Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
For the out-of-band Slashdot experience (mostly headlines), follow us on Twitter, or Facebook. ×

Comment: What is not excellent... (Score 1) 63 63

... is on one hand the AV companies are flagging PUA, while on the other hand offering toolbars and search changes of their own at every opportunity. Effectively they are doing what they can to force their own search on users and then flagging anything that might change it, a very shady position if you ask me.

Comment: Re:File this under "NO SHIT" (Score 1) 264 264

For languages like JavaScript, it's such an easy/accessible/portable language I actually wonder what the breakdown is. Just like every other language there are people who are really proficient in JS and aware of good practices and design, but there are also people who are so used to learning from ugly hacks of others they may feel it's acceptable, or they just have so little background with good code they have no idea that half their program constitutes an ugly hack. C certainly has a higher barrier to entry and you'll often find yourself working with professionals rather than other amateurs, so ugly hacks are called out because as the developer you know it's bad and you know others will judge you for it if you hadn't acknowledged it yourself.

Of course, in JS I'm sure there are a lot of ugly hacks due to ugly browsers. Naming no names, but you know, ones that can be used to explore the internet.

Comment: Re:UAC is for idiots (Score 4, Insightful) 187 187

The fact some program that can change the UAC settings is pretty huge example of why Windows has issues separating userspace from root space. It just simply can't do it right. Who's brilliant idea at Microsoft was it to provide any sort of API that can let any program (besides the control panel widget that lets you adjust UAC settings) adjust UAC settings?

I hope you realize what you are saying here is the equivalent of a Linux user saying "The fact that some program can change permissions after I launched it as root is an example of a huge security hole. Whose brilliant idea was it to provide any sort of mechanism that can let any program I run as root do things a user who is root can do?".

This is an example of why UAC exists, in fact: A program that is not UAC elevated could not change your UAC settings (if you hadn't turned them off already).

Comment: Re: UAC - A Double Edged Sword (Score 4, Informative) 187 187

Yes, a component in an admin context may not be accessible to a component used by user in a non-admin context. This is called a "security" model, and prevents the non - admin process manipulating the admin-context process to do things it shouldn't be able to do. You make it sound like a quirk, but the entire design is that "non elevated components can't talk to elevated components". Try starting Notepad as admin and dropping a text file on it from the non - elevated explorer view, it won't work by design.

Comment: Re: Cutting edge journalism (Score 3, Informative) 179 179

Wrong. Many people, including myself, bought their device directly from Google, and Google themselves create and release the updates for these devices. You can install factory images directly from Google or wait for the over-thr-air updates.

I believe there are also carriers modified versions. For example, I think T-Mo has Nexus devices with proprietary WiFi calling added. In those cases then yes, the carrier must manage the update. Nexus program guidelines suggest how quickly carriers must release such updates.

Nevertheless, many people are on the Google-direct update train.

Google are really hit and miss with updates. They don't offer pre-releases to enthusiasts like they ought to (a pre-5.0 build was an exception and that's only because they were changing the runtime out and literally had to do it for dev support). They announce releases then don't roll them out to their most popular devices for weeks/months, and they release fix versions that don't address some of the worst bugs.

I like Android but my biggest gripe is not being in control of my own updates. When Apple announces a new OS everyone can get it. When Google announces a new OS you better pray you can get it a month later, and that the bug fix version won't be three months behind. That's if your device manufacturer even supports the update.

Comment: Re:Basic OS Functionality (Score 1) 277 277

Whole device encryption is pretty well handled in Android.

Yes, but it's also useless if you install a compromised app or e.g. a browser-based exploit is leveraged against you or you want to protect a file in transit over the wire and not rely solely on things like SSL.

You need to use the right tool for the job, and while the tool mentioned is obviously the equivalent of a comedy foam hammer, there are legitimate reasons to want to use something other than FDE to protect a file in many situations.

Comment: Re:And where are the parents? (Score 3, Insightful) 187 187

Supervision isn't even really the "problem" here.

Parents don't like the idea of their still young and in need of heavy-handed protection children having naughty thoughts or being around other children who might have naughty thoughts. Puberty disagrees with these parents, but the politicians are offering a feeling of control over something that is biologically ingrained in us. Parents will buy into it in most cases because they tend to be irrational about this stuff.

Pro-tip: You can't control everything a teenager does, and if you try you will ultimately promote outrageous behavior. Teenagers will watch porn. Teenagers will have sex. To the parents out there: don't make it taboo, make it safe. Those are two different things.

Comment: Re: People CHOOSE to work for Amazon (Score 1) 331 331

The fact is a) an employee accepting such a position may not understand that area of the law, b) if Amazon chose to threaten an Employee it's quite likely someone working in the warehouse has no means to defend themselves and both parties know it.

Comment: Re:People CHOOSE to work for Amazon (Score 1) 331 331

Very few people are ever in a position to force you to do anything, and yet you may still be in no position but to accept their propositions. For example, perhaps you need to eat and keep a roof over your head and there aren't a lot of other opportunities in your area or fitting your qualifications. We have laws to protect people in these situations. Telling someone that they can't exercise their skillset and background for 18 months after they leave a position without otherwise providing due compensation is about as clear as an abuse of overwhelming power during a negotiation as you can get. Almost nobody would agree to that given a real choice, other than due to short-term need.

Comment: Perform tear-downs instead (Score 1) 296 296

Start visiting locations of concerned customers, tear-down their units, check for implants, pull chips, put them in readers, verify firmware, etc. etc.

Figure out what changes are being made to the equipment and then warn customers to check for them upon receipt. Tactics will then change, so check new shipments again 6mos. later.

May Euell Gibbons eat your only copy of the manual!

Working...