Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 internet speed test! ×

Comment Re:Universe Quantitized at Low Enough Level (Score 1) 412

Agreed - and Quantum effects are discrete if someone is looking at them, which sounds a lot like a computing optimization... "Hey, I can save a lot of cycles if I just flip a coin if someone happens to look at an electron that closely and return a random spin for that electron rather then keeping track of a whole universe worth of electrons. Cool!"

Min

Comment Enterprise solution (Score 1) 151

I see a number of good ideas already for home-brew solutions so here's one for an enterprise out of the box solution. (usual crypto caveats apply, if you don't build it yourself, how do you know there's no backdoors... otoh, if you do build it yourself, assuming your not Bruce Schneier, how do you know you got it right? Take as directed, evaluate your risks before using)

I've had good success with Gemalto's protectfile product in this space. The NAE device handles the master key storage, temporal keys are stored in the device driver, encrypted by the master key. Accesses can be controlled by user through any of the usual authentication mechanisms, including saying "This is my backups user, it can read only encrypted data" which is a nice feature I don't see often enough on enterprise level encryption. Saves me from having to trust the sketchy encryption on the backup solution which is almost always backed by the "trust us" guarantee.

Min

Comment Re:So I'm going to be the grouchy old man here... (Score 1) 624

That's a sociopolitical issue to be resolved not by minimum wage hikes or make-work programs, but by legislating shorter standard work weeks and nationalizing health benefits. Make it affordable for employers to hire more people to do the work, make it less life-affecting for people to work less.

We can start by rolling back OT exemption rules. "Hey, you know what would be cool? If employers couldn't work you 100 hrs/wk without repercussions?"

That's simply fixing the free market. If your business model is so broken that you're not investing in proper automation and instead are working your IT staff 60hr/wk to compensate, congratulations, we just fixed your decision making process. Go invest in some IT automation instead, (or pay the OT to your IT staff, but I'll bet you the automation is cheaper, and will create jobs in the company that produces that automation software).

We've created a false supply, and are shocked that our job numbers aren't rising at the rate we'd like.

OT exemption is just a corporate handout paid on the backs of the people doing the work, and I'm speaking as a manager. Fix it.

Min

Comment Duress pin (Score 1) 301

I'd like a duress pin instead. It lets the phone function totally as normal, except it fires an email with my location, and an email that I'm being forced to unlock my phone to my lawyer or (for my work phone) my corporate legal dept. If I'm being forced to unlock my phone, I want to make it tough to disappear me, no matter what the circumstances are.

If you want, have it fire a user-defined script too, that way if you want to fry your crypto memory, have at it, or wipe your lastpass storage, or whatever.

Min

Comment Re:So what? (Score 1) 54

If you're interested, most people would agree that when you connect to a defcon wifi network you should probably be... cautious. Let's face it, Defcon is to RSA from an info-risk pov as walking in downtown NY at 1am is to walking around the North/South Korean DMZ at 1am. Both are hazardous, but one of them is just plain insane.

Now watch this: https://www.youtube.com/watch?...

That's the 'so what'.

And keep in mind that most ppl are still using the same passwords on multiple sites.

Oops.

Min

Comment Re:This won't be popular... (Score 2) 514

The issue is, that's not my call. I'm a professional, I travel to the US on business. In doing so, I bring data that is not mine with me. Corporate emails, credentials that could cause a CNN moment if mishandled, etc.

Those data are stored under cryptographic control, using two factor authentication. It is not mine to decide if it's acceptable to hand it over to anyone.

So now I need to take further steps to ensure I have access to the data required when I travel internationally to my corporate HQ, which increases the cost of doing business.

My company will never move their HQ out of the US, but others may decide at some point that it'll cost them less in the long run.

Min

Comment Re: Question about Canada and "media tax" (Score 3, Informative) 134

Also the caps on penalties are more reasonable here, making the "Pay us 5000, or we'll sue you for 1,000,000" threat ineffective. The max for non-commercial infringement up here is 5k. Since that's the max, in most circumstances, the judge would prove a much lower cost, say 100-200$.

Quoting directly: "(b) in a sum of not less than $100 and not more than $5,000 that the court considers just, with respect to all infringements involved in the proceedings for all works or other subject-matter, if the infringements are for non-commercial purposes."

The copyright trolls haven't been too interested since then.

background if you're interested:

http://www.michaelgeist.ca/201...

Comment Re:If the *.AA think it's bad (Score 1) 134

Honest question - how does he (and you I suppose by extension) feel about Libraries. They effectively cause the same issue for authors at a smaller scale (although maybe larger in aggregate, (not having firm numbers on ebook piracy rates vs traditional library use), especially since some libraries (my local included) offer ebook borrowing services.

Comment I avoid them for safety reasons (Score 1) 359

After I got nailed making a left shortly after getting my license, I started thinking about left-turns and how much more dangerous they are then right turns. There's so many more things to account for, and more chances for other people to make errors that force me to take hazardous countermeasures. A NYC study showed they are 3 times more dangerous then right hand turns. So now unless doing the right would take me way out of my way, I do that instead.

Remember, two wrongs don't make a right, but three rights make a left :)

Min

Comment Re:Good. Sex and Computers dont mix (Score 1) 233

The one that always got me was the RSA booth at Blackhat - I mean, Blackhat is in VEGAS. If you want that sort of thing, you can get it with fewer lines any number of places. But one year they had people lining up to pose with women dressed in biker costumes at the RSA booth.

Seemed a little bit like bringing icecubes to Alaska.

Min

Slashdot Top Deals

The world is coming to an end. Please log off.

Working...