Slashdot Mirror


User: 140Mandak262Jamuna

140Mandak262Jamuna's activity in the archive.

Stories
0
Comments
7,545
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 7,545

  1. Re:Educate the users, Avoiding reuse is easy on Mitigating Password Re-Use From the Other End · · Score: 1

    Thanks, I have a free key fob from ETrade. Let me check if schwab would accept it and if quicken would handle it right.

  2. Re:Educate the users, Avoiding reuse is easy on Mitigating Password Re-Use From the Other End · · Score: 2

    My problem with such hasher is that, I did not write it. I am not trusting all my passwords to some binary blob. How do I know the add-on/extension/app is not phoning home all my passwords to some chinese hackers? That is why I use my own brain to do the hashing and salting. I am not so paranoid about passwords to minor accounts like slashot or app dev. Even medium level accounts like amazon or gmail is ok. But each my bank/brokerage account gets a personalized password that is not written down, not generated by an app, extension or add-on, not saved by the browser. Unless I can avoid it, I log into these accounts from exactly two computers. One from work (out of the four I use at work) and one from home (out of the seven internet devices at home network).

  3. Re:Don't brush your problem off on the user on Mitigating Password Re-Use From the Other End · · Score: 1
    The user has n interest to make sure that if one site he/she logs into gets hacked, the damage does not spill over into other websites. The websites have a completely different cost/benefit scenario. Security is seen s cost. Do the minimum required to identify the users, remember their settings/preferences, give users some vague sense of security. That is all the web sites are going to do. Unless the user demands better security they wont provide it. You think there will be enough users demanding more secure sites in this day and age? Most users dont even seem to know that there is something called security and privacy. No there is no incentive for the sites to provide any more security. Costs money, reduces user "experience".

    So if you care about security, first take steps to make sure you can prevent spill over from one hacked site to other user accounts you have on other sites. Then evangelize about the need for better security, At some point even the twitter using teen might actually "get" it.

  4. Re:I still don't want touch screen on $200 Intel Android Laptops Are Coming · · Score: 1

    So what you want is a chrome book. It is already there. 199$. The price can down if there is an uptick in usage.

  5. Educate the users, Avoiding reuse is easy on Mitigating Password Re-Use From the Other End · · Score: 2
    1. It is in the best interests of the users to use different passwords for different sites. Simplest thing to do is to use a 8 char string as the base password and append, prepend or insert a three char string based on the web site name into it. Each site has its own password, but it would not be easy to use a compromised password at other sites. It is in the best interests of the users to do it. For sites security is just cost, they do the minimum. Rotate the base password once a year or so.

    2. We should ask the more important accounts like brokerage, mutual fund, bank accounts to use a two factor authentication system. But I don't want to juggle too many RSA key fobs. I like google sending a six digit code to the designated cell phone. Google also lets you set up 10 one time pad numbers ahead of time to handle the case when the cell phone cant get texts. As a first step if they would just send me text or an email for each login event and each transaction that would reduce fraud.

    3. What really bugs me is, in this day and age of social network where people are posting details of their breakfast lunch and dinner for the whole world to see, even banks use "maiden name of mother" "name of your pet" or "where you went for honeymoon" to reset passwords. That is insane. So I used to give non intuitive answers like "nissan sentra" as the mothers maiden name. But it is so difficult to remember what stupid answer I gave to which site. That is my biggest beef with these security questions.

    4. No I did not switch my username and password edit boxes when I signed up for slashdot. Friends recognize the dorm addresses, rest of alumna recognize the dorm names.

  6. Re:Why didn't they evolve a "better" brain? Easy on 'Master Gene' Makes Mouse Brain Look More Human · · Score: 1

    We did. Mostly because we are, essentially speaking, a big evolutionary mistake. We can't run fast, we're not strong, we can't hide easily, we have no fur or feathers to keep us warm (which means we have to burn a LOT of calories just to heat up the air around us in cold periods!

    No, evolution does not make mistakes. Because evolution does not have a goal, does not have place to reach. When there is no right way for it to work, there can not be a wrong way. So by its very nature what evolution does can not be called right or wrong.

    We have not been leopard food for at least the last 15 million years. What is the proof? None of the greater apes have a life span less than 30 years. Animals that can die for no fault of them, purely due to chance, no matter how good they are in whatever survival strategy they follow die young. Insects, mice, most prey animals. Even predators that use the high risk chases die of accidents. Their life span is limited. Species that have control of their life, slow down. Elephants, rhinoceri, hippopotamus, great aps, larger birds, they have no predators, that is how they live that long. So we have been at the top of the food chain for at least 15 million years, since the great ape lines branched off from rest of the primates. Did you know all living things have exactly the same length of life in terms of heart beats. All animals get about 2 billion heartbeats of life.

  7. Re:Sadly it is not available any more. on Smithsonian Releases 128-Year-Old Recording of Alexander Graham Bell · · Score: 1

    The record is broken, the law is broken, the legislature is (house) broken, but the rent seeking copyright babies are stronger than ever

  8. The employee is a chump? on Salesforce, a Pillow Maker and a $125k AmEx Bill · · Score: 1

    What an executive of my pillow with a personal credit card with a credit limit higher than 125K paid it to some vendor of my pillow. Acting as the official of the company he offered to pay 125k in company check but the vendor refused to take a check. Even if he gave the vendor money from his creditcard, he should have issued that 125 k check from the company and deposited it into his account. But for some reason he did not. How did this chump get a card with higher than 125 k limit I cant understand. Fools and money are easily parted and fools and he should been taken to the cleaners much earlier.

  9. Can the entropy of the universe be reversed? on Why We'll Never Meet Aliens · · Score: 1
    We should ask siri and wonder if it will say, "insufficient data for an answer."

    Thats the last question I guess.

  10. Sadly it is not available any more. on Smithsonian Releases 128-Year-Old Recording of Alexander Graham Bell · · Score: 3, Funny

    RIAA issued a DMCA take down notice and they had to take it down.

  11. Re:Harvard is gone to the dogs. on Harvard To Close New England Primate Research Center · · Score: 2
    Sir,

    I am surprised you got the spreadsheet scandal via Colbert. It has been making news for quite some time. There was an NPR report, one BBC report etc. So please do not assume I am getting all my news from Colbert.

    Further, very surprisingly, Stewart and Colbert seem to care for accuracy, despite being a comedy show. Being comedians they are able to laugh off their mistakes on air and apologize by making fun of themselves. But still, they do that when they make a mistake. The one I remember recently is Stewart making up a funny dickish name connected with civil rights, and it turned out to be a real name. The on air apology from him made me wonder, why isn't he called the newsman and the others jokers.

    [1] http://arstechnica.com/tech-policy/2013/04/microsoft-excel-the-ruiner-of-global-economies/

    [2] http://news.silobreaker.com/does-this-spreadsheet-error-invalidate-the-case-for-austerity-5_2266755871209947215

    [3] http://news.silobreaker.com/three-umass-profs-expose-flaw-in-harvard-research-that-underpinned-austerity-5_2266756154677788864

    [4] http://news.yahoo.com/student-took-eminent-economists-debt-issue-won-095347790--business.html

    [5] http://www.bbc.co.uk/news/magazine-22223190

    [6] http://chronicle.com/article/UMass-Graduate-Student-Talks/138763/

  12. Law is an ass. But this AG is a bigger one. on Washington AG Slams T-Mobile Over Deceptive 'No-Contract' Ads · · Score: 1

    What part of pay all remaining installmenst before you leave he does not get? May be he is in the pocket of AT&T and Verizon who just want to some FUD.

  13. Harvard is gone to the dogs. on Harvard To Close New England Primate Research Center · · Score: 3, Interesting

    Its students are cheating. Its professors are either too dumb to use the spreadsheet correctly or so corrupt they cook up data to be shills for austerity mongers. And they cut real research centers to save money. They buy real estate in around Boston from companies going bankrupt and take off the tax rolls of local municipalities (look up the Aresenal area). I think Harvard's mission has become growing the endowments as much as possible while coasting on the goodwill created by earlier decades of solid academic work.

  14. Re:Wait a minute on Device Keeps Liver Alive Outside Body For 24 Hours · · Score: 1

    You are too subtle for your own good. You might have at least hinted something like, "come on, it is a liver, not a deader, its no big deal keeping it alive".

  15. I am safe, I dont care. on Smartphone Used To Scan Data From Chip-Enabled Credit Cards · · Score: 1

    I keep all my credit cards and smart chip embedded driving lincens in my hat. And my hat is actually a Faraday's cage constructed using a product from Reynolds. I understand the product is made by electrolysis of bauxite. So no one can read anything from it from a distance.

  16. Re:How did he encrypt it? on Federal Magistrate Rules That Fifth Amendment Applies To Encryption Keys · · Score: 1

    Be doubly sure. Apply ROT-13 twice on all your documents.

  17. Re:Nice Phone on HTC Does What Google Wouldn't: Sell an LTE Phone That Sidesteps AT&T · · Score: 1

    My wife's smart phone locked up and refused to respond to the power on button. Removed the battery, put it back, it worked. My daughter's iPod nano locks up on some corrupted mp3 files. Need to wait for the battery to fully drain and die to hard reboot.

  18. Re:Looks great! Except, it needs a hole in its hea on HTC Does What Google Wouldn't: Sell an LTE Phone That Sidesteps AT&T · · Score: 1

    Really, you are getting unlimited text, voice and 500MB of highspeed (10 Mbps) data for 25$ a month? That is the normal price in Europe?

  19. T-mobile no contract plan should shake things up. on HTC Does What Google Wouldn't: Sell an LTE Phone That Sidesteps AT&T · · Score: 4, Informative
    The latest policy shift in T-mobile is: no contracts, transparent installment sales of phones, no nickel and diming on data. 500 MB high speed included. 10$ for another 2GB, another 10$ for "unlimited". At the end of quota, no over use fees, but just throttling of speed. Allows 500 MB of tethering. This should shake things up in a regular free market.

    But I am not so sure. Verizon has a huge cash cow, in the form of FiOS. It can use that revenue stream to undercut t-mobile and try to kill it instead of competing with it on a level ground. AT&T has inertia and corporate support helping it. I just hope T-Mobile succeeds just to bring sanity to this market.

    T-mobile got the best deal in the failed merger with AT&T. Apparently that contract gave T-mobile 2 billion dollars if the deal was rejected by the Govt, and more importantly bandwidth in the edge network for T-mobile in some 50 markets. If it plays this hand of cards well, things should shake up in the mobile market in USA.

  20. Re:Looks great! Except, it needs a hole in its hea on HTC Does What Google Wouldn't: Sell an LTE Phone That Sidesteps AT&T · · Score: 1, Insightful

    VortexCortex, please sit down, as it might come as a shock to you. No matter what your GPS display shows, you are not the center of the world, and the world does not pivot around you when you make that right turn from Lincoln Ave to Water St. Your use case is so extreme, supporting your needs produces so little marginal revenue for so much of pain, they will happily ignore you. If your needs are met, it would be purely an unintended side benefit happening because of supporting some more mainstream use case.

  21. Re:But...Agile teaches us... on Dropcam CEO's Beef With Brogramming and Free Dinners · · Score: 2

    . If that's how you're doing Agile, you're doing it wrong.

    At this point Agile has assume mythical qualities. Any time anything fails to work as promised by Agile, the implementation gets the blame, not Agile. They keep parroting the same thing. "if it does not work, you are doing agile wrong". You could postulate an imaginary waterfall organization, staffed with mythical programmers who do waterfall right. Then I could also say, "if it does not work, you are not doing waterfall right".

    We have agile. We have agile tools. We have vendors selling agile management tools to our company making oodles of money. And you ask the agile tool vendor to implement something, suddenly it is going to take 18 months and two release cycles. They are agile, they sell agile tools, they should know how to do agile, and I ask for something simple like, "I want to be able to add/delete people to the notification list of user stories. There is no need to assume, there is going to be only one customer proxy or just one person monitoring progress. So when will I be able to add a notification field and add email ids to it?" 18 months and two releases.

    The defect reports come from the field via Siebel database, and some script converts it to rally. In the process it fumbles the name of the submitter and the stupid script becomes the submitter. There is no lookup table to go from Siebel ticket number of Rally defect number or vice versa. Hey, vaunted rally tool vendor, when can you fix it? 18 months and two releases. This is already 18 months and two releases gone, and there is no solution in sight.

    Rally is snake oil. It promises to deliver skycastles to addled top management which thinks building software is like toasting bread in Quiznos or building a car in the assembly line.

    There are problems with waterfall. There is an entirely different set of problems with agile and rally. Agile is not going to make your process more efficient, or your software higher quality.

    Now is your time to come in and say, "Rally is not agile" "You are doing agile wrong" completely ignoring the point there is no documented case of agile working better than waterfall given the same resources and goals.

  22. Re:Nothing converts from heat with 80% efficiency on IBM Models Human Blood System To Build Solar Power Prototype · · Score: 1

    Even concentrating heat is not all that efficient. If you have two huge lakes with a 10 degree temp diff (one at 35 deg C and another at 25 deg C) you still can not even boil a liter of water, certainly not with 80% efficiency.

  23. Nothing converts from heat with 80% efficiency on IBM Models Human Blood System To Build Solar Power Prototype · · Score: 1

    Simple fact. There is no heat engine that can convert heat to mechanical energy with 80% efficiency (with reasonable source/sink temperatures). They must be playing fast and loose with the definition of "usable energy".

  24. Re:Wasn't It As Much Individual Photog & ID? on Boston Police Chief: Facial Recognition Tech Didn't Help Find Bombing Suspects · · Score: 1

    Yes, wait till you get a real medical need. All the companies that are happily accepting your premia and "insuring" you will deny claims, make life miserable, bump you off, raise the rates, refuse to renew. All other companies will declare your condition pre-existing condition. You might as well save the hassle and go without insurance and put the premia in a separate account. At least you will be able to tap into the amount or premia you have paid.

  25. There is a big market here for someone. on Some Windows XP Users Can't Afford To Upgrade · · Score: 1

    If you know enough about virtual machines and provisioning, there is a good market for your skills. Install a good distro of linux, install a virtual machine server, provision a XP machine, using the old license. Set up proper firewall and a hardwired whitelist access hosts file. Make the old software work in new machine. Profit.