Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Comments

top

Friendly Reminder: Do Not Place Your iPhone In a Microwave

bobbied Re:You're doing it wrong... (225 comments)

Now, where did I put my tinfoil hat?

You left it in the microwave after your last tanning session..

yesterday
top

Friendly Reminder: Do Not Place Your iPhone In a Microwave

bobbied Re:Also... (225 comments)

Don't put an unopened bottle or can of soda in a microwave. Or at least not in a microwave you ever want to use again.

Also, don't put your phone in gas oven, or on a hot griddle.

Similarly, don't touch anything hot enough to cook, and don't stick a knife into your gut.

You forgot: Never play Russian Roulette with an automatic....

yesterday
top

Apple's "Warrant Canary" Has Died

bobbied Re:There is no "almost impossible" (231 comments)

>Encryption is ALWAYS breakable by brute force. ...with the exception One Time Pad encryption.

Granted.... AND it's a TOTALLY unusable technique in most cases... It's REALLY HARD to do in the real world which is why I didn't put in an exception to my statement.

3 days ago
top

Apple's "Warrant Canary" Has Died

bobbied Re:There is no "almost impossible" (231 comments)

Ok.. One time pads... So you going to remember that to unlock your phone?

Practical encryption is ALWAYS crackable. (OTP usually CAN be hacked by attacking the pad generation and distribution process, but if you do that right, not crackable. It's just that it is REALLY hard to do it right.)

3 days ago
top

Apple's "Warrant Canary" Has Died

bobbied Re:There is no "almost impossible" (231 comments)

Actually, it is not. In reality, a 256 bit key can not be brute forced because of physics - especially the second law of thermodynamics. One of the results of this law is that information needs energy to be represented. In an ideal computer, the representation of one bit requires kT energy, where k is the Boltzman constant and T is the temperature. Let's assume we can operate at the average temperature of 3.2 Kelvin, the average temperature of the universe. The required energy to represent a bit in this case would be around 4.416*10-23 Joule. The annual amount of energy that our sun emits is about 1.21*10^34 Joule. Dividing this with the per bit-change energy, we could provide power for our ideal computer to perform 2.74*10^56 bit changes. This is just about enough to have a 187-bit counter go through all its states. This does not include the energy needed for the computations to test each key (our counter state in this case) for correctness. A 256 bit counter would require ~400.000.000.000.000.000.000 stars like our sun just to represent in the counter of our ideal computer. Or, to say it in the words of Bruce Schneier: "...brute force attacks against 256-bit keys will be infeasible until computers are built from something other than matter and occupy something other than space". Note: I am not talking about potential attacks against the algorithms here, etc. only pointing out that encryption is definitely not ALWAYS breakable by brute force.

I have no clue what all the above really means.... If you are saying that 256 bit keys are hard to break, I would concur. If you are saying that it would take a long time, I would again agree. However, if you look at "possible" it is totally possible to brute force a 256 bit key, it just takes TIME to do, LOTS of time OR lots of computers. Either way, it is perfectly possible... Now it may take a LOT of computers (more than are physically possible) or it may take a LONG time (more than we likely have before the sun destroys the earth) but that is all about being practical and not about being possible.

3 days ago
top

Apple's "Warrant Canary" Has Died

bobbied Re:There is no "almost impossible" (231 comments)

Encryption is ALWAYS breakable by brute force. Question is how long does it take? Seconds? Hours? Months? Years? Decades? This is usually determined by key sizes. The longer the key, the longer it takes to brute force. (generally)

Um, not quite, one time pads are provably impossible to break by brute force since the message can be decoded into any message of the right length.

One Time Pads are incredibly difficult to implement because you have to securely distribute the pads AND you have to make sure your pads are indeed random. So, for use on any kind of digital device, nobody can usually afford to use a One Time Pad for encrypting their phone.

I had assumed that the context ruled out the One Use Pad, so I didn't put an exception in for that. Sorry.

3 days ago
top

Apple's "Warrant Canary" Has Died

bobbied Re:There is no "almost impossible" (231 comments)

It either can or can't be done. Almost impossible means it still can be done.

Encryption is ALWAYS breakable by brute force. Question is how long does it take? Seconds? Hours? Months? Years? Decades? This is usually determined by key sizes. The longer the key, the longer it takes to brute force. (generally)

4 days ago
top

Oracle CEO Larry Ellison Steps Down

bobbied Re:Oracle bought Sun who owned MySQL. (141 comments)

I suppose if you don't want to feed his ego... But if you just don't want to fatten Oracle's wallet, MySQL is good in the GPL form...

4 days ago
top

Next Android To Enable Local Encryption By Default Too, Says Google

bobbied Re:Don't use a google account with Android. (126 comments)

So, riddle me this batman... If you store the key on the device and read it automatically on boot, how's that protect you? Or are you saying that it's on an external device so I now have to keep the "key" around to boot my phone? One offers zero protection, the other consumers will hate.

See this is what usually happens...The consumer doesn't want two devices to manage, they want one. We implement strong encryption using long keys, then we store these keys someplace "on the device" and protect them with a 4 digit pin. Consumers demand it. So we've really reduced the protection level of all that nifty encryption to that of a 4 digit encryption key.

Sort of like what happened to WEP.... It used good encryption (in fact we STILL use the same encryption for the most part) it just bungled the key management side of things to make it useable by consumers. (OK, they did some other stuff wrong too, but the problem was key management..)

So, I'm not saying that having a "boot key" device, simiar to an RSA token isn't a bad idea, I'm saying that most users won't stand for having something separate from their phone that they need to power it on, nor will they suffer though entering sufficiently long and complex passwords.

4 days ago
top

Next Android To Enable Local Encryption By Default Too, Says Google

bobbied Re:Don't use a google account with Android. (126 comments)

And if you think I'd ever willingly put non encrypted data in any sot of could you're dreaming.

I thought this was about ON THE HANDSET encryption?

Which leads you to the key hiding problem.... Keys need to be plain text to be used, so they are in memory when you have a device that is encrypted. Which leads you to the problem of how to get a sufficiently complex key into the device on boot? Providing keys is where most crypto systems start to break down, and people do stupid stuff like reduce everything to a 4 digit pin or some such nonsense...

4 days ago
top

Oracle CEO Larry Ellison Steps Down

bobbied Re:DING DONG! (141 comments)

The Wicked Witch is dead!

Apparently not, just replaced with two of her minions. She's still going to be there doing "product development" or some such. My guess is the two minions will take the fall for Ellison's mistakes.

4 days ago
top

Ask Slashdot: Any Place For Liberal Arts Degrees In Tech?

bobbied Re:hackers and painters (391 comments)

The best two programmers I know both didn't have college degrees at all... But that doesn't mean I would recommend those desiring such a career to forget the technical education a CS degree gives you. Both of the programmers I know expressed to me that they wish they had actually done the college degree because like it or not, not having the degree does put a considerable limitation on where you can work and thus can put limits on your earning power. Go to school, get the degree. Better yet, the masters or Phd...

about a week ago
top

Ask Slashdot: Any Place For Liberal Arts Degrees In Tech?

bobbied Re:Um (391 comments)

And likely not well paid.

about a week ago
top

CBC Warns Canadians of "US Law Enforcement Money Extortion Program"

bobbied Re:In other words....Don't look like a drug traffi (462 comments)

It's happened 65 thousand times according to this article. You can't assume that just because someone can't afford a lawyer that they're guilty.

Seizure of property perhaps. Unjustified seizure of property, not so often. I've only heard of ONE case myself where the seizure was found to be unjustified.

So are you claiming that some people just let the property go when it wasn't a justified seizure? Can you produce examples? I'm sure there are organizations that would be happy to fund the legal bills to get their property back as what you suggest is a violation of the 5th amendment.

about two weeks ago
top

CBC Warns Canadians of "US Law Enforcement Money Extortion Program"

bobbied Re:In other words....Don't look like a drug traffi (462 comments)

and that requires that they actually have some level of proof that illegal activity was going on.

You haven't been following this issue very much, have you? Siezures have been made where there was no proof, only suspicion (based on the flimsiest of evidence). As the owner, you don't have the right to challenge the siezure -- the siezure is made against the property itself.

Oh I understand the issue just fine. But, they have to have a minimum level of proof to do the seizure and they also have to defend the action in court if/when the property owner objects. A judge will rip them a new one if they don't come up with justification and the property owner objects. There are checks and balances here.

about two weeks ago
top

CBC Warns Canadians of "US Law Enforcement Money Extortion Program"

bobbied Re:In other words....Don't look like a drug traffi (462 comments)

Like I said to another poster. This unlawful seizure has only happened in a handful of cases over the last decade, and those where corrected by the courts, property returned and officers involved appropriately disciplined.

The original story reads like this happens every day. Sorry, that's not true. It doesn't happen once a week, or once a month even. For the vanishingly few cases where police forces are actively looking for things to seize, you lower your personal risk by not LOOKING like someone who's stuff they can get their hands on easily. Thus my advice to be careful of appearances.

Look, many TV programs have tried and failed to document this happening since the law was passed. 20/20 came about as close as anybody, but all they really caught on camera was a questionable traffic stop and a whole lot of people who where claiming to be innocent but had serious credibility issues. If the press cannot find and document this, it's NOT happening with any frequency that should be concerning.

If you choose to look like you might be doing something illegal, best figure on being more interesting to those who are charged with preventing crime. So it's up to you. If you want to be stopped and questioned more often, go ahead.

about two weeks ago
top

CBC Warns Canadians of "US Law Enforcement Money Extortion Program"

bobbied Re:In other words....Don't look like a drug traffi (462 comments)

So, you believe it is okay for the government to confiscate your property, without being able to articulate a _reasonable_ suspicion of criminal activity, without charging you with a crime, and without convicting you of a crime?

No., I'm saying that doesn't happen. It's only happened a handful of times, EVER, and the courts fixed it.

If it happens to you, hire a lawyer, get your stuff back.

about two weeks ago
top

CBC Warns Canadians of "US Law Enforcement Money Extortion Program"

bobbied In other words....Don't look like a drug trafficer (462 comments)

Come on, don't fall for this stuff. It's not like we are a police state (yet).

Be reasonable, don't do things that make you look like you are hauling drugs (Including not actually doing it), and things will be OK. Where I get that a foreign national might have a bit more to worry about, especially one driving a car with foreign plates, but remember, all they can get from you is the car and what you are carrying, and that requires that they actually have some level of proof that illegal activity was going on.

Unless you are incredibility stupid, or actually doing something illegal, you have nothing to fear from 99.999% of law enforcement, and for that 0.001% of the time there is a risk, there isn't much you can do anyway. But you have the same things at home I'll bet.

about two weeks ago
top

Researchers Working On Crystallizing Light

bobbied Re:Holodeck! (129 comments)

Holograms and lightsabers by 2025. (Flying cars by 2026).

Linux on the desktop this year!

about two weeks ago

Submissions

top

Former NSA Chief says "Isis are using Snowden leaks to evade intellegence"

bobbied bobbied writes  |  about two weeks ago

bobbied (2522392) writes "Former NSA Deputy Chief Chris Ingles claims that the information that Snowden leaked is being used by ISIS to evade intelligence gathering by the NSA. He also said "militants in Iraq and Syria are 'clearly' harder to track down since the rogue agent made freely available a wealth of top-secret information about how the U.S. government hunts its enemies online."

The Ex NSA Deputy Chief is claiming that what was leaked by Snowden goes way beyond what was necessary to expose Snowden's privacy concerns and has severely damaged the NSA's ability to collect intelligence by exposing their methods so they can be evaded."

Link to Original Source
top

NASA to perform reformat of Mars Rover Opportunity flash storage

bobbied bobbied writes  |  about three weeks ago

bobbied (2522392) writes "After a ten years of survival on the Martian surface, Opportunity continues to show that it is getting older. Recently the computer has been resetting itself more and more often. Controllers believe that the flash memory where the rover stores it's variable instructions has a number of bad cells which have simply worn out and stopped working. Doing a reformat operation will find these cells and remove them from use, hopefully eliminating the problematic reboots.

So, "Have you tried to re flash the firmware and power cycle it?" really IS rocket science."

Link to Original Source
top

Edward Snowden is not alone!

bobbied bobbied writes  |  about a month and a half ago

bobbied (2522392) writes "Apparently Edward Snowden is not alone. CNN is reporting http://www.cnn.com/2014/08/05/... that recent leaked documents published by "the Intercept" (a website that has been publishing Snowden's leaked documents) could not have been leaked by Snowden because they didn't exist prior to his fleeing the USA and he couldn't possibly have accessed them. Authorities are said to be looking for a new leaker."
Link to Original Source
top

Earthquake warning issued for central Oklahoma

bobbied bobbied writes  |  about 5 months ago

bobbied (2522392) writes "A rare warning has been issued by the US Geological survey today, warning of an increased risk of a damaging earthquake (magnitude 5.0 or greater) in central Oklahoma. There have been more earthquakes in Oklahoma (per mile) than California this year, prompting the USGS to issue their warning today (May 5, 2014).

This warning is the FIRST such warning to be issued for a state east of the Rockies."

Link to Original Source
top

DHS destroyed computers, keyboards, mice over malware

bobbied bobbied writes  |  about a year ago

bobbied (2522392) writes "Irrational fear and lack of understanding leads to the destruction of HHS computing equipment which had been possibly infected with malware. "The agency spent $1.06 million on “building a temporary infrastructure, pending long-term IT solution;” $823,000 on hiring the cybersecurity contractor; $688,000 on “contractor assistance for a long-term recovery solution;" and $4,300 to destroy $170,000 worth of tech equipment." They destroyed computers, TVs, keyboards, mice, printers and cameras to rid themselves of dreaded malware. Seems it worked.

In true government fashion, seems they just spent a boat load of taxpayer money on nothing. Next time just reload the operating system if push comes to shove (or you simply have to be 100% sure it is gone).

Which one of you slashdot readers cashed that $823,000 check? Well done sir or madam.. Well done!

http://www.foxnews.com/politics/2013/07/10/us-agency-destroys-computers/"

Link to Original Source

Journals

bobbied has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>