Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×

Comment: Summary a little misleading... (Score 0) 174

by TemporalBeing (#49190785) Attached to: Software Freedom Conservancy Funds GPL Suit Against VMWare
Reading the FAQ and TFA, this is more about BusyBox than the Linux Kernel.

And well, anyone dealing with a proprietary product should know better by now than to include BusyBox in their product without also providing the code for it as BusyBox has a very good history of winning court cases of this type.

Now, while the initial thing was regarding BusyBox, they are also trying to go and push against Tivoization with GPLv2 trying to gain access to "vmkernel" from VMware ESXi. Linus has had a long history of allowing Tivoization, so that might not get through the courts so clearly, but it's a second prong of attack they are using. Expect nVidia and any other proprietary driver maker to possibly join in on that prong - whether arguing for VMware's position or trying to curtail a court ruling that would expand beyond this particular case (since it's basically about an ESXi OS that uses Linux in some form) from impacting other driver manufacturers (f.e nVidia) that simply provide a binary blob for use with their hardware to customers. It should be pretty easy to make the differentiation between the two groups; but you never know what a judge will do.

IANAL, but that's what I see.

Comment: Re:Installation on what machine? (Score 2) 174

by TemporalBeing (#49190695) Attached to: Software Freedom Conservancy Funds GPL Suit Against VMWare

But does it include "compilation and installation" on the end user's machines, or only on developer hardware available only to a select few? The latter interpretation leads to the Tivoization loophole in the GPLv2. GPLv3 tightened this by defining "Installation Information", its counterpart to GPLv2's "scripts used to control [...] installation", to require that execution be possible "in that User Product" if the work is designed for a consumer platform.

Well, having used VMware Workstation 8 and 9, I can was able to download and modify the Linux drivers provided by VMware, necessary to fix some kernel related bugs (http://clocksmind.blogspot.com/2013/04/vmware-workstation-8-and-linux-kernel-38.html) as kernels changed over time but VMware simply didn't keep up with compatibility.

So frankly, I'm a little surprised but then, may this is for a different edition or something.

Comment: Re:FEO (Score 1) 375

by TemporalBeing (#49165727) Attached to: Google Wants To Rank Websites Based On Facts Not Links

"Fact optimization" is already behind more than one multi-billion dollar industry: advertising, political lobbying...

And this is why I fear this initiative, no matter how well intentioned, is doomed to failure. Just because something gets repeated a lot, that doesn't make it factually correct. Moreover, censoring dissenting opinions is a terrible reaction to active manipulation and even to old-fashioned gossip, because it removes the best mechanism for correcting the groupthink and promoting more informed debate, which is introducing alternative ideas from someone who knows better or simply has a different (but still reasonable) point of view.

Remember, not so long ago, the almost-universal opinion would have been that the world was flat.

My advice to save a lot of time and effort, Do not let republicans, terrorists, the religious, anyone connected with the oil companies or climate change deniers anywhere near this technology ever!

Or the democrats, liberals, communists, facists, socialists...

oh, wait...is there anyone left to use the technology?

Comment: Re:diff (Score 1) 176

by TemporalBeing (#49120573) Attached to: H-1B Visas Proving Lucrative For Engineers, Dev Leads

Education. Engineers get the engineering core education. Which is basically calculus, physics, diffEq and the first semester of all the engineering disciplines (more or less the first two years of a four year program). Only then do you start your specialized education.

Competence not guaranteed in ether case. Engineer job title means nothing.

Degree from certified engineering school is the requirement for an 'engineering' degree. 'Engineering technologist' is the weasel word version from shitty schools.

Some nations require that you pass the P.E. test (or it's local equivalent) to call yourself an engineer, some that you are qualified to take the E.I.T.

In America anybody can call themselves an Engineer.

Wrong. That is only the case with Software Engineeres, and even then if you are in Texas you have to pass a certification to do so.

In pretty much every other Engineering field you cannot call yourself an Engineer without first having passed the exams. Just like you can't call yourself a Lawyer (Esquire), CFA, CPA, or a number of other titles without passing the relevant exams either.

Comment: Re:diff (Score 2) 176

by TemporalBeing (#49120559) Attached to: H-1B Visas Proving Lucrative For Engineers, Dev Leads

And the difference between engineer and developer is.. what?

Engineers are often held personally liable for their mistakes. Tim S.

Only one state (Texas) regulates "Software Engineers". Software Engineering is perhaps the only Engineering field that that statement doesn't apply to except, perhaps, in Texas (but even then I doubt it). Typically "Software Engineer" is synonymous with "Software Developer".

On the other hand, a "Computer Engineer" is regulated in all states since it is a sub-field of Eletrical Engineering.

Comment: Re:How do I get an H1B certification? (Score 1) 176

by TemporalBeing (#49120551) Attached to: H-1B Visas Proving Lucrative For Engineers, Dev Leads

My CS professor said you can only get a CS job these days with one of them, but I can't find any information on what I have to do to get certified.

Get a job where a company will sponsor your H1-B visa. You can't apply until you have a job. The company has to justify the need to hire you over someone else for it to be approved.

Comment: Re:Thank you for reminding us. (Score 1) 108

by TemporalBeing (#49120465) Attached to: Mummified Monk Found Inside 1,000-Year-Old Buddha Statue

If you believe yourself to be an eternal being, then this life is but one small step in a much longer journey. It's always puzzled me why so many Christians fear death, when they claim to know they are going to a place vastly superior to this one.

Well, there are many who profess to be Christians but are not; but then, you always fear what you do not know, no matter how much you try.

And then, of course, many fear how death will come on them - do you really want to die because a sword cut off your head in one of many passes, being burned alive, etc?

$0.02

Comment: Re:Credibility to rumors? (Score 1) 196

by TemporalBeing (#49113385) Attached to: A123 Sues Apple For Poaching Employees

What kind of idiot would buy a cell phone with a non-replaceable battery? That would be even more stupid than if it had a proprietary data-cable port. Nobody in their right mind would but such a crippled device.

Apple Customers....did you see the original iPod? They've never had replaceable batteries. Now others (f.e. Google) are following with their high-end lines (Nexus since Nexus5 phone and Nexus 7 tablet).

Comment: Re:Bring it on, folks! (Score 1) 215

by TemporalBeing (#49097419) Attached to: New Encryption Method Fights Reverse Engineering

A friend of mine suggested such an idea to me 15 years ago. This is what I told him.

You run it inside an x86 interpreter which simulates the CPU all the way through the decryption. Then you snapshot the decrypted code and rebuild the app without the decryption and substitute the decrypted code. Now it's just a plain app. If it tries to "detect it's environment" (read the clock, etc), the simulator just tells it whatever it wants to hear. It cannot know it's being simulated, it's just code.

In a sense, that is exactly what Bochs is. It's a true Virtual Machine in that it software interprets every CPU instruction, and emulates every piece of connected hardware - RAM, motherboard, video, network, usb, chipsets, etc - to do so. A truely fine tool for OS and hardware developers.

Comment: Re:Bring it on, folks! (Score 1) 215

by TemporalBeing (#49097403) Attached to: New Encryption Method Fights Reverse Engineering

Yep that trick totally evaded me... I don't doubt that would work fine though. Now.. what about if it had to be connected to the internet to validate the installation at startup >:W And the server had to give it's response in a reasonable amount of time ie 100ms and you couldn't fake it on the PC due to encryption. Now I don't doubt that could be broken but it would be a tad harder at least perhaps ... maybe :D

Until you have someone that has a slow internet connection, f.e sat-com where latencies are typically around 500ms or worse. A poor network, or bad mix of equipment, can make latencies really bad even on an otherwise good network.

For example, my Dell D600 from 2003 had a Broadcom networking chipset in it. The 1GBit interface had a problem with some Cisco routers. The previous routers it was on were 10/100 and it had no issue; but when they upgraded the router to 10/100/1000 the new router had an issue with the auto-negotiation. Until I figured that out, the network speed when from 100 megaibts to 17 kilobits. Outlook generally worked okay (no choice at that company) but anything that made more use of the network had big issues. (Outlook worked to view what was in my inbox, because of the small messages; but even then it was slow).

So even doing something like that would be risky - of course, you could also just capture the network traffic and hack that too; since you can control the network in Bochs, if you were really going that far it wouldn't be an issue to capture and adjust it as required to make it think it was talking to the real thing. This is actually relatively easy:

  1. Setup a transparent MITM proxy so SSL connections can be handled and neither side necessarily knows about it; though they would have to allow you to specify a client proxy because some places require you to do so to get to the Internet any how, so you could just use a client proxy too.
  2. capture the network traffic using tools like Wireshark for several different runs of the program
  3. compare the deltas to figure out what is changing

Now you just setup a server to either play back the captured data, making the emulated system think it is running at that point when the older software did, or if you figured out enough of the traffic setup something to fake the other side in a way you control.

FYI - this is how SaMBa got started (at least for Windows compatibility) - network analysis of CIFS/SMB traffic with Windows. They found some interesting things doing so - read their docs for things like single-bit flip reboots the Windows computer kind of stuff.

There's very little that cannot be cracked in this regard.

Comment: Re:As KDE developer, he's missing the obvious solu (Score 1) 393

by TemporalBeing (#49075235) Attached to: PC-BSD: Set For Serious Growth?

That's utterly ridiculous. There's a lot more to an OS than just the desktop environment (DE): there's the kernel, the init system and other low-level daemons, the display subsystem, the package manager, and of course lots of apps (beyond just what KDE (or Gnome) include in their software collections). The KDE team has enough work to do, they certainly don't want to become their own distro, when there's already several distros that feature KDE as a prominent DE (Mint, Debian, OpenSUSE for starters).

You do realize that KDE is maintained on more than just Linux - including BSDs, Unix, Mac, and even *gasp* Windows. Some ports (like the Windows port) are not as far along as the others - well, pretty much just the Windows port last I checked, and that's primarily because of Windows not having some of the requisite functionality yet.

Comment: Re:I'd avoid Subversion (Score 1) 343

by TemporalBeing (#49075031) Attached to: Ask Slashdot: Version Control For Non-Developers?

I'd avoid SVN for anything that isn't a flat text file, otherwise it becomes a pain to merge or determine what the actual difference between two files is. I'm not aware of anything that will make viewing diffs for Word documents human readable. Never mind that some of the people who need to use it will probably be a afraid of it or have even more basic problems like forgetting to commit.

Which is why you just treat the SVN repository as a WebDAV network drive. They user knows nothing about the underlying versioning going on, and you can always capture back the old version.

Additionally, tools like TortoiseSVN (well, technical TortoiseMerge written by the TSVN devs) have support for comparing MS Office documents. You have to have MS Office installed as it loads both into MS Office and runs the comparison functionality within MS Office to do the diffs.

It is much easier to suggest solutions when you know nothing about the problem.

Working...