All I'm saying is, assume Skype is as secure as, say, Thunderbird's crypto. Now, which is my Grandmother more likely to use - Thunderbird (which, to set up, requires that she run GPG or similar, send keys to a server, etc), or Skype (no setup - just click a button)?
The problem with crypto is partially security. But security is worthless if people don't use it. And even if Skype isn't secure yet, if it becomes secure in the future, then it's a good thing that people will be in the habit of checking "yes, encrypt my conversations".
So you can use the computer anywhere in the room without running cable all over, or so you can walk around both in one room and between rooms with your laptop.
Actually, there are several documented cases of *major* leaks... including one case in which a Soviet spy was hired as one of those "best brains" - he produced good material to cover up his espionage, but passed a *lot* along.
Don't forget, it's in the government's interest that people think encryption will stop "everyone (IP thieves, oh no!) but the gov't". So since giving up informants (or other methods) doesn't do them any good, discrediting encryption *does*.
Because people started emailing before encryption capability was integrated in "user-level" (i.e., AOL/Outlook level) software. Witness Skype as an example of why VoIP is different.
Technically, that's still steganography. And terrorists aren't stupid. Desperate, fanatical, etc., are all words that could be used, but there are many terrorists that are not stupid. Keep in mind, many suicide bombers were well-educated - and that someone has to tell the suicide bombers what to do.
Get a friend to let you be constantly SSH'd into his box - you can use that to set up tunneling to that certain ports are forwarded back. Or, heck, even tunnel it through IRC if he's a windows user, and doesn't want to set up SSH - just have him install an IRC server.
I've had that problem maybe once, and I use BMN constantly. It helps if, once you have a valid account, you give the site permission to set a cookie - then you use BMN as little as possible, 'cuz the site logs you in automagically.
I see what you're saying, but a better analogy would be, say, a heroin seller who sold despite seeing some of his (or her) customers die of overdoses, then claiming "I didn't know heroin was a Bad Thing". (Substitute in a different drug, if you feel that heroin is a bad example; I used it because it's a "hard" drug, not a "gateway" one).
"Tigger" - was that an honest typo, a jab at Apple, or a Freudian slip?
Re:Hardware Issues
on
Moving To Linux
·
· Score: 2, Insightful
Because of the number of folks using Linux, most hardware companies won't bother. Linux distros already do this - Mandrake has the best compatibility database I've seen so far. And if $Your_Fav_Distro doesn't have a database, google for "$hardware $your_favorite_distro". Just think of it as looking for another review.
For those who haven't read the book, or haven't seen the movie, the parent is not saying that watching the movie kept the designers from seeing the suits (which I understand were removed from the movie(, but that the book emphasized repeatedly the fact that a soldier is a soldier. That the armor is nice, but the real power is the mind inside it. There's a scene where one recruit asks (during boot camp) why they're learning to throw knives when they have rifles, machine guns, tac nukes, ad infinitum. The drill seargant's response is that an army can't let a temporary malfunction or lack of tech stop them from achieving their objective - and further, that massive tech is not always the best solution.
I'm not going to install it quite yet... so can someone tell me how well it works? When I tried RP9 for Linux (and the Helix beta), it was slow, crash-prone, buggy, and video generally didn't display right.
If it is as good as claimed, I'll be thrilled - there are several organizations I belong to that (for various reasons) only use RealMedia. I'm skeptical for now, but a stable RealPlayer for Linux would be wonderful (no, xine/mplayer are not perfect!).
They want chips without connectors to communicate with each other? Is that even possible?
This post brought to you by the Slashdot Association of Pedants.
Re:Not exactly a password story, but ...
on
Fun With Passwords?
·
· Score: 1
It's not that people don't have root privs... it's that people don't officially have root privs. We used to tell the techs about vulnerabilities we stumbled into, but they got pissed off and told us to stop, because they'd installed a new IDS that would take care of it for them.
US public school, but the techs are low-bid contractors who have nothing to do with the district. Hence, no incentive to care about anything. They've done a nice job spreading FUD, though. The computer club gets shut down everytime the network goes down; after about 5 groundless accusations of sabotage in the 3 years I've been here, it gets old, particularly since all 5 breaches were by non-computer club people. The few breaches by computer club people don't bring the network down.
The techs at my school are fairly lazy. However, they're too arrogant and power-hungry to give anyone onsite (say, the computer lab person, a CS teacher, or the principal) root privs. They also sometimes take Friday off.
It's a Windows network, and all locked down. So imagine our surprise when they fsck up the CS classes' brand-new JDK installation, pop the JDK in C:\ of the network (to save time, they said later), and give it root privs. We started file I/O that week, so we figured we'd see what the JDK's home dir was. Whether it's supposed to be the directory javac is in, or whether they misconfigured it, I don't know. But we had root privs on the network until Monday. Good times;-).
Google for Pascal's wager sometime - it might surprise you. Not such a great idea after all, eh? (try "pascals wager site:infidels.org" if you can't find it).
Slashdot Mirror
All I'm saying is, assume Skype is as secure as, say, Thunderbird's crypto. Now, which is my Grandmother more likely to use - Thunderbird (which, to set up, requires that she run GPG or similar, send keys to a server, etc), or Skype (no setup - just click a button)?
The problem with crypto is partially security. But security is worthless if people don't use it. And even if Skype isn't secure yet, if it becomes secure in the future, then it's a good thing that people will be in the habit of checking "yes, encrypt my conversations".
So you can use the computer anywhere in the room without running cable all over, or so you can walk around both in one room and between rooms with your laptop.
I got 58 wpm, too, but the second test said that was 95%. The third link does seem more academic and controlled, so that could be correct.
Actually, there are several documented cases of *major* leaks ... including one case in which a Soviet spy was hired as one of those "best brains" - he produced good material to cover up his espionage, but passed a *lot* along.
Don't forget, it's in the government's interest that people think encryption will stop "everyone (IP thieves, oh no!) but the gov't". So since giving up informants (or other methods) doesn't do them any good, discrediting encryption *does*.
Because people started emailing before encryption capability was integrated in "user-level" (i.e., AOL/Outlook level) software. Witness Skype as an example of why VoIP is different.
Technically, that's still steganography. And terrorists aren't stupid. Desperate, fanatical, etc., are all words that could be used, but there are many terrorists that are not stupid. Keep in mind, many suicide bombers were well-educated - and that someone has to tell the suicide bombers what to do.
Get a friend to let you be constantly SSH'd into his box - you can use that to set up tunneling to that certain ports are forwarded back. Or, heck, even tunnel it through IRC if he's a windows user, and doesn't want to set up SSH - just have him install an IRC server.
So ban more than 3 or 4 IPs. The question is not will it work, the question is, what cutoff is most effective.
I've had that problem maybe once, and I use BMN constantly. It helps if, once you have a valid account, you give the site permission to set a cookie - then you use BMN as little as possible, 'cuz the site logs you in automagically.
Firefox isn't beta - it's just pre 1.0. There's a difference. Even if it were beta, it'd be beta the way GoogleNews is beta - in name only.
... then I wouldn't care, because the Constitution would prevent him from being POTUS anyway!
I see what you're saying, but a better analogy would be, say, a heroin seller who sold despite seeing some of his (or her) customers die of overdoses, then claiming "I didn't know heroin was a Bad Thing". (Substitute in a different drug, if you feel that heroin is a bad example; I used it because it's a "hard" drug, not a "gateway" one).
I haven't seen the movie; I just have read that the suits weren't in it (or weren't as prominent), so I was clarifying the post I was replying to.
How did that work? Don't most systems require you to verify the current PW before entering a new one?
It's not suitcase, it's luggage. And that's the kind of mistake an idiot would make (the kind of idiot who would use 12345 as a combo).
"Tigger" - was that an honest typo, a jab at Apple, or a Freudian slip?
Because of the number of folks using Linux, most hardware companies won't bother. Linux distros already do this - Mandrake has the best compatibility database I've seen so far. And if $Your_Fav_Distro doesn't have a database, google for "$hardware $your_favorite_distro". Just think of it as looking for another review.
This is sad, I can't believe I'm asking this ... but which one do you mean?
For those who haven't read the book, or haven't seen the movie, the parent is not saying that watching the movie kept the designers from seeing the suits (which I understand were removed from the movie(, but that the book emphasized repeatedly the fact that a soldier is a soldier. That the armor is nice, but the real power is the mind inside it. There's a scene where one recruit asks (during boot camp) why they're learning to throw knives when they have rifles, machine guns, tac nukes, ad infinitum. The drill seargant's response is that an army can't let a temporary malfunction or lack of tech stop them from achieving their objective - and further, that massive tech is not always the best solution.
I'm not going to install it quite yet ... so can someone tell me how well it works? When I tried RP9 for Linux (and the Helix beta), it was slow, crash-prone, buggy, and video generally didn't display right.
If it is as good as claimed, I'll be thrilled - there are several organizations I belong to that (for various reasons) only use RealMedia. I'm skeptical for now, but a stable RealPlayer for Linux would be wonderful (no, xine/mplayer are not perfect!).
Pedant mode on:
They want chips without connectors to communicate with each other? Is that even possible?
This post brought to you by the Slashdot Association of Pedants.
It's not that people don't have root privs ... it's that people don't officially have root privs. We used to tell the techs about vulnerabilities we stumbled into, but they got pissed off and told us to stop, because they'd installed a new IDS that would take care of it for them.
US public school, but the techs are low-bid contractors who have nothing to do with the district. Hence, no incentive to care about anything. They've done a nice job spreading FUD, though. The computer club gets shut down everytime the network goes down; after about 5 groundless accusations of sabotage in the 3 years I've been here, it gets old, particularly since all 5 breaches were by non-computer club people. The few breaches by computer club people don't bring the network down.
The techs at my school are fairly lazy. However, they're too arrogant and power-hungry to give anyone onsite (say, the computer lab person, a CS teacher, or the principal) root privs. They also sometimes take Friday off.
;-).
It's a Windows network, and all locked down. So imagine our surprise when they fsck up the CS classes' brand-new JDK installation, pop the JDK in C:\ of the network (to save time, they said later), and give it root privs. We started file I/O that week, so we figured we'd see what the JDK's home dir was. Whether it's supposed to be the directory javac is in, or whether they misconfigured it, I don't know. But we had root privs on the network until Monday. Good times
Google for Pascal's wager sometime - it might surprise you. Not such a great idea after all, eh? (try "pascals wager site:infidels.org" if you can't find it).