Follow Slashdot blog updates by subscribing to our blog RSS feed


Forgot your password?

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).


Comment: Re:It would be nice if... the key leaked (Score 1) 155

by Richard_J_N (#49115455) Attached to: NSA, GHCQ Implicated In SIM Encryption Hack

What really got Lenovo into hot water was not just Superfish, but that Superfish got compromised. So, what we really need is for the NSA's stolen key to be leaked.
If that key leaks, it will finally cause the massive that will force the politicians to re-evaluate what the miscreants in GCHQ/NSA are "lawfully" doing.

Comment: Re:Free Trade (Score 1) 222

by Richard_J_N (#48893825) Attached to: China Cuts Off Some VPNs

What I mean is that, any country which has no democracy has no workers' rights. Therefore, Chinese workers will never effectively demand decent working conditions. This makes them more competitive than the EU/US, and our workers (who rightly expect decent treatment) will be out-competed by cheap labour from contries that abuse their workers. The result is unemployment in the West, and "slave"-labour in the East.

Comment: Re:Because it does not work (Score 1) 219

by Richard_J_N (#48839789) Attached to: European Countries Seek Sweeping New Powers To Curb Terrorism

I grant that it doesn't work all the time. But let's at least stop giving "it's my faith" a free pass against criticism, and be done with the faith-schools. Politicians love to think that moderate religion is on their side; it isn't. So they work in the (imho) vain struggle to keep people from moving from position (b) to (c) rather than trying to get them to move from (b) to (a). In epidemiological terms, there are several risk factors for becoming a terrorist... including social exclusion, poverty, grievances against western policy, and religious faith. Why can't we treat faith itself (rather than "perversion of faith") as the risk factor?

Comment: Re:Why not promote the Enlightenment instead (Score 1) 219

by Richard_J_N (#48839203) Attached to: European Countries Seek Sweeping New Powers To Curb Terrorism

True in the US, but in Europe, we are already past tipping point: the majority of people now see organised religion as a force for harm.

In the US, the approach might be to apply sanctions to Saudi Arabia etc untill they fix their human rights record - this approach worked on South Africa wrt apartheid.

Comment: Why not promote the Enlightenment instead (Score 4, Insightful) 219

by Richard_J_N (#48838713) Attached to: European Countries Seek Sweeping New Powers To Curb Terrorism

Wouldn't it make much more sense to devote some effort and expense to promoting the values of the enlightenment? In particular, devoting some educational effort towards eradication of irrational beliefs. Why not actually treat Islam (and Scientology, and Christianity) as the mental equivalent of a public heath hazard, where those who believe need to be helped to overcome it?

I think we make a serious mistake in our public discourse, by considering that:
    violent minority = extremists = misinterpretation of scripture vs. peaceful majority = mainstream = correct interpretation of scripture.

whereas it would be more intellectually honest to consider:
      violent minority = literalists = correct interpretation of scripture vs. peaceful majority = reformists = those who wilfully mis-interpret their scripture.

In other words, while almost all humans (of all faith and of none) are decent, good, tolerant peaceful people, they are decent to the extent that they discard their holy books, not to the extent that they follow them. The holy books themselves are beyond redemption, and should be considered to be "on the side of the devil".

Consider the spectrum of belief: (a)Secular humanist ---- (b) "Moderate" religion ----- (c) Extremist religion.
Position (b) involves belief in gods, prophets, and veneration of "perfect" scriptures. Position (c) is a very small step beyond, namely to actually read those scriptures, already considered perfect, and interpret them the literally, as they are written. So, if we want to prevent Islamic terrorism, the most effective argument is not detailed discussion of which Koranic verse overrides which other one (an argument which the moderates can never win), but instead, to argue for the wholesale abandonment of holy books.

Education, science, secular values, and human rights are the most potent weapon we have against faith, and yet politicians refuse to deploy them! If we took the money from the security services, and put it into schools, I think it would be far more effective.

Comment: Fanless is possible (Score 1) 720

by Richard_J_N (#48487255) Attached to: Ask Slashdot: Making a 'Wife Friendly' Gaming PC?

I've been using fanless machines for ages. Basically, you use heatpipes to the case. are extremely helpful - I have a system with a Streacom FC9 case which is big enough for a high-end CPU, but still dead silent. Of course, if you want the ultimate in graphics cards, you may still have to put up with a fan.
Also, signals travel along cables at about 2/3 speed of light - so your mere cable length shouldn't be a problem. HTH

Comment: Definitely :-) (Score 1) 330

by Richard_J_N (#48444487) Attached to: Eizo Debuts Monitor With 1:1 Aspect Ratio

Great that they are making these (though it would be nice to get them in HighDPI too). I'll certainly be getting a few.
(Currrently using 3x 1600x1200 20.1" screens, which is an excellent productivity setup, though the backlights are all beginning to fade).
While we're talking wishlits, give us a monitor that can go to 1200 lumens+ for outdoor use - I'd love to work outside in the summer time, though I need a monitor that can be viewed with sunglasses on, in partial/direct sunlight.

Comment: What about SSL proxy appliances (Score 1) 212

by Richard_J_N (#48414923) Attached to: Launching 2015: a New Certificate Authority To Encrypt the Entire Web

What do we do to defeat SSL proxying, where there is an "official" MITM? For example, a Bob uses a web browser on his work computer, which trusts an SSL proxy appliance, because Eve (sysadmin) installed that cert into all browsers on the office machines. Alice (as the server-operator) wants to protect Bob (who doesn't know any better) from this. Key fingerprinting would allow Bob to discover this, but how can Alice verify this?

Comment: HMRC's CT600 form - PDF forms (Score 1) 132

by Richard_J_N (#47627003) Attached to: Ask Slashdot: Best PDF Handling Library?

Is there anything that can handle the gruesome CT600 forms that the UK Tax authority require us to fill in every year? These have lots of embedded scripting and can only be read with Acrobat Reader. However, this year, Adobe have stopped releasing Acrobat for Linux.

(An added bonus, the internal logic of the CT600 is buggy: for example if a particular tax option does not apply, it is fussy about the distinction of 0 vs empty, and this leads to subsequent validation errors (naturally with confusing messages). It also has about 20 pages of irrelevant data required, in order to reach a single number, which we have already calculated.)

Comment: Any editors with good auto-completion? (Score 1) 402

by Richard_J_N (#47587089) Attached to: Comparison: Linux Text Editors

I wonder whether anyone has an editor with really good auto-completion suggestions.
For example, in HTML, I might type:

Alternatively, in PHP, I might type: forea
and the editor should offer me: foreach ($key => $val){

It should also be able to show the documentation for the functions within a tooltip, do inline syntax lint checking, and support refactoring.

So far, I would also mention "Brackets" and Github's "Atom" editors as worth looking at.

Comment: Re:CSS variables? (Score 1) 256

by Richard_J_N (#46540203) Attached to: Firefox 29 Beta Arrives With UI Overhaul And CSS3 Variables

Personally, I found that dynamically generating my CSS from PHP is the solution. It's easy to understand, easy to write, cross platform, and (using the etag trick), has good performance and bandwidth use.

So I have a bunch of rules like this:
echo "body{ height:100%; background: $colour_body_bg; font-family: $fontface_body; color: $colour_body_text}\n";
Even better, I can support slightly different versions of the stylesheet by linking to "style.php?style=theme_name".

Then, to handle performance and bandwidth, I use etags. The browser will always cache this document at least 10 minutes. After that, it will check for a newer version, but the server will usually reply with 304 (unchanged).
$last_modified_time = filemtime(__FILE__);
$etag = md5_file(__FILE__);
header("Last-Modified: ".gmdate("D, d M Y H:i:s", $last_modified_time)." GMT");
header("Etag: $etag");
if (@strtotime($_SERVER['HTTP_IF_MODIFIED_SINCE']) == $last_modified_time ||
        trim($_SERVER['HTTP_IF_NONE_MATCH']) == $etag) {
        header("HTTP/1.1 304 Not Modified");
header("Cache-Control: max-age=600");
header("Content-type: text/css");

Comment: Re:Why is this legal? (Score 1) 572

That would be ideal, but it requires elevated privileges (no idea why that should be). So I'd have to put it in a firefox extension.

I'm trying to protect normal users who may not be aware that their employer is MITMing them by providing them with a web browser which has been misconfigured into trusting the cert of an SSL proxy appliance.

Comment: Re:Why is this legal? (Score 1) 572

How does DNSSEC help?

I'd like (ideally) to write a php script that would detect when my users are on "compromised" machines, and warn them.
What I want is to write some javascript that would send back to the server what the client *thinks* is my certificate fingerprint.

Committees have become so important nowadays that subcommittees have to be appointed to do the work.