Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Comments

top

Improperly Anonymized Logs Reveal Details of NYC Cab Trips

chriscappuccio Re:What's the issue here? (192 comments)

The government has the info already, they handed it out!

about 2 months ago
top

Improperly Anonymized Logs Reveal Details of NYC Cab Trips

chriscappuccio Re:Data Security Officer (192 comments)

Sorry but unless you define "GOOD ITSEC company audit the shit out of it" in tangible terms that can actually hold someone liable for failure in a real way, this is just baloney. And if you define it with teeth, the price will increase. Basically, to define it properly, you'd be able to do it yourself. Oops.

about 2 months ago
top

OpenSSH No Longer Has To Depend On OpenSSL

chriscappuccio Re:Vetting the replacement libraries? (144 comments)

There are no replacement libraries. The ED25519, ECDH, ChaCha20 and AES-CTR code is all part of OpenSSH itself. And the code is very, very tight and compact and very easy to audit. Entirely the opposite of OpenSSL!!!

about 4 months ago
top

After a Long wait, GNU Screen Gets Refreshed

chriscappuccio Most useful? (77 comments)

The most useful? You mean tmux? Not this old antiquated, bug ridden piece of code, right?

about 4 months ago
top

Not Just a Cleanup Any More: LibreSSL Project Announced

chriscappuccio Re:Please change the API (360 comments)

That will take time. The first versions will try to be API compatible because of the huge base of existing software. The future will see incremental API improvements as people learn from their experiences.

about 4 months ago
top

Not Just a Cleanup Any More: LibreSSL Project Announced

chriscappuccio Re:Or.. (360 comments)

Their format of the code is horribly broken and hard to read. Who really fucking cares what they want?

about 4 months ago
top

Not Just a Cleanup Any More: LibreSSL Project Announced

chriscappuccio Re:Or.. (360 comments)

The OpenBSD version of this library should work on any modern unix system with minimal to no change at all. The code being removed affects VMS, Windows, OS/2, and other systems. Even modern versions of Windows should require less hacks to work properly these days. The HUGE amount of workarounds, abstractions and obfuscations to support these ancient/useless systems are nothing but a hindrance to bug-free TLS support.

about 4 months ago
top

Biofuels From Corn Can Create More Greenhouse Gases Than Gasoline

chriscappuccio This wasn't obvious from the start? (159 comments)

Since the energy required to produce corn ethanol is nearly equal or sometimes greater than the energy gained as fuel, corn sucks. It should be obvious that you are going to produce more emissions with corn. Even when the tarsands require large amounts of refining, that tarsand oil will be used to produce corn ethanol. Oil is used today in corn agriculture and production of ethanol. Corn as a biofuel is an odd stop-gap. If we have to use subsidies, why not encourage farmers to make some other crop that transforms to oil with higher efficiency?

about 4 months ago
top

OpenBSD Team Cleaning Up OpenSSL

chriscappuccio Re:"Please Put OpenSSL Out of Its Misery" (304 comments)

These are the exact issues that OpenBSD is fixing. Also PHK has commended OpenBSD for taking the effort, so I think he agrees.

about 5 months ago
top

OpenBSD Team Cleaning Up OpenSSL

chriscappuccio Re:And they've already stopped (304 comments)

And if they were using a FIPS certified version of OpenSSL, they would still be compromised. FIPS means....nothing in this context.

Just because no bank was on the list does NOT mean that they were not vulnerable, just that they have too much to lose by admitting it.

about 5 months ago
top

OpenBSD Team Cleaning Up OpenSSL

chriscappuccio Re:And they've already stopped (304 comments)

Or about $900,000 less than OpenSSL receives in paid development work each year.

about 5 months ago
top

OpenBSD Team Cleaning Up OpenSSL

chriscappuccio Re:Okay, Go! (304 comments)

A PR grab...that you can run on any modern unix based OS. Just not VMS or OS/2.

about 5 months ago
top

OpenBSD Team Cleaning Up OpenSSL

chriscappuccio Re:Okay, Go! (304 comments)

OpenBSD was using a variant of 1.0.1c with the bug.

about 5 months ago
top

OpenBSD Team Cleaning Up OpenSSL

chriscappuccio Re:de Raadt (304 comments)

Funny, several of the mitigation techniques in OpenBSD and grsecurity have made their way to other systems, even Microsoft WIndows... Basically everything you are saying here is a consistent misunderstanding of what's actually going on. Have you really looked?

about 5 months ago
top

OpenBSD Team Cleaning Up OpenSSL

chriscappuccio Re:Backport\Upstream? Seems unlikely (304 comments)

The stuff that is being cut out isn't just for "other platforms". It's absolutely fucking ancient, and in many cases, probably hasn't even been _compiled_ any time in the last decade.

about 5 months ago
top

OpenBSD Team Cleaning Up OpenSSL

chriscappuccio Re:Backport\Upstream? Seems unlikely (304 comments)

OpenSSL folks have recently said they are maxed out. And they have security problems sitting in their bug tracker for YEARS. What is the point?

about 5 months ago
top

Are DVDs Inconvenient On Purpose?

chriscappuccio Uhh, yeah. (490 comments)

Like, duh. The answer is that the movie studios can't STOP netflix from renting DVDs through the court system. First sale doctrine and move rental industry has paved the way. Doesn't take a genius to figure this one out.

about 5 months ago
top

WPA2 Wireless Security Crackable WIth "Relative Ease"

chriscappuccio Re:this is not news (150 comments)

Gee, you're right. Everyone in the world is so black and white, so easy to understand, how could anyone not ever realize this before!?!

about 5 months ago
top

Interview: Ask Theo de Raadt What You Will

chriscappuccio Re:NSA Involvement (290 comments)

sshd is "used by over 50% of its users without passphrases" ?

You mean it is used with public keys INSTEAD of passphrases.

By your own statement, you're apparently smarter than the 50% of ssh users who rely on public key authentication. Obviously, they all missed the huge, gaping security hole exposing their hosts and source code repositories to attack. That's why ssh remains the #1 attack vector to this day across the internet. Right?

At least -e is in the man page, plainly documented.

Your diatribe is severely misleading at best. If you aren't trolling, then it's no wonder why nobody takes your advice seriously. And if you are, I just typed all this crap in response to, essentially, a Rush Limbaugh cartoon.

about 6 months ago

Submissions

top

Thorium Fueled Automobile from Connecticut Company

chriscappuccio chriscappuccio writes  |  about 8 months ago

chriscappuccio (80696) writes "Laser Power Systems (LPS) from Connecticut, USA, is developing a new method of automotive propulsion with one of the most dense materials known in nature: thorium. The company has been experimenting with small bits of thorium, creating a laser that heats water, produces steam and powers a mini turbine. 1 gm of thorium equals the energy of 7,500 gallons of gasoline. Prototype systems generate electricity within 30 seconds of firing a laser."
Link to Original Source
top

Birthday Song's Copyright Leads to a Lawsuit for the Ages

chriscappuccio chriscappuccio writes  |  about a year ago

chriscappuccio (80696) writes ""The song “Happy Birthday to You” is widely credited for being the most performed song in the world. But one of its latest venues may be the federal courthouse in Manhattan, where the only parties may be the litigants to a new legal battle.

The dispute stems from a lawsuit filed on Thursday by a filmmaker in New York who is seeking to have the court declare the popular ditty to be in the public domain, and to block a music company from claiming it owns the copyright to the song and charging licensing fees for its use.

The filmmaker, Jennifer Nelson, was producing a documentary movie, tentatively titled “Happy Birthday,” about the song, the lawsuit said. In one proposed scene, the song was to be performed.""

Link to Original Source
top

Sham journals, scam authors

chriscappuccio chriscappuccio writes  |  about a year ago

chriscappuccio (80696) writes "Two reputable European science journals have fallen prey to identity theft by criminals who have created counterfeit journal websites. These online doppelgängers have duped hundreds of researchers into paying author fees, with the ill-won gains being funnelled to Armenia. The crooked websites are masquerading as Archives des Sciences, a multidisciplinary journal founded in 1791 and published by the Society of Physics and Natural History of Geneva (SPHN) in Switzerland; and Wulfenia, a botany journal published by the Regional Museum of Carinthia in Klagenfurt, Austria."
Link to Original Source
top

Marissa Mayer To Head Yahoo As CEO

chriscappuccio chriscappuccio writes  |  more than 2 years ago

chriscappuccio (80696) writes "Google literally started in her garage. As a top executive at Google for the past 13 years, Marissa Mayer played an instrumental role in developing many of the services that have tormented Yahoo as its appeal waned among Web surfers, advertisers and investors. Now, Mayer, 37, will tackle the imposing challenge Tuesday when she takes over as Yahoo’s fifth CEO in the past five years."
Link to Original Source
top

Was LinkedIn Scammed?

chriscappuccio chriscappuccio writes  |  more than 3 years ago

chriscappuccio (80696) writes "If there’s one thing we’ve all learned in the aftermath of the financial crisis, it’s that stiffing your client is not a crime. Not if you’re an investment bank.

Suppose, he wrote, your trusted real estate agent persuaded you to sell your house for $1 million. Then, the next day, the same agent sold the same house for the new owner for $2 million. “How would you feel if your agent did that?” he asked. That, he concluded, is what Merrill and Morgan did to LinkedIn."

Link to Original Source
top

Microsoft Head Announces Windows 8 Release

chriscappuccio chriscappuccio writes  |  more than 3 years ago

chriscappuccio (80696) writes "Microsoft chief Steve Ballmer on Monday confirmed that Windows 8, the next iteration of the software giant's operating system, will be available in 2012.
Speaking at a Microsoft Developer Forum in Tokyo today, Ballmer said Microsoft is "obviously hard at work on the next version of Windows."

A variety of rumors regarding Windows 8 have popped up on the Internet in recent months, but Microsoft has yet to confirm any particular features it will add to the OS. While Ballmer didn't go into detail about what Windows 8 users will see, he did outline several areas into which Microsoft is committed to investing.

Ballmer also talked up Windows Phone and the expected 500 new features that the next upgrade will bring. If you're so inclined, Ballmer also encouraged users to email him with questions (SteveB@Microsoft.com)"

Link to Original Source
top

Michigan Police Search Phones During Traffic Stops

chriscappuccio chriscappuccio writes  |  more than 3 years ago

chriscappuccio (80696) writes "The Michigan State Police have a high-tech mobile forensics device that can be used to extract information from cell phones belonging to motorists stopped for minor traffic violations. The American Civil Liberties Union (ACLU) of Michigan last Wednesday demanded that state officials stop stonewalling freedom of information requests for information on the program.

ACLU learned that the police had acquired the cell phone scanning devices and in August 2008 filed an official request for records on the program, including logs of how the devices were used. The state police responded by saying they would provide the information only in return for a payment of $544,680. The ACLU found the charge outrageous."

Link to Original Source

Journals

chriscappuccio has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>