Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Slashdot Deals: Prep for the CompTIA A+ certification exam. Save 95% on the CompTIA IT Certification Bundle ×

Comment Re:Advertisers, worry about security? Get real (Score 1) 244

I remember when Are Technica whined about their users' ad-blockers: My suggestion to them in the comment section was to use their fine technical chops to explore alternatives to the current model where the advertiser doesn't trust the content site. If they could resolve that trust issue, they could serve the ads from their own site and exercise some quality control while they're at it.

But maybe being embedded inside giant Conde Nast doesn't allow for that kind of experimentation.

Comment Re:Why? What advantages does this have over ZFS? (Score 1) 132

And unfortunately, Michael completely decided not to help the Kernel devs debug this issue, because he was losing money on his benchmarks anyway. Let's disregard the fact he was a step beyond the packages on kernel.org

Interesting. I also have to wonder how close to either 'production' or 'personal use' Phoronix labs can get. These are people who pick and tear things apart and assemble in odd ways (nothing that a person wandering the computer aisle of Staples would recognize).

FWIW, I've been using a Qubes desktop on top of Btrfs for over 4 months now with very heavy usage. There have been no problems with the filesystem thus far (knock on keycaps... :). In terms of features, Btrfs is a flexibility dream. Using reflink copy I can clone VM images and other files instantly with hardly any overhead, and its great for small/informal snapshots of data.

Comment Re:BBC Panorama filmed the slave conditions (Score 4, Insightful) 396

The warehouse work is like slavery, just short of a whip - except they now use virtual whips to get their slaves straightened out.

Sure, there's a little perk called a slaves wage, after-all, they need them to be fed in order to do the miles of walking per day.

A written expose here.

It seems the highly 'exceptional' people in Jeff Bezos' circle have re-invented Taylorism, which is an abiding disregard for the well-being of workers. This indifference and disregard is called "scientific". Efficiency is something to be squeezed out of people second by second, the long-term effects be damned.

Comment Re:Webmail obvious security issue (Score 1) 294

This feature only opens the TCP connection, it doesn't send the request until you click.

So What??? You can't imagine that phishers would generate links with a bunch of fake but unique subdomains or port numbers that would communicated to the main phisher domain while a user merely hovers over those links?

Comment Re:s/uber/taxi. (Score 3, Insightful) 168

Uber was supposed to be a way to do IGT (intelligent grouping transportation) where the trips of different customers are automatically combined to save money/resources.

Instead, it turned into another war over cheap labor and skirting regulation with no actual ride sharing. Uber are liars and cheats who conduct 99% of their business on public streets.

Comment Re:Wait, what? (Score 1) 361

Back in the 90s, he could easily have been ignorant about GMOs as a special class of intellectual property.

Schmeizer found a trait that was useful and did not cultivate his crops for seed production. Without the GMO aspect, that could fall under the traditional exemption in patent law for seed savers.

Comment Re:Wait, what? (Score 2, Insightful) 361

Well, that and the fact that it's 100% obvious to any judge that Schmeiser intentionally killed off his non Roundup-Ready crops to select for the trait. His fields were 95% Roundup Ready. That's not "Ow! Monsanto is pollinating my crops with its big, bad pollen!" That's, "Yay, I'm going to get this stuff without paying for it!"

So farmers cannot select for beneficial traits anymore. What are they to do -- keep databases of traits so they can determine which ones might be "property" of a genetic engineering firms?

And please don't try to tell me this ban on millennia-old behavior will stop at 'Roundup-readiness'.

Comment Re:Stuff (Score 1) 128

Qubes OS uses a Type 1 hypervisor to simplify and harden system security against such vulnerabilities. The privileged parts of the system are kept relatively small and aren't used for any user applications. All apps and even some drivers (like NICs) are assigned to VMs, which the user can give different trust/risk designations and color codes.

Because isolating hardware is considered part of the solution, Qubes systems need IOMMU hardware to operate securely. But this high degree of isolation is what eliminates holes.

Formal proofs of the system would be nice, but they are hard to do and pointless without hardware isolation. So one could view Qubes as a way to take the smallest functional hypervisor with hardware isolation capabilities (Xen) and use it like a microkernel. One difference with a traditional microkernel is you have the rich feature sets of Linux and Windows kernels/drivers at your disposal within the unprivileged domains.

Comment Re:Exploit for machines that are already compromis (Score 1) 128

Like Windows, Linux is a complex rambling Swiss cheese and privilege escalations are pretty common.

Lean security protocols need to come first, which is why Qubes OS is based on a Type 1 hypervisor (Xen). An attacker can try to use an exploit (like in OP) all they want in an untrusted domain, but they aren't going to get access to the hardware (or the other VMs, unless the user has done something to specifically expose those VMs to the attack).

Comment Re:I know you're all joking, but how I envisioned (Score 1) 253

Yes, but Qubes isn't just about isolation. It reduces the attack surface of the isolation mechanism down to the functional minimum. Currently, that means using a Type 1 hypervisor like Xen, though in the future Qubes could be ported to a microkernel. Complex code (even device drivers) is relegated to unprivileged domains.

The term "sandbox" IMO has a connotation that it is something implemented directly by a complex OS with a monolithic kernel; That model isn't very secure.

"But this one goes to eleven." -- Nigel Tufnel

Working...