×

Announcing: Slashdot Deals - Explore geek apps, games, gadgets and more. (what is this?)

Thank you!

We are sorry to see you leave - Beta is different and we value the time you took to try it out. Before you decide to go, please take a look at some value-adds for Beta and learn more about it. Thank you for reading Slashdot, and for making the site better!

Comments

top

Devuan Progress Report Published

TechyImmigrant Re:good job Dev Juan (181 comments)

and appreciate systemd's implicit mandate for backup suffixes that won't fill your hd undetected as an exercise.

So implicit that it wasn't explicit.

2 days ago
top

JP Morgan Breach Tied To Two-Factor Authentication Slip

TechyImmigrant Re:Not a magic bullet... (71 comments)

[1]: Assuming a private VPLS

VPLs are by definition public.

2 days ago
top

JP Morgan Breach Tied To Two-Factor Authentication Slip

TechyImmigrant Re:Not a magic bullet... (71 comments)

Which brings up the question, was the lack of two factor authentication actually a factor in this particular breach, or is it something that is simply being tacked onto the story?

If two factor auth can be handled by an app, or even a dongle, how much additional protection can it really provide?

It's being tacked on. If there was one factor auth and the auth failed, then it raises the question why did the auth fail? Was it weak in some way? Hypothesizing that two factor auth would have fixed it in the style of "Well duh, didn't they know to use two factor auth" is just plain overreaching and wrong. There are any number of authentication schemes of different types. You can't judge any of them without first having an idea of the capabilities of the adversary.

2 days ago
top

JP Morgan Breach Tied To Two-Factor Authentication Slip

TechyImmigrant Re:Leaking Data - Bozobank (71 comments)

Here is some info I'm posting from the breach.

BANK OF BERNE Warez--slow 3.0, probe 10.0, armorall 1.0 Other stuff--Ok,
here's one you'll really like. What you do is read the messages and find out
about account number 121519831200. You use the transfer funds option to
transfer the funds to your account in the Bank of Zurich Orbital. Here's the
info you need to do it:

      Bank of Berne account - 121519831200
      Credit transfer authorization code- LYMA1211MARZ
      Bank of Zurich link code- bozobank
      YOUR account at Bank of Zurich-712345450134

You can transfer funds to your account at BOZOBANK. Be careful, there's some new AI's in cyberspace.

You missed a step.

2 days ago
top

JP Morgan Breach Tied To Two-Factor Authentication Slip

TechyImmigrant Re:Why the banks support a standard 2 factor syste (71 comments)

>Yes it is as your using the same seed. An attack that breaks e-trade's security can then give them the seed for your bank etc etc.

You're making overly broad assertions.
There are plenty of protocols that can use a single hardware token in multiple places securely. By using a ZKP for instance.
By 'seed' I assume you are referring to the time based RNG where you type in the number from the dongle. We have better ways.

2 days ago
top

TSA Has Record-Breaking Haul In 2014: Guns, Cannons, and Swords

TechyImmigrant Re:Canon? (275 comments)

Specifically this canon was found in luggage

I believe I once had a record of Pachelbel's Canon in my luggage. Perhaps you're thinking of cannons.

I had a Pachelbel's Canon printer once, but it kept printing the same page in various orientations and reversals.
 

2 days ago
top

TSA Has Record-Breaking Haul In 2014: Guns, Cannons, and Swords

TechyImmigrant Re:And how many were terrorists? Oh, right, zero. (275 comments)

>so I had to pay 25% of what a new one cost to check in my carry-on bag.

Bingo! That's why people carry stuff on that they would otherwise check. Airlines started charging for checked bags.

2 days ago
top

Amazon "Suppresses" Book With Too Many Hyphens

TechyImmigrant Re:It was probably the wrong kind of "hyphen" (290 comments)

>There are unfortunately lots of Unicode characters with the graphical appearance of a horizontal line at roughly the height of the middle line of a capital E.

How is that not redundant?

2 days ago
top

Amazon "Suppresses" Book With Too Many Hyphens

TechyImmigrant Re:Why hyphenation in an e-text? (290 comments)

There is a unicode character known as a soft hyphen.

Hey, this is Slashdot: we don't know about Unicode and we like it that way!

What's unicode in ASCII?

2 days ago
top

Hot Springs At Yellowstone Changed Their Color Due To Tourist Activity

TechyImmigrant Re: Lost in translation ... (48 comments)

>at the end of the day, we don't own entropy.

But we increase it every day, by one bit, every time we make a binary decision.

2 days ago
top

Birds Fled Area Before Tornadoes Appeared

TechyImmigrant Additive Noise Model (99 comments)

According to the Additive Noise Model, the birds didn't avoid the storm. They caused it.

4 days ago
top

Critical Git Security Vulnerability Announced

TechyImmigrant Re:SVN? (148 comments)

windows doesnt "lose" the case of the filename, dumbass - someone would have had to change it. Unless maybe its win3.1, in which case its the fucking devs fault for being a cheap shit.

That's why I said "windows of a certain age" dumbass.

5 days ago
top

Critical Git Security Vulnerability Announced

TechyImmigrant Re:SVN? (148 comments)

What possible reason could one have for differentiating 2 files on nothing but case?

1) Programmer copies files from linux box to windows box of a certain age.
2) Programmer makes some changes in windows land.
3) Windows loses the case of the filenames
4) Programmer copies files back to the same directory in linux land. Now there are two different files README and Readme.

5 days ago
top

Australia Moves Toward New Restrictions On Technology Export and Publication

TechyImmigrant Re:Innovative sheepdips (90 comments)

Yes. I remember the lawsuit.

about a week ago
top

Critical Git Security Vulnerability Announced

TechyImmigrant SVN? (148 comments)

This isn't a specific git problem. It's a windows problem.

I have source trees that I can't check out of an SVN server on windows because either the files get overwritten by different case filenames being aliased onto the same file or the file tree being to deep for windows.

about a week ago
top

Australia Moves Toward New Restrictions On Technology Export and Publication

TechyImmigrant Re:Innovative sheepdips (90 comments)

>From my understanding CSIRO solved the key problems for microwave echo cancellation and invented the IC's that encapsulated the fast fourier transforms. Here is an article with a video if it is too long to read.

You mean OFDM? Try googling "who invented OFDM". It dates back to the 60s.
I am one of the authors of 802.11 and 802.16 that both use OFDM. So are many other Slashdot readers.

about a week ago
top

Marissa Mayer's Reinvention of Yahoo! Stumbles

TechyImmigrant How long things take.. (222 comments)

People who don't make products have no clue how long it takes to make a product. Their attention span is always shorter. This is an example of someone complaining because their attention span is shorter than the development cycle.

about a week ago

Submissions

top

IACR Finally Gets Around to Repudiating Mass Surveillance

TechyImmigrant TechyImmigrant writes  |  about 7 months ago

TechyImmigrant (175943) writes "Following the focus on government mass surveillance resulting from the information revealed by Edward Snowden, many organizations involved in security and communications put out statements essentially repudiating that surveillance. As of yesterday (May 15th 2014) the IACR (International Association for Cryptologic Research) who one might expect to have a position on this, has finally one year after the anniversary of the leaks, got around to making a position statement.

"The membership of the IACR repudiates mass surveillance and the undermining of cryptographic solutions and standards. Population-wide surveillance threatens democracy and human dignity. We call for expediting research and deployment of effective techniques to protect personal privacy against governmental and corporate overreach."

So the crypto guys don't like it either. Now we know."

Link to Original Source

Journals

top

Unemployment. It's just too good..

TechyImmigrant TechyImmigrant writes  |  more than 7 years ago

I am now into my second week of unemployment. I have a job offer and start next Monday.

This would be great except I'm really enjoying unemployment. All the work related stress has been lifted from my shoulders. I have no travel planned, no economy seat hell. I got to write some code for fun. I've got a whole lot better at playing the guitar.

Perhaps somebody could give me a few million dollars. Then I could retire and live a stress free life.

Slashdot Login

Need an Account?

Forgot your password?