×

Announcing: Slashdot Deals - Explore geek apps, games, gadgets and more. (what is this?)

Thank you!

We are sorry to see you leave - Beta is different and we value the time you took to try it out. Before you decide to go, please take a look at some value-adds for Beta and learn more about it. Thank you for reading Slashdot, and for making the site better!

Comments

top

VirtualBox Development At a Standstill

LordLimecat Re:VMWare is worth the money (272 comments)

The fact that VMWare has never caused a VM and all of its snapshots to implode, whereas VBox has. The fact that VMWare doesnt tend to have a VM thread hang, causing you to have to forcibly terminate it. The fact that VMWare can handle nested virtualization, and moderately complex networking scenarios.

Oh, and performance.

2 days ago
top

VirtualBox Development At a Standstill

LordLimecat Re:Oracle ... (272 comments)

Someone call Xzibit...

2 days ago
top

Latest Windows 10 Preview Build Brings Slew of Enhancements

LordLimecat Re:Wiped my Grub though. (208 comments)

And that fits with the design experience MS goes for?

Hey, 3 questions during install.
  * Whats your name?
  * Whats the computer name?
  * We detected a 438-byte bootsector on your storage device with SHA-1 c12e41289e4a294e6bd182ea7eef8a0cf50e329e and MD5 6f33616ed73ca29926ef69670e1a9880. Would you like to overwrite this with the Windows 7 bootloader, or would you prefer to start up a hex editor so that you can locate the sectors where your bootloader configuration is and manually edit in an entry to load the BOOTMGR at sector 41290?

I look forward to this option being added in Windows 10. Its so much more reasonable than taking 2 minutes to reinstall the bootsector of your choice with a live CD!

3 days ago
top

Computer Chess Created In 487 Bytes, Breaks 32-Year-Old Record

LordLimecat Re:Incredible! (202 comments)

You must speak very slowly, and with a Cupertino-approved accent.

Cant speak for IOS, but Android's voice recognition is fantastic even when in noisy environments like a car, over bluetooth, with radio on.

I had an affordable SSD in 1992 for my Psion Series 3a.

Ignoring the fact that the Psion Series 3a came out in 1993, the SSD in your Psion was ~10,000 times smaller than commonly available HDDs at the time, and would have been comparable to the flash in my TI-83. Performance wise it would have been generally worse than an equivalent HDD. Its a pretty dumb comparison all around; these days the difference in size between SSDs and HDDs is ~1/10, rather than 1/1000, and the SSDs outperform the HDDs in every single benchmark, sometimes by factors of 100 or more.

To process the bloat.

Not even sure what that means. Im sure the scientific research that goes on where I work does absolutely nothing with the cheaply available multicore CPUs; certainly the fact that a handful of nodes in our datacenter can consolidate hundreds of VMs during off-peak hours is worth something, though.

Im not sure if you're ignorant, cynical, or pining for some good old days that never really existed; but it kind of sounds like all 3.

3 days ago
top

Why Screen Lockers On X11 Cannot Be Secure

LordLimecat Re:not the point (374 comments)

To make the point, a guy even wrote a trivial app to do this (I forget his name). He was well slandered for daring to point out the insecurity that is Windows.

Gonna need a source on that. I've written joke apps that intercept keystrokes (making them do strange things to screw with people) and they will simply not work if you do not have admin rights. Intercepting anything keyboard or hooking anything requires elevation.

The short of it is, if someone can run arbitrary code in your session you are done.

Thats true as regards your personal data, but not as regards the system as a whole. If you're saying "any access to a system = root access", thats a pretty serious claim; I think the people running shared servers might take issue with that as would VMWare, Citrix, and Microsoft.

3 days ago
top

Why Screen Lockers On X11 Cannot Be Secure

LordLimecat Re:not the point (374 comments)

Be it Windows where a utility can be run to hook into the keyboard....OS X and a .kext that flashes a custom ROM to the keyboard so it doubles as a keystroke logger

Not without admin.

3 days ago
top

Computer Chess Created In 487 Bytes, Breaks 32-Year-Old Record

LordLimecat Re:Incredible! (202 comments)

Innovation-starved corporations

Cynicism to the rescue!

Now dont mind me, Ill go back to using my 14nm process CPUs, 99% accurate voice recognition phone, holographic 3d goggles, and affordable SSD computer.

4 days ago
top

China Cuts Off Some VPNs

LordLimecat Re:Well (218 comments)

On their knowledge base and using their own dedicated vpn software they say in order of preference to try OpenVPN on TCP 443, UDP, and lastly L2TP.

L2TP has nothing to do with OpenVPN. its IPSec.

OpenVPN worked reliably with the exception that they detect the network and reset it occasionally (like every 2 hours, but auto-reconnection in the client takes care of that).

So, not reliably. Thats the point. And the problem is some programs like skype auto-reconnect when theyre disconnected, which will be unprotected if your VPN resets. They can clearly see that you're using a VPN (hence the resets) and they can clearly kill the connection if they want. The thing is that enforcement varies from area to area, and time to time. See what happens around the Tianenmen Square anniversary-- Im willing to bet you'll be unable to connect.

You found links claiming otherwise? Great. Thanks for sharing, the information may come in handy. But right now I can only offer you what I have been experiencing the past month.

The OpenVPN devs know its targetted, the Tor project guys know this, and so do a lot of VPN providers.

Its entirely possible your provider is using a form of obfuscated tunnel like Obfs3 or ScrambleSuite or another proprietary mod, like VyprVPN or ExpressVPN offer. Its technically not OpenVPN, but a modified form. Its also up in the air whether those modifications weaken the VPN as the providers often do not disclose the details of what they did to the client.

4 days ago
top

Latest Windows 10 Preview Build Brings Slew of Enhancements

LordLimecat Re:Wiped my Grub though. (208 comments)

Because you're installing an operating system, and Microsoft does not make a multi-OS bootloader.

More to the point, people installing an OS have an expectation that it will be virus free. How is Windows supposed to differentiate between a benign non-MS bootloader and a viral one?

4 days ago
top

Google Explains Why WebView Vulnerability Will Go Unpatched On Android 4.3

LordLimecat Re:The solution is obvious (579 comments)

And the "oh, 5 million lines of code, I don't know where to look" is damned weak sauce. Debian back ports security patches all the time.

Debian isnt changing huge parts of the codebase all at once and calling it a security fix.

5 days ago
top

Google Handed To FBI 3 Wikileaks Staffers' Emails, Digital Data

LordLimecat Re:Encryption? (197 comments)

Good luck "going and getting" something from a server location in Russia or China

1) Google is blocked in china.
2) Thats partly because of the massive police state and strong net censorship they have going on over there-- but I'm sure YOUR data would be safe over there
3) Google is probably the only company formerly doing business in China that wont give your data up to the CPC. As a consequence of that, see #1.

about a week ago
top

Google Handed To FBI 3 Wikileaks Staffers' Emails, Digital Data

LordLimecat Re:Encryption? (197 comments)

Or better yet...don't use an email provider with any US presence.

There are maybe a small handful of places better than the US for hosting as regards privacy, and in any of them a court order will compel you to give up customer data.

about a week ago
top

Google Handed To FBI 3 Wikileaks Staffers' Emails, Digital Data

LordLimecat Re:Encryption? (197 comments)

I think I'd be encrypting everything especially if it involved using a Google server.

Why especially? AFAIK Google is the only one of the big 3 webmail providers not currently bending over backwards for the Chinese Government. There was a warrant in this case; even the famed lavabit had to fold when given a warrant.

Its absurd to go after Google for following the terms of a court order; you'd do better to ask whether the order was justified, and if not ask why the courts issued it and who can be held accountable.

about a week ago
top

Google Handed To FBI 3 Wikileaks Staffers' Emails, Digital Data

LordLimecat Re:Google sucks (197 comments)

>court-issued warrant
>gag order

Do tell, what would you have done in their situation? Told the courts to go stuff themselves? Cause that almost never goes well.

about a week ago
top

Doomsday Clock Moved Two Minutes Forward, To 23:57

LordLimecat Re:IMO (216 comments)

Theres also the problem that if you were to predict that there was a 99% chance that the world blows up today, MAYBE someone will believe you. Predict that for the next 20 years, and youre sort of nuts if you think anyone will take you seriously.

about a week ago
top

China Cuts Off Some VPNs

LordLimecat Re:Well (218 comments)

The GFW is many years beyond port-based blocking; they use DPI to identify protocols regardless of the port used. Im glad you have TCP 443 OpenVPN working; I have never been able to get that to work with client/server certs-- only static-key tunnels worked.

At the moment, my experience has been that IPSec/ is the next best contender because its more of a corporatish vpn protocol. Im really surprised that you hear people recommend OpenVPN-- I have NEVER heard anyone recommend that in China because of how heavily it is targetted. Even googling "OpenVPN China GFW" you get stuff like this:
Which VPN Protocols To Use?
  * OpenVPN: Strangely, this is the least reliable protocol/client to use — you’ll find most ports are currently blocked (connection reset). The main cause appears to be spoofed RST packets.
  * L2TP: This is a fast protocol for China and currently it works quite well

And theres no shortage. OpenVPN may work for a bit, but my understanding is that about 20 minutes into the connection the remote server gets probed a bit, and then the connection gets reset. I wouldnt use PPTP because of its known security issues; it wouldnt surprise me if they had that nut cracked.

about a week ago
top

China Cuts Off Some VPNs

LordLimecat Re:Well (218 comments)

OpenVPN is trivially identifiable on port 443, and has been for some time. Im not sure why theyre not blocking you-- perhaps you're using a site-to-site tunnel with static keys. Certificate-based OpenVPN is notoriously unreliable in China because they fingerprint it within about 20 minutes and kill the connection.

Part of the reason I know it can be fingerprinted-- aside from the fact that Im well aware of what works and doesnt behind the GFW-- is that Im good buddies with my employer's security team, and they have on occasion let me know when they see my port 443 OpenVPN shenanigans. I believe it has something to do with the way the certs are exchanged; regardless, SSL and HTTPS are two different things and they have different signatures.

about a week ago
top

China Cuts Off Some VPNs

LordLimecat Re:Well (218 comments)

AFAIK its technically illegal to have an encrypted laptop in China. Any guesses as to whether my employer, or federal employees, or other major companies just go "oh gee, better turn off disk encryption"?

Businesses arent going to just sacrifice a market, but theyre also not going to blithely let their secrets be stolen upon entry into China or on net usage.

about a week ago
top

Book Review: FreeBSD Mastery: Storage Essentials

LordLimecat Re:What a crock (75 comments)

This is a variant of the venerable security through obscurity.

Not really.

Security is not an all-or-nothing proposition. In the real world, an adversary will NOT attempt to crack your encrypted filesystem. Instead they will do one of a hundred other attacks, like swapping your laptop with one that has a cloned disk and hardware but an embedded keylogger, or add in a shim between the disk and interface, or install an infected MBR that logs the decryption password, or perform a RAM sniffing attack to steal the keys, or simply extort the keys out of you.

Security is a process of analyzing the most common risks, and determining the best way to deal with them. Sometimes this means determining that a particular security action will lower your security by attracting the attention of entities with far more sophistication than you are prepared to deal with; if you are worried about criminals stealing your laptop, and your mitigation ends up attracting the attention of the NSA, you have lost the security battle.

IDS / antivirus have no ability whatsoever to detect a hardware keylogger, by the way. If you attract the attention of someone who can gain physical access to your hardware, you lose-- period.

about two weeks ago
top

Book Review: FreeBSD Mastery: Storage Essentials

LordLimecat Re:NTFS (75 comments)

Isn't NTFS kind of frozen in time as of 10 years ago at least?

AFAIK it gets revisions with every major release. Like the EXT family its backwards compatible, transparently.

No new features of any note for how long, a dozen years?

What big features is it missing aside from the checksumming / self-healing stuff thats already in ReFS? Feature wise its a pretty decent FS; its biggest flaw AFAICT is its bad performance in directories with huge numbers of files.

about two weeks ago

Submissions

top

50 Cent Party alive and well in 2014

LordLimecat LordLimecat writes  |  about a month ago

LordLimecat (1103839) writes "Examples of China's internal censorship are well known in the west, such as recent examples of them blocking google entirely. Whats less well known is the techniques they use for shaping opinion outside of their country: the 50 Cent Party, a semi-official brigade of paid internet commenters. Sizing some 250,000 members at best guess, these "internet communicators" (wangluò pínglùn yuán) locate comments that paint China in a critical light and attempt to apply a spin to them.

One wonders how many communicators we have here on Slashdot."

Journals

LordLimecat has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?