Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Comments

top

Win7 Can Delete All System Restore Points On Reboot

daniel de graaf Re:System restore stinks. Image your disk (449 comments)

He's probably using etckeeper, which is a wrapper that does keep permissions, ownership, and empty directories. It generates the commits automatically on update and daily for manual changes. Yes, I use it too. Very nice to be able to say "oh, looks like I broke the VPN configuration when I forgot to restart it last week... how did it look before?"

more than 4 years ago
top

New Litigation Targets 20,000 BitTorrent-Using Downloaders

daniel de graaf Re:At least they have started selling music online (949 comments)

If this is actually the only thing keeping them back, a good solution is to just watermark the downloads with the purchaser's name/email/account name. Do it in an obvious manner (like a comment field) in addition to a hidden watermark that at least requires some work to remove.

This won't stop the pirates, of course - I don't know of any watermarking scheme that is resistant to a coalition of people with different watermarks - but it will require another step of comparable difficulty to ripping the DVD if you don't want to share the watermarked version.

Once that's done, they just have to send threatening letters to (or cancel the accounts of) people who uploaded in order to force people to put in the effort to remove the watermarks. Maybe they'll get a few convictions of the people too stupid to remove the watermarks prior to uploading to p2p, but those people (should) understand the risks involved with uploading.

I know I would jump at getting unencumbered versions of various movies, they're a lot easier to use than DVDs or DRM'd downloads.

more than 3 years ago
top

Researchers Find Way To Zap RSA Algorithm

daniel de graaf Re:Changing the voltage supply req. HW access, rig (173 comments)

Depends on what the DRM is trying to protect. Music players, video players for downloadable content, and basically anything where the content isn't tied to a physical object like a game disc will need a private key of some kind to encrypt the data on their volatile storage. While most of this will probably be done using symmetric encryption, you still need some way for the server that hands out the content to prove that it is a real device and not an emulated device, and that's normally done with a locally stored private key.

more than 4 years ago
top

Researchers Find Way To Zap RSA Algorithm

daniel de graaf Re:Changing the voltage supply req. HW access, rig (173 comments)

This attack is relevant when you are trying to extract the private key of something like a TPM, in order to defeat the DRM protections it is trying to provide, or decrypt the drive whose key it is holding.

more than 4 years ago
top

Analysis of 32 Million Breached Passwords

daniel de graaf Re:Too often is bad too. (499 comments)

The cookie is not to identify you (what do you think your username is for?) but to identify the browser/computer that you are using. Obviously, since you're signing in to an account, the privacy issues of storing a cookie are rather irrelevant.

At least on all the systems like this that I have used, the username and password are still required; the cookie just bypasses that additional email/question/whatever. That means that stealing the cookie doesn't get you anywhere useful, as compared to not having the system at all. Requiring this cookie does make some attacks harder (for example, phishing attacks that impersonate/proxy the real site), so it's not a useless measure or just to irritate you.

more than 4 years ago
top

Analysis of 32 Million Breached Passwords

daniel de graaf Re:Too often is bad too. (499 comments)

Look into the CookieCuller extension for firefox; it will let you keep the cookie for your bank's site while still deleting all other cookies on exit.

more than 4 years ago
top

How Big Should My Swap Be?

daniel de graaf Re:What Has Changed? (900 comments)

You can turn off overcommit in Linux if want to - most people find the default behavior more useful since many applications allocate memory they do not need to use, and don't handle out of memory errors gracefully. Change the sysctl "vm.overcommit_memory" to 2, and see "Documentation/vm/overcommit-accounting" in the linux kernel source for related sysctls.

There are occasions where you might want to use a lot of swap, if there are one-time-run applications that use a ton of RAM to do something like image manipulation/scientific computing/whatever. Those might be rare, but it would be very irritating to get out-of-memory errors just because the kernel doesn't feel like using swap.

When the OOM killer is invoked, the application isn't usually allocating memory - it's using memory that it has allocated before and that the kernel overcommitted on. So there's no good way to send an out-of-memory error other than by something like a signal handler. I think the reason this isn't done is because the signal handler would likely need to allocate RAM to run (maybe to get its code paged off disk) and this wouldn't help with the memory pressure.

more than 5 years ago

Submissions

daniel de graaf hasn't submitted any stories.

Journals

daniel de graaf has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>