Slashdot stories can be listened to in audio form via an RSS feed, as read by our own robotic overlord.


Forgot your password?

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).


Comment: Don't forget timestamps (Score 1) 343

by Nkwe (#49074819) Attached to: Ask Slashdot: Version Control For Non-Developers?
If you consider SVN, GIT, or any code optimized source control, don't forget that many business users rely on the last date modified attribute of the file to determine versioning. Many source control systems don't care and don't store file modification dates (they store check in dates instead). This can be a show stopper. While as technical people we want to force the concept of version numbers on folks, it is just not in the culture of many business types.

Comment: Re:This has been going on for a while (Score 1) 232

by Nkwe (#49048301) Attached to: Iowa Wants To Let You Carry Your Driver's License On Your Phone

(Disclaimer: I'm a member of Google's Android security team, but the above represents only my own opinions not an official statement. You can certainly believe that they're opinions I will be sharing/pushing internally, though.)

Sweet. Please consider taking this concept back to the team. On the unlock screen have three unlock codes: 1) The normal unlock code, 2) A "limited" unlock code that would allow access to a limited set of applications (and perhaps make the device look like it was mostly empty), 3) a "wipe" unlock code that wipes the device (or nukes the encryption key.) An additional "distress mode" unlock code could be useful as well - this mode would start audio and video streaming to some off-phone storage. The key feature is that these special modes are activated by entering an alternate unlock code (or pattern). That way if the officer (or adversary) is asking you for the code and entering it on your behalf, you would still be able to activate these features.

Comment: Re:Call Center (Score 1) 309

by Nkwe (#49020061) Attached to: Samsung SmartTV Customers Warned Personal Conversations May Be Recorded

So, I imagine the 3rd party is like a big call center with a bunch of people in it. When you say the activation phrase, "OK TV" it connects your tv to somebody's terminal and they hear you say your commands "Channel 20, volume medium" and they push the remote control buttons on their terminal for you.

More likely the recognition software assigns a confidence score to its recognition. High levels of confidence for a command are just executed. Low levels of confidence are probably filed for human review - probably not in real time, but for later analysis to tune the software.

Comment: Re:One more reason to use a wired keyboard (Score 3, Insightful) 150

by Nkwe (#48806637) Attached to: Wireless Keylogger Masquerades as USB Phone Charger

A device that broadcast over sufficiently large range random flood of mouse clicks would be a very effective DoS tool in a corporate settings.

Or a device that broadcast a very specific non-random set of keystrokes. For example you could send the keystrokes to open up a command window followed by the keystrokes to download and execute malware. You could even send the keystrokes to type in the source code and compile the malware or a malware bootstrap process.

Comment: Re:Here's One Idea: (Score 1) 312

by Nkwe (#48706211) Attached to: Ask Slashdot: What Should We Do About the DDoS Problem?

A special new "Add rule 'source,destination,timer'' packet is added, to be sent to a router. This causes the router to initiate a 3-way handshake with 'destination' to confirm that they requested the new rule, and if so, they add the rule to their table and set the expiration timer.

How would you prevent malicious use of the "do not send to the source/destination" packets?

Comment: Re:Airlines need a new business model (Score 1) 349

by Nkwe (#48697253) Attached to: United and Orbitz Sue 22-Year-Old Programmer For Compiling Public Info
While this is a nice list, are you prepared to to pay a lot more for every ticket in order to get the consistency that you want? Airline pricing is the way it is because it allows the airlines to make a mostly predictable profit under very thin margins. If the airlines are forced to adopt your list, they would still need to make a profit and would have to significantly increase ticket all prices to ensure their profit. This is because the current pricing model is vary dynamic (daily / hourly price changes) based on the expected number of passengers. You are suggesting the the pricing model no longer be dynamic. The airlines would not accept the risk of losing money and would have to increase the (proposed non-dynamic) prices.

Comment: Re: This is MY suggestion on how to start to fix t (Score 2) 149

by Nkwe (#48680829) Attached to: 13,000 Passwords, Usernames Leaked For Major Commerce, Porn Sites

And ya im pissed, i have had my debit card used 3 times in the last 2 years no don't tell me i should be using a CC i don't want to pay the extortion fees they charge not going to happen..

There are plenty of credit cards out there that have no annual fees. If you pay your bill on time and in full each month, you don't have to pay any interest or other kinds of fees. If you can't manage to remember to pay your bill on time, you can pre-pay your credit card. You might have other reasons to avoid the general advice of using credit cards over debit cards, but "extortion fees" isn't really a valid reason.

Comment: Re:whoosh! (Score 2) 150

The idea behind the "increase power" and "repeat as necessary" parts was that if you increase power *enough*, you'll end up with line-of-sight, even if you didn't have it to start with.

I am glad someone got the joke. I considered talking about two modes of operation ("line of sight mode" and "make line of sight mode") instead of error correction algorithms, but I thought the error correction thing was more subtle and humorous. I guess it was too subtle. I don't plan on quitting my day job.

Comment: Open, but will it run? (Score 2) 525

by Nkwe (#48370037) Attached to: Microsoft To Open Source<nobr> <wbr></nobr>.NET and Take It Cross-Platform
In concept making the .NET framework open source sounds cool. But, does making it open source mean that I can make a change to the framework, recompile it, distribute the binary framework along with my dependent application, and expect that someone else can just install my version of the framework and be good? Or does it mean that if I want to distribute a modified framework, I have to go through some sort of code signing process in order to allow it to run on someone else's computer? What would this signing process look like? In addition the assembly loader in .NET makes certain assumptions about version numbers of assemblies. It will be interesting to see how it works when due to multiple development paths, core assembly version numbers are not necessarily sequential / increasing over time.

Are you having fun yet?