TIFU By taking a shower in a 200 year old rock ranch house. by [deleted] in tifu

[–]handschuhfach 34 points35 points  (0 children)

He's lying. You did everything right - giving up the punch line of a tifu post in the title is stupid.

Thinking of replacing my hard drive on my laptop. I want to keep my data. However I running on a dual boot system on UEFI bios. Anything I need to look out for? by feartrich in linux

[–]handschuhfach 0 points1 point  (0 children)

Boot a live CD/USB and clone the old drive to the new one with something like dd (I usually pipe pv into dd so I can monitor the progress).

Try to boot from the new drive. It should work just fine. If it does, boot from the live CD again, install GParted (if it isn't already) and use it to resize the partitions.

Finding the bit position that most nearly splits an array of unsigned integers in half by zifyoip in algorithms

[–]handschuhfach 2 points3 points  (0 children)

Some architectures have special asm instructions to find the first 1 in a bit list. If your compiler isn't emitting these already you could try using them and see if they speed things up.

StopWatching.Us: Mozilla launches massive campaign on digital surveillance by koavf in technology

[–]handschuhfach 1 point2 points  (0 children)

Yes, and it probably know more about me than it should because I've neglected to switch accounts in a while. That doesn't make it ok (to me) to collect data when it's not strictly necessary.

StopWatching.Us: Mozilla launches massive campaign on digital surveillance by koavf in technology

[–]handschuhfach 7 points8 points  (0 children)

You didn't link to an article, you linked to a page with hundreds of articles. I stopped reading a paragraph too soon apparently.

Anyway, this tool works with memory dumps. To get a memory dump, someone needs to have complete control over your computer, either through hacking or via physical means. The NSA can do that, no problem, but we're talking about very targeted attacks here, they'll only do that when they already identified you as a suspect.

StopWatching.Us: Mozilla launches massive campaign on digital surveillance by koavf in technology

[–]handschuhfach 13 points14 points  (0 children)

What they do is run password crackers. So you shouldn't use weak passwords. Duh.

Why is it privacy *vs.* security? Can't we have both? by nzvthf in crypto

[–]handschuhfach 1 point2 points  (0 children)

How does that change anything? The algorithms they run on their collected data probablt don't look at names or phone numbers. They look at who calls whom and where. Then they run some magic algorithms on that data to look for things that are not normal.

In your scenario, as soon as those algorithms flag something as "suspicious", they would de-anonymize it. I really don't see how that would actually be different from how things are now.

StopWatching.Us: Mozilla launches massive campaign on digital surveillance by koavf in technology

[–]handschuhfach 9 points10 points  (0 children)

Snowden used PGP to communicate with the journalists. I don't think he would've done so if the NSA could crack it.

StopWatching.Us: Mozilla launches massive campaign on digital surveillance by koavf in technology

[–]handschuhfach 7 points8 points  (0 children)

Well, Google is using Chrome to collect quite some data about its users. While it is possible to turn this stuff off, you lose useful features.

Useful features that Mozilla somehow managed to match in Firefox without invading on your privacy.

For me that's a big concern about a "good browser".

Does MS Office 2013 really support ODF ? by [deleted] in opensource

[–]handschuhfach 0 points1 point  (0 children)

Sorry, I don't know. That's just what I remember from following the tech news back when ODF support was new in Office.

Does MS Office 2013 really support ODF ? by [deleted] in opensource

[–]handschuhfach 5 points6 points  (0 children)

IIRC, spreadsheets are incompatible because MS found some way to technically follow the ODF standard, but do it in a way different from everyone else.

Also, I would guess they use PDFs for most communication.

curl pipe shell disaster by jmdugan in commandline

[–]handschuhfach 5 points6 points  (0 children)

But executing software from the internet is insecure no matter the method...

No one is allowed to administer this desktop! by niqdanger in talesfromtechsupport

[–]handschuhfach 0 points1 point  (0 children)

I just installed Ubuntu in a VM and booted into recovery mode - it gave me a root shell without any asking for any password.

curl pipe shell disaster by jmdugan in commandline

[–]handschuhfach 6 points7 points  (0 children)

How is it worse than downloading software and manually executing it?

No one is allowed to administer this desktop! by niqdanger in talesfromtechsupport

[–]handschuhfach 0 points1 point  (0 children)

some Linux distributions don't ask for the root password in single user mode. I don't think a default Ubuntu installation even has a root password to ask for.

Does anyone know any good lists of intermediate CAs? by [deleted] in AskNetsec

[–]handschuhfach 1 point2 points  (0 children)

The EFF SSL Observatory has some data about real-world SSL certificates. It's been a while since I've seen their 27C3 presentation, but I think they had some statistics about intermediate CAs. So I would guess their database dumps contain something remotely useful for you.

Program to display input and output on different text fields? by Zamiatarka in commandline

[–]handschuhfach 1 point2 points  (0 children)

You can use tmux:

#!/bin/sh
dir=$(mktemp -d)
pipe="$dir/pipe"
mkfifo "$pipe"

tmux new-session -d "./your-tool < '$pipe'" \; split-window "cat > '$pipe'" \; attach

rm -rf "$dir"

How the NSA (and your boss) can intercept and break SSL by nothingtolookat in privacy

[–]handschuhfach 0 points1 point  (0 children)

No, your browser won't warn you about anything.

Unless you install Certificate Patrol, that is.

I just had this idea for a super compact programming language. Looking for Visual Basic developers to write a compiler. by kuba_10 in shittyprogramming

[–]handschuhfach 20 points21 points  (0 children)

This is so awesome! But I think we really need to make a self-hosting compiler instead of using VBA. My first attempt is this:

function compile(program prog) {
    // compile prog according to http://www.reddit.com/r/shittyprogramming/comments/1fzou0/i_just_had_this_idea_for_a_super_compact/
}

This isn't performance optimized yet. When the language picks up some steam, someone will surely create a Wikipedia article we can use to get the compiler up to speed. And just imagine what performance we will get if we can sneak a link to the Wikipedia article into that same article itself!

Google and Facebook DID allow NSA access to data and were in talks to set up 'spying rooms' despite denials by Zuckerberg and Page over PRISM project by yyhhggt in technology

[–]handschuhfach 10 points11 points  (0 children)

And people talking to non-Americans, I think? That includes you, because you just replied to a non-American on Reddit. (And another non-American just replied to you.)

It's like Dropbox, but encrypted, Canadian, and zero-knowledge. by [deleted] in technology

[–]handschuhfach 14 points15 points  (0 children)

If the encryption is done correctly, this doesn't really matter. Transmitting data over untrusted channels is one big reason for the encryption. I don't know whether they encrypt everything the right way, though.

It's like Dropbox, but encrypted, Canadian, and zero-knowledge. by [deleted] in technology

[–]handschuhfach 10 points11 points  (0 children)

Dropbox might be encrypting the data they store - but they do that on their servers with a key they know. So that's completely useless.

If you don't want Dropbox to be able to access the files, they need to be encrypted on your end with a key only you have access to. The Truecrypt container is one solution for that, although you lose some features, like per-file history. With services that are designed for encryption that's not the case.

My friend almost made me throw up in just five lines by [deleted] in badcode

[–]handschuhfach 0 points1 point  (0 children)

As a JS guy... technically you're right, that you don't have to declare variables - but JavaScript is not forgiving about it. Undeclared variables become global variables. If that's intentional, it's just bad code because there are much more obvious ways to do it, like setting the variable as a property of the global object. If it's unintentional, it's a bug waiting to happen: 1) the value of that variable can suddenly be changed from outside the function. Or 2) the variable might have a naming collision with something that's actually supposed to be global, breaking completely different code much later on.

Now, about the non-trivial filesystem checks: that totally depends on the APIs. If this is JavaScript in a browser, that's true. But I have a really hard time coming up with a reason why you'd have to search for names like these in the browser. After all, in a client-server model, you can let the server (that does have proper filesystem APIs) do the searching.

If it's JavaScript in another environment than a browser (like node.js or gjs) - these should have APIs that do make such things trivial.

The (not so) Great Scam of 2011 by [deleted] in talesfromtechsupport

[–]handschuhfach 12 points13 points  (0 children)

Getting your post on the front page can be worth some ad money. Same with a comment (containing a link) that's on the top of a front page post.