Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!



Ask Slashdot: Is iOS 8 a Pig?

tero No (495 comments)

iOS 8 is not a pig. It's not a living thing at all it's a mobile operating system. And. If it was living, I doubt it would live at the farm.

Having said that, I have not have any issues on any of my upgraded devices (4 iPads in the family, 2 iPhone 5s) and the devices have not expressed any need to roll in the mud either.

2 days ago

Linus Torvalds: "GCC 4.9.0 Seems To Be Terminally Broken"

tero Re:I know you're trying to be funny, but... (739 comments)

Did you actually read the thread?
You know, where Linus tracks down the thing and collaborates very professionally with other devs?

Yes, he uses harsh language at times, but who the fuck doesn't. He does not work in enterprise environment, it's his own mailinglist.

about 2 months ago

Finnish National TV Broadcaster Starts Sending Bitcoin Blockchain

tero Re:More details (73 comments)

Julian, is that you?

about 2 months ago

The Sudden Policy Change In Truecrypt Explained

tero Re:still speculation (475 comments)

Two guys - working working over a decade without funding etc.

Ennead was 29 in 2005 ( and they obviously developed it on their freetime.

Fast forward from that to today and you got couple of middle-aged devs, probably with more demading careers and perhaps even families and maybe with young kids.

They started it as a Windows project, when Windows was...a completely different beast than it is today.

It's no wonder TrueCrypt didn't get very many (any?) releases in the past couple of years.

It's certainly a very interesting way to exit stage.

about 4 months ago

The Sudden Policy Change In Truecrypt Explained

tero Re:still speculation (475 comments)

It's just his page, read the actual quote I referenced, it's nothing to do with Steve Gibson - he is just quoting two people on twitter.

Bottom line - we have no evidence of warrant canary or "dev rage quit".


Personally I'm more inclined to believe the devs calling it than any NSA scheme, but again.

No. Evidence.

about 4 months ago

The Sudden Policy Change In Truecrypt Explained

tero still speculation (475 comments)

According to this page - someone e-mailed a dev contact and claims they called it quits due to lack of interest

(Scroll to the bottom, the green box).

The only real "confirmation" we have is the info on the TrueCrypt page. It's over (no matter what the reason is), best to move on.

about 4 months ago

TrueCrypt Website Says To Switch To BitLocker

tero Re:Fishy (566 comments)

Seriously, if it's FOSS, doesn't that mean anyone can take the TrueCrypt code and do with it what they will?

Yes, but TrueCrypt has never been FOSS and by the looks of it never will be. It has always had it's own license that contained distribution and copyright-liability restrictions.

It's never been accepted as "open-source" by OSI.

about 4 months ago

Severe Vulnerability At eBay's Website

tero erm.. (60 comments)

So how about a write-up in English Mr. Golem?

about 4 months ago

Could Google's Test of Hiding Complete URLs In Chrome Become a Standard?

tero Re:All part of the plan. (327 comments)

A lot of browsers are to blame for this. Both Chrome and Firefox place a big search bar in the middle of the screen and put it in auto-focus as soon as the browser starts.

Firefox gets most of its funding that way (ironically from Google) and Google gets to harvest our searches in both cases.

It's a browser UI issue, not a user issue.

about 5 months ago

OpenSSL Cleanup: Hundreds of Commits In a Week

tero it's a good effort (379 comments)

Right now, I think the team is mostly focused on having "something usable" in OpenBSD and I doubt they care too much about anything else outside their scope.

Having said that - forking OpenSSL to something usable and burning the remains with fire is a great idea, however there is considerable risk that the rush will cause new bugs - even though right now those commits have been mostly pulling out old crap.

Fixing the beast is going to take a long while and several things will need to happen:
- Upstream hurry to put more crap into the RFC needs to cease for a while. We don't need more features at the moment, we need stability and security.
- Funding. The project needs to be funded somehow. I think a model similar to Linux Foundation might work - as long as they find a suitable project leads. But major players need to agree on this - and that's easier said than done (who will even pull them to the table?)
- Project team. Together with funding, we need a stable project team. Writing good crypto code in C, is bloody hard, so the team needs to be on the ball - all the time. And the modus operandi should be "refuse features, increase quality". Requires a strong Project Lead.
- Patience.. fixing it is a long process, so you can't go into it hastily. You need to start somewhere (and here I applaud the OpenBSD team), but to get it done, assuming that above is in place - expect 1-3 years of effort.

about 5 months ago

Commenters To Dropbox CEO: Houston, We Have a Problem

tero Re:And the attempt to duplicate their efforts resu (448 comments)

USA had absolutely no grounds to remove Saddam Hussein from the power.

The only reason they received U.N mandate is because they fabricated the WMD evidence and outright lied at the hearing.

On top of it they captured people - detained unlawfully without a charge or trial and tortured during their captivity.

Condi Rice and the rest of the Bush Jr. administration should be tried for their crimes.

about 5 months ago

Interviews: Jonathan Coulton Answers Your Questions

tero Re:Can't follow John (36 comments)

But at least he answered the questions instead of copy&pasting 2 year old article from his blog

JoCo > McAfee

about 5 months ago

Ultima Online Devs Building Player-Run MMORPG

tero well that was new... (75 comments)


about 6 months ago

New iOS Keylogging Vulnerability Discovered

tero Re:Linux and windows have vulnerabilities (72 comments)

You didn't even read the summary? That's very /. of you

" iOS (and OS X) SSL security bug comes the latest vulnerability in Apple's mobile operating system"

about 7 months ago

Apple Fixes Dangerous SSL Authentication Flaw In iOS

tero Re: goto fail (101 comments)

Yeah, the hash update succeeds, so err contains successful value when it jumps to the end. It never reaches the dead part where it updates.

about 7 months ago

Apple Fixes Dangerous SSL Authentication Flaw In iOS

tero Re:goto fail (101 comments)

Yeah, you'd think a compiler should have caught that.. but neither GCC or Xcode seems to do that..

Adam Langley has a great blog post dissecting this:

about 7 months ago

Apple Fixes Dangerous SSL Authentication Flaw In iOS

tero goto fail (101 comments)


  if ((err = SSLHashSHA1.update(&hashCtx, &signedParams)) != 0)
                goto fail;
                goto fail;

about 7 months ago

NBC News Confuses the World About Cyber-Security

tero not even in Sotchi (144 comments)

..they were in Moscow..

about 8 months ago



Remote root exploit in Kindle Touch

tero tero writes  |  more than 2 years ago

tero writes "Developers at MobileRead forums have discovered a rather strange "feature" in Kindle Touch browser. It seems the browser includes a scriptable plugin which allows websites to execute code on the device. Naturally someone has found a way to execute shell commands — and by the looks of it everything is running with root privileges.
This opens potential for "drive-by" jailbreaking — or turning the devices into a global 3G botnet.
According to the thread Amazon is working on a fix."

Link to Original Source

Seagate may sue if Solid State Disks get popular

tero tero writes  |  more than 6 years ago

tero writes "Even though Seagate has announced it will be offering SSD disks of its own in 2008, their CEO Bill Watkins seems to be sending out mixed signals in a recent Fortune interview:

He's convinced, he confides, that SSD makers like Samsung and Intel (INTC) are violating Seagate's patents. (An Intel spokeswoman says the company doesn't comment on speculation.) Seagate and Western Digital (WDC), two of the major hard drive makers, have patents that deal with many of the ways a storage device communicates with a computer, Watkins says. It stands to reason that sooner or later, Seagate will sue — particularly if it looks like SSDs could become a real threat.

Link to Original Source


tero has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>