Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Comments

top

New SSL Server Rules Go Into Effect Nov. 1

Cley Faye Re:Why? (92 comments)

it doesn't have to be turned on after you finish signing certs until its time to sign another batch...

To be fair, with OCSP you need something that's online all the time your certificates are used. But unless you have hundreds of peoples checking your certificates simultaneously, any low-end contraption can handle it.

about a month ago
top

New SSL Server Rules Go Into Effect Nov. 1

Cley Faye Re: Why? (92 comments)

Are you connecting to that self signed cert that is university owned or that self-signed cert that is setup by my evil laptop on the wifi network?

[...]

With BYOD you simply cannot use a self-signed certificates. Your potential attack surface than increases.

That's why the previous poster said "Or the college provides an easy way for the BYOD people to acquire the college's cert."

You don't have to trust any self-signed certificate that the web server throws at you. You go to the official, public website of your uni/work/whatever (or to the IT dept. if they want to do this by hand), and grab the CA cert there. You trust this website, it can have a regular certificate issued by any public authority, and using this newly downloaded cert. as a CA, you can safely connect to anything your workplace have in it's private network.

The only hindrance is that the users have to install this certificate once. Through easy GUI.

about a month ago
top

Mac OS X Yosemite Beta Opens

Cley Faye Re:Flat UI Design (165 comments)

You could have formulated it better, but it's true that KDE don't try to change "for change sake". And even if it did, it's one of these desktop that still have relatively easy visual customization.

about a month ago
top

Intel Launches Self-Encrypting SSD

Cley Faye Re: How is this news. (91 comments)

Yes, TRIM is there to improve performance when writing in a block, but it don't need to erase it, not when receiving the trim command or afterward. The performance problem comes from a write operation that is smaller thn the block. Imagine a block size of 1kB. If you want to write 200 bytes in it, you have to read the whole block, update the relevant part in memory, and write the updated 1kB. Now, if you have the knowledge that the block is completely unused by the FS, then you can skip the reading part, and just write an 1kB chunk of whatever with the correct 200 bytes. No read/update penalty, AND the ssd firmware can decide to reuse that block for transparent wear-leveling, improving both performances and lifetime. But, all this doesn't require actual deletion of the block content at all.

about a month ago
top

Intel Launches Self-Encrypting SSD

Cley Faye Re:How is this news. (91 comments)

TRIM don't actually zap the data, it just mark a block as unused. This is to increase performances, because on the next write in this block, there is no need to read it, update it in memory, then write it. But until something is written there, no guarantee that the content itself is erased. Custom firmware could read it, or advanced forensics could get the chips out and get data from it or something.

about a month ago
top

Intel Launches Self-Encrypting SSD

Cley Faye Summary of advantages: (91 comments)

This idea is amazing.
Instead of having:
- full control over the encryption software
- full control over the encryption key
- data that goes in clear in the ram, then is never seen in clear by the hard-drive
- performance nearly identical through either hardware-enabled encryption (AES...), or even software based implementations (even a smartphone can do it transparently)
We're trading all this for:
- who knows what really happen down there
- hey, is your secure key even used for anything more than ciphering a header?
- data goes in clear in the ram, then in clear to the drive, that do whatever with it. It's so easy to make sure an SSD doesn't make invisible copy too.
- performance nearly identical through (supposedly) hardware encryption.

Yeah, no, please stop fixing problem that doesn't exist.

about a month ago
top

A New Form of Online Tracking: Canvas Fingerprinting

Cley Faye Re:Rounding differences (194 comments)

I'm more curious about why "different computer draws the image slightly differently".

Slight rounding differences, shape edge antialiasing behavior, font antialiasing behavior, installed fonts, and the like are the big ones I can think of. HTML5 Canvas behavior isn't specified down to the bit level.

Maybe it should. Providing an API and saying "it kinda work like this, most of the time, your mileage may vary" doesn't sound very good.

about a month ago
top

A New Form of Online Tracking: Canvas Fingerprinting

Cley Faye Re:Why does this work (194 comments)

yes, but, there is so much layers that are supposed to smooth the hardware difference:

  • canvas operations are raster-based and lossless
  • browser scripts (either ecmascript or another) should provide consistent execution: whatever the underlying hardware, if I ask JavaScript to draw a circle with (x,y) center and r radius, the result should be predictable, and not hardware dependant
  • even considering that browsers use "hardware acceleration" as a way to speed things up, there is still at least one layer between the software and the hardware (either an opengl driver, or some other monstrosities drivers) that *should* provide reproducible, consistent result with various hardware

Now, I perfectly understand why neither the browser, the OS API, and the driver would bother to provide perfect results: we're trading performances for accuracy. After all, if I draw my circle with 0.1 pixel of error, it will look good because of antialiasing. But I still think that software results that are independant of external input should not vary from one hardware to another. There is only one good output for a deterministic software function when always providing the same input.

Imagine the horror if different processors would return different values when computing 1/0.999 just because they have different hardware (oh wait, this one kinda happened :D)

about a month ago
top

A New Form of Online Tracking: Canvas Fingerprinting

Cley Faye Why does this work (194 comments)

Instead of focusing on the privacy issue, I'm more curious about why "different computer draws the image slightly differently". Browsers are supposed to provide abstraction from the machine, and the same scripts run on different computers is supposed to behave in the same way. At most, it could tap into things like the user id, but shouldn't have access to more than that.

about a month ago
top

The "Rickmote Controller" Can Hijack Any Google Chromecast

Cley Faye Re:Doesn't this require access to your network (131 comments)

Why? It's a matter of updating the firmware. There already is a physical button on chromecast devices. It's also stated that holding the button down 25 seconds will factory reset a chromecast.

about a month ago
top

Qualcomm Takes Down 100+ GitHub Repositories With DMCA Notice

Cley Faye Re: Patent Trolls (349 comments)

You know, seeing how things are going lately, not being able to connect to current cellular networks looks more and more appealing.

about a month and a half ago
top

Supreme Court Rejects Appeal By Google Over Street View Data Collection

Cley Faye Re:Google has no excuse (113 comments)

If you think so, then don't come complaining when your phone take ages to pinpoint your location through pure GPS. Wifi positioning is incredibly helpful.

about 2 months ago
top

Supreme Court Rejects Appeal By Google Over Street View Data Collection

Cley Faye Re:This is rediculous (113 comments)

Yes, a law against people sending their unencrypted credentials through their neighborhood and whining afterward would be a good start. Privacy is an important thing after all.

about 2 months ago
top

Was Watch Dogs For PC Handicapped On Purpose?

Cley Faye Re:Please (215 comments)

Graphics are certainly not the *key* point for a good game, but saying that they are not relevant would be crazy.
From your examples, Half-Life was great, but the graphical difference from HL1 to HL2 certainly contributed to improve the experience. There's nothing saying that we can have either good gameplay XOR good graphics. Both at the same time are nice too.

about 2 months ago
top

Was Watch Dogs For PC Handicapped On Purpose?

Cley Faye Re:No accounting for taste. (215 comments)

While the unlocked graphics style is certainly better for screenshots, it suffers the problem of highlighting close things, while highly blurring anything at a distance. While more 'realistic', if I were testing the game, I'd definitely suggest disabling this 'feature' by default, as it really can hamper gameplay and discovery.

That's pointed out in the end of Total Biscuit's video. There's still stuff to enable/bring back, and stuff to adjust. He plainly says that the depth of view effect might be too much in this version of the "mod".

about 2 months ago
top

id Software's Original 'Softdisk' Games Open Sourced

Cley Faye Re:Wow.. Pascal. (100 comments)

FreePascal is a "complete" compiler that was ported on different systems.
GNU Pascal is a frontend to gcc: it takes the pascal input, translate it in some intermediate language that gcc can understand, and let him finish.
This mean that FreePascal have to be designed to produce outputs for all platforms, while GNU Pascal only have to follow gcc evolutions, and is instantly able to build on all supported gcc targets.
To summarize, they are different software for roughly the same purpose. I believe that more details will make it technical :-)

about 2 months ago
top

Microsoft Fixing Windows 8 Flaws, But Leaving Them In Windows 7

Cley Faye Re:Dear Microsoft.... (218 comments)

Ooooh I only used the touch interface without a physical keyboard, that might explain things... ;)

about 2 months ago
top

Microsoft Fixing Windows 8 Flaws, But Leaving Them In Windows 7

Cley Faye Re:Dear Microsoft.... (218 comments)

You're very wrong when you say "all the cool features involving touch are useless for the cube farm drones."

After having played with a surface tablet and an "embedded" windows 8 computer (those things that combine the computer and the screen), I can tell you this about the touch features: they are broken by design, gets in the way of doing things (even moving a file is more complicated than using a mouse, and why doesn't the keyboard pop up when hitting a textbox?), and as such are useless for everyone, not just the cube farm drones.

about 2 months ago

Submissions

Cley Faye hasn't submitted any stories.

Journals

Cley Faye has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>