Become a fan of Slashdot on Facebook

 


Forgot your password?
Close
typodupeerror
×

Comment Re:Faulty Reasoning (Score 2) 653

by Migala77 (#38280276) Attached to: Does Outsourcing Programming Really Save Money?
I think they just followed the spec. They may have wondered why their customer (your company) wanted shoddy work, and didn't specify any error handling. Cultural differences and/or physical distance (timezones, difficulty of contacting eachother) causes them to handle the same situation differently than a local contractor would. Together this all leads to an undesirable outcome. That doesn't mean they are bad programmers, or that they are trying to screw you over.
Security

Submission + - Report on DigiNotar hack indicts Iran (sophos.com)

Submitted by xsee
xsee writes: A report released today by Fox-IT investigating the attack against certificate authority DigiNotar shows extremely poor security at DigiNotar and implicates Iran in the attack.

DigiNotar was using unpatched Windows servers with poor passwords and no anti-virus.

Submission + - Details on the Iranian Diginotar hack (google.nl)

Submitted by Anonymous Coward
An anonymous reader writes: A report came out explaining how the security incident at Diginotar could occur. Although the report itself is not yet public, news websites report some of its shocking conclusions:
- It was possible to access the secured environment directly from regular employee computers for anyone logged in to Windows;
- Administrator passwords were so simple that they could be (and were) brute forced;
- Logging did not function correctly and it is not possible to find out which certificates were created;
- Copies of keys were also held in a separate database and any employee could have abused them to sign counterfeit certificates;
- No antivirus was used and intrusion detection failed;
- The attack was discovered by July 19th and by Juli 28th it was known the certificates were used to intercept traffic.

Dutch original: http://www.nu.nl/internet/2607758/diginotar-negeerde-misbruik-en-was-slecht-beveiligd.html

Comment Re:Whoa (Score 1) 68

by Migala77 (#36507544) Attached to: Life As a Bug Hunter

Firefox doesn't use that much RAM under normal conditions. Apart from that bug when you load up a whole page of photos, the use of memory is way below any of the major competitors.

Doesn't mean that it doesn't happen, but it's usually not Firefox, it usually ends up being a plug in or extension that's using up most of the memory. Under normal circumstances you're not likely to ever use more than 500mb.

Then tell me which extension it is. Just a simple task manager, then I'll know who to blame.

Comment Re:CSS *2.1*? (Score 1) 97

by Migala77 (#36372622) Attached to: CSS 2.1 Becomes W3C Recommendation
I agree that avoiding duplication is too difficult in CSS, but fixing that and having graceful degradation to support non-supporting browsers would be a nightmare. SASS looks pretty interesting there. Would be great if there was something like this as a language-independent Apache module.

Comment Re:Double the Price, Half the Servers? (Score 4, Informative) 84

by Migala77 (#36237970) Attached to: After a Lull, Sun Server Business Grows Under Oracle

In other words, IDC is reporting that Oracle raised prices. That strategy works for a quarter or two, maybe. But it's a going out of business strategy.

Where did you read this? Nothing about the price is mentioned in the article, apart from that sales of pricier servers have increased in general. Oracle sales are more or less matching overall market growth, so neither a higher market share nor higher price is necessary for Oracle's revenue to go up.

Comment Re:Javascript is a disaster (Score 1) 305

by Migala77 (#36055774) Attached to: JavaScript Creator Talks About the Future

""+" doesn't append _two numbers_, but it can append _number to string_ - which you can have in any language with operator overloading."
function foo(x,y) { return x + y; }
foo("5",6) == "56"

In every other language I've seen, the CORRECTly expected result is 11 or error. Perl, C++, etc. The point is that you can never trust your input if you are expecting numeric.

If you think Javascript is weird, try executing this in C:
"123"+1

Slashdot Top Deals

E = MC ** 2 +- 3db

Close