Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!



OpenSSH No Longer Has To Depend On OpenSSL

dmiller Re:AES-CTR (144 comments)

AES-CTR being based on a permutation rather than a true PRF might matter if SSH used all the counter values, but SSH rekeys every 2^32 blocks at most - a tiny fraction of the 2^128 possible counters.

about 5 months ago

Google Releases Chrome 12

dmiller Re:Version numbers (188 comments)

Google has grabbed a bunch of open source libraries, sometimes respecting the license, hacked on them, and rolled them into Chrom*.

If you have any cases where you think that Chrome is failing to comply with the terms of a free software license, then please file a bug at - we take license compliance very seriously. (I'm a Google engineer, though not working Chrome).

more than 3 years ago

OpenSSL Timing Attack Can Intercept Private Keys

dmiller Re:OpenSSH is not vulnerable (31 comments)

No, it is not vulnerable to this attack. The Brumley/Tuveri paper describes a timing leak in a specific algorithm that is only used for elliptic curve crypto over binary/GF(2m) fields. OpenSSH uses ECC over prime fields that use different algorithms that have no known timing leaks. A result against ECC using prime fields would be more difficult because the curve point components are integers and so can use well-tested modular arithmetic code.

more than 3 years ago

War Over Arsenic Based Life

dmiller Re:Scientific Method (155 comments)

It's a good thing we did that before banning ozone-depleting freons.

more than 3 years ago

Global Warming To Hinder Wi-Fi Signals, Claims UK Gov't

dmiller Never mind (280 comments)

Never mind the millions displaced by rising sea levels or changed rainfall patterns effecting their crops, we might lose a few bars of wifi reception!

more than 3 years ago

DreamPlug ARM Box Brings Power To Plug Computing

dmiller Re:Designed for Windows? (182 comments)

You have cause and effect swapped. MS announced Windows for ARM because of the huge number of ARM products coming to market.

more than 3 years ago

Ray Ozzie To Step Down From His Role At Microsoft

dmiller Notice (229 comments)

Apology accepted Captain Ozzie.

more than 3 years ago

Sound As the New Illegal Narcotic?

dmiller Re:Further Down the Rabbit Hole (561 comments)

I have been reading Slashdot for a long time, but I have to say that this was easily the best comment I have ever seen here. Well done.

more than 4 years ago

Australia Waters Down, Delays Internet Filter Policy

dmiller Don't be fooled (122 comments)

The changes announced today seem to be little more than a delaying tactic to remove the issue of mandatory Internet censorship from the agenda ahead of the election that is expected to be announced any day now. This issue has turned quite toxic for the government; the people who are for it are only weakly so, but the people who are against it are furious and are already organising campaigns against the government on various social media.

I don't think the government can be trusted not to bring it back in a essentially unmodified form after the next election. Vote accordingly.

more than 4 years ago

Sony To Detail "Premium PSN" Plans At E3

dmiller Re:Sony can't be trusted (171 comments)

Sony has managed to lose my trust too. I was a very happy customer of PS1-3, but the retroactive otheros thing has put me right off. I rarely used Linux once I installed it, but that they were willing to retrospectively nuke an advertised feature of their product clearly demonstrated to me that they do not put the customer first. I wouldn't be at all surprised if they do start crippling the PSN for non-paying customers.

The dumbest thing about the OtherOS removal is that it is probably not even going to help. Now that the hypervisor has been cracked enough to obtain memory dumps, it is far more likely that further hacking is going to rely on bugs that are found in the hypervisor software itself. These will probably be reachable by any application running on the system that takes user or network input. Think that every savegame loader is foolproof? How about that dinky web browser? Nuking OtherOS just pissed off loyal customers and bought them very little.

more than 4 years ago

Paper Manufacturer Launches "Print More" Campaign

dmiller Re:I don't worry much about paper (446 comments)

Actually, in some places (e.g. Australia), a significant amount of paper _is_ made by chopping down unique old-growth forests. Furthermore, the chlorine bleaching processes commonly used release a substantial amount of toxic effluent. So yeah, you should worry.

more than 4 years ago

Geohot Brings Other OS Support To PS3 With Custom Firmware

dmiller Re:Interesting (270 comments)

Actually there is: you cannot use the Playstation network or BD+ bluray features without the latest SW version.

more than 4 years ago

Geohot Brings Other OS Support To PS3 With Custom Firmware

dmiller Re:Australian Competition & Consumer Commissio (270 comments)

Thanks for the pointer, I have been meaning to do just that. Here is mine:

Sony has just issued a firmware update[1] that disables the "OtherOS" support that is used to run alternate operating systems such as Linux on the Playstation 3 (PS3) game console. This was an advertised feature of the PS3 and was a factor in my decision to purchase the product. The firmware update is effectively mandatory; the PS3 will not support online play or game updates/downloads via the Playstation network without it (these are also advertised features).

That a major consumer electronics company can unilaterally remove advertised features from a product that I have bought and paid for is chilling to say the least and appears misleading and deceptive in the classic "bait and switch" style. I request that the ACCC investigate this matter.


more than 4 years ago

Quantum Film Might Replace CMOS Sensors

dmiller Re:Finally a film replacement? (192 comments)

Larger sensors will always have a noise and sensitivity advantage to smaller sensors: larger surface area == more photon gathering ability. Also, I'm surprised they cite a four-stop improvement; I thought we were within that range of the quantum limit with current sensors already.

more than 4 years ago

Coping With 1 Million SSH Authentication Failures?

dmiller Do nothing (497 comments)

If you are randomly generating your passwords and they are of a decent length then you don't really need to do anything. If your passwords contain lower-case letters only (not recommended), but are eight characters long then your million authentication attempts would represent only a 0.0005% chance of success. If you passwords contain numbers and upper-case characters too, then the likelihood is 1000 times less.

more than 4 years ago

OpenSSH Going Strong After 10 Years With Release of v5.3

dmiller Re:Thanks OpenBSD (249 comments)

Most of the speed gains for high bandwidth x delay networks have been realised in stock OpenSSH already. HPN still does better on very fast long distance networks though.

more than 4 years ago

OpenSSH Going Strong After 10 Years With Release of v5.3

dmiller Re:I know I'm not alone in this... (249 comments)

You do realise that we implemented quite a few speedups for high bandwidth x delay networks already. The remaining "HPN" patches make marginal difference for most networks, other than the patch to allow deactivation of encryption that we refuse to merge at all.

more than 4 years ago


dmiller hasn't submitted any stories.


dmiller has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>