×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Comments

top

Hacker Holds Key To Free Flights

ugen Re:Picking a seat is easy (144 comments)

Which one? Knowing what passenger is in what seat? I dunno, airlines don't do much of anything if it costs extra. Remember the peanuts?

about three weeks ago
top

Hacker Holds Key To Free Flights

ugen Picking a seat is easy (144 comments)

Seat maps are now available online realtime for most major airlines. So there is no need to guess - you can pick a right flight and an empty seat, do it right before the departure and it will likely remain empty.

On the other hand, my impression of gate check was that it checks boarding pass against database record of name/reservation/seat assignment. Certainly any other information maintained by gate agents is in the same remote database (such that any changes they perform at the gate become instantly visible online, for example standby and upgrade list status). So, no matter what the "local hack" is, it would only work if either:
- He can also hack remote passenger database (unlikely)
- Specific airline does not check passengers against the database and trusts properly constructed boarding pass (also unlikely, at least in US, as there needs to be positive match between passenger and loaded luggage that has to be performed based on that darn remote record).

There is also pesky passenger manifest with names, which again comes not from your boarding pass but from the remote system (though they need to reconcile with with reality).

Let's wait and see. Perhaps some of these conditions don't hold in Europe for whatever reason?

about three weeks ago
top

Some Mozilla Employees Demand New CEO Step Down

ugen Re:I'll invoke Godwin's law (824 comments)

I did not provide quality judgement. I merely suggested that there may be *some* beliefs that justify appropriate protest. Whether *this one* is such or not is not really the point.

about a month ago
top

Some Mozilla Employees Demand New CEO Step Down

ugen I'll invoke Godwin's law (824 comments)

What if that CEO just "gave some money years ago" to Nazis? Now as CEO he is promising to promote "inclusive policies" . Would Jewish people working for this company be justified in asking him to step down?

See, it *is* about the kind of belief that is being dealt with.

In any case, CEO has a right to his opinion and employees have a right to theirs. They are *asking* for him to step down. That's what free speech is for. They can ask, and he can do as he sees fit.

about a month ago
top

NSA and GHCQ Employing Shills To Poison Web Forum Discourse

ugen Not just US (347 comments)

Russia is doing this sort of thing pretty extensively. On one of the national forums I happen to frequent we know who these people are - in fact, they are not really in hiding (though they never officially confirm or deny their identity). Human psychology works in curious ways, though - even though the perpetrators are well known, the rest of the community still gets into extensive discourse that includes these people and even allows them to steer discussion in whatever direction they need to. I have to give it to these guys - they are well prepared and master mass psychology quite well.

about 2 months ago
top

Ghostwriter Reveals the Secret Life of WikiLeaks Founder Julian Assange

ugen Lucrative deal (359 comments)

What are the chances that next step for mr O'Hagan would be writing a "tell-all" article series, followed by a book "revealing to the public the intimate details about one of modern day most controversial characters". I bet that would pay a heck of a lot better than a ghostwriting job for a fugitive stuck at a 3rd world country embassy.

Seems like Assange isn't particularly savvy about choosing his friends.

about a month ago
top

Apple SSL Bug In iOS Also Affects OS X

ugen Re:Lets see how far back... (140 comments)

It is correct and, if you have 10.6 handy - you can verify that under that system Safari is using OpenSSL. To do so, simply move /usr/lib/libssl.*.dylib elsewhere and try to run Safari. It will fail due to missing libraries.
On 10.9 Safari will happily run with OpenSSL libraries removed.

You are welcome to dig through otool -L output to find how it's linked up, but the fact remains - Safari was switched over from OpenSSL to homegrown crypto sometime after 10.6.

about 2 months ago
top

Apple SSL Bug In iOS Also Affects OS X

ugen Re:Lets see how far back... (140 comments)

iOS 6.1.6 is not available for iPhone 5. It is only available for devices for which there is no iOS 7, unfortunately. First thing I checked.

about 2 months ago
top

Apple SSL Bug In iOS Also Affects OS X

ugen Re:Informative discussion thread (140 comments)

:( But I *really* don't want iOS 7. I think this is all planned by Apple to move remaining holdouts to the current iOS. Fuck.

about 2 months ago
top

Apple SSL Bug In iOS Also Affects OS X

ugen Re:Lets see how far back... (140 comments)

Snow Leopard (10.6) is not vulnerable to this bug, since Apple did not switch from OpenSSL to their own SSL/TLS library back then yet. Just verified on my 10.6 box (to verify visit https://www.imperialviolet.org:1266/ )

On the other hand, iOS 6.1.5 is - and now I have a choice of using insecure iPhone or upgrading to 7.x. For now I've switched from Safari to a 3rd party browser that does not have this bug - but email is still vulnerable and so can be other components. That said, I have little trust in SSL even when it works as designed, so I won't lose much sleep over this.

about 2 months ago
top

Apple Fixes Dangerous SSL Authentication Flaw In iOS

ugen Re: goto fail (101 comments)

Dumb. We are in for more than that. It took a decade to get OpenSSL clean with many more eyes on it.

about 2 months ago
top

Apple Fixes Dangerous SSL Authentication Flaw In iOS

ugen Re: goto fail (101 comments)

Curious. This would seem to result in a failure every time. Without reading the code further - how could auth ever succeed? Or did it ignore the failure return code and relied on hash update results anyway?

Switching away from OpenSSL that is widely used and audited for generations of releases to homegrown crypto is a mistake on Apples part. This is most certainly not the last security flaw in their code we will see.

about 2 months ago
top

Fishing Line As Artificial "Muscle"

ugen Science fiction to reality (111 comments)

Funny, if you happen to be Russian and of that generation - this is pretty much how "bioplastic" drive was described in a sort-of-science-fiction book about "Neznaika in a sunny town" :) Here is the relevant page:
http://vseskazki.su/avtorskie-skazki/n-nosov-rasskazi/neznajka-v-solnechnom-gorode.html?start=28

I've been waiting for this one for a while.

about 2 months ago
top

I'd prefer military fiction books that are ...

ugen Where is "none of the above" (236 comments)

I can't stand "military fiction"? WTF is it anyway?

about 2 months ago
top

Apple's Hiring Spree of Biosensor Experts Continues As iWatch Team Grows

ugen Man, they are smart... (62 comments)

Disclaimer: I am an Apple product user. I like my iPhone 5. However, I tried and could not like iOS 7 (my primary iPhone is still on 6, and I'll stick with it for as long as possible), and admittedly for a few years I felt about my iDevices about the same as anything else - they serve the purpose, annoy me sometimes, whatever. Mildly ambivalent.

At the same time, I wasn't too excited about wearable computing. Watch-like devices that came out so far seemed to be trying the form factor without actually having figured out their purpose. They were poor answers to questions no one asked.

Then Apple does this. I have no idea what specifically "this" is but admittedly a "bio-metric" angle is intriguing. I am now somewhat curious and even a little excited to see what they will develop. This may be in part because as I got older, I've got a lot more careful about maintaining my health (whatever is left of it anyway). As part of that quest, I've been through a number of dedicated health-metric devices - and virtually all of them so far came up extremely short in both functionality, usability and integration. In fact, ironically, the most used "health" device is my iPhone which I consistently use for nutrition and fitness tracking.

So - great angle from Apple. Wish I could work on that project :)

about 2 months ago
top

Financing College With a Tax On All Graduates

ugen Study abroad (597 comments)

Suddenly, study abroad begins to sound ever more attractive :)

about 2 months ago
top

Death Hovers Politely For Americans' Swipe-and-Sign Credit Cards

ugen Re:I guess they have never heard of two factor aut (731 comments)

Don't confuse debit cards (that do have a PIN in US, as anywhere) and credit. The difference is crucial and in principle. With direct debit cards account holder is liable for any losses due to fraud (though banks claim they will help, by law it's the responsibility of account holder). With credit cards card issuer is liable by law for any fraudulent charges. I'll take the second option, thank you.

about 2 months ago
top

Death Hovers Politely For Americans' Swipe-and-Sign Credit Cards

ugen A few things (731 comments)

First, chip & pin is how Europe does not, not the "rest of the world". In my travel around Asia I haven't seen chip & pin cards or machines anywhere (anecdotal evidence it may be, but it definitely isn't universal). I got a (rare) US chip & pin card just in case for my travels a few years ago, and so far had not a single chance to use it - not even on a recent trip to Germany. In places that could "go either way" that card still fell back to signature mode (though, perhaps, that's more of an issue of how VISA presents it).

Secondly, chip & pin has one interesting issue in US market - tipping at restaurants and such places. The (imho vile) practice of inflating one's bill by 20-25% post-consumption is not particularly common in the chip & pin world. Since chip & pin transaction has to be fully concluded at pin entrance, we would have to tip at restaurants through hand-held machines brought to our table, while waiter is standing there looking on anxiously. I am guessing tip rates can then go to 50%?

about 2 months ago
top

Old cellphones, in my household ...

ugen Old iPhone (171 comments)

All my phones from last 10 years are still around and being used, if I can help it.
Smartphones:
iPhone 4 is still very much alive and kicking, used essentially as an iPod/music device/game device/development/whatever. I also take it when I travel to use with foreign SIM cards, to avoid risking newer iPhone 5.
iPhone 3 was also alive until last summer, but unfortunately got stolen during a trip abroad. Sure hope someone is enjoying it. Curiously, thieves in Bangkok were considerate enough to take the phone but leave the wallet that was right next to it in my bag.

Dumb phones:
I had a few "prepaid" Virgin Mobile phones laying around, reactivated and used sporadically for visitors from abroad or as needed. Unfortunately, they had to be discarded ever since Virgin Mobile stopped selling short term prepaid plans (and they cannot be activated directly on Sprint network due to their policy). Too bad, they all worked just fine.
An old Sprint phone has been recently revived and reactivated through one of the non-contract Sprint resellers - give it to kids as a "safety' device.
An old quad-band GSM phone from ATT is a spare, taken abroad to use with local SIM cards sometimes (but lately iPhone does that better).

The only phone I parted with voluntarily in the last 10 years was a Samsung Galaxy (forget which revision). I tried hard to like Android (hoping to develop applications for it, wanted to get some system experience), could not like it though and sold it on eBay.

about 2 months ago
top

AOL Reverses Course On 401K Match; CEO Apologizes

ugen Exactly why we need ACA (123 comments)

So that a smug overpaid CEO of a sinking remnant of a company could not complain about employees receiving "too much money" for the healthcare for their family. Incidentally, this douche's compensation is north of 25 million dollars. That would pay for a dozen families health needs.

about 2 months ago

Submissions

ugen hasn't submitted any stories.

Journals

ugen has no journal entries.

Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...