Slashdot is powered by your submissions, so send in your scoop


Forgot your password?

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).


Comment: such stupidity (Score 1) 342

by Tom (#49186655) Attached to: Microsoft Convinced That Windows 10 Will Be Its Smartphone Breakthrough

will run on [...] phones and provide an experience very much like the desktop. [...] repeatedly failed to take the mobile space [...]"

Yeah, I wonder if these two could be in any way related...

MS is a design and UI fiasco and always has been. The only reason few people realize how unusable the crap is, is that we are so used to it that we don't notice anymore - until the next major update, or if you don't use it daily and then suddenly sit in front of it and wonder who the fuck came up with this stupidity.

And everyone who knows anything at all about mobile devices and usability knows that nobody on the planet wants a windows desktop experience on their smartphone. People want a smartphone experience on their smartphone, what's so difficult to understand about that?

Oh, speaking of that: People also don't want a mobile experience on their desktop. They want a desktop experience on their desktop, that's not so difficult, either.

Comment: Re:misleading headline (Score 1) 128

by Tom (#49183031) Attached to: Schneier: Either Everyone Is Cyber-secure Or No One Is

Those two missions aren't mutually exclusive. Defend yourself at home and go on offense abroad.

It works for bombs and tanks, but not for computer networks and communications. It might have even worked in the time of telegraphs and snail mail letters. But for encryption, it doesn't work. A cipher is either weak, or strong. You can compromise a foreign postal system without affecting the security of your own, but you can't secretly build a backdoor into an encryption algorithm that works only for you.

Simply asserting that something is mutually contradictory because it sounds good to use words like 'cognitive dissonance' isn't any kind of argument.

Now you're trying to reverse the chain of causality just to make a cute finishing sentence. :-)

Comment: misleading headline (Score 5, Insightful) 128

by Tom (#49178995) Attached to: Schneier: Either Everyone Is Cyber-secure Or No One Is

What's with the clickbait headlines? By itself, the headline is total BS. The actual statement made, however, is spot on. The hole in your security doesn't care who exploits it. There's no "good guy" flag in IP headers (though I'm sure some April 1st RFC will soon introduce it).

What worries me most is that we could win this fight, if it weren't for our own governments deciding to betray us. There are vastly more people interested in secure communication and other people not being able to spy on or subvert our computers and mobile devices than there are people interested in compromised communications and systems (basically only criminals and some deluded, criminal-if-the-laws-were-right elements of governments).

There is just one problem to Bruce's argument: The largest and most powerful spy agency in the world disagrees with his fundamental assumption. We often forget that the NSA has two missions, and they are exactly the two things that Bruce argues cannot co-exist: To secure the computing infrastructure of the US against foreign espionage, and to provide espionage on foreign communication.
The NSA believes, and/or is tasked with exactly these two things that Bruce says (and I agree) are mutually exclusive. No surprise they've gone rogue, their very mission statement is a recipe for a mental breakdown through cognitive dissonance.

Comment: depends ? (Score 1) 240

by Tom (#49178645) Attached to: Study: Refactoring Doesn't Improve Code Quality

Doesn't it depend a lot on what you refactor, when and how?

I have 3 year old code that I would like to refactor because I've since switched framework (from CodeIgniter to Symfony 2) and it would bring it in line with all my other projects, allowing me more easy code-reuse and not maintaining two frameworks both on servers and in my mind. But it's largely a convenience factor and I would agree that it will probably not improve code quality very much.

But I also have 12+ year old code written in plain PHP with my own simple database abstraction layer. I'm quite certain that refactoring that would do a world of good.

Comment: comparison ? (Score 1) 142

by Tom (#49167509) Attached to: Unreal Engine 4 Is Now Free

Anyone who knows both - how does Unreal compare to Unity? I mean from a developer perspective. I've been using Unity since late 1.x / early 2.x days, and one thing that I like it for is that compared to the other engines I know from that time (e.g. Torque), it was always very easy to use and develop with, especially in the early development phases when you're prototyping and want to see some results, fast, so you can test basic gameplay and mechanics.

How does Unreal compare?

Comment: Re:Viewing Launches (Score 1) 22

by Bruce Perens (#49166815) Attached to: SpaceX Falcon 9 Launches Dual Satellite Mission

With luck, they'll start incorporating our radio transceivers. I hear that SpaceX flies with several USRPs now, so that's not completely unrealistic. That might be as close as I can get. Anyone who can get me a base invitation, though, would be greatly appreciated and I'd be happy to do some entertaining speeches while there. I need a base invite for Vandenberg, too. I got in to the official viewing site for the first try of the last launch (and that scrubbed too), but this next one is on Pad 6.

Comment: Viewing Launches (Score 3, Interesting) 22

by Bruce Perens (#49164783) Attached to: SpaceX Falcon 9 Launches Dual Satellite Mission

I was in Florida to speak at Orlando Hamcation and went to see the DISCOVR launch at Kennedy Space Center. I paid $50 to be at LC-39 for the launch, an observation tower made from a disused gantry on the Nasa Causeway between the pads and the Vehicle Assembly Building. A crawler was parked next door! A hot sandwich buffet, chips, and sodas were served. It was cold and windy! I watched for a few hours and unfortunately the launch scrubbed due to high stratospheric winds.

The next day, Delaware North Corporation, which operates tourism at KSC, decided not to open LC-39 or the Saturn 5 center for the launch. This was the third launch attempt and I guess they decided most people had left. I was annoyed.

The closest beach was going to be closed in the evening, it's a sensitive ecological area. I ended up seeing the launch from Jetty Park. This turned out not to be such a great location, the tower wasn't visible at all and the first 10 seconds of the rocket in flight were obscured before we saw it over a hill.

What's a better viewing location?

Comment: Re: the forces working against us (Score 1) 308

by Tom (#49160209) Attached to: Moxie Marlinspike: GPG Has Run Its Course

It's not a cop-out.

It's a cop-out if you say "laziness" as if it explains anything. That's like the police finding a crime scene and concluding that the gun killed the man, and then packing up their things and going home.

We need to figure out why people are lazy and check if we can address it. Maybe we're making it too difficult?

Here's an example: Backups. Even I didn't have a good backup regime until Apple came up with Time Machine. It's just too much stupid work. But someone sat his ass down and asked the right question. And that's not "why are these fuckers so fucking lazy?", but "how can we make it easier for the users?".

they usually see as *an obstacle* to fun

That exactly is the point. If people see our work as an obstacle - maybe every once in a while we should climb down from our high horse and admit that they could be right?

Threema is only $1 more than WhatsApp. Pop quiz: how many people buy these over the insecure alternatives? Now you know how much the users care. ;)

Messaging apps are driven purely by networks. If all your friends switched to Threema, you'd do it too. If nobody does it, you're unlikely to be the first. Security doesn't matter enough to lose contact with all your friends.

Comment: Re:who cares ? (Score 2) 185

by Tom (#49157551) Attached to: Google Taking Over New TLDs

If I am looking for Foobar Inc's website, and I see, I can be pretty sure that is legitimate.

That's not been true for a decade. Due to overloading (i.e. multiple organisations, same name), the Foobar Inc you are looking for could be at - but it could also be at or or or or whatever domain name was still available when they finally went on the Internet.

Comment: Re:Greedy bastards. (Score 1) 185

by Tom (#49157549) Attached to: Google Taking Over New TLDs

It highlights a problem with the DNS system since ICANN took over.

We used to have a logical, hierarchical system. Any company would be under .com and any university under .edu -- then it broke apart and you would find anything under .com and anyone who couldn't get the .com name under .org, .net or whatever.

Then ICANN came along and greed won. Now you'll find anyone under anything, provided they paid for it. The TLD part has become entirely meaningless as it does not convey meaning anymore. ".dev" does not actually mean anything. You might think it means something if you associate those three letters with a meaning, but actually it only means "owned by Google".

We should just ditch the .tld entirely and that's it.

Comment: Re:And no one cares (Score 1) 185

by Tom (#49157541) Attached to: Google Taking Over New TLDs

Sarcasm aside, professionals use the right tool for a job. Not necessarily the most complex or expensive or technical. A professional knows when to use the combo-hyper-pro-magic-machine as well as when to take a hammer or a screwdriver.

URLs have a reason to exist, and they will. The same way that IPs have a reason to exist and will, even though we rarely use them today. But 10 years ago, I knew the IPs of all my servers by heart. Today I need them rarely, but sometimes I do and I know where to find them. Today I know all my domains by heart. Maybe in 10 years I will use them rarely, but when I do, I know how to do it.

Comment: Re:this is one more reason (Score 1) 136

by Tom (#49157531) Attached to: Under US Pressure, PayPal Stops Working With Mega

guilty until proven innocent.

If you have the long laundry list of crimes that Kimble has, and everyone with any interest in the subject is wondering how you're still not in jail, then yes, that is the proper approach.

Don't get me wrong, in a court of law, I'm all for the innocence assumption. But outside, in the real world, when you're dealing with a career criminal then for your own safety you should assume that he's not suddenly turned into a little angel just because you are such a sweety to him.

Comment: Re:git blame (Score 1) 308

by Tom (#49152659) Attached to: Moxie Marlinspike: GPG Has Run Its Course

Three years ago, I tried to start something called the Human Security Initiative. Not by accident acrynomically close to Human Computer Interfaces.

This is desperately needed. We need to sit our asses and oh-so-smart brains down, get some designers and psychologist into the room, and talk about how to properly design security, not just engineer it.

Measure with a micrometer. Mark with chalk. Cut with an axe.