Slashdot Mirror


User: m50d

m50d's activity in the archive.

Stories
0
Comments
6,913
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 6,913

  1. Re:Windows on Worm Hits Windows Machines Running MySQL · · Score: 1

    The hash used for login passwords is a standard library function, so I'd imagine MySQL simply uses the same hashing mechanism.

  2. Re:So it's the admins' fault? on Worm Hits Windows Machines Running MySQL · · Score: 1

    No, it's always the admin's fault. But in this case, windows could have stopped the admin's mistake doing any damage by having a firewall.

  3. Not fairness on Worm Hits Windows Machines Running MySQL · · Score: 1

    My linux box has been connected to the internet with a static IP and no firewall for around 6 months. I'm pretty sure it hasn't been rooted or zombied (no unusual network access, no ports open that shouldn't be when I nmap it, all files that should be there are there). I get around two attempts every second to connect to my SMB server, and every so often someone tries a dictionary attack, in which case I complain to their ISP. I've also had a couple of dictionary attacks on my ssh server. None of these got through, for the simple reason that I don't use weak passwords. I'm not sure how you're defining non-trivial, but I have a reasonable number of services running here. I keep everything updated, use long passwords, and don't have any problems. And I don't see why others can't do the same.

  4. Re:Wine is not an Emulator. on Running Windows Viruses Under Linux · · Score: 1

    No, because it's a port of the same code, and it doesn't allow you to run linux gtk programs on windows. If wine was a port of the actual windows code and required recompilation, it wouldn't be an emulator.

  5. Re:Wine is not an Emulator. on Running Windows Viruses Under Linux · · Score: 4, Insightful

    Yeah, just like lame ain't an mp3 encoder. Names aren't always the full story. Wine definitely is an emulator in that it emulates, it just does it on a different level than most emulators, so it doesn't have many of their drawbacks, like the slowness.

  6. Re:Wine is not an Emulator. on Running Windows Viruses Under Linux · · Score: 2, Interesting

    Or it could just be an emulator that doesn't work very well. If you try an early version of bochs/vmware/etc. from before they had networking support, the viruses won't be able to own that either.

  7. Re:Chicken little poster... on No Pictures, Thanks · · Score: 1
    Worried about this technology being mandated by congress? It's unlikely given that anything done in public is public. They'd have to take away a ton of civil rights before they even got close to being able to prevent public pictures in public places.

    Some of us thought the same way about copy prevention technologies. DVDs and DMCA sure taught us something. Don't think there's no chance of this happening.

  8. Re:Public behavior on No Pictures, Thanks · · Score: 1

    Why do you have a "concern" about this? You're in public. Anyone could see you. If you don't mind people seeing you, why do you mind people photographing you? And if you do mind people seeing you, stay at home.

  9. Re:Idiots should NOT have ideas on No Pictures, Thanks · · Score: 1

    They only managed that because DVD was such a big improvement over VHS in terms of quality. Thing is, we already have digital cameras, so they have now way to foist this technology on us with a technology change.

  10. Re:Just to note... on Take-Two to Publish Next Civilization Game · · Score: 3, Informative
  11. Re:open source tech? on Take-Two to Publish Next Civilization Game · · Score: 1

    Well, it's normally good tech. I know I trust bsd ftp more than "random company" ftp. But I think the main point is that you can modify the AI. With luck they'll do their AI entirely in python and give you the source, so that part of the game at least is all yours to play with. It's not completely opening it, but it's making it more moddable, which is always a good thing.

  12. WMV is really the best for size... on Video Formats for non-Windows Users? · · Score: 1

    but if you want easy crossplatforming, real player runs fine on linux and on windows and mac too.

  13. Re:Do we actually lose memories? on Volatility of Human Memory · · Score: 1
    I think we must lose them, because I think my memory recently filled up. I used to be able to learn how to do things in maths or science after being shown them just once. Instant. And I'd learn a song as soon as I heard it. Now, at 17, it's gone. I know enough that I'm still a very good mathematician, but I worry that it's fading. Most striking is a poem I was learning, the rime of the ancient mariner. I learnt the first three parts in as many weeks. Now, no matter what I try, I can't seem to learn any more.

    I obviously still learn some things, since I've learnt perl since this happens. But it seems harder, as if I'm having to clear out old memories to make space, and I need to rehearse things more to learn them.

    Has anyone else experienced anything like this?

  14. Re:How do you say... on The Lost 1984 Mac Video · · Score: 1

    Really? I was just extrapolating from "downgeloaded", which I do know real germans say. Slashdotten looks like it should be seperable, "Ich dotte die Webseite slash" or something like that.

  15. Re:Props to them on Real Pays For Legal MP3 Playback On Linux · · Score: 1

    Not really. For newbies, having a player they recognise is a good thing, corporate people like a corporate product, and hackers who prefer other players know how to install them.

  16. Re:Props to them on Real Pays For Legal MP3 Playback On Linux · · Score: 1

    Well, personally I've found that xine plays wmv streams perfectly, better than real streams in fact. But I agree with the sentiment. But looking back on the last apple/real thread (in the discussion about them suing that medical student) slashdot still seems to adore apple and claim they can do no wrong.

  17. Re:512? Why on earth? on Just How Paranoid Are You? · · Score: 1

    You missed out a zero on your calculation, it's actually around 100 years. If there's no numbers, it drops to less than a year. On the world's fastest publicly known computer, working alone. So maybe I'm being a little optimistic, but I certainly wouldn't feel secure against the NSA with only 15 characters. Remember they only have to calculate it once, they can easily afford the terabytes to store a database.

  18. Re:Like the "Linux is Obsolete" flame war of 1992? on Flame Wars, Forks and Freedom · · Score: 2, Insightful
    Maybe a better one?

    Don't get me wrong, I like linux, and I sure as hell couldn't write it myself - yet, anyway. But the more I look at it, the more it looks like the amature kludge it originally was. And although I admire how well he's led it, some of Linus' design decisions have been decidedly odd, and, well, wrong. It works - but I can't help feeling it would work better if a bit more experience had gone into the overall design.

  19. It's working though on Coyotos, A New Security-focused OS & Language · · Score: 1

    Restrictive languages are far older than I am. And since they've been around all my life, I can handle them. I know C, I'm pretty good at it - after all, you have to be - but although there's a few very cool things you can do with it for fun, I'd honestly prefer something with bounds-checking for real coding. Not that I make mistakes, of course, and I even wrote one program that depended rather heavily on accessing just outside an array. But it's simply easier to write a good program if your language can stop buffer overflows for you.

  20. Re:Need for a superuser? on Coyotos, A New Security-focused OS & Language · · Score: 2, Interesting

    So a determined malicious insider can do everything they can do under traditional unix, yes. But there's defense in depth here. For example, you can probably eliminate all your setuid binaries, just give them the capabilities they need. Cdrecord gets the "set own niceness very high" capability, but a cdrecord vulnerability doesn't make a local root one. Mplayer gets the "direct access to video card" capability. People who just need to be able to mount iso images don't need the root password. It's not a panacea, but it's another layer of protection.

  21. Re:512? Why on earth? on Just How Paranoid Are You? · · Score: 1

    Not at all. 15 character alphanumeric is actually practically bruteforceable by big companies, and a piece of cake for a first-world government. They might even have rainbowcrack-type tables for passwords up to that length, it's probably worth the NSA's while to compute them. 256 bits is usually enough, but I'm thinking ahead - there was a time when 64 bits was plenty.

  22. Re:Props to them on Real Pays For Legal MP3 Playback On Linux · · Score: 1

    I'm not sure about Fedora's stance on non-free stuff, but yes. If not Fedora, I'm sure there's some distros which will. Suse already includes realplayer iirc, though I think they include other mp3 playback stuff too.

  23. Re:How do you say... on The Lost 1984 Mac Video · · Score: 1
    Slashgedotten I'd imagine. It might not be "proper" german, but it's what a real german would say

    /not a real german

  24. Re:Big Brother... on Just How Paranoid Are You? · · Score: 1
    Is there any point in trying to protect against BIG Brother really? I mean, if they WANT to get in, they could just storm your house and take away your PC. If the want they could slience you too. So why go so over the top?

    You mean your pc doesn't have any explosives (or radiation source) near the hard drive? Fine, mine doesn't either. But I've known people who did.

    Another idea is to make sure any sensitive infomation doesn't have any means of escape, hell build a machine with no network, and no floppy drive or cd writer. Take out the usb slots too, then maybe a passer by wont be able to access it.

    OK, but network is ok if you're careful enough. Don't use anything like a graphical web browser, far too much code to check, but telnetting and maybe ssh are doable securely.

    30char password? Whats the point? I mean you can still brute force it, and even without doing this, theres still methods such as removing the hdd drive, mounting it under anther computer and 99% time, you got instant access to everything.

    I assume he means the password for his AES. In which case it needs to be about that long to make brute forcing it as hard as the AES. Personally I don't trust AES, being as it is NSA-selected, so I use CAST-512. With a 60 char non-alphanumeric password, that is impossible to brute force in a reasonable time period with computers as we know them.

  25. Re:Props to them on Real Pays For Legal MP3 Playback On Linux · · Score: 1

    It does. Not directly, perhaps. But having more users for free operating systems a) increases the chance of hardware manufacturers making free drivers for them and b) increases the number of people who are aware of free software, which will probably result in a proportional increase in the number of people who contribute to free software. I've seen many people say that to have good free games we don't need more programmers, we need more artists. If we can get artists and other non-techies using linux, hopefully a few of them will start to help out, which would be a great benefit for freedom.