Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×

Comment Millions (Score 1) 377

by maiden_taiwan (#50045281) Attached to: Ask Slashdot: How Much Did Your Biggest Tech Mistake Cost?

About 15 years ago, a QA engineer in my office (a large Wall Street financial form) placed a fake trade for 1,000,000 shares of company stock in one of our test systems. The test order somehow got out to the New York Stock Exchange and actually moved the market. Backing out that trade was reportedly quite expensive.

The engineer didn't get fired, because he had done everything correctly. The system infrastructure had been set up wrong.. wasn't his fault.

Comment Re:Bad Summary, Only new part is the sharing optio (Score 5, Interesting) 487

by ewhac (#50029657) Attached to: Windows 10 Shares Your Wi-Fi Password With Contacts

First, we're only talking Windows 10 PHONE

ERROR: INCORRECT

First: This is in Windows 10 desktop, as detailed here, complete with screenshots: http://www.howtogeek.com/21970...

Second: Even if this were only confined to Windows Phone 10, it would still be monumentally stupid.

Comment Re:third solution the MS doesn't want to mention (Score 3, Insightful) 487

by ewhac (#50029611) Attached to: Windows 10 Shares Your Wi-Fi Password With Contacts

ERROR: INCOMPLETE SOLUTION

There is no provision in this "killer feature" that establishes whether the person doing the sharing is the network administrator, i.e. the person who grants authorization to use their network. So if you share your WAP credentials with a friend, and that friend uses Windows 10 with Wi-Fi Sense enabled, than that friend has just compromised your WAP.

Comment Re:No (Score 5, Informative) 487

by ewhac (#50029567) Attached to: Windows 10 Shares Your Wi-Fi Password With Contacts

ahhhh no, for networks you have SELECTED to share it can do it. [ ... ]

ERROR: MISLEADING.

Wi-Fi Sense's default settings are to share everything, all the time. Indeed, Microsoft's rules for shipping Windows Phone 8.1 requires OEMs to turn this "killer feature" fully on. Expecting users to have the presence of mind to turn this off is willfully disingenuous.

Submission + - XKEYSCORE: NSA'S Google for the World's Private Communications (firstlook.org)

Submitted by Advocatus Diaboli
Advocatus Diaboli writes: "The NSA’s ability to piggyback off of private companies’ tracking of their own users is a vital instrument that allows the agency to trace the data it collects to individual users. It makes no difference if visitors switch to public Wi-Fi networks or connect to VPNs to change their IP addresses: the tracking cookie will follow them around as long as they are using the same web browser and fail to clear their cookies. Apps that run on tablets and smartphones also use analytics services that uniquely track users. Almost every time a user sees an advertisement (in an app or in a web browser), the ad network is tracking users in the same way. A secret GCHQ and CSE program called BADASS, which is similar to XKEYSCORE but with a much narrower scope, mines as much valuable information from leaky smartphone apps as possible, including unique tracking identifiers that app developers use to track their own users."

also

"Other information gained via XKEYSCORE facilitates the remote exploitation of target computers. By extracting browser fingerprint and operating system versions from Internet traffic, the system allows analysts to quickly assess the exploitability of a target. Brossard, the security researcher, said that “NSA has built an impressively complete set of automated hacking tools for their analysts to use.” Given the breadth of information collected by XKEYSCORE, accessing and exploiting a target’s online activity is a matter of a few mouse clicks. Brossard explains: “The amount of work an analyst has to perform to actually break into remote computers over the Internet seems ridiculously reduced — we are talking minutes, if not seconds. Simple. As easy as typing a few words in Google.”

Submission + - Windows 10 to Share WiFi Credentials by Default?

Submitted by ewhac
ewhac writes: Even those of us who reflexively (and correctly) bash Microsoft every chance we get are having trouble wrapping our heads around this one. It seems that the latest build of Windows 10 has a new feature called Wi-Fi Sense which, by default, will share your WiFi connection profiles and credentials with all your Facebook friends, and Skype and Outlook.com contacts.

Wi-Fi Sense is apparently a feature that first appeared on Windows Phone 8.1, and is described by Managing Editor Sam Sabri in this Windows Central article from last year — without irony or sarcasm — as a, "killer feature." The apparent use case for this "killer feature" is to more conveniently share the connection credentials to your own WAP with your friends. If, however, you would prefer your WAP's info to not be shared, you have but to append the string "_optout" to your SSID (no solution is provided for people whose SSIDs are already near the 32-character limit). The WinPhone version of Wi-Fi Sense reportedly does not display the WAP's password to recipients but, since recipients can connect, the password is (probably) stored using a symmetric cipher and, thus, can be easily extracted. Wi-Fi Sense will also automagically click through any ToS page that typically appears on public WiFi access points (thus destroying any remaining illusion of meaningful assent to such so-called contracts).

Wi-Fi Sense can apparently be turned off completely, but its default state appears to be enabled and sharing everything. It is unclear how much, if any, of this "killer feature" will be in the final release of Windows 10.

Comment Re:Hire That Programmer Immediately! (Score 1) 456

Ummm good programmers always free every malloc.

Actually, I've heard the contrary argued on occasion: "Don't bother wasting code space on cleanup; the OS will do that when you exit."

Maybe the programer didn't use any dynamically allocated memory and just put everything on the stack?

Uh, no. Amiga's default stack size was 4 KiB (4096 bytes), and did not auto-extend. So nothing of any significant size was going on the stack.

Comment Hire That Programmer Immediately! (Score 4, Insightful) 456

Please to remember: Amiga had pre-emptive multitasking, but no memory protection and no resource tracking. Diving through bad pointers would take out the entire system; and not meticulously free()ing every malloc() would lead to unrecoverable memory leaks which would... take out the entire system.

So anyone who can write a program for that platform that is still running problem-free after 30 years deserves to be making stacks of cash in the embedded/IoT space.

Also, shameless plug: http://amiga30.com/

Submission + - Sourceforge staff takes over a user's account and wraps their software installer (arstechnica.com) 11

Submitted by Anonymous Coward
An anonymous reader writes: Sourceforge staff took over the account of the GIMP-for-Windows maintainer claiming it was abandoned and used this opportunity to wrap the installer in crapware. Quoting Ars:

SourceForge, the code repository site owned by Slashdot Media, has apparently seized control of the account hosting GIMP for Windows on the service, according to e-mails and discussions amongst members of the GIMP community—locking out GIMP's lead Windows developer. And now anyone downloading the Windows version of the open source image editing tool from SourceForge gets the software wrapped in an installer replete with advertisements.

Slashdot Top Deals

He has not acquired a fortune; the fortune has acquired him. -- Bion

Close