Announcing: Slashdot Deals - Explore geek apps, games, gadgets and more. (what is this?)

Thank you!

We are sorry to see you leave - Beta is different and we value the time you took to try it out. Before you decide to go, please take a look at some value-adds for Beta and learn more about it. Thank you for reading Slashdot, and for making the site better!



BT Begins Customer Tests of Carrier Grade NAT

bgt421 CGNAT has nothing to do with End-to-end (338 comments)

The end-to-end principle has to do with where network logic is placed, not which devices are reachable, routeable, or have an IP address. As simply as possible, the end-to-end principle means that we should have smart end hosts and a dumb network. This is why routers don't guarantee packet delivery -- its up to the hosts (with TCP, et al.) to ensure this. This is in contrast to telephony networks, where the network is responsible for almost everything.

There are good reasons to oppose CGNAT, but the "end to end principle" is not one of them.

or, if you're inclined to primary sources:

about a year and a half ago

IBM To Unveil Secure Open Wireless At Black Hat

bgt421 Re:Wait (91 comments)

Didn't read TFA, per Slashdot tradition, but the system is likely protected by the use of public key crypto.

This system is secure because you can't feasibly obtain IBM's private key. Sure, you can provide an IBM certificate, but you can't complete a key exchange or any other communications if I send it to you encrypted with IBM's public key. Likewise, in theory you can't obtain a new certificate that says that you are IBM with a public/private key that you know from a certificate authority. In practice, obtaining a valid certificate is much less difficult than it ought to be.

more than 3 years ago

Governments, IOC and UN Hit By Massive Cyber Attack

bgt421 Re:Assuming It Is China (122 comments)

If they were concerned about national security, they would denounce the culprit (they know what country they're coming from), and work on hardening security.

In most cases, we can't tell where traffic comes from. Between botnets, Tor, and other proxies, the best we can do is say "it looks like the attacks are coming from IP addresses from Karblockistan." Attack attribution is difficult, if not impossible. Hypothetically, I can attack your network and make it look like it came from anywhere in the world. If I want to be extra convincing, I'll use Chinese language tools so that you suspect the Chinese. An attack from Chinese IP's doesn't mean the PRC had anything to do with it.

As for the rest of your comment, have you not seen the flood of news articles on how DoD et al. are trying to hire security experts in droves? Besides, information security is a lot harder than putting bars on the windows. In many cases, you cannot know where you are vulnerable in the software (and hardware!) until after a breach, and in some of the more prominent attacks, the method was spear-phishing -- social engineering. You can't patch (or harden) stupid. Security is, always has been, and always will be a non-trivial problem.

more than 3 years ago

Telex Would Work, But Is It Overkill?

bgt421 Re:How can this work? (92 comments)

The answer is public-key cryptography, where I can send you a message encrypted with your public key, and only you (who knows the matching private key) can decrypt the message. A high-level analogy is sending everyone a box that they can close and lock, but only you have the key to unlock. It's impractical to obtain a private key given a public key. The tags or "secret messages" -- the colored notes in the analogy -- are messages encrypted with the public key of the Telex system in use. The initial analysis by the researchers indicates that it is infeasible to determine if the a tag is actually a tag or just a random number. Only a Telex server can tell if the field that holds the tag is a tag or not. Compromising the tag system in the way you describe would require compromising the private key from the Telex system. This would require quantum computing or espionage (stealing the key from the Telex system). It's a neat solution, actually.

more than 3 years ago

Times Paywall In Questionable 'Success'

bgt421 Re:Erosion of publishers & distribution chains (214 comments)

So what services does a Media company like The Times offer it's employee's to entice them from not competing directly against the company?

In the US? Health Insurance.

more than 4 years ago

Mazda Claims 70 mpg For New Engine, No Hybrid Needed

bgt421 Re:Diesels already do this. (576 comments)

It's news because it's a gasoline engine, not just because of efficiency. Gasoline is marginally more available and often cheaper than diesel.

more than 4 years ago

Rethinking Computer Design For an Optical World

bgt421 Re:Latency? (187 comments)

At GHz speeds, wire delay is pretty significant. Another part of it is electrical noise -- longer wires tend to act as transmission lines. I didn't RTFA, butI think the advantage of optical interconnects is that the throughput that you get beats the loss of waiting for data. You can afford to wait 10 nsec if afterwards you can fill your 1kbyte whole cache. (Not read it 64 bits/4nsec or whatever). Additionally, optical lines are immune to electrical noise (RF).

more than 4 years ago

Denials Aside, Feds Storing Body Scan Images

bgt421 Re:What Kind of Marker.... (560 comments)

This is an epic obscure Simpsons reference. When Sideshow Bob goes before the parole board, they question him about his "Die, Bart, Die" tattoo. He explains it as German, where 'die' is a definite article, and they buy it hook, line, and sinker. Sideshow Bob gets out, and mayhem insues.

more than 4 years ago

Using XSS & Google To Find Physical Location

bgt421 Re:Better Explanation (77 comments)

How often do the scans come through a given place? Would a cron job that changes my MAC addresses to a random value every $AMOUNT_OF_TIME make this ineffective and effectively protect my privacy?

more than 4 years ago

The Sun Unleashes Coronal Mass Ejection At Earth

bgt421 Re:So should I unplug all my stuff or not? (220 comments)

Not to be pedantic, but telegraph operators did drop dead during the Carrington Flare, if only because they were more or less attached to massive "antennas." Moreover, the usual threat of solar storms is not radiation to people, but to the radio equipment that makes modern life possible. This one should only graze the

more than 4 years ago

Doctorow On What Cloud Computing Is Really For

bgt421 Much ado about something... (348 comments)

I think Doctorow is starting to sound a little like Richard Stallman. Doctorow is lamenting and predicting the end of user control of our software, much as Stallman predicted loss of control over the operating system. GNU provided an option, while the majority of end users never noticed or cared as proprietary OSs took the dominant market share (at least in the PC market). Those of us who really know enough to care either use proprietary OSs willingly knowing that there is an alternative, or use libre OSs.
The same will be true if/when SaaS becomes dominant. While this generation's hackers will lament this as "the end of computing FOREVER," in reality the libre applications that already exists will still exist thanks to free licenses (and a bit of the Streisand effect, I suspect). Once software is libre and reasonably well distributed, there is little that can be done to prevent its availability. Hackers will continue to use and develop libre software, as they have for the last 20 years or so. Hackers will have the options that they do now.
The picture changes a bit for the average joe. They will have their software served to them, and if they know the difference it will be on a superficial level. Perhaps this is for the best; perhaps not. Perhaps the corporations will take their newfound powers and exploit them for nefarious purposes; there will be an alternative, even if unknown to the average end user.

more than 5 years ago

Learn a Foreign Language As an Engineer?

bgt421 Done it, don't regret it (1021 comments)

It's funny you should ask because I'm actually an American computer engineering student as well. On the side though I've just finished my Spanish minor, and while I haven't used it much in my engineering classes, it has been a much needed break from the hard-core "left-brained-ness" of engineering. It's coming in handy -- I'm working on getting an internship in Mexico next summer. More importantly though, it's helped me to learn to COMMUNICATE, which is something engineers are stereotypically bad at. Moreover, I've taken classes and labs where I was the only person who could understand the instructor -- not because I spoke their language, but because I knew what it was like to be on the wrong side of a language barrier. I've never had a problem understanding a person with some understanding of English, whether they be Chinese, Indian, German, or Egyptian. For that, and that alone, my 3 years in High School and 2 in college have paid off.

more than 6 years ago


bgt421 hasn't submitted any stories.


bgt421 has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?