Please create an account to participate in the Slashdot moderation system


Forgot your password?
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Comment Re:Identifying the user?? (Score 5, Informative) 54

To be specific, let me quote the spec:

The current Cloudflare CAPTCHA simply places a cookie allowing you to access the website. Since Cloudflare controls the origins, it could currently correlate user sessions across multiple circuits using these cookies. This is a gap in the Tor Browser threat model- the design explicitly ignores linking within a session by malicious first parties, but Cloudflare has effectively first-party control over a large proportion of the web.

Our design is an improvement over this state of affairs. Since the CAPTCHA service only sees blinded nonces, Cloudflare cannot link a CAPTCHA solution session to a given redemption request. Since each token is used only once, in contrast to a cookie, the tokens themselves cannot be used to link requests.

Comment My Chrome must-haves (Score 1) 195

AdBlock Plus.
HTTPS Everywhere.
Desktop Notifications for StackExchange.
Chrome extension source viewer (allows examining extensions and apps without installing them).
Kicktraq (shows funding graphs embedded in the header of Kickstarter page)
RSS Subscription Extension + The Old Reader Notifier (disclosure: I maintain that one)
A few self-written extensions for Fallen London browser game.

Comment Re:Game Dev here. (Score 2) 104

Luckily they closed off Russian keys from being used by anyone but Russians.

And that's why, as a Russian, I need keys to exist. After the ruble crash happened, Valve decided to region-lock activation of gifts from Russian accounts. And I have many friends outside the geofence.

As a result, I have to use sources outside Steam to gift games to those friends (Humble, GMG, direct sales).

Comment Re:What is Spotify? Help a brother out (Score 4, Informative) 67

You pay a monthly fee for technically not pirating music (while the artists only get fractions of a cent), as long as you're paying and the country you're in is blessed by licensing agreements.

If you don't pay, you can't cache music for offline use and it inserts ads (but still can listen to it).

Comment Re:I actually liked this feature (Score 2) 190

Well, if you don't secure the WiFi, you're broadcasting all your packets in plain text.

Don't look at WPA2 as access control only, it's also providing channel encryption.

Guest networks (isolated from the main one) are a nice idea but they should be secured anyway for the sake of the guests.

Slashdot Top Deals

e-credibility: the non-guaranteeable likelihood that the electronic data you're seeing is genuine rather than somebody's made-up crap. - Karl Lehenbauer