Slashdot Mirror


User: Hal_Porter

Hal_Porter's activity in the archive.

Stories
0
Comments
8,852
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 8,852

  1. Re:Great! Orwell is always worth reading. on George Orwell Blogs From the Grave · · Score: 4, Insightful

    You can read some of them here

    http://www.orwell.ru/library/essays/index_en

    This is something a lot of slashdotters really need to read
    http://www.orwell.ru/library/essays/nationalism/english/e_nat

    (v) Pacifism. The majority of pacifists either belong to obscure religious sects or are simply humanitarians who object to the taking of life and prefer not to follow their thoughts beyond that point. But there is a minority of intellectual pacifists whose real though unadmitted motive appears to be hatred of western democracy and admiration of totalitarianism. Pacifist propaganda usually boils down to saying that one side is as bad as the other, but if one looks closely at the writings of younger intellectual pacifists, one finds that they do not by any means express impartial disapproval but are directed almost entirely against Britain and the United States. Moreover they do not as a rule condemn violence as such, but only violence used in defence of western countries. The Russians, unlike the British, are not blamed for defending themselves by warlike means, and indeed all pacifist propaganda of this type avoids mention of Russia or China. It is not claimed, again, that the Indians should abjure violence in their struggle against the British. Pacifist literature abounds with equivocal remarks which, if they mean anything, appear to mean that statesmen of the type of Hitler are preferable to those of the type of Churchill, and that violence is perhaps excusable if it is violent enough. After the fall of France, the French pacifists, faced by a real choice which their English colleagues have not had to make, mostly went over to the Nazis, and in England there appears to have been some small overlap of membership between the Peace Pledge Union and the Blackshirts. Pacifist writers have written in praise of Carlyle, one of the intellectual fathers of Fascism. All in all it is difficult not to feel that pacifism, as it appears among a section of the intelligentsia, is secretly inspired by an admiration for power and successful cruelty. The mistake was made of pinning this emotion to Hitler, but it could easily be retransfered.

  2. Re:Details... on Vista's Security Rendered Completely Useless · · Score: 1

    I'm not sure what the point of this paper is. He lists all the security measures added to Vista and XP and shows how an exploit could potentially get round them. He has some example code.

    Some of the other security measures like GS miss some cases. He shows how to exploit some security holes, since patched, despite the security features.

    But so what really. One of the reasons NX an ASLR were not implemented for so long in both Linux was because they only make exploit writing harder, not impossible, individually. Presumably Microsoft felt the same way before Bill Gate's famous "focus on security" email.

    Now they are implemented each one does make at least some exploits impossible. And a Vista machine with all of them enabled is surely more secure than XP SP0 with the default settings. Hopefully my Vista box with Opera will be additionally secure because the exploit writers won't bother to target it.

    It's not gameover by any means. All of the techniques can be improved, but even after that there will be workarounds that allow exploits to target unpatched vulnerabilities.

  3. Re:Details... on Vista's Security Rendered Completely Useless · · Score: 5, Funny

    I read it and now my system IE is full of toolbars. Oh shi

  4. Re:Well.... on Vista's Security Rendered Completely Useless · · Score: 3, Funny

    The Black Hat conference is a trap. You buy tickets online and get Party Vanned 10 seconds after you hit submit on the web form.

  5. Re:This generations laser disc? on New Study Finds Low Interest In Blu-ray · · Score: 1

    Consider that you can get a blue ray drive for a PC rip the content off to a in home server and play it back via a number of methods in everything from the original res down to ipod. The only optical media drive I've had in my entertainment center for the better part of a decade is a USB attached computer drive that automatically rips / converts / slices and dices whatever you put into it. The media cartels might not like it but physical media is dying as it's pointless. I would rather have my media collection live on a bunch of raid drive in the basement server and on backup tapes, than sitting in my living room. Though I also think TV's should be mounted behind a mirror rather than displayed.

    This is also a wise strategy should a Butlerian jihad erupt against HD, as opposed to the current apathy.

  6. Re:Overexaggerate Much? on Apple Sued For Turning Workers Into Slaves · · Score: 2

    CmdrTaco doesn't write the summaries. He just writes the "from the clever inside joke dept." part. In this particular case, SwiftyNifty wrote the summary.

    I bet he whips SwiftyNifty if he doesn't write an appropriately trolling summary mentioning slavery too.

  7. Re:News... on Apple Sued For Turning Workers Into Slaves · · Score: 1

    Yours is one of many posts saying the same thing (and getting +5 insightful).

    Why are you guys focusing on bashing the headline instead on the actual problem, which is that highly skilled people are working over time for nothing

    Because they're Apple fanboys. We wouldn't mind if they were chained to an oar.

  8. Re:No, *THESE* are slaves on Apple Sued For Turning Workers Into Slaves · · Score: 1

    Or Arsenal, if you believe Ashley Cole...

    Waah, I get paid millions of dollars by one company and when I breach contract by secretly negotiating with their rivals I get fined tens of thousands. I'm a slave I tell you.

  9. Re:STFU or go back to open source you whiners !! on Apple Sued For Turning Workers Into Slaves · · Score: 5, Funny

    Mac fans show their people skills again.

  10. Re:"background texture behind the text" on ISS Gets New Recycling Gear, Ready For Larger Crew · · Score: 1

    Don't gnu mean Gnu/Iceweasel on Debian Gnu/Linux?

  11. Re:Webmaster? on ISS Gets New Recycling Gear, Ready For Larger Crew · · Score: 1

    I use Opera where the site works.

  12. Re:Waste hydrogen? on ISS Gets New Recycling Gear, Ready For Larger Crew · · Score: 1

    It works fine on Opera 9.50 on Windows Vista Ultimate.

    Yeah, I went there.

  13. Re:Waste hydrogen? on ISS Gets New Recycling Gear, Ready For Larger Crew · · Score: 1

    By the way some of my co workers smell I assume they already wear stillsuits.

  14. Re:Summary doesn't mention digital signing on Chipped Passport Cloned In Minutes · · Score: 1

    Cellphone companies have managed to keep private keys secure pretty well. That's not to say government will manage it, but it's not like it's an insoluble problem.

  15. Re:Electronic voting's cousin? on Chipped Passport Cloned In Minutes · · Score: 1

    Only 45 countries have e-passports. Given that you must have an e passport for visa free travel to the US, the US can just force countries to reveal their public keys if they want their citizens to have visa free travel. And revoke that right if they leak their private key.

    So I'd guess the US and its friends will be able to verify e passports electronically. You don't need PKD for 45 CSCA keys and however many DS keys there are, you could build the public keys into the software.

  16. Re:Take a hammer to it... on Chipped Passport Cloned In Minutes · · Score: 1

    Why break it? It seems like the system working is in the public interest.

  17. Re:Summary doesn't mention digital signing on Chipped Passport Cloned In Minutes · · Score: 1

    Potentially they could be very secure - only the machine that writes the chips when the passport is made would need to know them.

  18. Re:Electronic voting's cousin? on Chipped Passport Cloned In Minutes · · Score: 1

    Sucessful paper forgeries are usually more time consuming to create, and require skills that are less common in this day and age.

    Or another way, a forged passport is one forged passport. A broken authentication system is a thousand forged passports.

    You still need to forge the paper to make a passport. And the authentication hasn't been broken - the software this guy used didn't check it.

  19. Re:Embarassing, but not suprising on Chipped Passport Cloned In Minutes · · Score: 2, Informative

    It shows the benefit of this kind of outside security analysis, which should have probably been executed during the development process.

    Better the issues be uncovered now than when the issuance is widespread.

    There's always a loophole.

    There was lots of analysis. Years in fact. If you Google you can see there were groups working on MRTD standards since 1968. Biometric passports were conceived in 1997 and implemented in 2004, only because the US wanted to speed up the process after 9/11. That's still 7 years!

    Plenty of time for various committees of tire kickers to muse on the security of the system.

    http://www.rfidsec07.etsit.uma.es/slides/present/slides-1.1.pdf page 6

    1968: ICAO starts working on MRTD
    1980: first standard (OCR-B Machine Readable Zone (MRZ))
    1997: ICAO-NTWG (New Tech. WG) starts working on biometrics
    2001 9/11: US want to speed up the process
    2004: version 1.1 of standard with ICC
    2006: extended access control under development in the EU

    In fact if you do some research this cloned passport would be detected by a system which verifies the trust chain correctly, i.e. it was a flaw in the software he tested with. Most likely the systems used at airports do verify the trust chain.

  20. Re:Why be a hacker... on Chipped Passport Cloned In Minutes · · Score: 1

    1337 dollars per week is hex, not decimal.

  21. Re:Um, well... on Chipped Passport Cloned In Minutes · · Score: 5, Insightful

    This is more like PGP signing. DRM has a flaw in that the user must be able to decrypt so the decryption key must be available. PGP signing is much more secure since you only need to know the private key if you sign. Verifying is done with the public key which is not secret.

    The passport contains data - name, address, photograph (and in future fingerprints and retinal scans). When the passport is made this data is digitally signed with the private key in some secure system.

    There is a trust chain from the per country CSCA (Country Signing Certificate Authority) down to the DS (Data Signers) down to the passports.

    See here, page 13
    http://www.rfidsec07.etsit.uma.es/slides/present/slides-1.1.pdf

    In the UK as far as I know there is only one DS, the Foreign and Commonwealth Office even for passports issued overseas (I got mine renewed from a non biometric one in Stockholm and the issuer is still marked as FCO not British Embassy Stockholm). So to check the trust chain you need the public keys for the CSCA and the DS that made a passport. The article says that "But only ten of the forty-five countries with e-passports have signed up to the Public Key Directory (PKD) code system, and only five are using it." But elsewhere it says "Some of the 45 countries, including Britain, swap codes manually, but criminals could use fake e-passports from countries that do not share key codes, which would then go undetected at passport control". True, but if you used a clone British Passport anywhere with access to the shared keys it will be caught if you don't know the British private CSCA key. And any country that doesn't share it's public key could be threatened with being dropped from visa waiver programs, so it's fair to assume that given time they all will. Any country who leaked their private key could be handled the same way.

    As someone commented to the article

    Seemingly Mr Van Beek created only a copy of personal data with fake certificates, keys and signatures to fool only the reader he was using. In real life if he could have been able to put the chip into a real passport control systems where data is checked against the CSCA and DS certificates he would have been arrested at the same moment.

    The problem with not having a PKD is that people who don't have access to manually swapped public keys cannot verify the passport. But I bet the scanners in airports do. Installing 45 CSCA keys, one per country, and one or more DS keys per country is not very hard to do.

    I actually wonder how serious this is - of course a faked passport will not be detected by software that cannot verify the trust chain. The systems at airports can do this from what I've read.

  22. Re:WTF? on The DIY Dialysis Machine · · Score: 1

    Actually it would be funnier if someone else was holding the baby and she was looking at it with the same expression. That way I could have captioned it "ARE YOU GOING TO EAT THAT" and used it to troll on other forums.

    Yeah, I know. I'm not going to breed and that is probably for the best, all things considered.

  23. Re:All they have to do now... on NASA Plans Test of New Plasma Drive · · Score: 1

    As for low-bidder construction, I seem to recall that the Federation has banished greed and competition. But I suppose that's just government propaganda.

    They've eliminated money too. If people complain to the the LCARS guys that consoles sometimes explode and kill their users, they will be told that "patches are welcome", or asked to contact the Ferengi who made the hardware and get them to release specifications rather than just binary drivers for Klingon operating systems.

  24. Re:Nice to see fact moving faster than fiction on NASA Plans Test of New Plasma Drive · · Score: 1

    Project Daedalus used fussion pellets

    http://en.wikipedia.org/wiki/Project_Daedalus

    Daedalus would be constructed in Earth orbit and have an initial mass of 54,000 metric tons, including 50,000 tons of fuel and 500 tons of scientific payload. Daedalus was to be a two-stage spacecraft. The first stage would operate for two years, taking the spacecraft to 7.1% of light speed (0.071 c), and then after it was jettisoned the second stage would fire for 1.8 years, bringing the spacecraft up to about 12% of light speed (0.12 c) before being shut down for a 46-year cruise period. Due to the extreme temperature range of operation required (from near absolute zero to 1,600 C) the engine bells and support structure would be made of beryllium, which retains strength even at cryogenic temperatures.

    This velocity was well beyond the capabilities of chemical rockets. Instead, Daedalus would be propelled by a fusion rocket using pellets of deuterium/helium-3 mix that would be ignited in the reaction chamber by inertial confinement using electron beams. 250 pellets would be detonated per second, and the resulting plasma would be directed by a magnetic nozzle. Due to the scarcity of helium-3 it was to be mined from the atmosphere of Jupiter via large hot-air balloon supported robotic factories over a 20 year period.

    I'm not sure if the inertial fusion system would be possible to build. Mind you if you could, you could mine the He3 off the moon without needing to go to Jupiter.

  25. Re:Nice to see fact moving faster than fiction on NASA Plans Test of New Plasma Drive · · Score: 1

    I frequently see in slashdot replies that this or that could happen if enough folks decide to do it. People say things like "feeding the world is a political problem, not a resource problem." The problem is that political will and the ability to manipulate it are kind of like limitations based on laws of physics. Sure in theory we could steer the earth if we all jumped up and down at the right time. It just isn't possible to convince everyone to play.

    Global fascism could solve that problem.