Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Comments

top

TrueCrypt Website Says To Switch To BitLocker

s0litaire Re:my 2p conspiracy theory (566 comments)

I've seen conflicting reports on the key change!
Some are saying the latest compromised binary was signed with the OLD valid keys before new ones were uploaded.
Others say it was signed by the new keys.

about 2 months ago
top

TrueCrypt Website Says To Switch To BitLocker

s0litaire my 2p conspiracy theory (566 comments)

OK
Main currently accepted theory is the NSA or whoever (insert your fave 3 letter agency here!) tried to get the signing keys TC decides all it can do is "salt the field" and shut up shop.

may as well throw in my 2 theories :
[less likely]
1) one lucky scammer/hacker got the mother-load of a hack and got access to one of the developers systems and managed to get the signing keys as well as full access to the TC sites.

[more likely]
  2) Due to internal ego's and in-fighting one of the development team did a "Eric Cartman" on the others and go "Screw you guys I'm outta here!" putting up the "closed for business sign" and issuing a suspect (but officially signed!) version that only decrypts, killing the brand in the process.

about 2 months ago
top

How St. Louis Is Bootstrapping Hundreds of Programmers

s0litaire Re:Good model for higher level education (147 comments)

Agree!
Or at least have the opportunity to organize your own meet-up at a convenient location, Or get a list of willing volunteers to help set up the meets and get local tech or other sector businesses involved in your general area. (Fair amount of the MOOC are not IT related!).

I've tried a dozen or so different courses from different providers and I only can be bothered to go 1 or 2 days through the courses before giving up!
I learn better in a group, actually interacting with other students and teachers rather than sitting in front of my PC with a bunch of youtube vids and a page of multiple-choice questions! (which is weird as I generally can't stand the company of other people!!)

about 4 months ago
top

Building Deception Into Encryption Software

s0litaire Bit late to this... (106 comments)

... but I have a life.. ^_^ but i've used it already :(

Couple of points: (I'm thinking less in an individual file encryption issue than to a larger set of encrypted data structure)
In a totally non-knowledgeable fashion would the algorithm or the program access the algorithm create the bogus data?

To me one flaw would be random generation of data. If it was random then using the same false password twice would result in 2 different results (so that password can be ignored) defeating the point of the bogus data.

The way to work it is to use procedural generation of some type, It should be easy to generate a random looking but believable indevidual files or directory structure (and fill it with plausible files related to the folder names *i.e. avi,mov,mpg in video folder and doc,xls,xdoc etc... in Documents folder.) You could go as far as to generate appropriate file herders and meta data to fool some automated checking.

With procedural generation the same false password would generate the same false data every time so it is harder to differentiate between bogus and actual data.

about 6 months ago
top

Ask Slashdot: What To Do With Misdirected Email?

s0litaire I'm the exception... ^_^ (388 comments)

I 'stole' my domain name (in a they didn't bother to renew the domain name in time sort of way...).

In my defence the address is my real name and I already had the .net / .co.uk and .org domain names just not the .com

Found out 1h after registering and sorting out the email that it was owned by a Developer/Real Estate agent in Canada before me.

I gave up responding after 6 months or so of contacting the senders to inform them I'm not the person they are looking for. Also telling them they should use the telephone to contact the guy and get his new address!

After a few months I got bored and I started to reply to emails about a particular $1,000,000 development for a conservative party member they were trying to get a tender for:

Hey Paul

Love the plans for the project. Client has a couple of alterations.
Can you amend the plans to include:
Large 4ft deep jacuzzi in the living room.
'Adult' Games room in basement. (wants the place soundproofed and optional "adult dungeon" fixtures and fittings with a double bed down there.)
Oh can you fit celling to floor French doors in the toilets facing the decking at the fount of the house. (prospective buyer is a pit of a perv..)

Thanks
[insert my name here]

Was not really surprised it took them nearly 4 weeks to notice I wasn't the developer in Canada but a guy in the UK (Well I did tell them 2 or 3 times before this I wasn't their guy!)

I still get emails about projects, prospective site availability and invitations to the Canadian conservative party conferences every once and a while but they get spammed and trashed.

about 6 months ago
top

Another British Bank Hit By KVM Crooks

s0litaire Re:Weird KVM. (75 comments)

It's probably more like a glorified "keylogger"

A simple KVM box with one of those low powered credit card PC's fitted inside, stick in a rechargeable battery and wire it to draw power from the usb input, It sits there day after day recording key strokes and mouse movements with the odd screen grab. the on board PC then compresses it in to manageable chunks of zips, rars or tar's and waits for one of the gang to walk into the Bank at a busy time of the day. Then it sends it to a receiver via wifi in the crooks bag/pocket in the 10-20 mins he is waiting to get served. If one visit is not enough then they hand it over to another member who gets in line and waits for it to finish.

about 10 months ago
top

Dishwasher-Size, 25kW Fuel Cell In Development

s0litaire Re:Question asked... (379 comments)

Or the power companies buy it by the truckload and "rent" it out to local consumers in areas they think is too costly for a proper infrastructure (Large Gas Pressure tank + Cube = lot cheaper than laying gas pipelines to backwood / middle of nowhere locations!) for inflated prices!

about a year ago
top

Lavabit.com Owner: 'I Could Be Arrested' For Resisting Surveillance Order

s0litaire Re:Just comply with the court order (255 comments)

I forgot to add that I think only council already on retainer or on staff can be informed and advise the client/company regarding the court order.

But I'm not sure IANAL!

about a year ago
top

Lavabit.com Owner: 'I Could Be Arrested' For Resisting Surveillance Order

s0litaire Re:Just comply with the court order (255 comments)

Think it's like the UK's "Super Injunction" where not only would you be breaking the law to talk about the case behind the court order but it would also be illegal to say you've actually received a court order in the first place. It can cover individuals or entire companies depends on how it's worded.

about a year ago
top

Lavabit.com Owner: 'I Could Be Arrested' For Resisting Surveillance Order

s0litaire Re:Just comply with the court order (255 comments)

True but you just need a few organisations to jump on it with Pro Bono Lawyers to make it difficult for the government to walk over individual businesses.

They don't have to fight each and every order, just enough for the Judges to get annoyed at the Government overreach and to slap down the entire job lot!

about a year ago
top

Lavabit.com Owner: 'I Could Be Arrested' For Resisting Surveillance Order

s0litaire Re:Just comply with the court order (255 comments)

If it was for 10,000 for specific conversation between specific address at a specific date/time then It's reasonable to comply.

But bureaucracy is not as fluid as you might imagine! Their is a reason places like the NSA and CIA go for specific or blanket warrants / Court orders rather than mass individual ones.

Partly because they don't KNOW who to target apart from a few isolated people already on their radar, unless they go for John Doe #1 all the way to John Doe #10,000 which would cause another 10,000 or so new court orders required once they get the actual names, then you'd be correct in thinking that Civil Liberties groups / EFF and other like mined organisations would have a field day tying them up in red tape, challenging each and every individual order.

Oh and i think Judges are beginning to hate mass John Doe#1 to # Court Orders anyway because of their over use by Copyright Trolls to gather User information from IP addresses.

about a year ago
top

Lavabit.com Owner: 'I Could Be Arrested' For Resisting Surveillance Order

s0litaire Re:Just comply with the court order (255 comments)

Depends on what the Court order was for.

If it was for specific conversation between specific address at a specific date/time then It's reasonable to comply.
But if it was for Everything since the service started or between 2 dates (i.e. 1st Jan 2011 to 31 Dec 2012) or from that point onwards, then it's a fishing expedition and its reasonable NOT to comply without further legal council and possible injunction (if that's possible with this kind of court order!)

about a year ago
top

Ask Slashdot: What To Do When Another Dev Steals Your Work and Adds Their Name?

s0litaire A single Lawyers letter might solve it. (480 comments)

All the Lawyer needs to do is send a letter asking 3 questions.

1) Between what dates did the OP work (Person A) for the client ?
2) Between what dates did the new developer (Person B) take over work for the client ?
3) When was the first use by the company (in-house or commercial) of the specified code ?

If the answer to Q3 is in the range of Person A's time at the company and outside the range of Person B then matter solved.
If not then hard luck unless you have corroborating evidence that you created it (work emails / memos / Letters about the code from your boss to you.) ... ...
Then in that case only winner is the lawyer...

about a year ago
top

Spy Drones Used To Hunt Down Christopher Dorner

s0litaire OK the real question is... (498 comments)

Where's Blue Thunder when you need it!!

about a year and a half ago
top

A Wish List For Tablets In 2013

s0litaire my tablet wish list is simple! (453 comments)

A tablet that will cure the raging hangover I'll be having in 12 hours time!!

Happy Hogmanay
Have a great start to 2013!! ^_^

about a year and a half ago
top

How ISPs Collude To Offer Poor Service

s0litaire They could take a leaf out of the UK's method... (207 comments)

Pass a law requiring incumbent ISP's (if they run a monopoly in the region) to provide competitors with access to their copper/fibre network at wholesale cost.
Also tag on an addition that each incoming ISP has to give the ISP they are buying from the same ability to buy bandwidth at cost from them as well. Stopping a single big player taking over multiple markets and force others out by sheer financial weight.

So competition and the ability to provide better/ value for money services in other area outside their usual network means less stagnation and fewer "single entity monopolies" in the country and the users win ^_^

about a year and a half ago

Submissions

s0litaire hasn't submitted any stories.

Journals

s0litaire has no journal entries.

Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...