: 1

    btw, that's more commonly referred to as a "one time pad". I rather doubt most people have heard of it referred to as "Vernam cipher ".

    For unbreakability, if used properly, yes, a one time pad is effective. In reality though, this relies on the repeated exchange of a codebook, and in that case the frequent need for physical exchange between the parties produces more risk and opportunity for exploit/discovery than it's worth.

    Any attempt to generate the pads without physical exchange via a formula etc just reduces the security of the system by introducing analyzable patterns that can be used to break the formula and thus break the pad.

  2. Re:It's visible in Europe too! on U. Washington Crypto Course Now Online for Free · · Score: 1

    I would be willing to bet that there is a "classified rule" in that educational system, "thou shalt not teach of crypto that we are as yet unable to break".

    Better to sell locks to which you already posess the key.

  3. Re:INSIDE URL 13-37 on Choose Your Own Adventure Books Return · · Score: 2, Interesting

    HAH! I was looking for someone to post about that! (and wasn't it page 107 or 108?) I wanted to find how to get that ending so I went page-by-page three times through the book looking for the page that refers you there.

    Did you know, there is no page that directs you to that ending?

    They are very serious when they say you did not get there by making a choice. You had to turn to the wrong page to get there!

    What got me started looking is one day I found myself at that ending and was tearing my hair out trying to remember the previous page number. (when you read those books, you just don't remember the previous page, you're too focused on finding the next page to remember it - the "cheaters" would leave a finger in the previous page in case they made a "bad choice", though sometimes the "bad choice" would not turn ugly for a few more pages and then you were just going to have to start over)

  4. tech support too? on Apple Pulls Out of India · · Score: 4, Interesting

    the software and support will be completely pulled out

    I wonder... I am an apple service tech and we have lost our dial-in support for service assistance in leu of an ichat-like support from... you guessed it... India. I talk to Chetan quite a lot but the names are very clearly all Indian. (they don't do like some tech support places, where you get someone with a hip-deep Indian accent who introduces himself as "Greg". Ya right...) A few times I've asked them where they were located, and it was of course some city in India. They do seem to be "otherwise occupied" when I chat with them, with 3-10 minute "ping times" on their answers being common. I also asked one of them one time, how many people are you chatting with right now? He says NINE. wow. Indians apparently have one thing on me, an amazing ability to multitask to the extreme.

    While the people we are chatting with are actually quite capable and do a good job, they are being pushed much too hard to offer the level of service we were used to by the US reps on the phone. I don't know if that's Apple demanding it, or the Indian phone support business offering a no-questions-asked calls-taken-per-hour rate.

    I seriously wonder though if this includes the service support also. I would like to see it go back to the old ways. If they are doing it, I would not be surprised if it were based on the feedback that they are receiving on their quality of service. "Sweatshop" work is never high quality.

    If it's just the customer support that's being moved back, best guess would be the customers do not like talking to someone that they clearly can tell is not even in the same country. I know it slightly irks me when I call some support/help number and get someone from India. (why is it always India? why can't it be Russia or Japan or Africa?) I think that even if the person on the line is knowledgeable and helpful, knowing it's someone from India (or any other country really) tends to put people in the mindset that they are not receiving high quality support, possibly because they know that the support person is probably receiving a very small wage compared to what it would be in the 'states.

  5. Re:Investigators liability? on The Pirate Bay Is Back Online · · Score: 1

    I don't know how it typically works in Sweden, but in most parts of the world, law enforcement has free reign to trounce and trample on everyone's rights in the name of "pursuit of justice", whether or not justice is eventually delivered as a result. The are rarely if ever required to make restitution for the inconvenience and expense they cause.

    In most countries, once your hardware gets seized it can be very difficult or just outright impossible to recover your property, and certainly not in a timely manner. You read about stories all the time in the US where someone for example gets their car seized as part of a raid, and before the owner can get the courts to force it back to them, it's already been sold at a government auction. In most of these cases the owner of the property was completely uninvolved, it could have been a car just parked at the curb in front of the house as the owner was happened to be visiting a friend across the street that day.

    The scope of this seizure is absurd. The whole point of a raid is to remove evidence of a corroborated crime, not to grab everything in in the building. The seizures I'm familiar with require probable cause, and a warrant for seizure that must be specific about the items/persons to be seized. I wonder if this was a "carte blanch" seizure, in other words, "we take everything in sight"?

  6. but isn't that... on MS to Launch Paid Security Subscription Service · · Score: 1

    how it's always supposed to work?

    Windows Live OneCare works continuously, automatically, and quietly in the background on your PC,

    I am insulted that they would expect me to pay this extortion for what should be a basic standard feature of the product.

    That's like paying Ford an extra $50/yr so your tires are less likely to fall off.

  7. the whole idea of patching on Oracle Exec Strikes Out At 'Patch' Mentality · · Score: 1

    It's a way for companies to shave money. When you are a business selling blenders, if your blendmaster 2000 has an issue, you ignore it. Fix it in the next model. If your Ford has an issue, you might recall it, but that's extremely expensive. What about software? Bug? Lots of bugs? Don't worry about it! We'll just patch it in the 1.01 release! Oops, more problems, here comes 1.02!

    Software developers use The Patch as a way to get a product to market before it's ready. Shareholders don't see this, and they just assume when it goes GM they have their bankroll. Then a month after the main release, their developers are still working feverishly to "complete it". This process contunies for many months. It's borrowing from the future to secure the present. And six months down the road when you are STILL patching it and are not getting a lot of income on sales anymore what do you do?

    "That'll be fixed in version 2". Just keep pushing off the work. Hold the carrot out in front of the customer, "This next one will be better! All those problems we just never fixed in vers 1 are fixed in vers 2!" Of course version 2 comes with its own different breed of bugs, just as annoying, and those too will only partly be fixed by the patches. Hang tight, here comes version 3! This time we promisee we'll have all the features working that we introduced in version 1 (that were completely broken token offerings) when you bought it.

    Yes, I'm a little bitter on the subject. For the most part it's a scam. Bait and switch if you will. Buy our product today and maybe tomorrow it'll work as advertised. Why do we put up with it?

  8. Re:tit for tat? on Symantec AntiVirus Hole Found · · Score: 1

    Look on the bright side of that though... they are digging up all the dirt and skeletons from each other's secret vaults. We all know that "security through obscurity" is a farce, so this forced openness can only help us, the consumer.

  9. Re:AntiVirus is for Newbs on Symantec AntiVirus Hole Found · · Score: 2, Insightful

    Daily backups are the key. And not Whole Fucking Hard Drive Backups like most insane backup programs want to do. Backup your damn documents and data.

    It's possible to have the best of both worlds. Use a free app like Rsync and the first run, yes it will be a full backup. Once it has completed that, the next time you run it, it only updates the backup to match the changes you've made to your hard drive recently. In most cases it only needs to move a few megabytes. The compare process takes about 5 minutes for a 160gb HD, and in most cases the sync that occurs afterward takes about 2 minutes. No catalog sets, no databases to get corrupt or need reindexing. (retrospect comes to mind immediately...) Fast, effortlessly networked, and yet works as a full backup for very easy restores.

    I rsync my flash drive (4gb) to my laptop (160gb), and my laptop to my server. It's very comforting knowing my laptop's HD is fully backed up at least weekly, as my life is on there. ;)

  10. Re:Consumer versions not affected on Symantec AntiVirus Hole Found · · Score: 1

    I'm going to guess wildly here after seeing this only affects corporate, and say that Norton, in their infinite wisdom/paranoia, set up one of those "networked license verification" systems, where a product, once installed, broadcasts on the network to find copies of itself to compare license codes with. It then sets up a listener of its own to listen for other copies broadcasting, hunting for duplicate or too-many-user licenses.

    Then the listener code is bugged and has a hole in it, and now, courtesy of Norton, you have now INSTALLED a back door on your system.

    Lovely.. Just lovely.

    There oughtta be a law against companies being able to install listeners on your machine without your explicite consent.

  11. "don't do that! I don't like that!" on IL School District to Monitor Student Blogs · · Score: 1

    That seems to be a major theme in today's society. You can't do that. Why? Because I don't like it.

    No one should have any say in what I do as long as I don't vioate your rights. And sorry, doing something you don't approve of does not violate your rights. You do not have a right to tell me what I can and cannot do.

    That's all this is... you can't do that because I don't like it when you do that. Who are the children in this case? The students, or the school board?

    Makes me sick.

  12. it's up to the instructors on What Should One Know to be Truly Computer Literate? · · Score: 1

    As poster points out, learning one piece of software (or one group of software) well does not provide you with a well-rounded education in computers. The key here is to require diversity.

    Teachers can do this by creating say, five projects per semester, with similar goals, and require that the students or teams use different software to solve each of the five projects. Then give a sixth project where the students can use any of the software they choose to.

    This gives the students the chance to sample several different solutions/softwares and gives them a more open perspective as to what the right tool for the job is. In the end, they can take what they have learned throughout the semester and apply that knowledge to picking the best solution for them for the last project.

    When the last project is presented, the team should have to do a short discussion of what decisions factored into their choice of software. It's always interesting to listen to these presentations, because the students always find out things that even the instructor had not foreseen. Sometimes tools that would seem the least useful to a task happen to do something differently and when properly applied, makes difficult tasks almost trivial. (consider towers of hanoi problems... now use a "clumsy" language that is built around recursion, and what, you solve it in 3 lines of code!)

    When all you know is MS Office, you fall victim to "when all you have is a hammer, everything looks like a nail".

  13. plan of attack on Pact Not to Use Image Constraint Token Until 2010? · · Score: 1

    It sounds like this is a very obvious attempt to sneak DRM-laced units into 80% of consumers' living rooms, then they "throw the switch" and suddenly almost everyone's hardware is crippled. There ought to be a law that the manufacturer can't cripple your product after you've purchased it... they should get sued for destruction of private property.

    But then that's getting back to the completely retarded idea of how manufacturers want to sell you something, and still be the one in control over and owner of it. That's how we got this thing called "licensing". The most ideal situation might be getting licensing declared illegal, that'd be a nice trick but would help the consumer on so many fronts.

  14. Re:Reporting vulnerabilities safely? on Reporting Vulnerabilities Is For The Brave · · Score: 1

    2) Boot with knoppix, change mac adress.

    BTW, you can do that with MAC OS X 10.4 and later. My wap logged me at 00:00:00:00:00:00 :)

    (it will let you change the ethernet adapter too)

    Just the usual terminal command...

  15. Re:Again, is it IM's fault? on New IM Worm Installs Own Web Browser · · Score: 1

    But it can only create startup items for that user.

    The vast, vast majority of machines out there are only used by one person, or used for the majority of the time by one person.


    Incorrect. I repair computers for a living, macintoshes, and the guy sitting behind me repairs windows boxes for a living. On average, we see 1 computer in 3 that has only a single account on it. On the average, most machines we see have two accounts on them. We occasionally see machines with five or more accounts.

    This indicates the problem isn't merely the existance of the viruses, but the system's complete inability to restrict them.

    No, it means an infection has come via an account with elevated privileges, or all the accounts have been infected individually.


    In windows, almost without exception, everyone has elevated privledges. Worse yet, they have them at all times, not just after they have authenticated. (as is the case in OS X) This means once the virus gets running, it has run of your entire machine, unrestricted. As far as windows is concerned, you double clicked it (or it THOUGHT you double clicked it... see "spyware") so it's running with your privs, without authentication or confirmation. This is a problem!

    You cannot blame viruses on virus writers, you really have to blame it on Windows.

    Windows has just as many - more, if anything - facilities to restrict users as the typical unix. The *technical* problem is not with Windows.


    Educating the user is part of Microsoft's responsibility. Try to buy a 50w laser sometime. You can't do it. They won't sell you one, not until you have passed tests and gotten certified with them. Computers have no such restrictions, any twit can buy a machine and make a mess with it. This in and of itself is not a bad thing, but the problem is they are marketing a product to people that they do not require to be educated about the product, and at the same time it's a product that by design cannot be used properly without education. I call that behavior "neglegent". (they could fix the problem by changing either of those behaviors) They are setting up the consumer for a fall, they know it, and they really don't care so long as people keep shelling out the money for more product.

    I can't buy a 200w radio transmitter either. I have to have a license to show that I am competent with it and will not deliberately or accidentally use it to hurt or disturb other people. If transmitters were like computers, nobody would be able to watch TV, listen to the radio, or use their cel phone because there would be too many idiots out there ruining it for everyone. And you would blame the consumer?

    So do I support a requirement for minimum competence before purchase of a computer? Actually, yes that would be a good idea. Will it ever happen? Of course not! People demand their right to be annoying.

  16. Re:Disable automatic execution even with a dialog. on New IM Worm Installs Own Web Browser · · Score: 1

    Apple: Dont' "open safe files after downloading"... there are no "safe files".

    If I had some mod pts that would have gotten you some karma. Best quote I have read all day.

  17. Re:Trusted Computing on New IM Worm Installs Own Web Browser · · Score: 1

    With OS X, you can, as an admin, set another user as a non-admin, and set them as "limited". There are several categories of limits, one of which is to only allow them to run applications that are in a fixed list. You can also lock their dock and put just the things you want them to run into their dock, so they are always there, cannot be removed accidentally, and they know right where to look for all the things they can play with. Since they are not an admin, they cannot hose the system. Since they cannot run anything except what you've put in their dock, they cannot hose their account.

  18. Re:I know where this is headed on New IM Worm Installs Own Web Browser · · Score: 1

    Seeing as 99.95% of the spyware popup installers are ONE BIG INSTALL BUTTON, including the "no", "cancel", and little red "x" in the corner, (the whole window is one giant button with a picture of the window as its graphic) I would be less surprised in the result. I would be willing to wager that, seeing an unknown popup appear saying it wants to install something, 98% of the people surveyed would click in the window, either on the "install", "cancel" or the "x", of course causing the malware to download and run.

  19. Re:Again, is it IM's fault? on New IM Worm Installs Own Web Browser · · Score: 1

    2) Malware sets itself to start at that user's privileges when the user logs in.

    But it can only create startup items for that user. At least in theory, with Vista or any non-windows OS. The PC tech where I work curses up a storm when he gets in a virus-ridden machine with like 7 accounts on it. He has to clean each and every one of them because the malware/virii have infected all accounts on the system. This indicates the problem isn't merely the existance of the viruses, but the system's complete inability to restrict them. You cannot blame viruses on virus writers, you really have to blame it on Windows.

    Sort of reminds me of a bank that just takes their credit card and bank account recipts and dumps the paperwork out in the back lot, to blow in the wind. Criminals and identity theives pick up the papers and use them. Who is to blame for the identity theft and fraud? Sure, the criminals did it, but the bank was the cause of the whole mess in the first place, and their gross neglegence lead to the problem. If you make it that easy to do something illegal or just downright irritating, you should be held primarily responsible.

    Windows security is like if Ford made cars that have problems with the wheels falling off. After ten years of cars with wheels that just fall off for no good reason, they finally promise THIS TIME the wheels won't fall off the new model. I'd say they've already had the chance, I'm tired of chasing insincere promises.

  20. Re:GMA950 graphics, bah! on Ars Technica Reviews the MacBook · · Score: 1

    There are people looking for portable power for things other than games y'know.

    Though some of them are askinng a bit much. Saw a customer last week looking to "speed up" her new (3 wks) ibook. What was she running? Photoshop, Final Cut Pro, Aperature, etc. She bought the ibook without having a good clue what she needed, and was astounded at how slow the ibook ran those pro apps. We set her up with a DP G5 and she's a world happier.

    If portability had been important to her we would have reommended a powerbook, but for her needs a desktop was going to be better in most respects. When you're doing renders, gettinng them done in 45 minutes as opposed to 3 hours dwarfs the lack of portability issue reeeeeal fast.

    Now if we had something that would compete with the desktop G5's in a portable form factor, she'd have probably preferred that instead.

    One thing I like the powerbooks for is that if I buy a high end machine, it will last me between 3 and 4 years before I am thinking of upgrading it. Most laptops cannot be upgraded and have to be replaced, so buying high end to start with ends up saving you money in the long run. I know several people that go as cheap as practical on a desktop, and they are on a 18 month or 2 year replacement schedule... where's the savings there? You never have high end, and you have to put as much money into it as I do on a yearly average. I game occasionally on my laptop, and it's graphics is adequate. I don't get like 200fps but that seems excessive anyway. If I can get 40fps I am happy. My TV can't even pull that. If you need higher FPS, try reality instead. ;)

  21. the little items on Giant Paramount Auction of Star Trek Items · · Score: 2, Insightful

    There are basically two variety of memorobilia collectors... those that want the big things, like the captain's chair or a wardrobe item etc, and the people that look for the little nicknacks. Probably the wisest collector would go for the little items, as they can have more of them and display them easier.

    Hmm... I'm not a big trekkie but I can think of a few items that would be nice. That flue of Picard's would be nice. Maybe a few isolinear chips. A comm badge. (STTNG please, those from the movies are gawdy!) Or that huge hunk of crystal dilithium that was in the enterprise's warp core.

    Get a bunch of the touch pads from the doors or holodecks and use them for light switch wall plates. :)

    And of course the computer display props. From what I've read, most of them (the ones that were not animated) were backlit reverse-glass paintings. Those would make awesome wall decorations in a chosen room of the house, hang 'em like paintings.

    I also hear the props in the captain's ready-room are very popular. hah... remember the episode where the enterprise had an alien computer virus and picard ordered tea and got the teacup with the what.. bird of paradize flower in it? "now THAT should not have happened!" That would be a fun one to have.

    Probaly the most fun props to have are the ones that not many people will even be considering.

    Though previous poster is right, that flute is going to go for a lot more than $300. I'd expect it to draw $1500-2500. Key props from emotional/memorable episodes are bound to go for a mint.

  22. Re:Bobby on the couch on London 2006, Meet London 1984 · · Score: 1

    Even if all they do is sit in their sofa all day long, they can still be witnesses. How many crimes occur where the police go door to door and "nobody saw anything"? This has to severely frustrate the police when a crime occurs in a crowded place and no one will come forward to testify or provide information.

    If you have 50 people watching the video that eliminates the need to keep acres of VCR tapes or DV, you can just ask the witnesses. Assuming they watch that "channel" frequently, they may very well recognize the suspects and be able to provide additional details that would take a police analyst weeks to discover by pouring over old tapes.

    This is an excellent way to put the public back into law enforcement. And witnesses don't have to be afraid that the suspect saw them witness the act and be afraid to provide information or testify, so that provides a layer of security for the anonymous witness to truly be anonymous.

    If you're already in a public place, can you really complain about a camera being on you? What's the difference really? Just someone watching you that you cannot see, but does that affect your behavior? (should it?) How many people saw you today? Hundreds? How many do you remember seeing you? ten? Does it really make a difference?

  23. Re:extortion? on Apple Patch Released, But Is It Enough? · · Score: 1

    Possibly a very good point, but I would be interested to see the statistics of bugs found per month in windows vs bugs found in OS X, of the "remote exploit" / "remote execution of arbitrary code" variety. If you don't want people running around screaming their heads off over your bugs, it's necessary to have at least a little dilligence in trying to prevent them from happening in the first place, and I seriously question whether microsoft makes an honest effort. Not that this justifies premature release of exploit information, but I believe in that case it should be expected nevertheless.

  24. Re:quid pro quo - US Retention Law is the Next Ste on U.S. to Gain Access to EU Retained Data · · Score: 2, Insightful

    And how do you know that hasn't already happened?

    Do you really think they'd make such a development public, rather than classifying it as "undisclosed for reasons of national security"?

    The purpose of "national security" used to be to protect the citizens from foreign agents. Now it's merely a political tool to protect the politicians from their own citizens.

  25. Re:The logic escapes me on Convicted Hacker Adrian Lamo Refuses to Give Blood · · Score: 2, Informative

    ok, google. first hit.

    Organic extraction of aged human nail material yielded a sufficient quantity of DNA for successful mtDNA sequencing; however, STR analysis was unsuccessful.

    Translation: we could find traces of DNA, but not enough to identify the person. To use something for identification in a criminal case requires that it be very reliable and very unique. In a test group of 15 they could not identify the owner in all cases. How are you going to pull that off when you are searching a 10,000 person database?

    DNA is most reliably harvested from living cells. (try your google on that) There are no living cells in fingernails or hair strands. Only hair follicles and maybe some toejam.