Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Comments

top

Help a Journalist With An NFC Chip Implant Violate His Own Privacy and Security

skids Re:Small Government Mandate (135 comments)

Well, IIRC it is stated in TFA with the right equipment the range could be extended up to several centimeters or perhaps more. Not sure how accurate that statement is though.

Enough to, say, be pretty disturbing if coupled to a sensor for metabolites in a urinal.

yesterday
top

Help a Journalist With An NFC Chip Implant Violate His Own Privacy and Security

skids Re:Small Government Mandate (135 comments)

As long as the contents can be linked back to the individual, it just takes NFC communicators next to places where people put their hands to track the individual's actions. The short range gives you a bit more information than just tracing their smartphone -- e.g. if you have an NFC collector tacked to the bottom of a public keypad, you can be pretty sure that person was using that keypad, as opposed to just standing around in the region. Granted given most places can also be covered with a camera and nobody will complain, there are other ways to obtain such information, but this way can be fully automated.

2 days ago
top

We Are All Confident Idiots

skids Re:Left one out (297 comments)

He is completely confident that his underconfidence is a clear indicator that he knows what he's talking about, obviously.

2 days ago
top

Debate Over Systemd Exposes the Two Factions Tugging At Modern-day Linux

skids Re:How about we hackers? (837 comments)

its only an installation/configuration issue to solve, the code/scripts are already in place

No, there will always be issues where the problem lies within the code of the init system.

Traditonal Init scripts are mostly in bourne shell syntax due to inertia. Shell is a horrible, awful language. Yet people put up with that and there's a reason why they have done so: the flexibility it offered over declarative-style config files was a strong enough advantage to keep traditional init systems in play. It is an exercise in arrogance to pretend you can map current and future needs over to a set of fixed cookie-cutter behaviors. There will always be a need to modify systemd internals to compensate for this broken model.

On the bright side it has enough intertia and is enough of a break from tradition that it will shake things up, and they did need to be shaken up. There will be wrappers around systemd, suites to manage systemd without touching any systemd config files, and eventually out of that chaos something better will emerge,
where we go back to basics but without the cruft we once had.

2 days ago
top

Debate Over Systemd Exposes the Two Factions Tugging At Modern-day Linux

skids Re:How about we hackers? (837 comments)

And there's the regular problem of delays in shutdown due to "a stop job is running".

Yeah, and then someone thought it would be a good idea to tack "Unattended Updates" onto that feature. I think they thought that would get the casual users to update critical packages. But casual users never reboot, they hibernate, so....

2 days ago
top

Debate Over Systemd Exposes the Two Factions Tugging At Modern-day Linux

skids Re:How about we hackers? (837 comments)

Is changing settings like that going to be a constand uphill battle against the distro maintainers?

No that part won't likely be a problem -- it's easy to override (or even cancel) distro scripts as long as the distro does a good job of keeping the /etc/systemd directory mostly empty and puts the "stock" scripts elsewhere.

2 days ago
top

Debate Over Systemd Exposes the Two Factions Tugging At Modern-day Linux

skids Re:How about we hackers? (837 comments)

How does systemd remind you of windows? Have you actually *used* either in a system administration capacity?

The decision to cram the configs into an INI-like format which ends up causing a proliferation of ReallyPoorlyChosenDirectiveNames to work around the cases where an INI file format cannot express heirarchy for one, and the fickle mincing of declarative and procedural contexts where somehow the order of fields with the same name matters, but you can't carry state between them without a third agency and thus variable expansions cannot work where you need them to.

The pollution of logs with gobs of output that is of very little practical use is another thing that chafes me.

Not that there is not plenty of upside to systemd, mind you.

2 days ago
top

Passwords: Too Much and Not Enough

skids Re:solution: don't try to remember them (222 comments)

Don't remember passwords: keep them on a physically secure device protected by ONE password you remember.

Ok, so we give a password manager device to all the users that cannot be trusted to create strong passwords, or if given a long password will write it down, probably on a sticker attached to said device. Then, they take 4 times as long to log into things since they constantly have to unlock their password manager, and each time they do so open a window to keylogging or sideband attacks on the same password. And they leave their passwords hanging around in cut and paste buffers. Finally they lose their "physically secure device" in a public location and expose it to an offline attack, and possibly also lose their written-down copy of the master password.

Not a fan of those systems.

about a week ago
top

Passwords: Too Much and Not Enough

skids Re: Passwords should not exist (222 comments)

When you send things down a wire, everything is "something you know".

Kinda one of the points of smartcards is that you don't know the key inside of them. Thus your access can be revoked physically by depriving you of the card, should it become necessary.

And no, MITM attacks don't affect properly implemented smartcard or even password authentication, as preshared material and/or mutually trusted authorities counteract that.

With regards to TFA, here's an example of how PubkeyAuthentication has some drawbacks and is not a hands-down superior method for authentication over passwords. Letting users leave those lying around wherever they please means the weak passwords they chose on those keys are more likely to be guessed in an offline attack than is a password in an online attack against a rate-limited authenticator.

about a week ago
top

OwnCloud Dev Requests Removal From Ubuntu Repos Over Security Holes

skids Well, to be honest (126 comments)

...opening back doors to my system is kind of the functionality I would expect from installing a package named "owncloud." At least now I know it exists so if I see it in the wild I'll know it's not an *intentional* rootkit.

about a week ago
top

Ask Slashdot: Stop PulseAudio From Changing Sound Settings?

skids Re:Feature not a bug (286 comments)

That is pretty funny.

It's not all there is to it, though. I applied that fix manually and pulseaudio still screws with the subchannels when it starts. It doesn't just set the master, it maxes the speaker channel and mutes the woofer. Pretty annoying. Why can't all the sound utilities just get along?

about a week ago
top

PCGamingWiki Looks Into Linux Gaming With 'Port Reports'

skids Re:Gabe Newell is perhaps the biggest driver of th (77 comments)

Games on Linux will have to provide a better experience than on Windows before anything dramatic happens

Not quite necessary. Games on SteamOS providing a better experience than games on PS4 or XBOX1 is all that's needed.

Anyway my PS3 YLODd, which means even if I fix it it's on its last leg, and I have no interest in the PS4, and I actually DO hate on Microsoft, so It'll suck to have to buy the presequel twice but I'm jumping on, personally.

about a week ago
top

How To Beat Online Price Discrimination

skids I can't stand coupons (163 comments)

Sales I don't mind. Sometimes you have to move old inventory. But coupons are just a PITA that only exist to give housewives/househusbands something to do with their time. So online shopping with all its contortions and the web20-ification of advertising just drives me completely up the damn wall. The minute I open a browser to buy something I can feel my stress levels rising and if I'm lucky I'll finish buying it before all the cussing and ranting force me to close the tab before I damage my PC.

about a week ago
top

Delivering Malicious Android Apps Hidden In Image Files

skids Re:This sounds rather convoluted (113 comments)

That's a plausible technical reason. The real reason, though is social. Users have been conditioned to equate content and apps.

about two weeks ago
top

Delivering Malicious Android Apps Hidden In Image Files

skids Re:So you have to install an app... (113 comments)

In most cases, to require you to log in so that the accuracy of advertisement targeting on your personage can be maintained; that is their purpose, f-droid excepted.

about two weeks ago
top

Delivering Malicious Android Apps Hidden In Image Files

skids Re:So you have to install an app... (113 comments)

One reason why Apple has such a sterling reputation for security...

WHAT? No seriously, where does this reputation exist? I've never heard of it.

about two weeks ago
top

Which Android Devices Sacrifice Battery-Life For Performance?

skids Re:all (108 comments)

Add:

- whether your stupid home button sticks out and turns on the screen in your pocket. Thanks for nothing Samsung.

about two weeks ago
top

Debian's Systemd Adoption Inspires Threat of Fork

skids Re:And this is why Linux will never win the deskto (555 comments)

This is not an option when you are talking about a 7 year old laptop. You cannot upgrade to either a modern cpu nor a modern graphics card.

about two weeks ago
top

Debian's Systemd Adoption Inspires Threat of Fork

skids Re:And this is why Linux will never win the deskto (555 comments)

But I'm pretty sure a 10+ year old computer hardware would choke on the latest version of most modern Linux distros too.

The big problem there is graphics drivers for old cards, for which the vendors have discontinued their binary blobs and the opensource drivers never had good thermals and bus timing configurations for lack of documentation. In general, though, old machines can carry most of the newest distros while breaking a moderate sweat.

about two weeks ago

Submissions

top

MA "Right To Repair" initiative still on Tuesday ballot, may override compromise

skids skids writes  |  about 2 years ago

skids (119237) writes "MA voters face a complex technical and economic question Tuesday about just how open automobile makers should be with their repair and diagnostic interfaces. A legislative compromise struck in July may not be strong enough for consumer's tastes. Proponents of the measure had joined opponents in asking voters to skip the question once the legislature, seeking to avoid legislation by ballot, struck the deal. Weeks before the election they have reversed course and are again urging voters to pass the measure. Now voters have to decide whether the differences between the ballot language and the new law are too hard on manufacturers, or essential consumer protections. At stake is a mandated standard for diagnostic channels in a significant market."
Link to Original Source
top

House Panel Approves Bill Forcing ISPs Log Users

skids skids writes  |  more than 3 years ago

skids (119237) writes "Under the guise of fighting child pornography, the House Judiciary Committee approved legislation on Thursday that would require Internet service providers (ISPs) to collect and retain records about Internet users’ activity. The 19 to 10 vote represents a victory for conservative Republicans, who made data retention their first major technology initiative after last fall's elections. A last-minute rewrite of the bill expands the information that commercial Internet providers are required to store to include customers' names, addresses, phone numbers, credit card numbers, bank account numbers, and temporarily-assigned IP addresses. Per dissenting Rep. John Conyers (D-MI): 'The bill is mislabeled ... This is not protecting children from Internet pornography. It's creating a database for everybody in this country for a lot of other purposes.'"
Link to Original Source
top

CIA drones may have used illegal, inaccurate code

skids skids writes  |  more than 4 years ago

skids (119237) writes "Coders hate having to rush code out the door before it's ready. They also hate it when the customer starts making unreasonable demands. What they hate even more is when the customer reverse engineers the product and starts selling their own inferior product. But what really ticks them off is when that buggy knockoff product might be used to target military unmanned drone attacks, and the bugs introduce errors up to 13 meters. That's what purportedly happened to software developer IISi based on an ongoing boardroom/courtroom drama that will leave any hard-pressed coder appreciating just how much worse their job could get. The saddest part? The CIA assumed the bug was a feature. The tinfoil-hat-inducing part? The alleged perpetrators just got bought by IBM."
Link to Original Source
top

Hacking Big Brother with help from Revlon

skids skids writes  |  more than 4 years ago

skids (119237) writes "All those futuristic full-face eyeliner jobs in distopian cyberpunk fiction might not be that far off the mark. A New York University student spent his thesis time exploring computer vision technology (OpenCV) for ways in which one could confound first-stage algorithms that initially lock onto faces. Then he mixed in a bit of fashion sense to predict future geek chic. Now, whether you want to go for the coal-miner look just to stay out of the data mine, that's up to you..."
Link to Original Source
top

Digital Photocopiers Loaded With Secrets

skids skids writes  |  more than 4 years ago

skids (119237) writes "File this under "no, really?" CBS news catches up with the fact that photocopiers, whether networked or not, tend to have a much longer memory these days. When they eventually get tossed, very few companies bother to scrub them. Coupled with the tendency of older employees to consider hard-copy to be "secure", and your most protected secrets may be shipped directly to information resellers — no hacking required. "The day we visited the New Jersey warehouse, two shipping containers packed with used copiers were headed overseas — loaded with secrets on their way to unknown buyers in Argentina and Singapore.""
Link to Original Source

Journals

skids has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?