Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!



Ask Slashdot: Reviewing 3rd Party Libraries?

LordNite Don't do it (88 comments)

De-compilation is at best a violation of your license to use the library, forfeiting your ability to use it, and at worst could be a violation of the anti-circumvention clause of the DMCA, which could land you in court or in jail.

about 7 months ago

Might iCloud Be a Musical Honeypot?

LordNite Re:The author lost me at MD5 (375 comments)

And here's ( a paper demonstrating a technique for finding MD5 collisions quickly: eight hours on 1.6 GHz computer.

more than 3 years ago

Might iCloud Be a Musical Honeypot?

LordNite Re:The author lost me at MD5 (375 comments)

There are collisions. It is possible with MD5 to create a hash for two completely different files. Read Schneier's blog.

more than 3 years ago

Might iCloud Be a Musical Honeypot?

LordNite Re:The author lost me at MD5 (375 comments)

Incorrect. Read Schneier's blog, which I included in my post. It is broken for file hashing.

more than 3 years ago

Might iCloud Be a Musical Honeypot?

LordNite The author lost me at MD5 (375 comments)

From the article:
"MD5 hash values are a cornerstone of computer forensics and fully accepted as evidence that two files are identical copies of each other. You could claim that you didn’t download the song from the file sharing network because you were the one who uploaded it, but I doubt that will help your legal predicament."

The MD5 hash has been known insecure since at least 2005. See: I seriously doubt any computer forensics expert in 2011 would use MD5 hashes as evidence that two files are identical.

more than 3 years ago

Hardening Linux

LordNite Re:Sendmail? In a secure system (137 comments)

Yes, in a secure system!

Sendmail has as much place on a secure system as Postfix or Qmail. If either of those MTAs had been around as long as sendmail (22+ years) they would probably have as sordid a security history. The thing to remember is that those holes have been patched, some as much as ten years, or more, ago. No software is going to be bug or security hole free. (OpenBSD doesn't even have a pristine security history for all of its code audits.) Like any MTA software, sendmail can be configured to be secure, or it can be configured to be insecure. Just keep it up to date and configure it sanely.

Also, for the record, just throwing out Google results is meaningless. Here are some more for you.
Results 1 - 10 of about 48,100 for Postfix "security hole".
Results 1 - 10 of about 1,910,000 for Postfix bug.

Results 1 - 10 of about 44,400 for Qmail "security hole".
Results 1 - 10 of about 1,660,000 for Qmail bug.

Using your logic, Qmail and Postfix must really suck too.

Instead of throwing out Google results as proof of sendmail's suckage, why not show a few examples (that are less than four years old, please) that show sendmail currently having glaring insecurity. I will be surprised if you come up with many. The fact is that sendmail has had problems in the past. No one will deny that. Those problems spring from it being basically the first SMTP server ever. However, its security history is just that, history. I am tired of people beating the dead horse of sendmail insecurity and using data from fifteen years, or dubious Google results, ago as proof. Give some real, current evidence please. Otherwise it will continue to stand to reason that sendmail has just as much place in a secure system today as Qmail.

more than 8 years ago


LordNite hasn't submitted any stories.


LordNite has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>