Announcing: Slashdot Deals - Explore geek apps, games, gadgets and more. (what is this?)

Thank you!

We are sorry to see you leave - Beta is different and we value the time you took to try it out. Before you decide to go, please take a look at some value-adds for Beta and learn more about it. Thank you for reading Slashdot, and for making the site better!



World of Warcraft Character Becomes Campaign Issue

Stray7Xi Re:I'm Assuming Dwarf Priests are Okay (381 comments)

Depends was it a true christian priest or some heretic priest worshiping some azerothian sun god

more than 2 years ago

Mt. Fuji May Be Close To Erupting

Stray7Xi Re:Drill a hole, relieve the pressure? (269 comments)

I'm not a vulcanologist but here's what I think. Imagine a balloon and trying to release the pressure by poking a hole. 16MPa with a 1 square meter hole is nearly 18000 tons of force. I would think the hole would tear apart and basically be an eruption. If it didn't tear open, it'd still release all the gasses and the area would have to be evacuated.

more than 2 years ago

Judge Approves Settlement In eBook Price-Fixing Case

Stray7Xi Re:Low margin high volume (242 comments)

You didn't consider the cost of hiring an editor. I really worry about self-published books because authors seem to think they can self-edit. Not the kind of books I want to read.

more than 2 years ago

Will Speed Limits Inhibit Autonomous Car Adoption?

Stray7Xi Re:No, it'll just be an OPTION (650 comments)

Sure automate the driving but commercial trucking will still want a person on board if for no other reason to protect it from being robbed.

more than 2 years ago

Panetta Labels Climate Change a National Security Threat

Stray7Xi Re:Waiting for the hypocrisy to start (397 comments)

Scientists do research, policy makers act on it. Is your argument that policymakers should completely ignore science? Panetta is not a scientist, and it appears he's not talking on science but the policy that stems from it.

This is pure political games that Panetta doing giving speeches to environmental groups. But he's also right, it's his job to consider possible threats. DoD plans for things that aren't a certainty all the time. What if China invades Taiwan? What if strait of Hormuz gets blockaded? and a thousand more things that are far less likely then climate change. The pentagon is massive and basically all it does planning for different contigencies.

more than 2 years ago

Heavyweights Clash Over Policing Repeat Copyright Infringers

Stray7Xi Re:You mean infringers like China? Or IBM? (107 comments)

They don't need copyright to protect the Mickey Mouse brand. All they need is trademark, which has no expiration (except by abandonment). Steamboat Willy is not a profit center for Disney.

more than 2 years ago

Are Programmers Ruining the Design of eBooks?

Stray7Xi Re:Wrong approach. (470 comments)

I don't want specific media for ebooks. I want an ebook device that accurately displays the printed page.
Where's my A4 300+DPI E-ink tablet that's been promised 'just around the corner' for years now.

Pages are obsolete in a digital world. It would be nearly twice the size of current tablets. It doesn't face technology obstacles, it faces market obstacles. As in, is there a market to buy a product that:

*doesn't fit conveniently in a purse.
*Is no longer one-handed but should be set on desk or propped up.
*Can't display images well (either no color or low color depth). So still can't display PDF/Figures/Charts

The problem isn't e-readers poor rendering of PDF's. The problem is PDF standard has a primary objective of defining exactly how something should be printed. It is not a standard that should be used for anything that isn't meant to be printed out. We need to be using a standard that provides markup that the e-readers decide how best to render.

about 3 years ago

The Mexican Cartel's Hi-Tech Drug Tunnels

Stray7Xi Re:You'd think... (448 comments)

You'd think that they could detect the activity required to build a tunnel.

I'd think it'd be easier to detect the use of tunnel based on it's endpoints. 200 feet isn't far and both ends would need a lot of traffic. With satellites, it wouldn't be a hard algorithm to identify twin hot spots of activity. Also being so short, they could just run a pneumatic tube and have a very tiny tunnel.

more than 3 years ago

Valve Announces Massive Steam Server Intrusion

Stray7Xi Re:PCI standards (434 comments)

If you have the salt you can use a rainbow table to figure out the hash.

No you can't. 1-8character alphanumeric SHA1 rainbow table takes up 160GB. Add even 12bit salt and that becomes 640TB. You know what used a 12bit salt, legacy unix systems. Modern salts are effectively immune to rainbow tables. I'd wager the salt has more entropy then most peoples passwords.

I design software that stores password hashes. It uses the same cryptographic hash functions to store passwords (SHA1 probably).

SHA1 is unsuitable for storing passwords, use bcrypt. SHA1 is designed to be a fast algorithm and is vulnerable to moore's law. Fast hashing algorithms are a weakness for password databases because it makes bruteforce cracking faster. A modern laptop can churn out more then 100k sha1 hashes per a second. Bcrypt is designed with a cost parameter that you can tweak how difficult the hash operation is. As computers get faster, you raise the cost and then the next time person logs in you store the more secure hash.

Just because you're writing security software doesn't mean you're doing it right. I refer you to Schneier's Law:
Anyone, from the most clueless amateur to the best cryptographer, can create an algorithm that he himself can't break.

more than 3 years ago

Air Force Network Admins Found Out About Drone Virus Through News Story

Stray7Xi Re:cyber command (161 comments)

If this is the best the most elite hackers our military can muster, then I think my wife should try and apply. She knows how to use Excel pretty well.

In fact that is exactly how military works. They hire mostly people with high school education and train them into career fields. Cyber command started just over a year ago. Apparently you think the military should be able to train up people in 1 year for what takes colleges 4 years to do.

I prefer to think of them as CS college sophomores... they're still thinking about switching majors because "math is hard."

more than 3 years ago

New USB 3.0 Flash Drive Has 2 TB of Storage

Stray7Xi Re:What market does this target? (212 comments)

One use would be to store media libraries. It could eliminate the need to decide which dvd's to bring because it could bring them all. Could bundle with a media player and even put an autorun frontend to select show. The kids go to grandmothers and have every movie/tv show they want.

How often do you end up somewhere and decide to watch a movie where it turns into find something on netflix.

more than 3 years ago

5.8 Earthquake Hits East Coast of the US

Stray7Xi Re:Pentagon is being evacuated (614 comments)

Yes, old government buildings are structurally unsound before an earthquake hits.

more than 3 years ago

Court: Domain Seizures Don't Violate Free Speech

Stray7Xi Re:The message is clear: (96 comments)

Contributory copyright infringement is not anywhere in copyright law. It is something the courts made up.

more than 3 years ago

Google's Self Driving Car Crashes

Stray7Xi Re:100% reliability not needed (244 comments)

We have a whole industry based on assessing risks, they have bigger lobbyists then any safety organization. Believe me, if it's safer, the insurance industry will back it. More likely the industry will punish not using automated cars with exorbitant rates within 10 years.

more than 3 years ago

Ask Slashdot: Dealing With the Business Software Alliance?

Stray7Xi Re:Prima facie evidence? (519 comments)

Unless you have a site license, then they know you've consented.

more than 2 years ago

War Texting Lets Hackers Unlock Car Doors Via SMS

Stray7Xi Re:Car & Hacker insurance? (128 comments)

If an insurance company can't correctly assess risks on their internal books, then they're out of business. But they can still do whatever they want to try and weasel out of things.

more than 3 years ago

One Week: No Mouse, Just Keyboard

Stray7Xi Re:Logoff/Shutdown/Restart (364 comments)

Win-D to get to desktop
Alt-F4 for the shutdown option

more than 3 years ago

Linus Torvalds Considering End To Linux 2.6 Series

Stray7Xi Re:Why not 20YY.x (293 comments)

Because there is overlap in kernel development. 2.4 continued to be actively supported and developed long since 2.6 was released. If you went with release date a 2.4.36 would look like a newer kernel then a 2.6.20.

more than 3 years ago

BSA 2010 Piracy Report: $58.8 Billion

Stray7Xi Re:Quit making excuses (361 comments)

The value is not related to the price. I feel sorry for you if you can't find value in something that wasn't expensive. Piracy adds value to society by spreading the arts.

The value is not defined by the amount of money it raises (and I fail to see how this is linked to piracy rate) but the value of entertainment given to society. Pirates should pay the artists *and* spread it. Which increases the true value of art.

Locking art in a virtual vault, makes the art worthless to all except those who value it for it's pricetag alone.

more than 3 years ago

Sony Running Unpatched Servers With No Firewall

Stray7Xi Re:No Firewalls (306 comments)

Web servers do not need firewalls. If your servers are only providing public facing services there is no need to firewall them.

No no no. Firewalls aren't just used to block insecure services. They're also used to block outbound connections or rogue listeners. A common scenario is a vulnerability that allows a shell command but doesn't return output of that command. A hacker could just start a listener to serve a command shell or connect back to their computer. Yes, you're still vulnerable with the firewall but it mitigates the damage. This is probably the type of "anomalous" behavior that lastpass detected.

But If you're going to believe your public services aren't vulnerable, you might be able to squeeze a slight bit of performance by getting rid of all encryption and storing passwords in plain text.

more than 3 years ago


Stray7Xi hasn't submitted any stories.


Stray7Xi has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?