Please create an account to participate in the Slashdot moderation system


Forgot your password?

Comment: Re:value of time? (Score 1) 547

by Justin_Schuh (#42020175) Attached to: Ask Slashdot: How To Make a DVD-Rental Store More Relevant?

netflix and amazon are subscription services, not individual movie downloads. itunes is an awesome service, but it's expensive - $5 per movie. So the only conclusion is freetards.

Amazon, Youtube, iTunes and others all let you legally rent or buy digital copies of newly released movies. The prices and quality are competitive or better than DVD rentals, but the convenience factor of digital is the huge differentiator.

Comment: Re:*Very* Sloppy Summary (Score 1) 164

by Justin_Schuh (#41030879) Attached to: Google Employees Find 60 Security Holes In Adobe Reader

Sorry, the antecedent in my response was a bit misleading. What I was correcting was the claim that the PDF reader wasn't a plugin. It's in fact a plugin that ships with the browser (like the Flash plugin does). Third party plugins have always been a difference between Chromium and Chrome, because there's no license to distribute the binaries outside of the official Chrome builds.

Comment: Re:*Very* Sloppy Summary (Score 1) 164

by Justin_Schuh (#41029081) Attached to: Google Employees Find 60 Security Holes In Adobe Reader

That's incorrect. There's never been a PDF reader built into Chromium. The Chrome PDF reader (added in Chrome 8) has always been licensed third-party code in a plugin that ships with Chrome. It's fully sandboxed using PPAPI and has been aggressively audited and fuzzed (this latest round of fuzzing just used a more advanced toolset, so it found new things).

Comment: Re:Makes Sense (Score 1, Informative) 147

Google uses Chrome to track user's browsing habits for the purpose of targeted advertising.

This is simply not true and never has been. If you are interested in the facts, the Chrome Privacy Team thoroughly explains every feature that can be configured to exchange information with external services:

Comment: Re:'bout time! (Score 4, Informative) 86

by Justin_Schuh (#38949843) Attached to: Sandboxed Flash Player Coming To Firefox

Actually, Flash has been sandboxed in Chrome for about a year, but it's not fully sandboxed. To explain, the Chrome sandbox architecture supports five levels on Windows. Chrome's web content and its native PDF reader run at USER_LOCKDOWN and JOB_LOCKDOWN (level 5), which means a deny-only token. Right now Chrome's Flash sandbox runs at USER_INTERACTIVE (level 2) plus low-integrity level (just a bit better than IE's sandbox). However, we've been working for almost two years on a version of Flash that runs in as strong a sandbox as native Chrome content. My post was explaining how to test an alpha release of that improved Flash sandbox.

Comment: Re:Adobe worship much? (Score 1) 174

by Justin_Schuh (#38930035) Attached to: German Government Endorses Chrome As Most Secure Browser

No, the sandbox in adobe reader X is the chrome one.

It is the Chrome sandbox, but the architecture lets you select the degree of sandboxing. IIRC the Reader X sandboxed process runs at sandbox::USER_LIMITED, which means it can access resources as the Users and Everyone SIDs, and it runs on the interactive desktop. Whereas Chrome runs its sandbox at sandbox::USER_LOCKDOWN, which is a deny only token plus an isolated window station and desktop (along with some additional restrictions).

I don't want to undersell Adobe's accomplishment with Reader X, however. It's a good sandbox and a serious improvement over Windows Low IL on its own. But sandboxing is always a matter of degrees, and the more you can lock it down the better.

Comment: Re:Maybe... (Score 5, Informative) 174

by Justin_Schuh (#38929873) Attached to: German Government Endorses Chrome As Most Secure Browser

I don't see innuendo or unsubstantiated accusations as adding anything to the conversation. But I do think it's useful to address the technical portion of your claim.

If I hit a 404, Chrome phones home with the URI I was trying to reach. And what do you do with that data, I wonder?

I think you undermine the legitimacy of your question by trying to manufacture some evil ulterior motive here. The simple fact is that people often mistype URLs (or clip portions when pasting them), so it's helpful when the correct URL can be easily determined. And if you read through the privacy policy I linked above, you'll see that it very clearly describes what occurs in this scenario:

In order to offer suggestions of alternative or similar webpages, the browser sends Google the URL of the page you're trying to reach whenever the web address does not resolve or a connection cannot be made. Information is logged and anonymized in the same manner as Google web searches. Any parameters in the URL are removed before the URL is sent. The logs are used to ensure and improve the quality of the feature.

So, the submission of the URL is no different than if you'd stripped the parameters and pasted the URL into Google from an anonymous incognito window. If you're uncomfortable with that, then the same link provides instructions for disabling the feature.

Comment: Re:Adobe worship much? (Score 1) 174

by Justin_Schuh (#38929535) Attached to: German Government Endorses Chrome As Most Secure Browser

Flash is not yet in the Chrome sandbox (except on Chrome OS), but there's a work in progress that you can experiment with on canary or dev channels.. On Windows, Chrome stable's Flash is in an enhanced Low IL sandbox, which is a bit tighter than the Internet Explorer sandbox, but much weaker than the full Chrome sandbox. (Basically, sandboxing an existing piece of software takes quite a bit of work to get right.)

Comment: Re:Yes, because... (Score 4, Insightful) 174

by Justin_Schuh (#38929449) Attached to: German Government Endorses Chrome As Most Secure Browser

You may personally have the expertise to make good security decisions about your browser. However, all empirical evidence shows that the vast majority of users are not capable of that, and are much better served by a browser that manages updates for them.

That said, you can disable automatic updates and perform them manually if you choose. However, I also consider myself capable of making those security decisions, and I still prefer the silent update dramatically over manually updating.

Comment: Re:Maybe... (Score 5, Informative) 174

by Justin_Schuh (#38929183) Attached to: German Government Endorses Chrome As Most Secure Browser

As an engineer on Chrome security this particular FUD really bothers me. The BSI takes privacy very seriously, and would never make such a recommendation if Chrome did anything like what you suggest. To the contrary, Chrome has an exceptionally responsive privacy team and a very clear and simple privacy policy. It identifies any feature that can exchange data with Google services, and provides clear instructions for opting out. More importantly, the vast majority of features that can exchange any such data are explicitly opt-in.

Comment: Re:Is Google trying to fragment web? (Score 1) 165

by Justin_Schuh (#38556286) Attached to: MAME Running In Chrome

That still doesn't change anything. Microsoft lets other browsers implement ActiveX too if they want to. But they don't.

You can't implement ActiveX in another browser. You can instantiate an ActiveX control on Windows in any application you want, but that's an entirely different thing. To implement ActiveX on another platform you'd have to also implement all of Windows, because that's the platform and API that ActiveX is written to. So, the comparison isn't really valid.

Why would other browsers suddenly start supporting everything Google does, especially non-standard stuff?

They shouldn't unless they have a compelling reason. If NaCl proves itself viable and and develops a broad base of supporting apps, then other browser makers might certainly find that to be a compelling reason to add support--hopefully using the open source code and documentation already available.

Comment: Re:Is Google trying to fragment web? (Score 5, Informative) 165

by Justin_Schuh (#38556164) Attached to: MAME Running In Chrome

I can appreciate your confusion, but comparing NaCl to ActiveX doesn't really make sense. Once you instantiate an ActiveX control it runs arbitrary code at your full user privilege. Whereas NaCl is much more accurately compared to the restricted execution environment of a virtual machine, such as Java, .NET CLR, or even JITed JavaScript. It's just that NaCl virtualizes a well-defined subset of an existing hardware instruction set, rather than one developed specifically for it. That virtualization (and the associated instruction validation) is the primary security mechanism, and is typical of a VM environment. The process sandbox is just a defense-in-depth measure (and a very strong one) layered underneath an existing VM sandbox.

However, there's no reason to take my word for it. If you research it a bit you should find that NaCl has a comparable or (in most cases) a more robust security model compared to the web-delivered execution environments most people are already running.

Make it right before you make it faster.