Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Comments

top

Consumer Reports: New iPhones Not As Bendy As Believed

WuphonsReach Re:To summarize: (301 comments)

I've had a HTC One (m8) since it came out (about 6 months ago). I keep mine in a case (SUPCASE Unicorn Beetle) and have it in my front pocket all the time.

It still lays perfectly flat, no bending.

Maybe having a hard rubber bumper and the hard plastic back of the case is enough, or this is not a big issue on the HTC units.

2 days ago
top

Security Collapse In the HTTPS Market

WuphonsReach Re:Folks.... (185 comments)

Eliminate that chain, work out a public exchange and verification program (something akin to bittorrent for gpg signed certificates from other people you trust.) and plug that in in place of the current certificate authority model and you're set.

DNSSEC + DANE

It limits the damage a lot more then the current "trust the CA completely" model. A rogue CA can only damage / MitM certificates that they have issued without raising red flags in the SSL stack.

Is DNSSEC+DANE perfect? No, it has some rough edges and possible corner cases, but it's far better then depending on the current CA model.

3 days ago
top

FBI Chief: Apple, Google Phone Encryption Perilous

WuphonsReach Re:The 4th, 5th... (353 comments)

I'm amused that it has taken this long for people to start caring about encryption. I remember the mid-late 90s when PGP first came out and those in charge tried very hard to spread the lie that only bad people use encryption.

Regular people *started* to finally care, at least a little bit, once internet commerce became a thing, but even then SSL was only used to protect credit car numbers in transit.

The last few years have been interesting - a lot of people are starting to finally grasp the importance of using encryption everywhere.

4 days ago
top

CDC: Ebola Cases Could Reach 1.4 Million In 4 Months

WuphonsReach Re:What is going on? (275 comments)

Bleeding from all orifices is actually one of the less common symptoms. It's just a headline grabber.

On the WHO site, it's listed as the last of possible symptoms with language indicating that it only occurs in some patients.

5 days ago
top

Slashdot Asks: What's In Your Home Datacenter?

WuphonsReach Re:Not my cup of tea (286 comments)

Same, I used to have 3-4 servers in the home office, plus multiple desktops.

I now run a single server acting as the firewall, with VMs inside it for dedicated needs, a single laptop and a single desktop. Every few years the server gets a more powerful MB/CPU and double the RAM and larger hard drives. The server has (10) hot-swap 3.5 SAS/SATA bays. Virtualization and cheap RAM is what made the difference.

I also have a 4-bay USB 3.0 external enclosure which holds (4) 3.5 SATA drives which I use for onsite backups.

Anything that I don't need to keep online, gets written out to a pair of USB disk drives, labeled, and stuffed in a drawer.

about two weeks ago
top

Next Android To Enable Local Encryption By Default Too, Says Google

WuphonsReach Re:Why bother when Carrier IQ and friends exist ? (126 comments)

Do Android phones automatically update to the latest version?

It varies by phone and carrier. The HTC One (m8) that I have was updated this week to a new Android version. I had to approve the install and could have declined, but I did at least get an updated version.

OTOH, my Asus tablet... is probably still running the original Android that it shipped with.

about two weeks ago
top

Next Android To Enable Local Encryption By Default Too, Says Google

WuphonsReach Re:Really? (126 comments)

The primary reason to password protect and encrypt the phone is to protect against the mundane threat of someone who steals your phone, then tries to leverage that to gain access to your financial accounts or other accounts.

If you travel on any form of public transit, it's a risk. (Pickpockets, muggers, etc.)

Granted, most thieves are only after the phone for its hardware value. But others will dig into the phone and see what sort of personal information they can glean (emails, bank details, list of contacts, passwords) and then try and sell that to identity thieves.

For modern phones, storage encryption has minimal impact on battery life.

Having to enter a 4-10 digit number every time you unlock the phone is a minor hassle. However, there are tricks where you can tell the phone to only lock (after 15 minutes) if it can't see a certain bluetooth / wifi signal.

about two weeks ago
top

Apple Will No Longer Unlock Most iPhones, iPads For Police

WuphonsReach Re: So everything is protected by a 4 digit passco (504 comments)

When you speak of 4096 bit encryption, you are generally talking about RSA keys. RSA keys do not share the same "strength per bit" as symmetric keys like AES-128.

Most folks say that AES-128 is about equivalent to RSA/3072, and Elliptic Curve would need to be 256 bits to be roughly equivalent to AES-128.

The big upcoming problem with RSA is that the number of bits needed per key goes up rapidly as you need to get to stronger key sizes. To get something equivalent to AES-256, you would need a 15360 bit RSA key. Which makes Elliptic Curve crypto more interesting because you only need about a 512 bit EC key to match AES-256 strength.

about two weeks ago
top

Obama Presses Leaders To Speed Ebola Response

WuphonsReach Re:Worse than it seems. (221 comments)

Generally speaking, the chance of it going airborne is about as likely as you getting hit by lightning tomorrow. Changing how it spreads is generally really, really, hard for any virus - it would have to morph into a completely different family of viruses, at which point it would no longer be Ebola.

The bigger issues is that this is going to set those countries back a few decades or more in their development. Which means lots of instability in the region, which tends to result in bad things happening (wars, societal breakdown, less education, more poverty). That's going to kill a lot more people then Ebola does.

about two weeks ago
top

What To Expect With Windows 9

WuphonsReach Re:Bring back windows XP. (543 comments)

I can give you a few...

SSDs under WinXP gradually degrade in performance, because XP doesn't support SSD TRIM. On Win7, this is not an issue, so you don't have to wipe / reset the SSD / restore the operating system once a year.

Graphics performance of video drivers - I gained 20-30% performance switching from XP 32bit to Win7 64bit on the same machine, maybe even doubled performance. This was back when I multi-boxed EVE Online - I went from struggling to run 3 windows (at least one would only get 15-20 FPS), to being able to have 5-6 open (all with 40+ FPS).

The 32bit limit of 3-something GB of RAM is a bit limiting when Firefox is chewing up 500-800MB, Thunderbird is chewing up another few hundred MB, and a handful of other background tasks chewing up 40-50MB each. Moving to Win7 meant I could put in 8GB of RAM on the box, and make use of it.

Multi-tasking performance is just better in Win7 when compared to XP. Less hiccups / pauses / other strange slowdowns.

The window preview as you hover over the tasks in the task bar is addictive. Being able to see thumbnails of each application window makes it easier to pick which window to bring forward (another bonus for multi-taskers).

A bit more resilient then XP to being infected - not perfect, but a definite step forward.

We run Linux on the servers, but I'm quite happy running either OS X or Win7 on the desktops. Both get the job done well enough and stay out of the way.

(Running Win7 on a 2007-era Thinkpad T series, 8GB RAM, pair of SSDs, and only a dual-core Intel CPU.)

about two weeks ago
top

What To Expect With Windows 9

WuphonsReach Re:A non-UNIX OS in a UNIX world? (543 comments)

I've long stated that the worst thing the US DoJ ever did to Microsoft - was failing to force them to break apart into separate companies.

Operating systems should have gone one way (at which point, I suspect that modern versions of Windows would be posix-based, probably on BSD). The application stack should have gone another way (MSOffice running on just about everything, instead of being limited in order to sell Microsoft Phones). The hardware stuff into a 3rd company.

Instead of being separate companies and competing - now they are all bound together, fighting for their little fiefdoms tooth and nail, and slowly sinking into obscurity.

about two weeks ago
top

Tim Cook Says Apple Can't Read Users' Emails, That iCloud Wasn't Hacked

WuphonsReach Re:Lie. (191 comments)

You can, and I'd guesstimate that about 50% of legit SMTP connections to our server are encrypted with TLS. But that number could also be as low as 10-20% (the 90% of all connections being spam zombies makes it harder to estimate).

I have not tracked the value over time to see if it is going up/down. And our site is not particularly large, so we don't have a good sample to pull from.

about two weeks ago
top

US Scientists Predict Long Battle Against Ebola

WuphonsReach Re:+-2000 deaths? (119 comments)

From my reading, it's possible to be infected for two or three weeks without visible symptoms. This means that there's plenty of opportunity for somebody in Africa to get on a plane and go somewhere else, and then have ebola hit. I have no confidence in confining it to one continent.

You need to go back and read again.

Until you are symptomatic, you are not infectious.

(And it's highly unlikely, as in lightning-strike odds territory, to become able to infect via airborne methods. It will remain a touch bodily-fluids and be infected virus.)

about two weeks ago
top

Ask Slashdot: Advice On Building a Firewall With VPN Capabilities?

WuphonsReach Re:geek or not (238 comments)

For DYI, the choice really does boil down to either pfSense or IPFire depending on whether you want BSD or Linux underneath.

Personally, I went with a full blown CentOS with Shorewall / OpenVPN on top, but it was definitely not the easiest thing to setup. Next time around I'm strongly considering a firewall distro.

about two weeks ago
top

Microsoft Killing Off Windows Phone Brand Name In Favor of Just Windows

WuphonsReach Re:Good decision? (352 comments)

There's really only three Linux distros... Red Hat, Debian, everyone else.

Which is somewhat similar to the days where you had Windows 95/98 vs Windows NT - and you couldn't always run software from one on the other.

And really, once you get past the package manager, most of the differences between the distros are only skin-deep. It's all GNU/Linux underneath.

about three weeks ago
top

Mozilla 1024-Bit Cert Deprecation Leaves 107,000 Sites Untrusted

WuphonsReach Re:Seems kind of pointless- the DNS has to be subv (67 comments)

DANE is mostly to guard against rogue CAs. CA #1 cannot sign a certificate claiming to represent the domain that was actually certified by CA #2. So it limits the amount of damage that a rogue CA can get away with.

It may also eliminate the need for CAs and certificate altogether. You just store the public half of your certs in the DNS system.

about three weeks ago
top

Mozilla 1024-Bit Cert Deprecation Leaves 107,000 Sites Untrusted

WuphonsReach Re:They declared that security required, https (67 comments)

Even if you don't do financial transactions on your site - consumers / customers / users are getting more savvy and want *any* personal information to be encrypted in transit. Login details are naturally something that should always be encrypted, but that also extends to things as mundane as URL history or search terms.

I just wish DANE was farther along (plus DNSSEC).

about three weeks ago
top

Why Munich Will Stick With Linux

WuphonsReach Re:Can we have a [credible] MS Access equivalent? (185 comments)

The bigger issue with MSAccess and where other tools fall flat is the ease of linking together multiple, disparate, data sources - without having to register dozens/hundreds of ODBC drivers - mashing the data together, then sending it off to yet another destination.

This is especially critical when you work with ad-hoc data sets that are somewhat or completely different from job to job, client to client, so putting that data into a proper database and writing proper SQL queries to massage it or slapping a web front end on it -- is not worth the time investment.

I've looked at OpenOffice/LibreOffice Base over the years. It's still an infant, not even equivalent to the old MSAccess 2.0 functionality yet. Import/Export of CSVs is difficult - it won't create the tables for you and create reasonable field definitions. Linking to another database requires an ODBC driver connection to be configured on the system.

Worse - it uses HSQLDB, where you have to put double quotes around all of your field/table identifiers. That makes it garbage - because you can not prototype a SQL query in Base, then copy/paste it to another SQL compliant database and get it to run without major changes.

about three weeks ago
top

Firefox 32 Arrives With New HTTP Cache, Public Key Pinning Support

WuphonsReach Re:Isolating the problem (220 comments)

I really cannot think of a reasonable workflow where that would make sense but I'm not trying to judge

The workflow is pretty much anyone who has to wear multiple hats during the day. Think of open tabs in background windows as short-term bookmarks.

One browser window with half a dozen tabs to keep an eye on the internal ticket system. Another window open with a dozen tabs to track stats on jobs in-progress across multiple days (so that you can just alt-tab to that window, glance through the tabs, rather then rummage for bookmarks or use the awesome-bar). Then typically one window per task / project with anywhere from 1-20 tabs.

As an example, let's say I need to look into GlusterFS. I can either re-purpose one of the my existing browser windows, or better, open a new one and keep all tabs relating to GlusterFS in a single window. I'll start with Google or the GlusterFS home page, then will start proliferating tabs as I find things that are interesting enough to be read, but I'm not ready to dive into that tab yet, nor is it something that I'll want as a long-term bookmark.

As I work through the various tabs, they either get bookmarked after I've read them or just closed.

Not hard to hit 100 tabs. Today is about average and I have 10 windows open, each has 1-15 tabs in it.

about a month ago

Submissions

Journals

WuphonsReach has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?