What are you acting like a retard? TFS says this is the result of a controlled experiment, not a random survey of mice.
If you wanted to impress people who know anything about science you could at least point out that the diet affects on mice may have no relationship to the same affects for humans.
I work for a static analysis company. I'm a burned out Java developer and enjoy solving problems that cut across logical systems -- problems that the individual system specialists were often unable to see. The tech support job here suited me really well.
We need to hire tech support engineers who have a deep understanding of compiling/building software, and who can talk to really smart people without alienating them.
We're understaffed in the US. Send me a cv to slashdot@douglasheld.net if this sounds interesting to you.
...the minute someone tries to attack the chip, by depackaging it, the capacitance changes and the chips data (usually the secret key for an encryption cipher such as AES/DES) can be wiped.
But where does the power come from to wipe the keys?
I would figure the attacker would just physically destroy the little battery or capacitor first. Then he just opens the device and reads the key at his leisure.
I think if an attacker listens to the handshake conversation with a reader, your model leaves a replay attack vector.
Also, by "physical fingerprint" do you mean "electronic fingerprint"? I thought a physical fingerprint only comes from a human finger. If I'm being dumb today, sorry.
I think the idea with good quality secure devices is you enumerate the detectable ways the key can be obtained, and load up the device with detectors that trigger an erasure of the key (and or physical self destruction if appropriate)
In the context of an RFID chip, I can only imagine this would mean a physical wear sensor and a light sensor, each which trigger an overwrite of the key data on battery power from a little one time battery for this use.
It sounds completely infeasible though. Bending the card too much (causing small cracks) or leaving it out in the sun would just erase the key.
It looks like your problem is on line 466 of WorkBench.java.
CLASSPATH is awesome; it's the solution to DLL hell. I don't get how people get so confused over the classpath... do you also have trouble with your socks and underwear in the dresser? Everything goes it its place.
The Worcester Telegram & Gazette reports that Victor Deeb, a retired chemist who lives in Marlboro, has finally been allowed to return to his Fremont Street home, after Massachusetts authorities spent three days ransacking his basement lab and making off with its contents.
Deeb is not accused of making methamphetamine or other illegal drugs. He's not accused of aiding terrorists, synthesizing explosives, nor even of making illegal fireworks. Deeb fell afoul of the Massachusetts authorities for... doing experiments.
Authorities concede that the chemicals found in Deeb's basement lab were no more hazardous than typical household cleaning products. Despite that, authorities confiscated âoeall potentially hazardous chemicalsâ (which is to say the chemicals in Deeb's lab) from his home, and called in a hazardous waste cleanup company to test the chemicals and clean up the lab.
Pamela Wilderman, the code enforcement officer for Marlboro, stated, âoeI think Mr. Deeb has crossed a line somewhere. This is not what we would consider to be a customary home occupation.â
Allow me to translate Ms. Wilderman's words into plain English: "Mr. Deeb hasn't actually violated any law or regulation that I can find, but I don't like what he's doing because I'm ignorant and irrationally afraid of chemicals, so I'll abuse my power to steal his property and shut him down."
No, the dork is right. Hydrogen is fucking dangerous. It can spontaneously ignite and it's freaking flammable at really low concentrations, at least compared to stuff like propane, butane, gasoline fumes etc.
If I popped a 1 gallon ballon of H2 in my kitchen, I would get the fuck out of there for a quite a little while. Gasoline would smell bad and would ruin the floor, but I wouldn't be scared for my life.
Anyway. Let me now mention what a shitty inefficient energy medium Hydrogen is.
I say we keep burning petroleum until it's too expensive. Then switch to batteries and compressed air for our stupid cars that we need so badly.
OK, you and your parent post are both saying ridiculous things.
The security person or security team do not need to be skilled at exploiting software OR hang out with shady characters in order to identify and remediate security vulnerabilities.
You can download or buy a security focused static analysis tool, for starters.
You can buy a penetration (dynamic analysis) testing tool that can sometimes uncover stuff static analysis misses.
You can learn up on secure coding principles without having to become an elite anything. A lot of software security comes down to not doing a small list of bad patterns.
I'll give you the first lesson for free. Validate all user inputs; make sure no input can have an unbounded length.
My employers wrote a book called "Secure Programming with Static Analysis." It's a pretty good read.
Slashdot Mirror
What are you acting like a retard? TFS says this is the result of a controlled experiment, not a random survey of mice.
If you wanted to impress people who know anything about science you could at least point out that the diet affects on mice may have no relationship to the same affects for humans.
I work for a static analysis company. I'm a burned out Java developer and enjoy solving problems that cut across logical systems -- problems that the individual system specialists were often unable to see. The tech support job here suited me really well.
We need to hire tech support engineers who have a deep understanding of compiling/building software, and who can talk to really smart people without alienating them.
We're understaffed in the US. Send me a cv to slashdot@douglasheld.net if this sounds interesting to you.
Doug
Can I hire you please? Where do you live?
No, not [ant]artic circles, but between the tropics of Capricorn and Cancer, as http://science.slashdot.org/comments.pl?sid=957511&cid=24927705 said.
Now you've got me curious about the real percentage of people living in the tropics. Hmm.
...the minute someone tries to attack the chip, by depackaging it, the capacitance changes and the chips data (usually the secret key for an encryption cipher such as AES/DES) can be wiped.
But where does the power come from to wipe the keys?
I would figure the attacker would just physically destroy the little battery or capacitor first. Then he just opens the device and reads the key at his leisure.
I think if an attacker listens to the handshake conversation with a reader, your model leaves a replay attack vector.
Also, by "physical fingerprint" do you mean "electronic fingerprint"? I thought a physical fingerprint only comes from a human finger. If I'm being dumb today, sorry.
I think the idea with good quality secure devices is you enumerate the detectable ways the key can be obtained, and load up the device with detectors that trigger an erasure of the key (and or physical self destruction if appropriate)
In the context of an RFID chip, I can only imagine this would mean a physical wear sensor and a light sensor, each which trigger an overwrite of the key data on battery power from a little one time battery for this use.
It sounds completely infeasible though. Bending the card too much (causing small cracks) or leaving it out in the sun would just erase the key.
That's really funny :-)
Hmm, what's the opposite of "whoosh"?
I guess you didn't read the Kaminsky presentation.
It looks like your problem is on line 466 of WorkBench.java.
CLASSPATH is awesome; it's the solution to DLL hell. I don't get how people get so confused over the classpath... do you also have trouble with your socks and underwear in the dresser? Everything goes it its place.
Good job, moderators. On http://blog.makezine.com/archive/2008/08/home_science_under_attack.html it says:
My favorite use of petroleum is aspirin. Which by the way is my mitigant of choice against idiots.
http://www.engin.umd.umich.edu/CIS/course.des/cis400/cobol/hworld.html
21 lines. OK, I was surprised.
I'm retarded. I meant to reply to http://tech.slashdot.org/comments.pl?sid=634587&cid=24460157.
No. The move-on fuckers kept sending me crap years after I asked to be removed from their list.
I let them know nicely several times, but they didn't keep their data together and spammed me.
No, the lesson is to perform exception handling.
That is the worst video I have ever watched. At 12 minutes 55 seconds, when Linus says "Now, before I get started..." I had to just kill it there.
Are you offended because I wrote "stupid cars"?
Yeah, that's the most awesome BlackBerry feature ever.
Me: I started with 7:00-23:00, and I've weaned myself gradually to 8:00-21:00 each day. I expect to turn it down further soon.
You know, you guys should find a way to sit down the owner and tell him this. Maybe he would reconsider handing over the reins to his idiot spawn.
If he really does know what he's doing, he's probably aware of this problem. Love doesn't always make you completely blind.
No, the dork is right. Hydrogen is fucking dangerous. It can spontaneously ignite and it's freaking flammable at really low concentrations, at least compared to stuff like propane, butane, gasoline fumes etc.
If I popped a 1 gallon ballon of H2 in my kitchen, I would get the fuck out of there for a quite a little while. Gasoline would smell bad and would ruin the floor, but I wouldn't be scared for my life.
Anyway. Let me now mention what a shitty inefficient energy medium Hydrogen is.
I say we keep burning petroleum until it's too expensive. Then switch to batteries and compressed air for our stupid cars that we need so badly.
This is an area where IPv6 might present an interesting possibility.
This is the best suggestion posted yet.
Honestly, I googled and didn't find anything respectable looking that works for Powerbooks.
Can the author let us know what software he uses?
Doug
OK, you and your parent post are both saying ridiculous things.
The security person or security team do not need to be skilled at exploiting software OR hang out with shady characters in order to identify and remediate security vulnerabilities.
You can download or buy a security focused static analysis tool, for starters.
You can buy a penetration (dynamic analysis) testing tool that can sometimes uncover stuff static analysis misses.
You can learn up on secure coding principles without having to become an elite anything. A lot of software security comes down to not doing a small list of bad patterns.
I'll give you the first lesson for free. Validate all user inputs; make sure no input can have an unbounded length.
My employers wrote a book called "Secure Programming with Static Analysis." It's a pretty good read.