Forgot your password?
typodupeerror

Comment: Re:Not "remedies". (Score 1) 77

by Asm-Coder (#36458084) Attached to: McAfee CSO Issues Warning On the 'New Cold War'
No, that's really how patients work.

Most people, when told by their doctor, "You need to lose weight or you'll get diabetes," do what? That's right nothing. "You should be exercising for 30 min. 4 times a week," and yet most people don't change their habits. "You should have a biannual checkup, and get a colonoscopy every 5 years, a mammogram or prostate exam...."

Yes there are some things that doctors must take from a reactionary standpoint. But since we don't have magic pills yet, the only proactive thing a doctor can do is give advice, which frequently gets ignored.

You wouldn't blame the architect who told you to keep your house painted when your paneling start rotting through. Don't blame doctors who tell you how to maintain your body, or the security experts who tell you to choose strong passwords.(or how to write secure software) Their advice is good, but all to frequently ignored.

Comment: Re:Heavy users? (Score 1) 303

by Asm-Coder (#36197964) Attached to: Verizon Customers: Say So Long To Unlimited Data
56000 kbps / 8 bpB * 60 s/min * 60 min/hr * 24 hr/day * 30 day/month =
18 144 000 000 bytes per month == 18 GB/month
$25.34 for phone plus $11.60 for dial-up =
$36.94 for 18 GB per month

Yeah, so thats at continuous use, but it wouldn't be cheaper than land lines. (offer not valid in all places, local rules and restrictions may apply)

And about your sig, may I direct you to: The FAQ.

Comment: Re:Javascript is a disaster (Score 1) 305

by Asm-Coder (#36060444) Attached to: JavaScript Creator Talks About the Future

i = 257 & 0x0F;
c = "0123456789ABCDEF"[i];

I'm actually a little confused by this... maybe it's just a typo?
257d == 100000001b
so:
257 & 0x0F == 0000 0001b == 1d == 0x01

Which I assume is the wrong result. (I'm pretty sure we are trying to get a pointer to the character 'F' in the string.

Also, I'm guessing the reason why this is supposed to be 'safer' is because had you used 255 instead of 257, you would guarantee that i would only be a byte long. Except that with a 16 character string, any values of i larger than 15 (00001111b) are invalid, so in order to prevent c from pointing someplace beyond the end of the string, which is what I think your goal was, the code should be:
i=15 & 0x0F;
c="0123456789ABCDEF"[i];

But maybe I misinterpreted what you were trying to do.

Comment: Re:I don't have a strong opinion (Score 1) 720

by Asm-Coder (#35728370) Attached to: The Case Against GUIs, Revisited
I'm curious, how is a gui better for the handless? I know some people use computers with sticks that are attached to a headband, but that seems like it would be easier to use with a keyboard rather than a mouse.
The only thing I'm coming up with is some sort of eye-tracking program, but I don't see why that couldn't be used with an actual keyboard, if not a virtual one. I'm not going to guess at whether or not it's faster, but I imagine errors from faster "typing" could be corrected in much the same way that swype corrects typing on touchscreens.

Comment: Re:GMAil needs better bkup system (Score 1) 401

by Asm-Coder (#35345622) Attached to: Gmail Accidentally Resets 150,000 Accounts

not everyone has outlook,

So use Thunderbird or Mutt or Mulberry or Evolution or Alpine or hell how about any of the others in this list under freeware or open source.

Email is based on open standards. There are hundreds of email clients if you are willing to take the time to look for them, and all of them (arguably) are better than Outlook.

Comment: Re:Not Java, more like Active X (Score 1) 332

by Asm-Coder (#35307018) Attached to: Google x86 Native Browser Client Maybe Not So Crazy After All
Yeah I got that from reading the comments, but there wasn't any mention of any limitations as to what the applications could do in the article, just a limitation on how you could run them. In reality, the applications are sandboxed, so they aren't running in full user mode. If they can break out of the sandbox however, all of the possibilities in my above comment are available.

Comment: Re:Not Java, more like Active X (Score 1) 332

by Asm-Coder (#35304852) Attached to: Google x86 Native Browser Client Maybe Not So Crazy After All
I can still cause plenty of trouble in user mode. I can delete user files (which are usually the ones that can't be replaced, so you have to revert to your las backup), access the network, change the $PATH or user startup scripts, and potentially screw with any of the other applications running in the same user session. If I knew what I was doing, I could download a hacked sudo binary, and change the $PATH to include it. The next time the user doesn't use the full path to sudo to get elevated privileges, I can store the password, and can now gain elevated privileges at any time I choose.

This will only work if the account can sudo, but I expect most home users are working with an account that can do so, and I can do the same for su, which doesn't have that problem. If the user never elevates their privileges, I just wasted my time, but I expect the process would be automated, and it only has to work once on each machine.

So yeah, I'm only running in user mode, but for most purposes, user mode is 'good enough'.

Comment: Re:djbdns (Score 1) 144

by Asm-Coder (#35292744) Attached to: High Severity BIND Vulnerability Advisory Issued
He could be referring to the lack of DNSSEC. I understand DJB's position on DNSSEC, and he is welcome to not implement it, but since DNSSEC is being adopted as the secure dns system, those of us wishing to use it are no longer able to use djbdns.
Security is more than just preventing privileged escalation and taking control of dns systems. There is risk of spoofing and cache poisoning, (which djbdns has a good record with) which DNSSEC aims to correct, DOS (both as described in this article and DDOS) as well as other attacks.

DJB will not pay out for DOS attacks, as per your link. He explains that the dns system is too fragile, (probably true) and that djbdns is less at risk than BIND. (almost certainly true) However, I have to wonder, if this article were about djbdns, would the finder be paid? There is most certainly a problem with the code, and while a DOS is not as serious as say a cache poisoning, it still has the possibility to be a major problem, and this DOS is not predicated on 'drowning' your target with traffic.

Comment: Re:You Forget. Teachers are Scum (Score 1) 634

by Asm-Coder (#35170578) Attached to: Teacher Suspended Over Blog About Students
I think you are to hard on the teachers. Many of them are trying their hardest, many on them succeeding in the face of great educational challenges. (See: Stand and Deliver) ; )

I'll admit a somewhat biased opinion, I was in the AP program and therefore had the better teachers of the school. However, I don't think the primary problem lies with the teachers, but with the school administrators, (ok, some of the teachers are a problem, but they get promoted to administration fairly quickly) and with some of the parents.
The thing slowing classrooms down isn't lazy teachers, but unruly and lazy students. They are the ones that lower the class average so that it becomes necessary to curve the scores so you don't have to hold back most of the students. Arguably the teachers could hold them back anyway, but the administration frowns on that. (I actually had one teacher that consistently flunked 30-50% of his class. It wasn't because he was a bad teacher, he had a 100% pass rate on the Chemistry AP exam 3 years in a row. He just didn't put up with any of the students who didn't do the work. The first year he was required to pass at a minimum percentage of students was the first year he didn't have a 100% AP pass rate. It was about 60% that year IIRC. He no longer works for the school district.) They are also the students who disrupt the students who are actually there to learn.
Teachers need to be given the ability to punish students in a meaningful way again. There are some parents who don't teach their kids good behavior anymore, and ultimately those students slow the rest of the class down. However, those same parents as well as the administration refuse to let teachers assign punishments that will get the students to shape up. The parents and administrators also need to back the teachers up. How many of the bad students do you remember from your school who were as afraid of their parents finding out about being assigned detention as you were of yours?

"The Street finds its own uses for technology." -- William Gibson

Working...