Slashdot Mirror


User: KiloByte

KiloByte's activity in the archive.

Stories
0
Comments
4,101
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 4,101

  1. Re:one down, one to go on Microsoft Drops Aging Encryption Schemes · · Score: 2, Insightful

    This change has nothing to do with security.
    It's all about buzzword-compliancy. It's managers who decide on a company's spending; the managers read overhyped news about "SHA1 getting broken" while the only thing the recent papers provided was a very expensive method to brute-force a hash collision -- [b]any[/b] collision, not a message that matches a given hash. In the managers' minds, those encryption algorithms are worthless now -- and it's a very well-known fact that managers never accept being corrected by those who know better.

    This policy is just like getting a million dollar certified oxygen tank and then securing it with a clothesline peg. Who cares that the end result is flaky, if you can claim that you used the best tank available!?

  2. Re:YAY! on Slackware Linux 10.2 Released · · Score: 1

    The complete lack of package management makes dependacy hunting even worse than that stupid RPM format.

    Dependency hunting is one thing. Try to actually upgrade something on a Slackware box!
    Hadn't I try to migrate to the rape-my-entire-filesystem-on-a-whim reiserfs, a frozen Slink box that was upgraded to what Sid was 2 years ago would be still in perfect working order...

  3. Re:Is this such a big deal? on CentralNic Enables uk.com Wildcard DNS · · Score: 1
    From the default BIND configuration:
    // zone "com" { type delegation-only; };
    // zone "net" { type delegation-only; };

    // From the release notes:
    // Because many of our users are uncomfortable receiving undelegated answers
    // from root or top level domains, other than a few for whom that behaviour
    // has been trusted and expected for quite some length of time, we have now
    // introduced the "root-delegations-only" feature which applies delegation-onl
    // logic to all top level domains, and to the root domain. An exception list
    // should be specified, including "MUSEUM" and "DE", and any other top level
    // domains from whom undelegated responses are expected and trusted.
    // root-delegation-only exclude { "DE"; "MUSEUM"; };
    As the vast majority of the world runs BIND... Verisign can try reactivating SiteFinder till the cows go home. Unlike SMTP servers which often run Fisher Price My First Mail Server^W^W^W^W^W^WMicrosoft Exchange, hardly anyone trusts MS to handle their DNS -- with BIND, such attempts are thwarted by default. If the semi-private SLD .uk.com bothers you... just set that zone to delegation-only and you're set.
  4. Re:They are not bright kids. on Charges Against High School Hackers Dropped · · Score: 3, Funny

    They are not sleazy enough.

  5. Re:It's *not* rocket science, guys... on Alternative Browsers Impede Investigations · · Score: 5, Funny

    Actually, FireFox Deer Park (pre-1.1) which I am using right now has a right-in-your-face menu item to remove this kind of data. Those bad evil criminals don't even have to dig through the options to purge the evidence for their wrongdoings. Clearly, this browser must be a work of the devil and should be banned.

  6. Re:What about rar? on New Winzip in the Works · · Score: 1

    -rw-r--r-- 1 kilobyte kilobyte 229977 Sep 1 14:36 aa.rar
    -rw-r--r-- 1 kilobyte kilobyte 176655 Sep 1 14:36 aa.tar.bz2
    -rw-r--r-- 1 kilobyte kilobyte 220352 Sep 1 14:36 aa.tar.gz
    -rw-r--r-- 1 kilobyte kilobyte 245739 Sep 1 14:37 aa.zip

    Nuff said.

  7. Re:what? on New Winzip in the Works · · Score: 1

    tar + bzip2 + mkisofs + cdrecord.

    Wow... now I don't need "professional" tools.


    Wrong. You already do use them, except they are professional instead of "professional". You can use tools that are fast, efficient and can be easily scripted; the point&grunt interface is for the naives who will shell out money just to get an advertised tool.

    I'm sorry but honestly what the fuck is the real market for Winzip?

    You'll be surprised, but try to download a SDK from Microsoft. It won't come in a Microsoft native format, it will be wrapped in a WinZip self-extracting file.

  8. Re:Good, but... on New IrDA Spec Shoots for 100Mbit/s Data Rate · · Score: 3, Funny

    At least for regular IrDA, you need not only line-of-sight but also a proper phase-of-the-moon. Getting that fixed would be nifty.

  9. Re:Is this really a file system? on WinFS Beta 1 Released Early · · Score: 1

    The GUI's strangth is providing you with information. The CLI's strength is in receiving commands.

    Not really. The GUI's strength lies in providing information the way the program's developer imagined. As long as it's the way you want (and often it is), you're set. If you want it customized or fed to another program, you're screwed.

    The CLI's strength is not in receiving commands (a GUI can do that in a way more obvious to a new user), but serializing them.

  10. RFID? I'll show you your RFID! on The End of the Bar Code · · Score: 4, Funny

    In other news, the shares of tinfoil makers have increased.

    Speaking of which, can you read the price tag on my new hat?

  11. Re:How about a stable ABI? on 2.6.13 Linux Kernel Released · · Score: 2, Insightful

    >> Any time I'm forced to drop to a command line, you as a developer have failed.
    > I don't think the kernel-developers are to blame if some GUI-tool doesn't do the job. They work on the kernel, not on the GUI.


    In fact, if some functionality requires a GUI, people like me are mightily upset. The moment I'm forced to drop to a goddamn GUI, you (the grandparent poster) as a whiny user have failed.
    [Disclaimer: not a single byte of my code can be found in the official kernel tree, so take my words with a grain of salt. Still, I don't really imagine Linus using mouse for anything but cut&paste]

  12. Not for us anymore on Coffee A Health Drink? · · Score: 3, Funny

    Beh. Both programmers and sysadmins are supposed to never ingest any healthy stuff, so I guess that coffee is out of the question then.

  13. Too smart on The Boot Loader Showdown · · Score: 1, Interesting

    A problem I see is that GRUB has too much brains for its own good. It needs to understand all filesystems it can possibly boot. If you upgrade your foofs to a new version that can be misunderstood by GRUB, use an exotic fs or even the newest donation of IBM/SGI/whoever, you run into deep shit if GRUB tries to read the files in a way even minutely different from the newest spec.

    Bootloaders of the past (hell, even I wrote one that was primitive but worked) had the selection and actual loading separated. You had a piece of code inside the partition table (and perhaps track 0), which in turn passed control to the actual bootloader of the OS which you selected. This approach was a lot better where dual-boot configs are concerned.

  14. Re:just another ploy on PDA Security, the Next Big Hurdle for IT? · · Score: 3, Interesting

    While such views are usually dismissed as conspiracy theories, I wouldn't laugh that fast. My dad (in the times when 286 were the hot new stuff) talked to an author of AV software, who admitted to releasing several viruses.
    This was in the times where most software of that kind was written by one-man companies. Now, in the days when AV is a major industry, are you going to bet that no virus authors are employeed by those who benefit the most from virii?

  15. Re:"Open DRM"? on Sun Spearheads Open DRM · · Score: 1

    No, my main issue with it is that it completely forbids me from controlling any part of the software. I can't edit the player, nor can't even compile my own kernel -- if I could, the DRM can be easily worked around.

  16. Re:"Open DRM"? on Sun Spearheads Open DRM · · Score: 1

    What the hell are you talking about, and who the hell modded you so far up? If we were to take your point of view then I guess it's impossible for anyone to compile OpenSSH since it's about restricting access. Or for that matter any sort of encryption or authentication program.

    If I recompile OpenSSH, it works. If I edit the source to my liking and not break anything, it still works. If I even recompile (without changes) a piece of DRM software, it can't work as it wasn't blessed by a member of the DRM cartel.
    Even worse, you can't even run any DRM software on an open-source system, as that would enable you to trace the DRM and lift up the key. It won't be worth anything for the corporation which owns it unless they have full control over you, from the moment your machine boots.

  17. "Open DRM"? on Sun Spearheads Open DRM · · Score: 2, Insightful

    Eh? How exactly can you even talk about "open-source DRM"? It's one of strongest oxymorons here, DRM by definition is about restricting access, while openness is about allowing it.
    Even if you mean openness of only the software itself, you can't go much farther than Microsoft Shared Source -- the "look but not touch" way. What is source worth if you can't even compile it and have it working?

  18. Re:Password security on Kutztown Students get Felony Charges · · Score: 1

    Nah. This happens with every single security scheme -- the only thing that's wrong is the users' carelessness.

    If you don't enforce a policy, no one cares about it. And even if you enforce it, people will still keep ignoring it.

  19. Re:Bandwidth or Latency on Laser Surgery Goes Online · · Score: 1

    This will put the whining about ping delays, widespread among players of Quake-like games, onto a completely new level.

    Also, just guess what will happen if a router is using MS software and goes onto its monthly reboot. In normal cases, things will get routed around in no noticeable time, but in this cases, the downtime won't end in just a rocket that you fail to dodge.

    I can't see it used over public Internet. It's simply WAAAY too unreliable.

  20. Re:Human Nature on Anti-Phishers Pose as Phishers to Make Point · · Score: 2, Insightful

    Wrong. It was not an email from their superior, but from an outside third party (well, it really _was_ their superior, but masquerading as a scammer). And as such, the cadets got phished. They leaked some information, and thus were a potential security breach.

    Questioning orders from your superior is one thing, betraying orders because told to do so by a third party is something different. It just happened that this third party was a good guy.

  21. Re:wow...old news on Server Based Slots of the Future · · Score: 1

    Since when counting cards is cheating? It's just playing in a non-mindless way.

    On the other hand, it is the casino who is cheating here.

  22. Re:Hmmm. on The Mathematics of a Trip to Mars? · · Score: 2

    No longer funny? Try the closest zoom on that page then.

  23. Re:Spammers fate on Spammers on the Run · · Score: 4, Insightful

    Not really. The notoriety will give them some fame, and tell potential advertisers that those spammers know how to send spam in really large amounts.

  24. And so what...? on Firefox Hits 80,000,000 Downloads · · Score: 2, Insightful

    Well, we just had been notified of the 75M milestone.
    Do we really need to get told about the counter constantly? It's useless anyway, as all Linux/BSD distributions use their own mirror networks.

    When Firefox hits the 100m mark, it may be something half-worth of a note.

  25. Re:Well, there are other problems... on Warming Up Mars With Greenhouse Gases · · Score: 2, Insightful

    It would take hundreds of thousands of years -- or more likely, many millions of years -- to lose the atmosphere. If we'll still care after that time, we'll just terraform Mars again, or just keep doing some minor maintenance all the time.