×

Announcing: Slashdot Deals - Explore geek apps, games, gadgets and more. (what is this?)

Thank you!

We are sorry to see you leave - Beta is different and we value the time you took to try it out. Before you decide to go, please take a look at some value-adds for Beta and learn more about it. Thank you for reading Slashdot, and for making the site better!

Comments

top

Ask Slashdot: Best Anti-Virus Software In 2015? Free Or Paid?

PAjamian ClamWin (467 comments)

ClamWin, the windows port of ClamAV which is relied on for mail scanning on just about every Linux/UNIX mail server you run across.

I think there may be a better front end that uses the ClamAV database as well, but I tend to just install ClamWin and call it a day.

about a week ago
top

Researchers "Solve" Texas Hold'Em, Create Perfect Robotic Player

PAjamian Re:Rock paper scissors (340 comments)

The poker bot, as with any poker player will have a strategy and play a certain way under certain circumstances. The way to oppose it is to learn how the bot plays under those circumstances, exploit it to learn what is in the bot's hand in the initial betting rounds (pre-flop, flop and turn) and then use your river bet to make the bot react in a way that is favourable to you. The above is actually rather simplified, but even a "perfect" bot cannot play optimal poker against a foe that alters his game to take advantage of the bot's strategy.

The above, of course is made on the information in the parent article that the bot plays a "static fixed strategy" and it makes its decision based on a complex table. This means that the bot will never vary its game to try to fool the opponent into making the wrong decision, it will always make the "perfect" decision as determined by the table.

So yes, I do believe this bot can be beaten. It is likely little better than if it were to make it's decision based on calculating the odds of it having a winning hand.

The computer scientists who created the bot admit they are not poker players, this in itself is telling.

about three weeks ago
top

South Korea Says Nuclear Reactors Safe After Cyberattacks

PAjamian Re:Here's a brilliant idea... (54 comments)

An air gap can't protect against the idiot operator who plugs in his USB stick to watch a movie in the middle of the night out of boredom.

about a month ago
top

Judge: It's OK For Cops To Create Fake Instagram Accounts

PAjamian Re: Not seeing the issue here (209 comments)

Yes, but the point is that the police will either get you the PD or they will let you go. If you speak to them without a lawyer present then they have zero incentive to do either.

about a month ago
top

Judge: It's OK For Cops To Create Fake Instagram Accounts

PAjamian Re:Not seeing the issue here (209 comments)

If you insist on speaking to the PD before you're interviewed by the police then they would have incentive to get you a PD faster if they really want your interview. The whole point is to insist on it, though and not to waver no matter what the police say.

about a month ago
top

Judge: It's OK For Cops To Create Fake Instagram Accounts

PAjamian Re:Not seeing the issue here (209 comments)

Right, but even an overworked PD will be able to help you more if you contact them first before speaking to the police. At the end of the day it's just utterly stupid to say anything to the police without a lawyer present.

about a month ago
top

Congress Passes Bill Allowing Warrantless Forfeiture of Private Communications

PAjamian Re:Everyone who blamed Bush for everything... (379 comments)

But frankly, if Obama doesn't Veto this, then he is the same scum of the Earth and frankly both sides need to be tossed out on their bums...

It doesn't matter, he can't veto it. 325-100 is a veto-proof passage.

about 1 month ago
top

Congress Passes Bill Allowing Warrantless Forfeiture of Private Communications

PAjamian Re:Over to you, SCOTUS (379 comments)

He doesn't have to for it to become law anyways, 325-100 is a veto-proof margin.

about 1 month ago
top

FCC Says Net Neutrality Decision Delay Is About Courts, Not Politics

PAjamian Re:Today I realized... (60 comments)

I find that I tend to get them after making a few posts, I think their algorithm identifies active participants and gives them points.

about 3 months ago
top

ISPs Removing Their Customers' Email Encryption

PAjamian Re:Anti-Spam Measure? (245 comments)

There are other options than Amazon, have a look at Madrill

about 3 months ago
top

ISPs Removing Their Customers' Email Encryption

PAjamian Re:Anti-Spam Measure? (245 comments)

It's done to help with anti-spam in general on the internet. A large percentage of PCs (especially windows PCs) are compromised and blocking outbound port 25 is a standard measure by ISPs to prevent those from being used as spambots. If you have a legitimate need for outbound port 25 traffic then most ISPs will unblock it for you on request (if you have a static IP, that is). That said, even if they do you will still likely be listed on a number of different policy blacklists which you will then have to play whackamole with to get your email accepted by other servers on the internet. A much better approach is to use a relayhost or to get a cheap VPS to relay through.

about 3 months ago
top

ISPs Removing Their Customers' Email Encryption

PAjamian Re:Most severs shouldn't be vulnerable (245 comments)

For one it can't be hijacked as easily as these ISPs are doing.

...which they're *not* doing. This article is a farce written by someone who can't even configure his email client to use the correct port for submission. He's trying to use port 25 which is only for MX to MX communication and not for submission, he should be using 587 and if he did there would very likely be no problems.

about 3 months ago
top

ISPs Removing Their Customers' Email Encryption

PAjamian Re:Meh (245 comments)

TLS in this regard would be handy if you're on an open wi-fi and are sending login information to the mail server.

Yeah, that's pretty much all that STARTTLS really accomplishes.

about 3 months ago
top

ISPs Removing Their Customers' Email Encryption

PAjamian Re:Most severs shouldn't be vulnerable (245 comments)

Look, most severs these days are configured in such a way that STARTTLS runs on a different port than the plain-text connection.

Wrong. STARTLS specifically allows for both plain text and TLS on the same port.

The server will reject login requests until the STARTTLS handshake is completed.

Partially correct. A well configured server will behave this way on the *submission* port (587) but if the MX port (25) were configured this way then you would be blocking a lot of legitimate email from old servers on the internet that do not support STARTTLS and as such is is not recommended to require STARTTLS for port 25 MX to MX communication. Also even when STARTTLS is used the connection is still plain text until STARTTLS is negotiated.

But take it from a guy who worked on an email client

Thanks for giving me a link to yet another piece of software written by someone who doesn't understand the technology behind it.

(Also: STOP USING STARTTLS!!!)

Wrong again. The only way to have an encrypted SMTP submission channel without STARTTLS (other than tunnelling through ssh or something like that) is via SMTPS (port 465). SMTPS is long ago deprecated and should not be used. Port 465 was *never* officially registered for this use and was essentially "hijacked" and there are only a very small number of old email clients that support SMTPS but do not support STARTTLS. You *should* be using STARTTLS over port 587 which is the submission port. Also STARTTLS is the only legitimate means of encryption between a submission server and an MX.

Of note (which I've also said elsewhere), the real reason the author of the original article had problems is because he is trying to use port 25 for submission. He should be using the submission port (587) and it is highly unlikely that his ISP would be blocking the STARTTLS flag on that port.

about 3 months ago
top

ISPs Removing Their Customers' Email Encryption

PAjamian Re:smtpd_tls_security_level=encrypt (245 comments)

Kind of, smtpd_* is for when postfix is the server and smtp_* is for when postfix is the client (ie when it connects to another server to relay mail). At any rate this setting should only be used for submission and not for server to server communication otherwise you will end up blocking mail to and from other servers that do not support TLS (there are many). The default setting for this is "may" which is for "opportunistic" TLS which can fall back to plain text if need be.

If you RTFA you will see that the author is trying to submit mail to port 25 on his email server which is supposed to be for MX to MX communication only. If he were to submit to the proper submission port (587) he would likely find that the STARTTLS flg is not blocked by his ISP, in other words this whole article is a farce written by someone who doesn't know what they're talking about.

about 3 months ago
top

ISPs Removing Their Customers' Email Encryption

PAjamian Re:Anti-Spam Measure? (245 comments)

I recall the general consensus being that it's an anti-spam measure, and (is supposed to) only happen when connecting on port 25 to a non-local machine

Yes and that's exactly what's happening, FTFA:

They determined Cricket was intercepting and blocking STARTTLS on port 25

(port 25 is supposed to be for server-server communication only). Normal clients are supposed to be able to avoid the issue by changing your MUA to submit mail on port 465 (smtps) or 587 (smtp).

Absolutely correct, with the exception that smtps is long deprecated and only port 587 (submission) should be used for the submission of email.

I suspect people running their own SMTP servers will probably need to negotiate with their ISPs, or relay their mail through their ISP's SMTP server as a smarthost.

This is fairly normal. Many ISPs simply block outbound port 25 rather than filtering out STARTTLS. Personally I think that's the better approach for these ISPs (to just block the port alltogether), but either way this article is a bunch of crap written by someone who can't even set his email client to connect to the right port.

about 3 months ago
top

Ask Slashdot: Where Do You Stand on Daylight Saving Time?

PAjamian Re:It's stupid - switch to GMT (613 comments)

Exactly, it would actually make the situation worse. Consider that when you call someone you may ask, "what time is it there"? What you (usually) really want to know is what part of the day / night is it. Making everyone live under GMT would answer the first question but not give you any useful information to what you really want to know and just make it harder to find out.

about 3 months ago
top

Ask Slashdot: Where Do You Stand on Daylight Saving Time?

PAjamian Re:Against it (613 comments)

I wonder if those in the "DST helps to save energy" camp took into account the significant amount of energy used by computers around the world to account for DST in time-zone conversions?

about 3 months ago

Submissions

top

Fedora 19 to Stop Masking Passwords

PAjamian PAjamian writes  |  about a year and a half ago

PAjamian (679137) writes "Maintainers of the Anaconda installer in Fedora have taken it upon themselves to show passwords in plaintext on the screen as they are entered into the installer. Following on the now recanted statements of security expert Bruce Sheiner, Anaconda maintainers have decided that it is not a security risk to show passwords on your screen in the latest Alpha release of Fedora 19. Members of the Fedora community on the Fedora devel mailing list are showing great concern over this change in established security protocols."

Journals

PAjamian has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?