Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Comments

top

DARPA Wants To Kill the Password

mrxak Re:All good until someone simulates biometrics... (382 comments)

With physical keys, a lot of people forget about securing their keys. They leave them out where they can be photographed, for example, or quickly imprinted, or even just compared to another key with all the bite codes on it so the numbers can be noted.

Same goes for locks. A lot of people don't secure their locks, either, which leaves an attacker plenty of opportunity to bypass. Even an area with security which will detect an attempt to pick a lock or force it open, is still vulnerable. You see a guy go up to a door, stick a key in the lock like he belongs there, then suddenly he "forgets" something and walks away without opening the door. You might not think twice about it in a busy office building, but that guy just got pin imprints and will be back every day to do the same thing again, or send in somebody else, until one day an attacker walks up with a manufactured key that opens the lock and goes right in.

"Something you have" like physical keys aren't that great if you don't secure them. You need to make sure that the only people who have that something are authorized to have it, and you need to restrict hardware access to the lock. It's a tricky proposition in the best of cases. Biometrics are even worse than most cases, because at least a lock on an office door can be changed if a key is lost. You can't change your biometrics. Furthermore, we're talking about digital systems here, when biometrics are inherently analog. Your analog finger, eye, or whatever is being taken in as a precise yet inaccurate digital signal, some probability function is determining if you're "close enough", and then a computer chip says you're okay. It's like having a lock where if you jiggle different keys in it, the tumbler will still turn. To put it in computer terms, it's like taking a float in as input, truncating the decimal, and using it as an integer in your finely-tuned algorithm. There's all kinds of floats out there that will get you the integer you need to make your algorithm work the way you want it to. It's no longer "something you have", it's "something that's kinda like what you have".

"Something you know" like a combination or a password, has always been more secure. It uses math instead of the physical world and its inherent weaknesses. There's too many combinations to reasonably guess it in the amount of time you have, and you're forced to exploit some vulnerability in the locking mechanism to get in, like using a blow torch to melt the locking bolt, or exploit some vulnerability in the user of the lock, like he was stupid and used his birthdate as the combination, or wrote it down. Passwords, and combinations, are digital, instead of analog, which means there's exactly one password or combination that will work, instead of an infinite number of "close enoughs".

You still need security with your lock and key, whether your key is something you know or something you have, but at least with digital, changeable keys, you have the power of discrete math on your side, and if you do lose lock or key security, you can go ahead and change your key.

And if I've piqued anyone's interest in security of physical locks and physical keys, I highly recommend the books by pen-tester Deviant Ollam, specifically Keys to the Kingdom which covers a number of attacks most people never consider when they're securing their offices, server rooms, etc. Practical Lock Picking is good too, if you want to learn how locks are defeated by, surprise, picking them (bumping, shimming, and bypassing too).

about a week ago
top

Ask Slashdot: "Real" Computer Scientists vs. Modern Curriculum?

mrxak Re:Beards and suspenders. (637 comments)

I too am surprised people are talking about CS majors as not getting a background in assembly and C or C-based languages. At my school, only ten years ago (shit, I'm getting old), assembly was a second year class, and actually the second class you took in the department if you were coming in with an APCS credit. Yeah, there was Java, but it was just the language they used to introduce new students to computer science, and all that was left behind after the first few classes, and more serious languages came very shortly after people got the basics of OO programming. By your third year classes you were expected to be able to pick up any language at any time, no problem, and you certainly had the background to do so. All the language concepts had already been learned, it was just a matter of picking up syntax or libraries as needed, in the context of whatever CS theory you were learning in a given class.

So is Asker just at a bad school, or has computer science education really changed?

about two weeks ago
top

UK Team Claims Breakthrough In Universal Cancer Test

mrxak Re:I might be a start. (63 comments)

If they get this up and running, it'll just be another diagnostic tool for your doctor. Hopefully it'll be a quick and cheap enough test that they can run it as soon as you report symptoms, just so they can rule in/rule out cancer and more quickly diagnose you properly with more specific tests to determine what kind and how bad. If it saves some people some unneeded biopsies, I'm all for it.

about three weeks ago
top

Starbuck's Wireless Charging Stations Won't Work With Most Devices

mrxak Re:Three mistakes in the headline (114 comments)

Sometimes I wonder if the editors are just trolling us.

about 2 months ago
top

Report: Watch Dogs Game May Have Influenced Highway Sign Hacking

mrxak Re:SMH (154 comments)

And here I thought the reason they included that into the game was because lots of people were doing this already and the game was inspired by real life.

about 2 months ago
top

US Secret Service Wants To Identify Snark

mrxak Re:Seriously? (213 comments)

Any kind of automated mass collection of data without a human in the loop to determine if a threat is credible or not is going to have significant problems. People are sarcastic. People exaggerate. People lie. How many innocent people are being targeted with programs like the NSA has, simply because of a benign association, a bit of sarcasm, or an imperfect algorithm?

While I'd love to believe that the USSS can create some newer, better algorithms to sort through the threats and non-threats they get, if I was one of their protectees I would be awfully nervous if an algorithm was sorting through everything, instead of actual human beings.

about 2 months ago
top

Daniel Ellsberg: Snowden Would Not Get a Fair Trial – and Kerry Is Wrong

mrxak Re:Ellsberg got a fair trial (519 comments)

My entire post is a hypothetical. I don't expect Snowden to ever go on trial, fair or not. But I would like to see it happen and I would like for that trial to be fair. I have the same wishes about everybody who has committed a crime.

It's not my fault people have a hard time understanding pretty clear logical statements, and like to imagine other arguments I could be making but absolutely am not.

about 3 months ago
top

Daniel Ellsberg: Snowden Would Not Get a Fair Trial – and Kerry Is Wrong

mrxak Re:Ellsberg got a fair trial (519 comments)

That is not my position. My position is if you break the law and admit you broke the law it's pretty obvious you're guilty of breaking the law. I said nothing about anyone deserving to go to prison just because they're guilty. In fact I outlined several ways by which a lawbreaker might avoid prison should they avail themselves of the justice system. Sometimes the law is wrong or misapplied.

about 3 months ago
top

Daniel Ellsberg: Snowden Would Not Get a Fair Trial – and Kerry Is Wrong

mrxak Re:Ellsberg got a fair trial (519 comments)

Perhaps you should read a little closer to my post, then. Here you go:

I would very much like to see him get a fair trial, with all the evidence and arguments heard.

So yes, I am coming out in favor of a fair trial for Snowden, and people calling me all sorts of names are arguing against a straw man. Please direct your anger elsewhere.

about 3 months ago
top

Daniel Ellsberg: Snowden Would Not Get a Fair Trial – and Kerry Is Wrong

mrxak Re:Ellsberg got a fair trial (519 comments)

Unfortunately people seem to be imagining my positions on other issues, rather than reading exactly what I said on this issue. I was specifically addressing the possibility of a trial for Snowden. I did not comment on other hypothetical trials because they were not mentioned in the Slashdot article I was commenting on. Staying on topic on a Slashdot story, crazy, I know. I'm a rebel.

If Slashdot were to have a story tomorrow about a potential trial for Clapper, or anyone else you care to name, you would find I am in favor of fair trials for everyone who has committed crimes, not just Snowden.

I am also aware that the system is not always fair. I addressed that point in my original post. Like I said, I want fair trials. I did not say I want unfair trials, or that I want a selective application of justice. Nothing I said is controversial unless people choose to imagine I'm saying things I'm not saying.

about 3 months ago
top

Daniel Ellsberg: Snowden Would Not Get a Fair Trial – and Kerry Is Wrong

mrxak Re:Ellsberg got a fair trial (519 comments)

I don't expect to see any trials of any sort for anybody involved in this mess. This whole thing is hypothetical.

I'd still like to see fair trials happen. Apparently this is a controversial view.

about 3 months ago
top

Daniel Ellsberg: Snowden Would Not Get a Fair Trial – and Kerry Is Wrong

mrxak Re:Ellsberg got a fair trial (519 comments)

I don't disagree with him either. But the fact still remains, he's repeatedly and publicly admitted to the crime he's accused of. The crime may be telling the truth, but some truths are illegal to tell.

If we as a society disagree with that law, we have various methods of recourse. But denying that Snowden broke the law is ridiculous.

about 3 months ago
top

Daniel Ellsberg: Snowden Would Not Get a Fair Trial – and Kerry Is Wrong

mrxak Re:Ellsberg got a fair trial (519 comments)

I believe everyone accused of a crime should be brought to trial and the trial should be fair. How is this not sinking in?

It's not my fault you are choosing to read my posts as some kind of support of the NSA. Like I keep saying, I don't know who you think you're arguing with, but it's not me. Stop trying to make me a straw man.

about 3 months ago
top

Apple Announces New Programming Language Called Swift

mrxak Re:Bjarne Stroustrup (636 comments)

It gives Apple complete control over their own destiny, which is something Apple likes to have (not exactly news). They now have a language they can tinker with to their hearts' content and no external group or standards body can restrict what they do with it. They've made it very clear they intend to listen to developer feedback and tinker with it, at least in the near future. Certainly even if they do eventually open it up, they'll still be able to extend it however they like and whenever they like in the future, as well.

They had to pull off some pretty crazy stuff just to make Objective-C usable all this time, and it shows. That's the problem Swift solves. It solves it for Apple. It's dramatically new because Apple controls it completely. Apple can and is obviously deploying it. It's not a distraction since developers can still use Objective-C as much as they want, and will only switch to Swift if it offers significant advantages.

about 3 months ago
top

Daniel Ellsberg: Snowden Would Not Get a Fair Trial – and Kerry Is Wrong

mrxak Re:Ellsberg got a fair trial (519 comments)

I freely admit that there are problems with the system too. But that's a discussion for another topic. I was only here to address specifically this news article. I didn't say anything terribly controversial with my very narrow focus, but unfortunately people decided to imagine my positions on other issues I did not address at all, positions I do not hold.

Geez, a guy can't come out in favor of fair trials without getting called an authoritarian. Who knew?

about 3 months ago
top

Daniel Ellsberg: Snowden Would Not Get a Fair Trial – and Kerry Is Wrong

mrxak Re:Ellsberg got a fair trial (519 comments)

You are absolutely right. Rosa Parks was a criminal.

If you want to read more into that then there is, feel free, but don't pretend I'm the one saying it. The only thing I am advocating here is that justice be served. In case I was too subtle for you in describing four different ways by which Snowden could still "win" despite being a criminal, let me list those out again.

1) A jury could simply choose to ignore the law and let Snowden free (jury nullification).
2) Snowden can appeal his case if found guilty and get the verdict overturned.
3) If appeals fail, he can get his sentence commuted by a president.
4) If appeals fail, he can get pardoned by a president.

I thoroughly support our justice system. Those four things are part of our justice system. If politicians fail to repeal unjust laws, the system can still free criminals under those laws. Snowden is guilty. If the laws that make him guilty are wrong, staying a fugitive does nothing to change those laws.

about 3 months ago
top

Daniel Ellsberg: Snowden Would Not Get a Fair Trial – and Kerry Is Wrong

mrxak Re:Ellsberg got a fair trial (519 comments)

Which is why I said "If I was Snowden, I might not be so inclined to trust a US federal court with my fate." I even explained possible scenarios that might deprive him of a fair trial. In case it wasn't clear, I'm not in favor of those scenarios.

But I do think he should get a fair trial. I am of course speaking hypothetically here since it's obvious there's not going to be any kind of trial any time soon. But he's accused of crimes and people accused of crimes are supposed to get a trial by jury and all that nice stuff. Unfortunately for his defense, he's admitted to the crimes he's accused of, which will be awkward when the prosecution reads his statements aloud in court. I did, however, outline four options for him to ultimately avoid a lengthy prison sentence. He should avail himself of those options.

about 3 months ago
top

Daniel Ellsberg: Snowden Would Not Get a Fair Trial – and Kerry Is Wrong

mrxak Re:Ellsberg got a fair trial (519 comments)

Clapper openly admitted he lied to congress. Snowden openly admitted to espionage (he may define the term differently, but the law defines what he did as espionage and he admitted to the acts). I think the chances of either getting a trial any time soon is pretty slim. All of this is hypothetical.

I would like to see fair trials for everyone accused of crimes. This is an article about Snowden, so I commented on Snowden. I'm sorry if other people decided that my commenting on-topic has implications about my views about off-topic subjects. If Slashdot has a story tomorrow about government officials admitting to crimes, I will happily say they're guilty too, and should get a fair trial with all the same legal rights that Snowden should get. I think trials are a good thing. I think due process is a good thing. I think our justice system that includes jury nullification, appeals, commutations, and pardons is a good thing. Apparently that offends some people. Who knew?

about 3 months ago

Submissions

top

Starcraft II Beta to Begin This Month

mrxak mrxak writes  |  more than 4 years ago

mrxak (727974) writes "It's official, Activision Blizzard's much-anticipated sequel to 12-year-old Starcraft is going to enter closed beta "this month" according to President Mike Morhaime during an investor conference call. This comes in the wake of the SC2 beta forums showing up briefly on battle.net If you've got a Battle.net account, it's probably not too late to opt-in for upcoming Blizzard beta tests."
Link to Original Source
top

Series of Tubes Senator Found Guilty on 7 Counts

mrxak mrxak writes  |  more than 5 years ago

mrxak writes "Senator Stevens, known widely for once saying the internet is a series of tubes, has been found guilty on all seven counts of filing false reports on his mandatory Senate financial disclosure forms. This doesn't necessarily disqualify him from keeping his seat in the US Senate, but he's up for reelection and there's only 8 days left to spin this verdict. There may also be jail time."

Journals

mrxak has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>