Follow Slashdot blog updates by subscribing to our blog RSS feed


Forgot your password?

Comment: Re:Chrome broke my VPN (Score 1, Interesting) 70

by The MAZZTer (#49507773) Attached to: Chrome 43 Should Help Batten Down HTTPS Sites

It is your IT dept's responsibility to keep the VPN working, not Google's. Google has chosen to drop support for a 20 year old insecure plugin architecture in favor of a more modern, secure one. Sure, it's one developed by Google, but 1) there wasn't an existing standard out there AFAIK so they had to make one and 2) the plugin interface is open source so anyone can go and implement it in their own browser, or in their own plugin.

Oracle's official stance seems to be that Java users should switch to Firefox or IE, rather than see themselves try and put any effort toward porting Java. To be fair, I don't know how well Java will mesh with PPAPI's sandboxing.

I wonder if they'll change their tune... Chrome has a pretty sizable user base now.

Comment: Re:Actually, it's worse than that. (Score 5, Informative) 199

by The MAZZTer (#49474867) Attached to: Chrome 42 Launches With Push Notifications

It was a design decision to improve browser security (NPAPI model is horribly outdated). Almost no one uses Java on the web any more so it was decided it was acceptable. Oracle is free to port Java to NaCl or PPAPI if they want to continue supporting Chrome.

Yeah it sucks for the small % of users who still want to use it, but it's necessary to move security forward.

Comment: Extensions (Score 2) 564

by The MAZZTer (#49171883) Attached to: Why We Should Stop Hiding File-Name Extensions

I think the idea, at least for Windows, is that extensions are a legacy thing, and are still supported because they are the basis for determining file type. BUT, the reasoning is likely that they can be hidden from the user and only show the user the actual file type. Which is fine in theory, except that now you are training the user to recognize file type solely by icon, making it trivial to give a dynamic-icon type (like EXE, or the old SCR which users are unlikely to recognize) the same icon as a text file and subvert the user's expectations and make them think the file is safe. If you are not in Details mode or not grouping by File Type it is IMPOSSIBLE to reliably determine the type of a file without the extension!

Of course MS has added the whole Zone Identifier scheme and displays a nasty warning when trying to run dangerous files from the internet. I think this is a good measure to prevent this type of trickery, unfortunately people tend to click past such dialogs.

Comment: Chrome Apps/Extensions (Score 1) 353

by The MAZZTer (#49079925) Attached to: Ask Slashdot: Most Useful Browser Extensions?
  • Authy App - Two-factor auth for Android and Desktop... syncs your auth stuff across devices so you don't have one point of failure. I don't like the companion extension, I just use the app.
  • PushBullet - Notification sync between Android and Desktop. Quick Reply to SMS and IMs from desktop. Push links from one device to another.
  • Google Keep - There is also a purely web version available so an app isn't totally necessary but i find it useful as a synced todo list between my Android and desktop.
  • HTTP Switchboard - Like NoScript (plus partial AdBlock) for Firefox, but a bit cleaner, and it starts out with a good whitelist. microBlock is an alternative based off of this project that simplifies things if HTTP Switchboard is too complex.
  • HTTPS Everywhere - Use HTTPS whenever it's available.
  • iChrome New Tab - Styled roughly like the now-dead iGoogle, it brings a bunch of services together on your new tab page. I can see my e-mail and RSS feed new items in one spot, which is nice.
  • Reddit Enhancement Suite - If you use Reddit this is a must.
  • Enhanced Steam - If you use Steam this is a must.
  • Chrome Remote Desktop - Access your desktop from another device. Punches through firewalls and routers automatically.

Seen on a button at an SF Convention: Veteran of the Bermuda Triangle Expeditionary Force. 1990-1951.