Announcing: Slashdot Deals - Explore geek apps, games, gadgets and more. (what is this?)

Thank you!

We are sorry to see you leave - Beta is different and we value the time you took to try it out. Before you decide to go, please take a look at some value-adds for Beta and learn more about it. Thank you for reading Slashdot, and for making the site better!



Ubuntu Releases 13.04, Sticks To 6-Month Release Rhythm

Straker Skunk Re:Next release codename? (177 comments)

I think the spyware has been a radioactive enough issue that any derivatives are going to make a point of cutting it out.

That said, I don't see the need. As much as I don't like what Ubuntu did with the shopping lens, I've long switched to Xubuntu anyway, which is more sanely managed. (The original reason was to get away from Unity, and their avoidance of subsequent Canonical brain damage cemented the deal.)

Significantly, when you use [KX]ubuntu, you still benefit from all the release engineering work of Ubuntu proper, including security updates---a point on which I'm a little more wary of derivatives like Mint.

about 2 years ago

Security Fix Leads To PostgreSQL Lock Down

Straker Skunk Re:How would an attack happen? (100 comments)

I know it's not always easy, but most data input into web forms is quite straightforward. The application should not be checking whether the data is invalid - it should be checking that it's valid. That's a subtle distinction, and I'm probably going to fail to explain it!

You'd probably have an easier time explaining it as whitelisting versus blacklisting. A developer can't hope to ever enumerate all the bad things an app should reject, so s/he should instead enumerate the much smaller set of things it should accept. Same deal if you're using a regex or whatnot to sanitize input instead of matching against a list.

about 2 years ago

Companies Advise Tighter Security After Honan Hack

Straker Skunk Re:And 2 factor will do what? (99 comments)

Assuming no one can hack SSL

The bad guys don't have to hack SSL. They only have to hack a certificate authority.

(IIRC, this is how the Chinese government broke into the Gmail accounts of various dissidents/activists.)

more than 2 years ago

Court Rules Passwords+Secret Questions=Secure eBanking

Straker Skunk Re:One-time pads (284 comments)

  • Attacker posts the malicious transfer form and performs the query to tell the bank to send out a text message.
  • Attacker displays a fake copy of the verification form where you are supposed to enter the info from the text message.
  • You read the text message, especially the part describing a $20,000 transfer to Zurich.
  • You don't enter the verification code.

Fixed that for you.

more than 3 years ago

Pee On Your Phone STD Test

Straker Skunk Re:How soon does it work after infection? (208 comments)

You're thinking about HIV, you're right, that takes months. The clap (ghonorhea) will show up the next day as will several others (actually, most STIs will show positive the next day). There's no cheap test that separately identifies Herpes Simplex 1 from Simplex 2, there is a cheap test that does not distinguish and will show positive if you have either.

The cheap herpes test works that quickly, too? My understanding is that HSV is harder to detect, not least because the virus isn't always being shed.

If the test is reliable, and quick to yield a positive, that would be pretty good---given that condoms don't necessarily protect against HSV, and we don't have a cure for it as yet...

more than 4 years ago

Pee On Your Phone STD Test

Straker Skunk How soon does it work after infection? (208 comments)

What I'd like to know is, does this test have the problem of most STD tests where you have to wait ~6 months after infection to get a positive result, since it only detects STD-antibodies (and not the STD itself) and it takes about that long for them to build up sufficiently high?

more than 4 years ago

Google Launches Public DNS Resolver

Straker Skunk Re:NTP pool & GeoIP (540 comments)

Since you've got real stratum-1 NTP servers, you could skip the pool altogether and add them to the official NTP time server list.

AFAIU, the NTP pool is meant more for lower-stratum servers, like users on static-IP cable modems, so your machines wouldn't be doing as much good there.

more than 5 years ago

jQuery Dev Bemoans Overwhelming Spam On Google Groups

Straker Skunk Re:Perhaps a new mail header? (251 comments)

PGP/GPG is overkill. Just drop messages that fail an SPF check. Spoofing is part of the problem here, and SPF was tailor-made to address spoofing.

If you do use PGP/GPG, you don't need an extra header for the signature; it's usually added as a small attachment, and better mail clients already pick up on that for verification.

more than 5 years ago

Washington Post Says Use Linux To Avoid Bank Fraud

Straker Skunk Re:VM? (422 comments)

What about a Windows XP Live CD?

"Sir, there are some gentlemen here who say they are from an organization called the BSA. They want to see the license certificates for those Windows CDs we've been handing out..."

more than 5 years ago

Interview With Jeremy Howard of FastMail.fm

Straker Skunk Things that FM.fm provides that Gmail doesn't (135 comments)

  • Server-side Sieve filtering/sorting
  • File storage, optionally Web-accessible (I use this to serve up a simple, static-only Web site)
  • Various authentication options (reduced-access password, one-time logins, passwords via SMS, etc.)
  • Teh Google is not reading your mail, so you can put your tin-foil hat away :-)

more than 5 years ago

Bratz Dolls May Give Young Girls Unrealistic Expectations Of Head Size

Straker Skunk Re:Almost funny (24 comments)

Yeah, I thought so too---quite a slip for the Onion's usual pitch-perfect satire.

They should have gone with something like, "One day, I found her staring at herself in the mirror, wearing her older brother's football helmet..."

about 6 years ago

White House Wins Ruling On E-mail Records

Straker Skunk Re:Wrong way: you've got your head up a butt (243 comments)

it is my fervent wish that there were no such camps and that the deaths of millions were through ignorance, starvation and disease rather than through evil.

You cannot assert that "no human being/society would ever do evil thing X." It may be unthinkable for you, and unimaginable for all but the most deranged of your fellow countrymen. But if you look throughout the world, and throughout history, you will find that every iron-clad boundary that you believe to exist has not only been crossed before, but been crossed many, many times.

It seems to me that the most convincing evidence you'll find that the Holocaust is real is the present-day horror taking place in Sudan. If you were to absorb the totality of that tragedy, the Third Reich would become less a difference of kind, and more of degree.

more than 6 years ago


Straker Skunk hasn't submitted any stories.


Straker Skunk has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?