Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?
Slashdot Deals: Deal of the Day - Pay What You Want for the Learn to Code Bundle, includes AngularJS, Python, HTML5, Ruby, and more. ×

Comment Re:Flash isn't so bad, really (Score 1) 220

To my knowledge, there is no actual evidence to show that browsers are significantly better on security. The major ones all fix critical vulnerabilities regularly, it just doesn't get as widely publicised. (Don't believe me? Go check the changelogs for recent releases of your browser of choice.) Moreover, if browsers do start to offer all the same functionality as Flash but natively, they'll also increase their attack surface accordingly. Of course if you compare a browser against the same browser with a plugin then the second combination has a larger attack surface, but right now that is an apples-to-oranges comparison.

If we want to talk about attack surface Flash is a bit of an issue. Individual browsers these days have issues more often than Flash, as you've pointed out. However, the install base of Flash is greater than that of any individual browser. Therefore, a problem with Flash is a big fucking deal, as it effects many more people than say, a problem in Firefox. Adobe should handle the EOL of Flash more responsibly, by either presenting a framework for transition or open sourcing Flash so somebody else can do it. As it stands, Adobe is the only entity able to fix a bug found in Flash and all tools for converting Flash content to modern standards (AFIAK) are based on a black-box understanding of how Flash works.

Comment Re:It's not about terrorism (Score 1) 264

Last year (?) a teenager was able to get over the perimeter fence and get on a plane. Later, they announced that they did not have the money to properly secure the fence. Depite this, exactly zero planes have been subject to terrorist attacks in the USA.

There was also this incident in May, where a 27 year old stole a plane and was talked down by air traffic control. If the security we have in place can't stop random incidents like the kid you mention or this guy in Vegas, what is it supposed to stop? I don't think it really has anything to do with terrorism, let alone the greater good.

Comment Re:Correct (Score 5, Interesting) 267

The boss's plan of allowing users to override the web page filter is absolutely the CORRECT plan. You have a rare boss who understands that the most important thing is that workers be able to work without interference from know-it-alls. Please get with the program!

This plan is a good one. To curb your concerns you could follow this plan:

  1. 1) Allow users to login to unblock sites on an as-needed basis. Keep the process simple so workflow isn't encumbered.
  2. 2) Keep a log of every time a user logs in to request access. Possibly keep a log of what sites users are visiting with this access, but do not log the traffic. Just the sites.
  3. 3) Pair this log with your issue tracking system and possibly employee performance reviews.

If an employee's support tickets seem to be linked to the sites they are requesting, the employee can be approached and possible restrictions can be put in place if the problem isn't solved with a conversation. The same goes for browsing habits that might be linked to downturns in performance.

This way, you are allowing your employees/users their freedom to browse/work, and only restricting the people who keep presenting problems.

Comment Re:Rather Than in more out (Score 1) 484

I think future trend will be a shift from more flexible universal operating systems to more modular, take every out that is not necessary for this particular appliance operating system, this to simplify security and even application level features become modules added into the operating system, so one quick boot to full functionality. So a much more modular operating system.

A little OT, but I think modifying Gentoo with a new build system to do the above would be a fun project.

Comment Re:Yes. (Score 1) 517

Actually having experience. Oh and the fact that I just set up a new windows 7 VM and from the fresh install on the DVD and how it ran, compared to after applying all updates it lost all of it's speed.

Nothing installed but windows updates. on the exact same hardware. Absolute solid proof to me.

I've seen this before. I do a fair bit of computer repair on the side, and just recently someone brought me a Windows 7 Home Premium install that was acting this way. I cleaned the computer of malware and junk programs, but it was still using 50%+ memory when idle. It turned out that the windows update service itself was causing the problem. The biggest ram hog was svchost running makecab.exe repeatedly, eating up nearly 1GB of memory all by itself.

It turned out the issue was actually a corrupted .NET Framework 3.5.1 which was screwing up the installation of updates. Repairing it resolved the problem. Perhaps check your update history and see if you have any failed updates, especially relating to .NET 3.5.1. If you do, try going into Programs and Features, disabling .NET 3.5.1 under Windows Features, rebooting, and then re-enabling it.

Comment Re:Bad idea (Score 1) 671

"allegedly" violating it - he has not been convicted yet, and the presumption of innocence should prevail. We don't know if a jury would find sufficient cause, given the circumstances and the illegal acts that were being covered up, to find sufficient justification.

Kind of like "yes, I went through the red light, but I was carrying someone who had been shot and was bleeding profusely to the hospital as quickly as I could."

There's a problem here which Snowden has also voiced: In a "trial" of this nature justification isn't allowed as a defense. This is talked about in Citizen Four.

Comment Re:Buy some suntain lotion (Score 2) 230

Actually, this isn't too far from the truth. I've heard of a few cases where simply changing the URL has brought up documents that should be private and the person who reported it was brought up on charges for "hacking". Unfortunately, the public does not understand the difference between simply poking around and trying to mess up someone's system for nefarious reasons. Perhaps someone here on /. will remember the particular cases involved but as sad as it sounds, you are on a shaky legal foundation.

I thought of one particular case as soon as I read the summary:
Aernheimer was charged under the CFAA for exposing a similar problem with AT&T's website.

Comment Re: About right (Score 1) 246

Boy, 10, dies after his brother accidentally shoots him in the head with a BB gun at close range: http://www.gloucestershireecho... BB gun accident takes life of a 20-year old boy:

You can surely find a lot more googling a little. I also recommend taking a look at Google image-search. The thing is, if you shoot someone in the head with a BB-gun there actually is quite a risk of bodily harm (torn eyes etc.) and loss of life. They're unlikely to kill you if you fire them somewhere other than the head, but they certainly are dangerous items and they can still cause damage to internal organs, depending where the shot lands and its angle. I have a BB-gun that's capable of easily piercing an aluminum can and I certainly wouldn't want to be on the wrong end of the barrel.

Just about anything can be used in some way to kill a person. That doesn't make everything a deadly weapon. I think "deadly weapon" ought to be redefined as something that it's actually practical to use to kill a person. Otherwise, we may as well criminalize butter knives, lawn darts, paintball guns, and sling shots.

Comment Re:About right (Score 1) 246

6 months probation is about right for what he did anyway. I can't believe they're clogging prisons with petty criminals like this then turning violent criminals out because of over crowding. A BB gun as a deadly weapon? They're turning the legal system into a farce with that kind of bullshit.

Totally agree. I've seen it first hand. I got a year of prison for stealing a bicycle (while intoxicated). It was a felony because it was inside an open garage, which apparently makes it Breaking and Entering. I know what I did was wrong and I'm embarrassed about having done it. What's more embarrassing is when I tell people about it they don't believe me until I show them the court papers.

Comment Re:America, land of the free... (Score 1) 720

There is virtually no place in the US where someone who is homeless and jobless cannot get enough assistance from city/state/private agency to change their situation.

That may be true now, I have no current experience. 20+ years ago it was definitely NOT true. I suffered greatly being homeless. Hell, I suffered greatly even having a fucking job working 6 days a week being paid $3.35 an hour. Housing was, and is, not cheap. Sharing doesn't do any good if the people you share with refuse to ever pay their fair share.

Fuck it. At that point, crimes of theft are not such a big deal. Everyone needs to eat.

I was in a boat like this, and that's where the prior misdemeanor convictions come from. I was the lead software engineer at a promising startup. I turned to drugs to help me put in the hours. The company eventually tanked, and I was left with a bad habit and no income. I ended up homeless and stealing. I started a blog where I interviewed other homeless people and used the ad revenue to pay for a storage unit to live in.

Comment Re:America, land of the free... (Score 1) 720

This is what actually happened:
I was intoxicated (not that it should matter, but I don't think I'd have done this if I hadn't been). I was about 6 miles from home without a car or a phone and I saw somebody leave their house via their garage. While the door was open I saw some bicycles in there. After they left I went to the side door of the garage, went inside, and stole one of their bikes. I think the neighbor saw me and called the police. I was arrested about 20 minutes later and charged with Burglary (because it was an attached garage), and I accepted a plea deal for Breaking and Entering.

Comment Re:America, land of the free... (Score 1) 720

In Ohio, criminal records can be expunged except for first and second degree felonies or crimes considered violent- after they are settled and punishment and fines have been paid. There is a process that is sort of like asking for parole but ends up in court with a judge making the final decision.

He said he couldn't get the felonies expunged because he is in Ohio. This means it was either violent, or a serious enough felony that it was a first or second degree felony as defined by the state. I concur, it was not a crime he woke up one day not realizing he was committing or thought was a minor misdemeanor and got roped into a felony.

You're partially right. In Ohio you are also barred from expunging your record if you have more than 2 misdemeanors or more than 1 felony and 1 misdemeanor on your record. I have 1 minor felony and about 4 misdemeanors, all stemming from a 2 year long period. None of them were violent crimes, unless you want to count beating the hell out of a road sign with a hammer while I was drunk.

Comment Re:America, land of the free... (Score 1) 720

The thing is, in the good ol' US of A, where less than 10 years ago you could be a felon for owning 6 dildos

Somehow I doubt, the asker was convicted only of violating something as stupid as possession of dildos or innocent as that of marijuana — he would've said so (if any employer even paid attention to it in the first place).

No, he was, by all appearances, genuinely guilty of at least one violent crime — plus some misdemeanors. I'm not saying, he "deserves" never to work in IT at all, but I don't blame the IT-folks — most of whom have not hit anybody in anger since middle school — for not wanting to work (be under the same roof!) with such a guy.

Why would you choose to drag out your anti-Americanism over this, is beyond me...

What I did wasn't violent. While on a bender I stole a bicycle out of somebody's garage. In Ohio that's a 5th degree felony.

Submission + - Ask slashdot: network engineering or software engineering? 1

wiseerect writes: I am currently a jack-of-all-trade (coding, networking, security, you name it) for a mis-sized (100 — 200 employees company). I would like to specialize and go into software engineering, but I am afraid that software engineering jobs will be mostly dominated by workforce located overseas and/or H1-Bs here in states in the next 10 years.

My second option would be network engineering. Network engineering jobs seem to be more "stable" than software development jobs if you have multiple vendor certifications such as CCIE/JNCIE/etc.

So my question is...which profession should I specialize if i want to have a long-term career in I.T. before retirement without having to worry about my job being outsourced and/or replaced with a H1-B worker?

Thank you.

The two most common things in the Universe are hydrogen and stupidity. -- Harlan Ellison