Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
For the out-of-band Slashdot experience (mostly headlines), follow us on Twitter, or Facebook. ×

Comment: Re:No way in hell (Score 1) 47 47

I hope that is the case. The fewer plug-ins, the better. Right now, if I wanted to watch a video on a web page, it may be in HTML5, it might be HTML+DRM, it may be in Quicktime, it might be in Silverlight, Java, RealAudio, or of course, Flash.

Even if we dispensed with all the plugins and the world magically ran on standards built in all browsers, there are always still security issues. Especially if they give any website it touches full access to hardware, which means it has the option of reflashing firmware or other nefarious tasks. All malware needs is a user context, or just the web browser's context (so it can use the browser for keylogging info in all windows.)

Browsers have to have more thought about security than even firewalls, because they have to deal thoroughly with untrusted, if not hostile code that can try to do anything (jam the CPU, spam dialogs.) The browser in itself really can't do it. It really needs help from the OS for separation, either via policies like SELinux or IE's Low context, or be placed in a sandbox or VM where all writes are virtualized safely away from the rest of the machine.

Comment: Re:PID FTW (Score 1) 70 70

I don't see how a PID controller will help much.

It helped him win.

You are cooking with very low temperature air (around 200 F).

Yes, temperature control is what PID is used for in this context.

You have this massive ceramic cooker with large heat capacity.

No, I'm not talking about TFA, I'm talking about every other BBQ. Anyway you can buy a PID fan controller as a complete unit and stick it up your Weber's arse.

The most important thing for good BBQ is picking a good cut of meat. Do that right and you can throw it in your oven and it will be delicious.

That's not even BBQ.

Comment: Re:The inherent problem with electronic voting (Score 1) 48 48

I didn't say that paper elections cannot be rigged. They can, and have been more often actually than there have been fair elections.

I did not even say that it's easier to rig electronic elections than paper elections. Personally, I'd expect it to be as long as you're the one calling the shots.

What is harder is simply to debunk cries of foul play. People can easily imagine what a paper election is like and how counting them (with representatives of all parties involved present) can be somewhat trusted. It is easy, on the other hand, to convince people that this is not the case with voting machines.

People don't trust what they don't understand. And trust is something a democracy needs urgently. People need to have faith in their system of government. Whether they like their current government or not, but they need to know that it was elected fairly and that it is what "the people" wanted. That's the whole problem here. Because without ... well, you see how Mexico is doing...

Comment: Re:The inherent problem with electronic voting (Score 1) 48 48

It is?

Explain this to Joe Random who just heard some populist cry foul play, claiming that they can't be audited and that the auditors are all in league with the party that won the election. Yes, it's bull. But the problem is that you CANNOT debunk it. Joe Random can't imagine how such an audit takes place. He can imagine counting paper slips, and he can see through the ruse when someone cries foul in such an environment. Any party crying foul in a paper election will be told that they should've put some monitors down if they didn't trust the ones running the show and counting the paper slips. That's (at least in my country) their right to do.

You can't do that with computer voting. Yes, someone can make an audit. But it isn't something you can easily explain to someone who has no idea of computers. He will readily believe someone who claims that it's bogus. Simply because he doesn't understand what "audit" means. He understands counting paper slips, though.

The danger is even less in the actual possibility of manipulation as it is in the possible loss of faith in the election. People are already weary of politicians and even politics to some degree (personally, I can only hope that the general apathy is more due to useless politicians rather than people genuinely not caring about democracy anymore). The very last thing we need now is that something gives them the impression that it doesn't matter jack anymore whether or not they vote because it's rigged anyway. Whether real or imagined, if someone starts beating that drum, people will follow easily.

Simply because you can't easily debunk it.

Comment: Re:The inherent problem with electronic voting (Score 1) 48 48

But any party involved can (at least in my country, and pretty much all civilized countries I know of) nominate election observers that can easily identify whether everything's running correctly without any kind of special knowledge. They can easily tell whether the ballot is properly sealed, they can easily tell whether people step into the voting booth alone. They can easily find out whether the choice is free of influence. They can be present when the ballot seal is broken (actually, over here people are essentially locked in 'til the paper slips are counted, collected and sealed again, nothing going in or out in between) and when the paper slips are counted.

It's pretty hard to manipulate anything in such an environment. It's easy to see whether someone tries to manipulate results since it takes little more than eyes to detect foul play.

Comment: Re:The inherent problem with electronic voting (Score 1) 48 48

You act as if that wasn't even easier with voting machines. "Whoopsie, computer crash!"

And unlike in this case, you can't even claim that they're criminally incompetent. Because, hey, computers crash, that's what they do, right? Happens to you at home, too, and you can't be blamed for that, can you?

In other words, them running out of ballots and being unable/unwilling to allow voters to vote is something people can easily identify as something not being as it should be. Manipulation gets heaps easier with voting machines.

Comment: Re:No way in hell (Score 2) 47 47

Here is the big question: How do the plugins (Flash, Shockwave, Java, Acrobat, DRM video players) run? Are they running in the same context as the browser (like current IE), run in a separate process (like Firefox), or run in a more isolated VM where each tab and window is in its memory space (Chrome)?

The Web browser is the first source of attack, and one of the primary means for malware to get on a system. Even with the low security context that IE had starting in Vista, that wasn't sufficient for isolation. It almost takes running the browser in a sandbox (sandboxie) or a complete VM (with its own filesystem) to protect a machine against browser weaknesses, just because a browser is always in constant contact with untrusted code.

I hope MS designs Edge with a lot more isolation (so a compromised add-on in one window can't attack another window or tab), because when designing a new browser is the only real time that they can do it right with security, as opposed to reactively fight fires, as with IE.

Comment: The inherent problem with electronic voting (Score 4, Insightful) 48 48

There is one single very dangerous problem with electronic voting: Trust. People have to trust it, because they are unable to test it.

With paper and pen, it's easy. You can nominate anyone to work as an election monitor. The necessary qualification is "being able to find out where the X marks the spot" and "count". That's a skill set available to nearly everyone.

Working as an election monitor to rule out foul play with election machines requires someone to know quite a bit about computers. It's anything BUT simple to rule out foul play.

The danger here isn't even so much that manipulation can take place. And I don't even want to engage in the discussion whether or not these machines can easily be manipulated. The danger is that some populist aiming for the uneducated masses goes and cries foul play when he loses the election. And that's a danger not to some party but to the faith of the population in the whole democratic process. And that inherently is dangerous to democracy altogether.

It's not easy to debunk such claims. With paper, it's easy to go "oh please, count them yourself if you don't believe us. Here's the paper slips, and you can count, can't you?". Now try the same with election machines. Saying "you can do an audit yourself" isn't going to cut it. Why should we trust the computer experts? It's not something just anyone can do.

These machines are a danger to democracy. Nothing less.

Comment: Re:Hint: (Score 1) 8 8

I wasn't concerned with it when I was reading your JE.

Wasn't about you.

Why would I assume it to be, if I was not named specifically in it somewhere? I did, however, assume you were interested in a discussion of what you wrote, as you posted it comments enabled. If you would rather not talk about it, we can stop discussing it.

"Conversion, fastidious Goddess, loves blood better than brick, and feasts most subtly on the human will." -- Virginia Woolf, "Mrs. Dalloway"

Working...