Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror

Comment Re:You get what you pay for (Score 2) 77

That's a good point, though it seems like a lot of effort to get a device into a random, unknown network at a random, unknown time.

To me, it merely emphasizes that being able to replace the OS/Firmware oneself is important, and should be done with any new device.

Doesn't really matter if Spyware McWebcam put a malware OS on the device if I'm just going to overwrite with a good firmware of my own choosing before putting it on my network.

Same goes for full computers, too, along with "smartphones" and tablets, which seem like they'd be bigger targets. One could do a lot more harm with a backdoored iPhone or Android device returned as "new, unopened" than a webcam.

Comment Re:webcam distro? (Score 1) 77

I was wondering exactly that. "So, someone with physical access to your webcam can crack it open and analyse the firmware? Gosh. I'm frightened. Someone who has connected to your internal network and knows you have a specific model of IP webcam and happens to have a canned custom firmware that they can upload to it (if you've not changed the default admin password)? Slightly frightened, but not much. But 'getting root' so I can modify and more fully control my own low-cost IP cameras? Tell me more!"

Comment Rickety pile of smouldering crap (Score 3, Informative) 37

I've been working for an organization that uses Dentrix. My impression of it is...not very favorable.

It seems like someone wrote a basic customer-tracking database for Windows that happened to be focussed on dental patients, and then Henry Schein bought them and built the rest by "buying" (or "licensing") connections to a pile of other third-party software. In addition to MS-SQL and Microsoft Office, this seems to include Adobe Flash in places, "integrators" for at least two different third-party imaging software packages, a messaging system, and who knows what else.

Looking at the CERT notice, I'm guessing they "bought" (/"licensed") their special "proprietary encryption" as a package from Faircom and just bolted it on without any further examination. They were probably happily going along continuing to brag about their encryption because Faircom was, and they figured Faircom could be blamed for it.

It doesn't help that "Dental-patient record tracking software" isn't a particularly big niche, so there's likely very little competition and any half-assed thing they throw together will continue to generate license fees because Big Multibillion-Dollar Corporation can easily outmarket the very few competitors they may have (and who may not actually be any better). Many years ago, I worked for a proprietary retail inventory-and-point-of-sale software developer. Their product was also a rickety pile of smouldering crap, but it still seemed to be better than most of their few competitors back then. Horrifying, but I suspect Henry Schein is in an analogous situation (compounded by being a massive conglomerate).

Comment Re:"user engagement has gone up" (Score 1) 76

That's what you get for not paying attention to the privacy-policy changes.

You had 24 hours to uncheck "Will you marry Facebook, inc.?" in your settings. If you failed to do so, you're engaged to it. I think they'll be doing a mass wedding next year.

Your only hope now is to hurry up and pre-emptively start divorce proceedings before the prenuptial agreement gets added to the terms of service...

Comment Samsung's Quality Control is Crap (Score 4, Insightful) 225

"Either QC or the production process or both appear to be nearly fatally flawed for Samsung"

I'd lean towards this explanation, and not just in the matter of OLED displays. Over the years, I've noticed a trend of faulty hardware from Samsung. Samsung refrigerator/freezer whose temperature control is prone to go nuts after power outages (usually it stops bothering to cool the contents despite the temerature controls working and showing the current temerature accurately, though on one occasion getting stuck "on" and freezing everything in the fridge. Also, the ice maker ironically freezes up so it can't make ice), camera with a lens/focussing flaw that renders everything outside of a small circle in the center of every photo out-of-focus (sent in in for RMA, got it back unchanged a few weeks later with a note to make sure the battery was fully charged when using, WTF?), Galaxy "Mesmerize" (Galaxy S for US Cellular) whose 3G/wifi/gps/bluetooth radio would regularly completely die until the phone was power-cycled (its replacement actually was okay). My current phone is a Galaxy S4 (running Optimized CyanogenMod 12.1) that I'm actually pretty pleased with, but its USB port failed within a few months and I can't transfer data over it (it still charges and I can easily transfer data via sftp, so I haven't gotten around to getting the $5 replacement port and ripping the phone apart to fix it yet).

Samsung's Quality Control sucks. If I'd had the option of any other rootable phone from another manufacturer when I got the S4 I'd have gone with it instead, but US Cellular's selection is pretty meager. I'm just glad "have to use something other than USB to transfer files" is the only real problem I've had with it.

Comment Bodycams run *Windows*? (Score 1) 100

Are the cameras actually "infected" with it or do they just have copies of the install payload in their storage? I wouldn't have expected something like a small embedded camera device to actually be running Microsoft Windows. (Yes, I know there's a "Windows Embedded" and they could, I just wouldn't expect it.)

Comment Re:Is it really true? (Score 1) 223

"Why would a designer of a mobile phone bother with the frequencies, which a human can neither produce nor hear anyway? It certainly increases the costs of both the design and each individual device"

I think it's more an accidental ability of tiny little cheap electret microphones and piezoelectric speakers, rather than something designers explicitly asked for.

The designers of smartphones and tablets mostly want "cheap" and "as small as possible". It just happens that smaller audio components have an easier time with higher frequency sounds (and a harder time with lower frequencies). It doesn't really matter that they're not necessarily "good" at playing or recording, say, 22khz tones, for this hypothetical technology they just need to be barely capable of getting the microphone to pick up that there is a signal out there in that range. Almost no humans would even be able to notice a sort of 22kHz "Morse code" message around them in a quiet room, let alone one with typical background noise.

It's actually kind of a nifty concept with some interesting potential, but of course as the story illustrates it's to be used for evil here.

Comment Re:What is the big deal? (Score 1) 48

"The encryption is in a QR code that's printed on the label, but isn't rewritable."

That seems to be the key point.

My guess is that the handful of bits in the label will be used in different ways by each company that adopts it, and it will be something like "the first three bits indicate which facility was the last to handle it, with 000 indicating that it has been sent to the pharmacy, the next five bits indicate which employee in this production line last handled the tagged object", etc., with the barcode specifying which internal-to-the-company algorithm was used to shift the bits around before storing them on the rewritable tag.

It's not that anyone who had blank tags and the equipment to write to them couldn't exactly copy any particular tag they got their hands on, but that it shouldn't be feasible for anyone to synthesize a valid fake label, so nobody can get a bunch of manufactured-by-flybynightco-in-china fake tablets or even a pile of "legitimate" pills snuck out of the factory in somebody's socks, stick them in a bottle, and label them to look like they've been legitimately packaged and shipped from the company (for example).

Comment "Media" codec = "video" (Score 1) 99

I hate the ongoing assumption that "media" just mean "internet TV".

Anyway, this appears to be specifically about developing a legally-free video codec. Anyone who's skeptical that it can be done should be pointed to the previous similar project to develop an audio codec: opus, which has been done, successfully, for a couple of years now and was developed in a similar fashion by a similar coalition of companies (and driven largely by Xiph/Mozilla's work as looks like this video codec will probably be, with input from other relevant tech). Opus is extremely successful technically (I don't think there is any other general-purpose lossy audio codec - free or proprietary - that opus doesn't handily beat), and has been moderately successful in the market (uptake by forward-looking developers was fast, Google supports it, Cisco supports it, and even friggin' MICROSOFT has committed to it now...)

My only complaint about opus so far is that Google's webm-only video fixation keeps them from remembering to support .opus audio files often. Android "Lollipop" and later has native opus codec support but still doesn't recognize .opus files as media. (VLC for Android does, though...) Chrome had a long delay in getting opus audio enabled for the same reason. Jerks. (Chrome does support .opus now, though, and has for a while).

If work on the video codec goes anywhere near as well for this coalition as it did for Opus audio, it ought to be very successful. Maybe more so, given that much of this coalition was also involved with opus and perhaps have learned some useful lessons on how to run projects like this.

(Admittedly, that's still an "if", but I'm actually optimistic here.)

Comment Re:LibreOffice Online? (Score 1) 59

I'm sure LOOL will be released Real Soon Now! I've already pre-ordered my copy.

(Seriously though - unlike Duke Nukem, one can actually verify that LOOL is being actively developed. I realize they've been talking about LOOL for like half a decade now without a real release, but I actually think they'll really release it now that they have some collaborators working on it.)

Comment Re:Didn't Like Eich (Score 1) 192

"the removal of Brandon Eich because he held a non-progressive belief.

Eich removed himself, and it's a good thing, because his response to the overblown controversy was to try to hide from it and hope it went away. His inability to cope pretty well proved that he wasn't fit to be CEO of Mozilla, whose problem is largely the same (unwillingness/inability to engage with its public any more) to begin with.

On top of that, the last thing I remember about Eich's activity at Mozilla was him enthusiastically cheerleading the possibility of shoving OTOY's special proprietary video codec for remote-desktop use into Firefox. This is the same kind of proprietary 3rd-party off-topic crap that has people throwing tantrums with Pocket right now. Eich was all on-board with this sort of thing, it would seem, and was an active part of this harmful tumor of corporate culture. Having him in charge would not have made things better.

Slashdot Top Deals

Life would be so much easier if we could just look at the source code. -- Dave Olson

Working...