Comment seems like a prudent choice (Score 0) 366
Rule #1 when going up against the mafiaa is to not go up against the mafiaa.
Submission + - WebGL: A New Dimension for Browser Exploitation (net-security.org)
Orome1 writes: Researchers have uncovered serious security flaws in the new WebGL technology that creates 3D graphics in a browser with the same speed and detail as hardware-accelerated PC games and applications. Design level security issues give potentially malicious web pages low level access to graphics cards that could provide a ‘back door’ for hackers and compromise data stored on internet-connected machines.
Submission + - Nokia announces start of Qt 5 development (nokia.com)
jrepin writes: "To also, in the future, be a leading edge development framework across multiple industries, Qt needs to continue to renew itself. Given that Qt is moving into open governance mode in the upcoming months, Lars wanted to share his thinking with the Qt community in order to kick off the discussions about what he sees as the technical architecture for Qt 5."
Submission + - Android Overtakes Blackberry (comscore.com)
eldavojohn writes: A staggering shift in the US between October of 2010 and January of 2011 (Android up 7.7%, Blackberry down 5.4%) indicates that Android has surpassed Blackberry in smart-phone platform market share. Other research puts it at 35% of worldwide total smart-phone market share. This presents reinforcing evidence for Android's new dominance in the smart-phone world. Is Android's lead over the business savvy Blackberry temporary or has it become a competitor for that market?
Submission + - Battle Brews Over FBI's Warrantless GPS Tracking (wired.com)
fysdt writes: "The FBI's use of GPS vehicle tracking devices is becoming a contentious privacy issue in the courts, with the Obama administration seeking Supreme Court approval for its use of the devices without a warrant, and a federal civil rights lawsuit targeting the Justice Department for tracking the movements of an Arab-American student. In the midst of this legal controversy, Threat Level decided to take a look at the inside of one of the devices, with the help of the teardown artists at iFixit."
Comment Of course the new guy can't code (Score 0) 194
Face it. Nobody is taking CS classes anymore. Software houses (and everyone else) found big bonanzas offshore in the early 2000s and they friggin <i>RAN</i> to the boats. Post-exodus, Manufacturing and Engineering went tits-up in the USA and nobody wanted to go into those fields and the people in them basically got the word "So sorry, tough sh*t"
The only reason the new guy can't code is because your getting bottom-of-the-barrel people coming into the interviews. The ones that were hot-shots have either left the US, moved-on to other careers, or are in management now. You reap what you sow; So sorry, tough sh*t. Yes, I'm a bit jaded.
The only reason the new guy can't code is because your getting bottom-of-the-barrel people coming into the interviews. The ones that were hot-shots have either left the US, moved-on to other careers, or are in management now. You reap what you sow; So sorry, tough sh*t. Yes, I'm a bit jaded.
Comment Looks like it's running Android, eh? (Score 1) 81
check out The top status bar. doesn't say in TFA.
Comment Big thank you to all the contributors (Score 3, Insightful) 197
To all the people who contributed Open Source projects over the last 20 years, a big THANKS. Can you imagine this landscape without open source software and alternatives to run it on like Linux and the *BSD variants?
Most of the internet would would need downtime for reboot every night, and the cost incurred by your ISP for all the proprietary licensing would probably put the net out of reach for most common folks.
Most of the internet would would need downtime for reboot every night, and the cost incurred by your ISP for all the proprietary licensing would probably put the net out of reach for most common folks.
Comment Transferring employees (Score 2) 179
Sounds to me like 3000 employees just finished their last TPS report.
"Hi Mike, yeah.. remeber that TPS report? Yeah.. that one I asked you to yeah.. fill out before the end of April? Yeah, we won't be needing that here anymore, yeah... so if you would just put all your stuff in this box and yeah... head over to Accenture that would be great."
"Hi Mike, yeah.. remeber that TPS report? Yeah.. that one I asked you to yeah.. fill out before the end of April? Yeah, we won't be needing that here anymore, yeah... so if you would just put all your stuff in this box and yeah... head over to Accenture that would be great."
Comment get a grip people - It's just a phone! (Score 1) 195
The upgrade frenzy caused by Apple is really, really concerning. Just the labor practice alone[1][2] is appalling enough, not to mention the the amount of energy[3] it takes to produce a new device every 6 months. Can't people live with the same gadget for at least a couple/few years without going ape every time something new comes out?
[1] - http://thenextweb.com/apple/2010/02/27/apple-child-labor-china-history-sketchy-manufacturing/
[2] - http://www.zdnet.com/blog/government/apple-may-be-poisoning-chinese-workers-and-doesnt-seem-to-care-should-we/9908
[3] - http://www.enviroliteracy.org/article.php/1119.html
Comment Steps to responding quickly (Score 1) 125
1) Warn Boss of vulnerabilities
2) Boss asks for time/cost estimate to fix
2a) Boss brings estimate to talking-head meeting
2b) people protest about their job process changing
3) estimate sits on Boss's desk for 3 months
4) Boss golfs with his sis's brother-in-law and they talk security
5) Boss comes to work next day, calls meeting about security
6) You remind him of estimate on desk for 3 months
7) meeting devolves into yucks about golfing/hangover
8) Boss calls you into office after meeting
9) Asks you to pick two of the "hottest" security bullets in your list
10) time/cost gets approved for two of the 10 security items
11) system eventually gets compromised
12) everyone runs amok, asks how is this possible
13) Boss approves 8 remaining security bullets
14) Goto 1
Glad I don't do security anymore.
2) Boss asks for time/cost estimate to fix
2a) Boss brings estimate to talking-head meeting
2b) people protest about their job process changing
3) estimate sits on Boss's desk for 3 months
4) Boss golfs with his sis's brother-in-law and they talk security
5) Boss comes to work next day, calls meeting about security
6) You remind him of estimate on desk for 3 months
7) meeting devolves into yucks about golfing/hangover
8) Boss calls you into office after meeting
9) Asks you to pick two of the "hottest" security bullets in your list
10) time/cost gets approved for two of the 10 security items
11) system eventually gets compromised
12) everyone runs amok, asks how is this possible
13) Boss approves 8 remaining security bullets
14) Goto 1
Glad I don't do security anymore.
Comment Re:FTFA, both sides seem guilty. I'm confused. (Score 1) 250
Hmm.. the author calls it an exploit in the article. Seems to me that anytime you devise a method to utilize something that it wasn't really intended for is indeed and exploit, hack, workaround, kludge, whatever.
I think it's marvelous this person found a way to use the system in a way it wasn't intended. He/She is probably very bright. Thing is though, if you're going to mess around in places you really aren't supposed to, don't be surprised if someone takes issue with it. That's the risk you take. Used to be people used pseudonyms to mitigate some of the risk, but that's a whole 'nother discussion on privacy vs. idiocy.
Comment FTFA, both sides seem guilty. I'm confused. (Score 1, Insightful) 250
Dropship that allows users to exploit Dropboxâ(TM)s file hashing scheme to copy files into their account without actually having them."
I can see why they would be a bit ruffled over this. Seems like this could be in the same realm as an SQL injection attempt. It's just using JSON instead.
"First of all, attempting to protect a proprietary protocol is going to get them nowhere. "
Ok, that's a problem. The reason the protocol is proprietary is because the company has put a lot of time, money and effort into developing their product. They want to recoup some of the development costs through the implementation of their protocol.
The DMCA thing well
Comment 'securing' wi-fi with a password (Score 1) 964
A password doesn't equate to security.
It would be a lot harder to prove someone else used your setup when it's 'secured' with a password, but it can happen. Besides passwords being a piss-poor way to secure *anything* these days, many people choose stuff like their kids names, or birthdays or other crappy dictionary words.
What's worse, is a lot of people and places are still using WEP, which is useless in terms of accountability, but it would be enough for a court to say "You say you secured your setup but someone cracked it anyway? Yeah, right"
Nobody I know (corporates included) use a password like(lei3%dk&l[_#=3 anyway because it's "too hard" for users to remember.
Passwords are pointless for proving, or disproving, accountability.
Comment fsck you apple, and google (Score 1) 556
aside from using gps or other applications which logically require the use of location data, i'm not seeing the need for constant logging.
