Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror

Comment: Re:When I see that [literally] textbook mistake... (Score 2) 329

by Lorens (#48835571) Attached to: Steam For Linux Bug Wipes Out All of a User's Files

The better system is called capabilities. Think "everything is a file descriptor". You want to create a file, you get a file descriptor. You want to run most programs, you give them read-write scratch space, a place to find common library routines (that don't carry any rights by themselves), and probably a read-write access to some graphical interface window. You're a browser, your user clicks on a java applet? You download the applet into a descriptor from your scratch space, you run it, giving it a read-write descriptor to some user interface sub-window created from your own window, read-write to a descriptor of some scratch space created from you scratch space, and read-execute of some descriptor containing a library, probably the same one you got from your parent. You have a video with a proprietary codec? You run the proprietary program as above with read-only to the video. You're a word processor? You get a RW descriptor to the file you're editing, and a call-back to your parent if your user requests an "open file" dialog, which returns a RW (or maybe RO) descriptor to the file the user indicated. See a pattern? See KeyKOS, which actually worked for years, and followers EROS, CapROS, Coyotos, which none got to to any useful status. There was a guy who rewrote libc on these principles, IIUC so that you'd only have to change file-handling logic in classical programs and recompile. But I get the impression that most people working on these things are security and OS researchers in academia (sincerely sorry if someone feels insulted, I'm not helping out and if you weren't working on it I wouldn't even know about these things), and not people saying OK, I have a generous budget, I have excellent developers and excellent team leads and stellar project managers, now I want a timeline and then a product.

For other non-OS projects see Plash, Capsicum, Tahoe-LAFS, E-Lang, CapDesk...

Comment: Re:How to get rich (Score 1) 246

I'll invent a tool that allows you to kill people via a phone line. I could see a really HUGE market for something like this.

There might be a volume filter, but I wonder what would happen with an air horn. I suppose they have earphones, so if you start off speaking really quietly...

Comment: But the ID shouldn't have to be secret (Score 3, Insightful) 59

by Lorens (#48172549) Attached to: South Korean ID System To Be Rebuilt From Scratch After Massive Leaks

Granted it's not good if the IDs are easy to guess, nor if the list of IDs+names gets out, but as long as you're not using the ID to authenticate people, only to identify them, it shouldn't be a terrible problem. Think ID=username, not password. What they say about the credentials seems a bit more worrying, but we'd need a lot more info here . . .

Comment: Re:Weber's Honorverse (Score 1) 470

by Lorens (#48014677) Attached to: The Physics of Space Battles

he has much too much of a fascination with the French Revolution

I can't say you're wrong, but at least he does it on purpose. The series was supposed to recreate the life of Horatio Nelson (think "Hornblower in space"), and most of the physics "could be"s are chosen so that the battles and diplomacy resemble life at sea in the early 19th century. Of course, the heroine was supposed to die like Nelson did, but I think the story and fans won that battle. It probably explains why she's less present in the later books!

Comment: Re:So offer a cost effective replacement (Score 1) 185

by Lorens (#48006137) Attached to: Security Collapse In the HTTPS Market

15 years ago I had an MBNA credit card. On their website you could generate a one-time credit card number that was only good for the stated amount. That was a big improvement. I guess not enough people bothered to use it though.

I have this system today, and my "real" card number, while valid, is systematically declined for Internet transactions. It's common enough that Amazon (at least the French Amazon) has an FAQ on the problems it can cause (bigger orders can be split up, and Amazon debits each packet separately). Some sites refuse the virtual card, but I can real-time the on/off switch on my bank's website to use my "real" card number just for the necessary number of seconds. Not ideal, but better than most.

Comment: Re:Too simple (Score 1) 588

by Lorens (#47808423) Attached to: Low-Carb Diet Trumps Low-Fat Diet In Major New Study

I am talking in this case about the sliced meat you eat on bread. In the local shop, only the super-expensive, high-garlic "Italian" meat is sugar-free. The rest contains both sugar AND at least one kind of syrup. The ingredient list is on the back side, so if you see, for example, roasted chicken meat, you would not think that it would contain anything else than roasted chicken.

"Roasted chicken"? That's not food, that's industry-processed human-feed, exactly the problem debated here. Your super-expensive meat isn't meat either, since it's "high-garlic". If you want chicken, you buy chicken. Just chicken. You can buy whole chickens, or just breasts, or whatever, but not processed. If you want it roasted, you roast it, if you want salt, you add salt. Of course, that takes time, a kitchen, and some minimal cooking competence. Cooking should be a school subject, and no processed foods allowed.

"Organic" is supposed to protect you against that chicken having eaten processed foods (made out of the carcasses of other chickens, for example) and having been exposed to excessive levels of antibiotics and hormones and pesticides. Now segue into a discussion of "excessive" vs. "non-zero" . . .

Comment: Don't forget the Internet (Score 4, Informative) 111

by Lorens (#47580237) Attached to: French Provider Free Could Buy US Branch of T-Mobile

Before launching their mobile telephony offering and forcing the previous oligopoly to slash their prices, Free did the same with ADSL Internet (and ISTR with dialup before that). I pay something like USD 45/month for:

- uncapped broadband with static IP and valid rDNS (living in an area well covered by DSL that is about 17 Mbps down, but if/when their fiber gets here I'll pay the same price for 1 Gbps!)

- plus unlimited telephone to fixed and mobiles in France, to fixed in some 100 other countries and to mobile in some countries, relatively low rates otherwise

- a SIM card with unlimited SMS, 50Gb 3G/4G data/month, 2 hours phone (the unlimited version would set me back some USD 22/month more) and extremely competitive rates for anything not included

- Some 600 television channels (some of which you have to pay extra for, sure), with timeshifting, pay-per-view video on demand, and free replay (usually the last week of popular series, depending on the channel)

- an ADSL box "Freebox", extremely well thought out (hello Rani) with a really excellent user interface (web browser, games, what have you), a 4-port gigabit switch, a Blu-Ray reader, a 250 GB disk that can be used as a NAS and for recording television programs

- lots of techie goodies (IPv6 if I want it, messages left on my answering machine can be forwarded to an e-mail address, I can force certain MACs to an IP so that I have the same IP whether connected by WiFi or Ethernet, and, and, and, isn't there a length limit on comments here?)

I'm looking at moving to the US (like SF or NY, https://www.linkedin.com/pub/l... ), so I read the Comcast horror stories with interest. In comparison, I have called Free tech support once in six years, after a storm killed my Freebox. It was replaced (without charge I believe), and nobody even hinted that I might like to buy anything more. If they manage to buy a US provider, no question, I'll be their client.

Unix is the worst operating system; except for all others. -- Berry Kercheval

Working...