Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!



Hotmail No Longer Accepts Long Passwords, Shortens Them For You

karlm Re:When this happens... (497 comments)

Same thing with GMail, alphabetics and numbers only.

Your post is ambiguous, but it seems you're asserting that GMail does also not allow symbols in passwords. I'll bite. My GMail password contains one or more symbols. Have fun with your 1-bit head start on cracking my 80+ bit GMail login.

about 2 years ago

Modest Proposal For Stopping Hackers: Get Them Girlfriends

karlm Saudi Arabia's terrorist rehabilitation plan (566 comments)

Saudi Arabia has a program for paroling convicted terrorists. Young single men convicted of certain terrorism-related offenses who meet certain good behavior criteria in prison are given dowry money and assistance in finding brides. It turns out that the re-arrest rate for the guys who get married is significantly lower.

more than 2 years ago

The PHP Singularity

karlm Re:It's always been obvious (622 comments)

You misunderstand the saying. It's a poor mechanic who blames his tools for his mistakes because (1) he screwed up and (2) he perhaps knew his tools were bad but didn't even have the good judgement to get better tools (3) by his blaming demonstrates a lack of his ability to see (2) as an error and thus move on and grow.

more than 2 years ago

How Many Seconds Would It Take To Crack Your Password?

karlm Re:Huh. (454 comments)

there aren't many botnets out there with half a million machines busy trying to crack my Starcraft password.

Correction: yesterday there weren't many botnets with half a million machines trying to crack Guspaz's Starcraft password.

more than 2 years ago

'Legitimized' Cyberwar Opens Pandora's Box of Dirty Tricks

karlm Re:What about Chernobyl plant? (134 comments)

Even for a paranoid conspiracy theory, that's a terrible theory. You forgot to use the words "laser", "fluoride", "chemtrail", "thermite", and "Gay Mayan Leprechaun Ninjas from the year 2012." Also, of course, the Chernobyl explosion was caused by the CIA in order to cover up the fact that Obama was born in a Nicaraguan Satanic temple earlier that day... making him too young to be president.

Either the Soviets didn't realize that they had been the victims of a cyber attack because the Americans waited until the very moment that a Soviet reactor operator decided to wing it in an attempt to salvage an already highly dangerous nuclear experiment (interrupted by an unexpected request for more power output to the grid) with a reactor with a positive void coefficient... or the Soviets decided to make up such a story after the fact in order to make themselves look bad rather than take the opportunity to blame the Americans for the disaster... and that's even assuming that the RBMK reactors were controlled by programmable digital computers connected to satellite downlinks.

Satellites, nuclear reactions, computer viruses, and secretive government agencies... what a good mix for a conspiracy theory. Everyone wants to feel like they're in the top decile of intelligence. A good conspiracy theory gives people with a slight paranoid streak an opportunity to believe they're smarter than most people because they "get it". A good conspiracy theory also plays to the American folk hero of the misunderstood genius that's too smart for book learn'n and despite a complete lack of discipline out-smarts a legion of PhDs and comes up with an idea that revolutionizes modern science. It's the nerd version of the scrappy sports team that pulls it together to win it all against the bigger spoiled rich kids in the final game.

News flash: when most of the world's experts in the field "just don't get" a theory posed by a novice, chances are it really is gibberish proposed by someone without enough knowledge to comprehend the experts' rebuttals and too much pride to admit their own shortcomings.

more than 2 years ago

Senators To Unveil the 'Ex-Patriot Act' To Respond To Facebook's Saverin

karlm Re:doesn't work like that (716 comments)

I'll grant you that here's probably a lot more necessary complexity in the tax code than most of us realize. However, there's also a lot of unnecessary complexity in the tax code. Some of the additional complexity comes from political favors for large donors or important political constituencies. Some of the complexity comes from attempts to use a power granted by the Constitution (taxation) as a way to exercise powers that are not allowed the federal government by the Constitution.

A complex tax code is sand in the gears of the system, and a handout to law firms. I'm not familiar with non-US tax systems (apart from the country where I currently live), but conventional wisdom is that many countries are existence proofs that the U.S. tax code is overly complex.

more than 2 years ago

Senators To Unveil the 'Ex-Patriot Act' To Respond To Facebook's Saverin

karlm Re:Sour Grapes (716 comments)

I couldn't agree more. (1) He paid capital gains when he renounced his citizenship. (2) He paid what was deemed "his fair share" in taxes while living in the U.S.(3) He took startup risks, created tons of jobs (both at Facebook and the ecosystem that rose up around it) and paid a good chunk of taxes while he was here.

There are already several places around the world with both regulatory and tax systems more favorable to entrepreneurs. Let's not create laws that send the message that it's a better idea to create the startups elsewhere, and let's not encourage a culture that exposes entrepreneurs to significant risk of retroactive taxation.

We already spend untold billions attempting to enforce our unenforceable tax code, created a huge industry dedicated to finding loopholes in our complicated tax code, and lose untold bilions to fraud that's enabled by our complicated tax code. Let's not try and make the tax code more complicated because we feel he had some capital gains that couldn't be accounted for at the time capital gains were assessed.

more than 2 years ago

Senators To Unveil the 'Ex-Patriot Act' To Respond To Facebook's Saverin

karlm Re:The nerve (716 comments)

And somehow the money he paid in taxes while residing here was deemed his fair share at the time, and he should be retroactively taxed more for those service if he later derives some huge benefit from those services? Should every person who gets an education in the U.S. have to pay some tax to the U.S. for the rest of their lives, no mater their citizenship and place of residence?

I'm not comfortable with the idea that he was somehow building up some secret debt while living here and working here, and "paying his fare share" in taxes and creating tons of jobs. If after he leaves and changes his citizenship, he later derives some benefit from what he did in the U.S., more power to him.

We already have a tax system that's so complicated as to be unenforceable. It costs us billions of dollars a year to try and audit the tax system, and further billions are lost to tax fraud. Let's not make these leaks in the system greater (and drive away entrepreneurs) by devising further complications in the tax code to try and account for these "almost realized, 99% certain" gains before people move change citizenship and move overseas.

more than 2 years ago

Senators To Unveil the 'Ex-Patriot Act' To Respond To Facebook's Saverin

karlm Re:So like the Soviet Union? (716 comments)

As long as welfare is a handout and not a loan, I think welfare recipients should be under no obligation to "pay back" what they "took", even if they later make a lot of money in some way that you seem to find unjust yet legal. Their benefits aren't tied to some formula of taxes paid before going on welfare, and their taxes afterward shouldn't be tied to some formula dependent on how much they were paid by welfare.

"Passive-agressive tax system" isn't really the phrase I'm looking for, but there seems to me something morally wrong about holding someone in debt to society for a handout (not a government loan).

Perhaps there should be, in addition to welfare, a system of zero-interest government loans for people in need. However, I think it's a step backwards to turn welfare into a loan system.

more than 2 years ago

Here's What Facebook Sends the Cops In Response To a Subpoena

karlm Re:No password? (153 comments)

Following the large number of very public password disclosures in the past couple of years, failure to hash passwords (salted by username, user ID and/or random nonce) should be considered gross negligence.

Are there any proposals to standardize a password column type for SQL databases? If the column is write-only but comparable for equality against a varchar/string then the implementation details of hash algo and salting are hidden. The sad thing is that proper password storage could be made a lot more intuitive, even for the "just learned XYZ in 24 days/hourse" crowd.

more than 2 years ago

Self-Sustaining Solar Reactor Creates Clean Hydrogen

karlm Re:Darn that dirty hydrogen (406 comments)

Methanol is used as a racing fuel. Its energy density, anti-knock, and storage characteristics are worse than ethanol, though. My understanding that the main reason that methanol is used as a racing fuel is that it's very easy to test for performance-enhancing illegal additives. If I had to take a guess, the low molar mass of methanol means that it's tough to find a compound that both enhances its performance as a fuel and won't be readily detected via centrifuge or perhaps a mass spectrometer.

more than 2 years ago

Google Pumps $6 Million Into Summer of Code 2011

karlm Re:We've tried several times... (102 comments)

That's an existence proof, not proof by contradiction.

more than 3 years ago

AT&T Breach May Be Worse Than Initially Thought

karlm Re:Uh, correct me if I understood the story wrong (102 comments)

At some point, I wrote a small tool that used Ron Rivest's "Time Lock Puzzles" to provide lagged full disclosure... publish full disclosure that will take several months to decrypt, and privately give the vendor the decryption key to give them a head start. Getting a gag order from the courts won't help the vendor at that point, since you've already published the encrypted information and the puzzle, it's just a matter of grinding through the time lock puzzle. The time ticking on the time lock puzzle should hopefully light a fire under their rears to get a fix out. IMHO, time locked full disclosure gives you the best of both worlds... vendors have some reasonable time to implement a fix, but no amount of legal action can prevent the details from getting out several months later. The risk of "responsible disclosure" is that you can get slapped with a gag order, or at least legal threats, to prevent you from later putting pressure on the vendor for a faster fix.

more than 4 years ago

AT&T Breach May Be Worse Than Initially Thought

karlm Re:Uh, correct me if I understood the story wrong (102 comments)

They didn't enter into AT&T's network uninvited, they used a public facing and unprotected URL to retrieve information that URL was intended to retrieve. This is no more intrusion than if AT&T had put that data in a public facing flat file on a server somewhere and hoped nobody discovered the URL.

more than 4 years ago

Microsoft Launches Comical Effort to Fight Piracy

karlm Re:Good for them! (332 comments)

Pirates were a real threat back in the 1600s. They were the terrorists of the day.

"Book terrorists! Book terrorists! A vote against this bill is a vote for the terrorists!"

Maybe we should start calling price fixing "price terrorism" or installing rootkits "system terrorism".

more than 7 years ago


karlm hasn't submitted any stories.


karlm has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>