jlcooke - Slashdot User

Comment Beat the Beatings: Have a fake parition... (Score 1) 467

by jlcooke on Monday September 20, 2010 @09:26AM (#33634852) Attached to: Distinguishing Encrypted Data From Random Data?

Just as with your laptop. Create a fake login.

So when someone beats you with a phone book or a tirewrench, you can say "the login is jdoe, password 123!" and they'll login and see your not so important files. When actually your login is janedoe password abc.

Same applies with encrypted partitions in your setup. Have a partition A at index N and a partition B at index M. A,N is the fake one, complete with files recently modified (.bashrc and cron will help with that). And B,M is your normal secure parition.

Comment vmware + fullscreen + luck? (Score 1) 555

by jlcooke on Friday April 30, 2010 @11:41AM (#32044976) Attached to: Recourse For Draconian Encryption Requirements?

A bit snarky - but install VMWare, make it full-screen and hope they don't notice?

Comment Password in clear-text (Score 1) 180

by jlcooke on Monday July 20, 2009 @10:30AM (#28756057) Attached to: Is Battery-Free 2-Factor ID Secure?

The system is no better than having a normal credit card CVV.

The LCD-like half-images are the secret. Take a photo of that and you're totally compromised.

The battery systems (like RSA SecurID) are better because they protect the secret inside the deviceand only give a derived value every 60 seconds.

Nice try however.

Comment Mangle better (Score 1) 288

by jlcooke on Tuesday June 23, 2009 @03:46PM (#28443887) Attached to: Has Google Broken JavaScript Spam Munging?

Like this:

www.certainkey.com/dm.

Needs some crypto computation to decrypt. User needs to click on a "Get my Email" button. Works on iphone.

Comment Re:Too good to be true... maybe? (Score 1) 188

by jlcooke on Friday May 22, 2009 @03:05PM (#28057831) Attached to: Plastic and Fuel That Grow On Trees

This news is actually over 50 years old.

Pop reference you can check out: "It's a Wonder Life" - the flash-back scene where the lead charactor's friend tells me "there's a great investment oppertunity with Soy farmers, they're going to make plastics!" - or something like that.

Mr Tupper (Tupperware fame) made it big by using fuel refinement waste to make plastics - there by removing the bottleneck of growing Soy.

Comment Something like this perhaps (Score 1) 522

by jlcooke on Wednesday April 08, 2009 @04:15PM (#27508747) Attached to: Why the CAPTCHA Approach Is Doomed

The key is to make the bots/spammers use more resources then they have.

Something like this can be used to slow down email address scanning bots.

Like sending email with hashcash, if you make the scammers work to get the right answer by requiring to compute a computationally complex formula (crypto function random walk distinguished points), they will not be able to keep up.

A website can pre-compute a table of (and continuously add to that table) challange-responses that a visitor must perform. A human will see a 5-15 second delay to registration, to a bot this can be intolorable.

Comment Look at older projects (Score 1) 188

by jlcooke on Wednesday March 04, 2009 @11:36AM (#27064945) Attached to: Collaborative Map-Reduce In the Browser

http://it.slashdot.org/article.pl?sid=03/12/31/2246241&tid=93

MD5CRK used a JavaApplet that used this Chinese Lottery concept. The applet performed 95% as fast as a pure C implementation of MD5. JavaScript is another matter however. And an assebly code that inlieved MMX/SSE with ALU was much faster.

Background threads in browsers will help of course.

Comment Friends + rsync over ssh (Score 2, Interesting) 669

by jlcooke on Saturday December 13, 2008 @12:22PM (#26103391) Attached to: Long-Term Personal Data Storage?

I have gigs of photos (wedding, long lost family picnics, etc) and music that I can't bare to lose.

Find someone who doesn't want to lose anything either and setup rsync over ssh. Synchronize often, rsync is very friendly to bandwidth.

Submission + - U.S. Voting Machines Standards Open To Public (eac.gov)

Submitted by

Online Voting

on Wednesday October 31, 2007 @03:35PM

Online Voting writes: "The U.S. Election Assistance Commission has published new voting systems testing and certification standards for 190 days of public comment. For all the critics of electronic voting, this is your opportunity to improve the process. This will be the second version of the federal voting system standards (the first version is the VVSG 05). To learn more about these Voluntary Voting System Standards see this FAQ."

Holocaust Dropped From Some UK Schools 1286

Posted by kdawson on Thursday May 24, 2007 @09:47AM from the careful-you-might-offend-somebody dept.

dteichman2 writes "It appears that some UK schools are ignoring the Holocaust. A government-backed study, funded by the Department for Education and Skills, found that some teachers are reluctant to teach history lessons on the Holocaust for fear of offending Muslim students whose beliefs include Holocaust denial. Additionally, similar problems are being encountered with lessons on the Crusades because these lessons contradict teachings from local mosques."

First OpenOffice Virus, Not In the Wild 169

Posted by kdawson on Tuesday May 22, 2007 @01:45PM from the raucous-laughter-in-Redmond dept.

NZheretic writes "According to APCmag, the first cross-platform OpenOffice.org virus — 'SB/Badbunny-A' — was emailed directly to Sophos from the virus developers. The proof-of-concept virus affects Windows, Mac OS X, and Linux systems and uses different methods on each. It has not yet been seen in the wild. Despite Sun's OpenOffice.org developer Malte Timmermann's claims to the contrary, this kind of embedded scripting attack represents a real threat to OpenOffice.org users. Back in June 2000 when Sun first announced the open sourcing of OpenOffice.org, the twelfth email to the open discussion list put forward a two-part solution for providing OpenOffice users with Safe(r) Scripting using restricted-mode execution by default and access by signed digital certificates. In October 2000 the issue of treating security as an 'add-on' feature rather than as a 'system property' was again raised. Is it time to now introduce such measures to the OpenOffice.org Core to greatly reduce any future risk from scripted infections?"

Smithsonian 'Toned Down the Science' In Climate Change Exhibit 372

Posted by Zonk on Tuesday May 22, 2007 @01:04PM from the pre-emptive-censorship dept.

An anonymous reader writes "According to an International Herald Tribune article, the Smithsonian pre-emptively toned down the scientific content of a climate change exhibit put into place last year. The changes, including removal of scientist conclusions and muddying of displayed data, were made to ensure that the exhibit would not offend the Congress or the White House. Pressure brought to bear by Institute officials resulted in the resignation of Robert Sullivan, a sixteen year veteran of the organization. 'This is not the first time the Smithsonian has been accused of taking politics into consideration. The congressionally chartered institution scaled down a 1995 exhibit of the restored Enola Gay, the B-29 that dropped the atomic bomb on Hiroshima, after veterans complained it focused too much on the damage and deaths. Amid the oil-drilling debate in 2003, a photo exhibit of Alaska's Arctic National Wildlife Refuge was moved to a less prominent space.'"

Submission + - What is the best console controller of all time?

Submitted by Mateo Slovinsky on Tuesday May 22, 2007 @12:59PM

Mateo Slovinsky writes: Is the XBox 360's controller the best controller of all time? CNet seems to think so in its line up of the top five gamepads of all time. "Did you expect the Wii? Sorry. It's a brilliant piece of innovation, that's not in question, but there simply aren't enough games to judge it against the best controllers ever. The Xbox 360 pad has proven itself over a longer time and on a wider selection of titles — and it has its own claims to originality."

Submission + - Bogus Microsoft study atacks GPL3 draft process

Submitted by QCMBR on Tuesday May 22, 2007 @12:53PM

QCMBR writes: A new Microsoft-funded study by a Harvard Business School professor concludes that developers don't want extensive patent licensing requirements in the GPL3. There are some problems with the study, however, especially given the very small sample size. 'Although 332 emails were sent to various developers, only 34 agreed to participate in the survey — an 11 percent response rate. Of the 34 developers who responded, many of them are associated with projects like Apache and PostgreSQL that don't even use the GPL.' Ars points out that the GPL3 draft editing and review process is highly transparent and inclusive 'to an extent that makes MacCormack's claims of under-representation seem difficult to accept given the small sample size of the study and the number of respondents who contribute to non-GPL projects.'

Submission + - "First" OpenOffice virus emerges

Submitted by

NZheretic

on Tuesday May 22, 2007 @11:19AM

NZheretic writes: "According to APCmag the "First" cross platform OpenOffice.org virus "SB/Badbunny-A" has been emailed directly to Sophos from the virus developers. It has not yet been seen in the wild.

Despite Sun's OpenOffice.org developer Malte Timmermann's claims to the contrary this kind of embedded scripting attack represents a real threat to OpenOffice.org users.

Back in June 2000 when Sun first announced the open sourcing of OpenOffice.org the twelfth email to the open discussion list put forward a two part solution for to provide OpenOffice users with Safe(r) Scripting using restricted mode execution by default and access by signed digital certificates. In October 2000 the issue of treating security as an "add-on" feature rather than a "system property" was again raised. Is it time to now introduce such measures to the OpenOffice.org Core to greatly reduce any future risk from scripted infections?"

Slashdot Top Deals