Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).


Comment: Re:Wrong target (Score 1) 45

by Just Some Guy (#49358493) Attached to: Google Loses Ruling In Safari Tracking Case

The target should be Apple not Google.

That's a stupendous way to end software development overnight. Yes, Apple had a bug. All software has bugs. They clearly intended for a different outcome and surely never expected Google to actively attack it.

Of the two, Apple made a mistake but acted with good intentions (at least on the surface, but there's no point going full tinfoil because then there's no point having a conversation about it). Google acted maliciously, and if someone's going to be held accountable for this then it should be them.

In before "lol fanboy": I would say exactly the opposite if, say, iCloud.com exploited a bug (not a feature: a bug) in Chrome to do the same thing. In this specific case, Apple seems to have acted honorably and Google unhonorably.

Comment: Re:python and java (Score 1) 479

by Just Some Guy (#49338871) Attached to: No, It's Not Always Quicker To Do Things In Memory

Python's string library isn't remotely what I'd call "overweight", but its strings are immutable. Some algorithms that are quick in other languages are slow in Python, and some operations that are risky in other languages (like using strings for hash keys) are trivial (and threadsafe) in Python. But regardless of the language involved, it's always a good idea to have a bare minimum of knowledge about it before you do something completely stupid.

Comment: They *still* libel Linux (Score 4, Informative) 169

by Just Some Guy (#49285251) Attached to: Not Quite Dead: SCO Linux Suit Against IBM Stirs In Utah

According to SCO's website:

The UNIX ABIs were never authorized for unrestricted use or distribution under the GPL in Linux®. As the copyright holder, SCO has never granted such permission. Nevertheless, many of the ABIs contained in Linux®, and improperly distributed under the GPL, are direct copies of our UNIX copyrighted software code.

Wasn't it proven that Novell owned any and all copyrights involved here? How long do you get to publicly libel someone (like everyone who uses Linux) before a judge can order you to cease and desist that idiocy?

Comment: Re:Oh Look (Score 1) 87

by Just Some Guy (#49280165) Attached to: Apple Reportedly Working On an Online TV Service

But it looks like Apple is playing catchup to Sling TV.

Very true, but we already have and use an Apple TV. We have very little Apple-purchased content so it wouldn't be financially hard to switch to a different device (and I think we're out of HDMI ports so we'd more or less have to), but it'd be nicely convenient if we could get that content on what we're used to.

Yeah, we could do some AirPlay workaround but the Wife Approval Factor starts dropping quickly when that gets involved.

Comment: Re:Not just for government. (Score 2) 155

by Just Some Guy (#49279837) Attached to: White House Proposal Urges All Federal Websites To Adopt HTTPS

Fortunately, more informed parties disagree with you:

HTTP/2 doesn't require you to use TLS (the standard form of SSL, the Web's encryption layer), but its higher performance makes using encryption easier, since it reduces the impact on how fast your site seems.

In fact, many people believe that the only safe way to deploy the new protocol on the "open" Internet is to use encryption; Firefox and Chrome have said that they'll only support HTTP/2 using TLS.

They have two reasons for this. One is that deploying a new version of HTTP across the Internet is hard, because a lot of "middleboxes" like proxies and firewalls assume that HTTP/1 won't ever change, and they can introduce interoperability and even security problems if they try to interpret a HTTP/2 connection.

The other is that the Web is an increasingly dangerous place, and using more encryption is one way to mitigate a number of threats. By using HTTP/2 as a carrot for sites to use TLS, they're hoping that the overall security of the Web will improve.

So stick with plaintext HTTP/1.0 as long as you want, but the rest of us are moving to secure-by-default.

Comment: Re:Not just for government. (Score 1) 155

by Just Some Guy (#49279817) Attached to: White House Proposal Urges All Federal Websites To Adopt HTTPS

Not all sites deal in private information.

Yes, they do. The information I transmit to the site in the form of an HTTP request is something I want to be private from prying eyes. I don't care if it's not anything particularly incriminating! It's just no one else's business but mine and that website.

The things my mom texts me aren't sensitive - "Hi son! Here's a picture of my dog napping outside!" - but they're certainly private and I'd be pissed if I thought anyone was reading them. Every web request, every chat message, every email should be considered private until explicitly proven otherwise.

Comment: Re:Only on some... (Score 1) 155

by Just Some Guy (#49279785) Attached to: White House Proposal Urges All Federal Websites To Adopt HTTPS

Static sites without forms, uploads, or sign ins, do not have any security benefit.

First, lots of things are sensitive. Would you want someone in the coffee shop watching you browse the NIH website for sexually transmitted diseases? It would be hideously expensive for each government agency to classify each and every URL as "OK for snooping" or "visitors probably want privacy", certainly several orders of magnitude harder and costlier than just saying that everything is sensitive and treating it accordingly.

Second, what's you're requirement for not having the security benefit? Given that certs are about $10 a year and require negligible resources, what is your compelling reason for not having encryption by default?

Third, there's a real and enormous benefit to having everything encrypted. If encryption is only applied to critical things, then the presence of encryption is a red flag that something is critical. When it's the normal, boring default mode and everything is encrypted, its presence is no longer an indicator that something sensitive is taking place.

Comment: Re:Oh Look (Score 1) 87

by Just Some Guy (#49279747) Attached to: Apple Reportedly Working On an Online TV Service

This isn't an Apple TV thing. From the article:

Apple declined to comment on the reports. But the Journal said its sources suggested the tech giant is aiming for a June unveiling, ahead of a September launch of the TV service, compatible with all devices running iOS, including iPhones, iPads, and Apple TV boxes.

That's a pretty big deal for a lot of people, and the rumors are that it'll be unveiled at WWDC. I like stories like this: plausible, and soon enough to be interesting.

Comment: Buying in on day one (Score 0) 87

by Just Some Guy (#49279709) Attached to: Apple Reportedly Working On an Online TV Service

I am so, so ready to be done with Comcast. I'd pick this up in a heartbeat to get away from their ludicrously priced packaging (I don't want to rent a DVR just so I can watch baseball in HD!). Toss in the unbundled HBO subscription and this is close to my cord cutting dream.

Oh, and NBC? I'll be subsidizing this by dropping my Hulu Plus subscription. Don't for a second think that your programming is so valuable that I'll pay extra for it a la carte. This would be an excellent time to make nice with Apple and get over yourself.

Comment: My life has been missing this (Score 4, Funny) 95

by Just Some Guy (#49279201) Attached to: Facebook Introduces Payment System

"Self", I said, "you haven't been feeling fully integrated into today's online society. What could you do to make sure that a major corporation with a history of disdain for its users and their privacy could come to have possession of your financial data? Banks are so old fashioned. Your checking account should be social!"

Today is a happy day indeed.

The price one pays for pursuing any profession, or calling, is an intimate knowledge of its ugly side. -- James Baldwin