Engineers should never have overlooked something so obvious.
I don't think it was overlooked. Based on what this guy said, I think maybe something changed at the last minute. Maybe they couldn't get the screens they originally spec'd and changed to an alternate source just before production? I've heard that this happens a lot in the cellphone/smartphone business.
Good thinking. But how do you do that, exactly? Compile the source and compare MD5 sums with the binary code on the Breathalyzer? I mean, some people put build ID strings in their binaries, but that wouldn't seem like conclusive proof that source A machines binary B.
No. Did you bother reading the summary? The judge ruled the defendant in a criminal case has the right to review the source code of the machine that was used to convict him.. It's not like they ruled that CMI had to open source the thing. That seems pretty reasonable to me.
Well, you're right. Here's your reference. Each character provides about 2.5 bits of security:
How the PSK is used in WPA and 802.11i
The PSK provides an easily implemented alternative for the PMK as compared to using 802.1X to generate a PMK. A 256bit PSK is used directly as the PMK. When the PSK is a passphrase, the PMK is derived from the passphrase as follows:
Where the PBKDF2 method is from PKCS #5 v2.0: Password-based Cryptography Standard. This means that the concatenated string of the passphrase, SSID, and the SSIDlength is hashed 4096 times to generate a value of 256 bits. The lengths of the passphrase and the SSID have little impact on the speed of this operation.
The PTK is a keyed-HMAC function using the PMK on the two MAC addresses and the two nonces from the first two packets of the 4-Way Handshake. This is why the whole keying hierarchy falls into the hands of anyone possessing the PSK, as all the other information is knowable.
However, even using an offline attack, this article's author still says a PSK of about 20 characters should be enough for most purposes. I tend to agree.
There are other reasons to use film as opposed to digital. Time-lapse photography, for example. While it can be done with a digital, there is no way to do things such as slow the exposure time and so forth.
That's why you gotta read my whole post -- you need letters, numbers and symbols. Mixed case also. My password is also not based on a dictionary word and means something only to me.
I hadn't heard that, but a totally random 63 character password would be ideal, yes. Note that I didn't say how much greater it is than 15.;) But anything over 15 characters is probably secure enough for most home users.
But brute force-password guessing isn't a problem if you a choose a long enough password with a large enough character set - letters, numbers, symbols. My WPA password is larger than 15 characters. Good luck without a Beowulf cluster of those -- and even then, it better have a LOT of those GPUs.
The same technology may prove to be very useful for P2P services [ietf.org].
Indeed. One of the biggest problems with P2P in general is all the congestion it creates by opening so many simultaneous connections. P2P could be much more useful for these kinds of background transfers that are obviously best for scenarios like eLVBI.
With a 'less than best effort' strategy, you'll end up only using the 'extra' or 'leftover' bandwidth and not your whole pipe.
The story the other day about a P2P firewall (which has other more glaringly obvious problems than just being P2P) could make use of this technology as well.
Buddhism probably considers the equivalent not to be Right Mindfulness, but that's not the same as being sinful
You don't understand Buddhism then. There is no concept of 'sin' in Buddhism per se. You either do things which evolve you or things that do not. Doing things that do not evolve you -- attachment, wrong mindfulness, wrong action, wrong speech, etc., takes off the the path towards Nirvana. If you look at 'sin' as taking you off the path to Heaven -- which is not really an accurate viewpoint of the Christian religion as 'sin' is going against God's laws; sins are automatically forgiven for those who accept Jesus as their personal lord and savior -- then wrong mindfulness can be equated with sin. But again, as I said, the concepts really cannot be equated.
Slashdot Mirror
What? Another plane landed in the Hudson today? OMFG! The terrorists are attacking our rivers! Run for your lives!
Oh, wait...I just RTFA. Nevermind. Let this serve as a lesson to all of you to RTFA. :-P
Engineers should never have overlooked something so obvious.
I don't think it was overlooked. Based on what this guy said, I think maybe something changed at the last minute. Maybe they couldn't get the screens they originally spec'd and changed to an alternate source just before production? I've heard that this happens a lot in the cellphone/smartphone business.
Our CEO has not been back since then. This must be big.
Wow. I hate to break the news to you, but I think that it's likely that he got eaten by grue.
whoooooosh.
So what you're saying is we need to genetically engineer an "Anti-Al Gore" and send him to Mars?
Say, it's January 15, right? So what's W doing in 5 days?
s/machines/matches
Good thinking. But how do you do that, exactly? Compile the source and compare MD5 sums with the binary code on the Breathalyzer? I mean, some people put build ID strings in their binaries, but that wouldn't seem like conclusive proof that source A machines binary B.
No, thanks. It's all yours. You can have it. Really. I insist.
No. Did you bother reading the summary? The judge ruled the defendant in a criminal case has the right to review the source code of the machine that was used to convict him.. It's not like they ruled that CMI had to open source the thing. That seems pretty reasonable to me.
I'm moving to Peru and taking my beer with me! Whose with me?
Maybe, just maybe, this isn't actually a Slashdot story, but is the sick joke of a really, really good DNS hacker....
Nah. That's just wishful thinking.
Thank you. Rather than arguing about saying "Linux isn't for everyone" can we all just agree that in this case "college isn't for everyone?"
Thanks.
No doubt. It's a fabulous camera from the articles I've read about it.
But, like I said, the price is well out of my budget.
Well, you're right. Here's your reference. Each character provides about 2.5 bits of security:
How the PSK is used in WPA and 802.11i
The PSK provides an easily implemented alternative for the PMK as compared to using 802.1X to generate a PMK. A 256bit PSK is used directly as the PMK. When the PSK is a passphrase, the PMK is derived from the passphrase as follows:
PMK = PBKDF2(passphrase, ssid, ssidLength, 4096, 256)
Where the PBKDF2 method is from PKCS #5 v2.0: Password-based Cryptography Standard. This means that the concatenated string of the passphrase, SSID, and the SSIDlength is hashed 4096 times to generate a value of 256 bits. The lengths of the passphrase and the SSID have little impact on the speed of this operation.
The PTK is a keyed-HMAC function using the PMK on the two MAC addresses and the two nonces from the first two packets of the 4-Way Handshake. This is why the whole keying hierarchy falls into the hands of anyone possessing the PSK, as all the other information is knowable.
However, even using an offline attack, this article's author still says a PSK of about 20 characters should be enough for most purposes. I tend to agree.
There are other reasons to use film as opposed to digital. Time-lapse photography, for example. While it can be done with a digital, there is no way to do things such as slow the exposure time and so forth.
guessmypassword
123456789111111
012345
isn't a good password.
That's why you gotta read my whole post -- you need letters, numbers and symbols. Mixed case also. My password is also not based on a dictionary word and means something only to me.
Assuming you have it compiled into kernel, yes. (Most modern distros do)
Especially not at a street price of ~$2500-3000. No thanks. This is nothing but a slashvertisement for the Canon EOS 5D Mark II.
In this case I hope you are paying your team of armed guards well and trust that they won't betray you ;)
I have a mote populated with sharks -- with friggin' LASER BEAMS attached to their heads!
I hadn't heard that, but a totally random 63 character password would be ideal, yes. Note that I didn't say how much greater it is than 15. ;) But anything over 15 characters is probably secure enough for most home users.
Just for the record -- I've never paid anything close to 10 bucks for a frothy coffee at Starbucks.
Other than that, yeah, the iPhone is shiny crap for wannabes.
But brute force-password guessing isn't a problem if you a choose a long enough password with a large enough character set - letters, numbers, symbols. My WPA password is larger than 15 characters. Good luck without a Beowulf cluster of those -- and even then, it better have a LOT of those GPUs.
The same technology may prove to be very useful for P2P services [ietf.org].
Indeed. One of the biggest problems with P2P in general is all the congestion it creates by opening so many simultaneous connections. P2P could be much more useful for these kinds of background transfers that are obviously best for scenarios like eLVBI.
With a 'less than best effort' strategy, you'll end up only using the 'extra' or 'leftover' bandwidth and not your whole pipe.
The story the other day about a P2P firewall (which has other more glaringly obvious problems than just being P2P) could make use of this technology as well.
So it's already illegal to fuck, now they're trying to make it just as illegal to talk about fucking.
Well, at least they can still go fuck themselves so long as they don't talk about it, I guess.
Buddhism probably considers the equivalent not to be Right Mindfulness, but that's not the same as being sinful
You don't understand Buddhism then. There is no concept of 'sin' in Buddhism per se. You either do things which evolve you or things that do not. Doing things that do not evolve you -- attachment, wrong mindfulness, wrong action, wrong speech, etc., takes off the the path towards Nirvana. If you look at 'sin' as taking you off the path to Heaven -- which is not really an accurate viewpoint of the Christian religion as 'sin' is going against God's laws; sins are automatically forgiven for those who accept Jesus as their personal lord and savior -- then wrong mindfulness can be equated with sin. But again, as I said, the concepts really cannot be equated.