OpenSSL 1.0.2 Released
Yes. There is for thing dedicated random number hardware and there is hardware that can produce partially random data, such as network cards and radios, but the latter are only really good when combined with eachother and with a random number tracker, which is something the OS can do.
OpenSSL 1.0.2 Released
Care to provide any actual statistics for that claim, or are you just one of those annoying morons with a habit of being FUDsy against anything with "Gnu" in the name?
No, I prefer GPL when other choices are equal. GnuTLS has just never had a very good reputation, and even from the most optimistic point of view, it has always been secondary to OpenSSL just by having fewer users and fewer developers. I would be great if it was better, but it has had some unfortunately design choice and a long string of serious vulnerabilities. Just look it up.
OpenSSL 1.0.2 Released
No matter what the security problem, it's always the random numbers, or lack thereof that is the problem.
(checks apt-get before making a fool of himself) ... Why the hell hasn't somebody made libRNG?
p.s. Seriously, how hard could it be to split out the RNG code of openssl or libressl and make it the gold standard? Yeah, I know it's generally unproductive to ask such rhetorical questions. Yes, I'm a coder that could do it (never looked at openssl code, but I'm sure I've dealt with worse, so I know it's possible), but I have no desire to become the owner of such a project, so I won't even bother to look at the effort required. Nor will you, probably. I have plenty of other things occupying my time. Maybe in another 20 years, if I'm retired by then...
Because on a unix system you just read from /dev/random anyway. Random seeds is an operating system responsibility, you can not make good random numbers without a little good random seed.
OpenSSL 1.0.2 Released
OpenSSL remains the only portable SSL library that can be used by both open source and commercial developers alike. Which is really a shame, because OpenSSL sucks. All the bad things the libressl people have said about OpenSSL are absolutely true.
We have GnuTLS which is only one year younger than OpenSSL, has a nicer API, is portable to Windows, has a better track record with regard to binary compatibility, a better build system, and can be used by commercial software (it’s LGPLv2.1). Comparison of features with other SSL libraries.
It also has a much worse track record in security, which is why no one uses it as the a primary SSL library and only as a library for operating on certificates.
Ask Slashdot: Where Can You Get a Good 3-Button Mouse Today?
Can't recommend enough the Performance Mouse MX enough.
While it does have the middle button integrated into the scroll wheel, once used to it you will find it completely intuitive. I middle click hundreds of times a day and only found it difficult during the first two weeks of owning the mouse. 5 years later I still prefer the Performance MX over anything else.
To middle click I typically shift my index finger over a centimeter or two. My hands are slightly above average size and ergonomically the PerfMX is perfect for me.
Logitech Anywhere MX is similar except it actually has a separate button for the middle mouse button. The wheel click is changed to be the free-wheeling lock which makes much more sense.
Also, free wheeling for the win.
Disney Turned Down George Lucas's Star Wars Scripts
Since there's less canon to violate than Trek, and it's not a reboot... maybe?
Use the lenseflares, Luke!
No.... There is nothing that man can't make stupid.
Blogger Who Revealed GOP Leader's KKK Ties Had Home Internet Lines Cut
Who the hell writes this crap? Internet cables?
I assume this is in the US. Where the cables are in the air going from the house to the utility pole, just like in 3rd world countries. They probably cut the telephone cable as well if there was one, but who would notice that?
User Plea Means EISA Support Not Removed From Linux
I find it hard to believe that anyone is using EISA still. It got almost no traction in desktops and the only systems that ever had EISA slots were 386-486 era servers before the VL-BUS and PCI bus started to gain traction in late 486's.
If someone actually has a working EISA system, I'd like to see a photo. I had never managed to see more than one of these systems in my lifetime, and only saw one because it was being replaced in 1997 by a Pentium desktop.
I've actually seen more MCA systems than I've ever seen EISA.
EISA was parallel with VL-BUS for a long time, where consumer hardware used VL-BUS and enterprise or server hardware used EISA. PCI replaced both that wasn't until the mid 1990s. Still 20 years ago though.
Facebook Will Let You Flag Content As 'False'
Exactly my 1st thought. Maybe not "false" exactly, but I've long wanted to be able to mod comments "-1 incorrect". Of course I also want a "+1 funny AND insightful".
Yeah I have often missed it too, but I guess the point is that if the post is incorrect you should reply to it and correct it, and moderators should look for replies that correct it to upvote.
The real problem is that you are not allowed to comment after voting on a story.
Why Run Linux On Macs?
A recent employer issued me a new 15" MacBook Pro. I really liked the weight, battery life, screen quality, and the feel of the keyboard. But the non-PC keyboard layout drove me nuts. I.e., the absence of stand-alone keys like home, end, page-up, alt, etc.
You should happy they removed home and end. At least if you are running OS X. You might end up hitting them otherwise, and then chaos and stupidity ensues. It seems Apple instead of fixing the retarded behavior of home and end in OS X just removed the buttons so users would hit them and be thrown around and lose the position in the document they were working on. Typical Apple; fixing the problem, not by admitting any fault but by removing user options.
Innocent Adults Are Easy To Convince They Committed a Serious Crime
What would be interesting would be to see what a polygraph says about their false memories. Can it distinguish between an event that occurred and one that was from a false memory? If not, that would be the final nail in the coffin.
What coffin? Polygraphs are a hoax intended to scare stupid criminals into confessing. It does even work on real memories, why would it work on false ones?
SpaceX Landing Attempt Video Released
WTF is going on with the left margin. God damn it, it is broken in every single browser. Are they crapping on classic slashdot to punish us for beta not working?
Google Releases More Windows Bugs
Uh, isn't that what Google's proof-of-concept does - demonstrate the flaw being successfully exploited? Does Microsoft need to see N. Korea exploiting it before they believe it's real?
If you personally create a remote account for a North Korean spy and he uses this exploit to see you power control settings. You really were asking for it, not sure what but something.
An Open Letter To Everyone Tricked Into Fearing AI
No, forget you. Yes journalism is crap and yes sensationalism rules the day. That doesn't make AI in 2015 and ongoing any less persistent a threat to humanity.
You are right, it doesn't make it any less of a threat, which is to say any less that non existing. You are exactly who this article is about, you have been conned into thinking AIs are actually real and could in any near future cause a threat to you, when that is in fact not the case. AI do not exists, all those software emulating AI are all smart systems working either deterministic based on specific rules set out or does stastical modeling to make guesses at what you mean or what they are looking at. Stastical modeling that makes a black yellow striped pattern look like a school bus, because it has no concept of anything and not intelligence in any sense of the word and that is the just what fits the statistical model.
SystemD Gains New Networking Features
Kind of hard to do on Debian.
"apt-get install openrc" is hard???
Why are you trolling? Debian might BE switching to systemd, but it is still optional in Jessie, all the other init systems still work.
Besides systemd is modular, you only need to install the modules you want and need.
OpenBSD's Kernel Gets W^X Treatment On Amd64
But, really, it should be: !w || !x so that read-only, no-execute access is also valid.
Truth Table for this expression:
X | F | T
So NAND really and not XOR?
Is 'SimCity' Homelessness a Bug Or a Feature?
It sure is a good thing that players' behavior as modeled in games has no effect whatsoever on their offline behavior, or in any way informs us about their attitudes toward the real world. That might be disconcerting.
That is not the interesting part. The players behavior might not match their offline behavior, but it does match the offline behavior of some politicians.
Google Throws Microsoft Under Bus, Then Won't Patch Android Flaw
Apple wouldn't stop supporting devices that still count for 60% of their own statistics.
No, they just do that with those under 40%.
Chrome For OS X Catches Up With Safari's Emoji Support
While it is absolutely the case that emoji has no place in certain text fields, as a web browser it is Chrome's responsibility to handle all valid and compliant UTF-8 symbols, including emoji symbols, within the application. Emoji are not some imaginary pseudo-symbol type or image format sent in-line. Where the symbol is seen, an image from a font will be displayed instead of a conventional character. As such, is it really that different than needing to support Cyrillic characters in text fields?
It was already working. This was just allowing Chrome to use the color fonts for Emoji on Mac. They were already supporting color fonts on Linux.
Michael Mann: Swiftboating Comes To Science
Are you high?
While your posts sounds great you really need to cut down on the drug, man.
Nature is not a person and neither is science, and they get really pissed off then you treat them as such.
Carewolf has no journal entries.