Follow Slashdot stories on Twitter


Forgot your password?

Comment: Re:Omega? (Score 1) 186

by Sigma 7 (#48566291) Attached to: NetHack: Still One of the Greatest Games Ever Written

Omega was actually up to 0.90, but that version was rare as the official distribution channel wasn't trying to give it out.

It wasn't a popular roguelike as it was a little buggy... first version I encountered was for the Amiga, which caused the town guards to attack you if you joined the paladin's guild.

Comment: Re:C is very relevant in 2014, (Score 1) 641

by Sigma 7 (#48559545) Attached to: How Relevant is C in 2014?

In C/C++, the null pointer can do anything from crashing the application to crashing the system (e.g. MS-DOS), sometimes with a time delay you don't know about until it's too late. Once the problem occurs, there's nothing you can do about it (aside from system-specific functions) and your app crashes.

In Java, null pointers throw an exception rather than attempting to fiddle with whatever is at that memory location. It's not a memory management bug, as it prevents issues before they start. And in the event the null pointer happens without warning, you can easily use a catch statement at a certain point, and try to get the application back to a normal state (if desired).

Comment: Re:C is very relevant in 2014, (Score 1) 641

by Sigma 7 (#48556813) Attached to: How Relevant is C in 2014?

Because bug-free automatic memory management is silly, who would want that?

Actually, it's still possible to have some bugs if you improperly use auto_ptr and shared_ptr, etc, but it's still much better than the classic method of allocation.

To be bug free, it has to be on-par with something like Java, where you can't break memory management no matter how hard you tried. This won't happen as long as there's the need to deal with raw pointers or if you have to dodge misaccessing elements (e.g. bounds checks...)

"It's harder to shoot yourself in the foot with C++, but if you do, you blow your whole leg off."

Comment: Perl-standard line length (Score 1) 169

by Sigma 7 (#48231839) Attached to: Tetris Is Hard To Test

Though it's simple enough to be implemented in one line of BBC BASIC

Any language that doesn't require carriage return + linefeed can do anything in one line.

And Basic comes with a ton of library fuctions that makes things easier to do. No need to initialize memory, dispaly, setup graphic or keyboard interrupts, etc.

Comment: Re:Click-to-Play Would Improve Flash, Too (Score 1) 111

by Sigma 7 (#48160725) Attached to: Adobe: Click-to-Play Would Have Avoided Flood of Java Zero-days

If visiting a web site implies JavaScript consent, then why doesn't it imply SWF or JVM consent?

Plugins such as SWF, JVM or ActiveX imply having better access to the system (e.g. clipboard, save files to disk, etc.) than regular JavaScript (which is supposed to be limited to the browser). Plugins wouldn't have been necessary if JavaScript can do anything the plugin could. The situation may changed since the introduction of plugins and Javascript, but the implication remains the same.

That, and because I said so.

Comment: Re:also applies to flash and acrobat (Score 2) 111

by Sigma 7 (#48160397) Attached to: Adobe: Click-to-Play Would Have Avoided Flood of Java Zero-days

Click to play is built into Chrome these days.

Users shouldn't have to hunt for a specific browser just to keep safe. Likewise, they shouldn't have to hunt for a specific extension to keep safe either, as those features should be built-in to the browser.

Also, the main security flaw is automatically executing anything that gets fed into the browser - and JavaScript security issues had remained unchecked for 10+ years, and still are as demonstrated by visitng a random webpage only to be directed to "Your java is outdated, please update". (Did they learn nothing from the Boot-Sector Virus era?)

Comment: !news - password security is already known (Score 1) 549

by Sigma 7 (#48134525) Attached to: Password Security: Why the Horse Battery Staple Is Not Correct

1) Choosing a password should be something you do very infrequently.

Choosing a password should only need to be done once per site, not "infrequently".

2) Our focus should be on protecting passwords against informed statistical attacks and not brute-force attacks.

Passwords are generally leaked because someone either got the list of passwords, tricked the user into entering the password on the wrong area (e.g as with any phishing site), .extracted them from a local store on the person's hardrive because Firefox still doesn't auto-block random plugins be default, or used the rubber-hose decryption algorithm.

3) When you do have to choose a password, one of the most important selection criteria should be how many other people have also chosen that same password.

So, don't use a single password that appears on a dictionary attack. Trivial.

4) One of the most impactful things that we can do as a security community is to change password strength meters and disallow the use of common passwords."

It's moot when the various websites come up with inconsistent password types, where your randomly generated password is rejected because it didn't happen to include a capital letter (even though it contains a punctuation mark), is rejected because it contains punctuation, is rejected because it's too long, etc.

Disallowing common passwords is as easy as downloading a list of common passwords and refusing anything with an exact match. If you have free extended strings, there's more than enough variation to kill anything statistical, leaving only the dumb users that pick something obvious that most sheeple do.

Comment: Re:Chromium (Score 1) 55

by Sigma 7 (#48092565) Attached to: Chrome 38 Released: New APIs and 159 Security Fixes

Even Mozilla backed down on blocking 3rd party cookies, and it is open source.

That's because Mozilla developers need to focus on keeping their bellies full.

If Mozilla backed down, that's probably due to financial issues - where they could simply withhold funding, and instead focus on partnering with Microsoft to port Internet Explorer and Active X over to Linux.

And then I'm hard pressed to think of an open source browser which actually respects our privacy, doesn't have ads, and which runs on multiple platforms.

I haven't seen an ad-supported browser since Opera decided to shed its shareware model.

The big two browsers - Mozilla Firefox and Chromium - are close enough to these requirements. If you disagree, you'll have to find skilled developers, get a way to feed them, and keep them around long enough to write your own browser.

Comment: Dealing with slowdowns (Score 2) 577

by Sigma 7 (#48043007) Attached to: Will Windows 10 Finally Address OS Decay?

Even if Windows slows down over time, there's easy ways to deal with it.

Since Windows XP, you have a program called "MSConfig" that allows you to remove any startup programs, especially ones that are pure redundancy or are otherwise not useful.

And with modern systems - Web browsers slow down the system more than anything junk that accumulates in the OS. I've had both Firefox and Chrome running at the same time, with the resulting commit charge around 8GB, sometimes approaching 12GB. Once I stopped using one of the two browsers, the constant thrashing stopped, and everything else is much more responsive. (Firefox is still freezing, but that's a memory leak issue.)

Comment: Re:Java? (Score 1) 53

by Sigma 7 (#47910869) Attached to: Malware Distributed Through Twitch Chat Is Hijacking Steam Accounts

And guess what, it is trivial to disable Java support for browsers

Only if you know where to find the option.

In Firefox Aurora version 34.0a2, I click the three lines button to get a menu, then click on options. None of the listed tabs lead towards disabling plugins, or making them manually activated by clicking.

In general, if you have to look in more than one place to configure your software, it's not trivial even if it's easy.

Comment: Re:Morons. (Score 1) 53

by Sigma 7 (#47908557) Attached to: Malware Distributed Through Twitch Chat Is Hijacking Steam Accounts

1) gamers that don't run basic AV

Basic AV = not automatically executing stuff.

If you mean something like real-time protection from common AV packages, then those are technically reactive to threats and don't detect new things within the past ~24 hours or so.

2) gamers that don't run sandboxing software over their browser (Sandboxie for example, shits TRIVIAL to use and is even foolproof!)

Browsers should be self-sandboxing, which has been the case since the start of HTML, until someone foolishly added JavaScript/plugins. Those two shouldbe disabled by default, and in the event that JavaScript or plugins are required for a site, they can be made click-to-play.

3) people DOWNLOADING programs for competitions...
4) actually wanting to play CS Go. The worst sin of them all.

No objection here.

5) Twitch still hasn't word-banned people typing these messages and any variants. It's not like their servers would break, they already have filters in place.

Word-banning is a clbuttic mistake.

Comment: Re:Hollywood Logic (Score 1) 937

by Sigma 7 (#47899685) Attached to: Why Atheists Need Captain Kirk

There is nothing wrong in being a genious in something and not being able to explain how you do it. The common term for that is: intuition.
You ignore that someone who is doing stuff by intuition might have 30+ years in experience to do just that.

In case of the "iniuition" found in the Star Trek chess game:

  • The "less logical" is most likely a lower-strength chess player (e.g. capatin Kirk, Troi, etc), and is matched against a high-strength chess player (e.g. Spock, Data, etc.)
  • The weaker player makes a winning move, which was either "illogical", "emotional", etc. In reality, picking the winning move would be logical.
  • Games such as chess - especially on a high-rank logician such as Spock/Data (known to be able to calculate stuff to excessive significant digits), are likewise able to avoid sudden mate-in-one situations and would probably attempt to shake off mate situations in several turns. (Current computers can see 10 moves ahead, maybe more; Star Trek computers should technically see much further as long as they aren't limited by plot.)

Compare this to Babylon 5, where there was a chess paring, where the player that lost admitted to have made a mistake (e.g. didn't notice that he opened himself to a mate-in-one.)

Also, I'm not saying that intuition isn't valid. Only the cheap plastic imitation used in Star Trek is the issue, when it's used to plainly bash things like "logic".

Thus spake the master programmer: "Time for you to leave." -- Geoffrey James, "The Tao of Programming"