Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?

Comment: Re:I wonder if Google has made themselves vulnerab (Score 1) 145

by bill_mcgonigle (#48937853) Attached to: Microsoft To Invest In Rogue Android Startup Cyanogen

Google had problems with getting updates out to devices

And with just a little bit of developer money, so many devices out there could be running a safe, secure version of Android instead of being merely abandoned and left vulnerable ("you luddites running six-month-old phones...").

I've been waiting to see a nonprofit that would sponsor such work and then sell decent smartphones to people who could use them to benefit themselves economically. People throw away ("recycle") perfectly good hardware because the software is too dated.

Oh, I know, "that dual core phone from last year with only half a gig of RAM just can't do anything useful...."

Comment: Re:"Rogue"? (Score 1) 145

by bill_mcgonigle (#48937809) Attached to: Microsoft To Invest In Rogue Android Startup Cyanogen

Google is quite happy to see CM and similar third party ROMs flourish

Flourish or tolerate? Honest question. I've seen entire ROMs stymied by small things Google could/should have done as just a decent vendor, regardless of the ROM in question. For instance, a couple years ago the Droid3 port fizzed because the then-Google-owned Motorola wouldn't talk to anybody about releasing specs to turn on the camera.

Comment: They already did. (Score 1) 245

by Ungrounded Lightning (#48937041) Attached to: One In Five Developers Now Works On IoT Projects

Next you know the young whipper-snappers will take "variables" and call them "dynamic constants"

In Bluetooth (especially Bluetoothe Low Energy (BLE)) they already reanamed them. They call one a "characteristic" (when you include the metadata describing it) or a "characteristic value" (when you mean just the the current value of the variable itself).

Comment: Re:track record (Score 1) 239

by bill_mcgonigle (#48935901) Attached to: US Air Force Selects Boeing 747-8 To Replace Air Force One

To the military I say: buy the best on the market, with a proven track record, with a slight bias for buying local.

Not here - the DoD is spending $2B to design a new rifle, rather than just adopt the AK74M, which has all the features it wants and many allies already use.

"'Cause commies, son."

Comment: Re:Positive pressure? (Score 1) 339

by lgw (#48934523) Attached to: Why ATM Bombs May Be Coming Soon To the United States

The chip requires a PIN to be entered. If you don';t do that correctly within three times, the card is rendered useless.
And this does not have to be three consecutive times.

So even if you have the card, you are unable to do any purchases with it.

Turns out: not so much. As was predicted by the security community, there are flaws, and after a couple years the flaws were exploited, and the PIN is retrievable. This cycle has repeated (is chip-and-PIN in its 3rd generation now? it's at least the second).

Chip-and-PIN means only that the bank makes you liable for your stolen money, claiming "the card couldn't possibly have been stolen because magic". It solves a problem for the banks, and makes it worse for the consumer - shocking, I know.

Comment: I thought the point of the charge ... (Score 3, Interesting) 40

by Ungrounded Lightning (#48929295) Attached to: Spider Spins Electrically Charged Silk

I thought the point of the charge was to make the "wooly" side-fibers of the strands wrap around the prey's limbs and/or the microscopic irregularities in the exoskeleton, tangling to it. "Tying" the fibers to the prey would have a similar binding effect to gluing them to it, without the need for glue, and lots of little fibers could make a very strong attachment.

(Stretching fibers made of long chains makes them stronger by aligning the chains along the direction of the stretch.)

Comment: Re:Maybe if Adobe fixed their broken updater... (Score 1) 194

by lgw (#48929217) Attached to: Adobe's Latest Zero-Day Exploit Repurposed, Targeting Adult Websites

Just because the shady back-alley freeware does it, does not in any way make a good excuse for a AAA software vendor to do so

And AAA vendors don't. Adobe products are simply shady back-alley freeware as proven by their installer. Java too, of course.

Comment: Also: lots of code has been vetted for decades (Score 1) 46

Why are they still using C to deal with network protocol? Is the performance so critical that it's worth all the troubles?

Also, because there's a lot of C code that has been in heavy use, and tested for correctness, for decades, suitable for reuse with substantial confidence that it's correct (though you check it anyhow...).

Let's see you find code like THAT for a language that hasn't been AROUND for decades. B-)

Comment: For starters, because it's transparent. (Score 1) 46

Why are they still using C to deal with network protocol?

For starters, because it's transparent. The "K&R compliant assembly laguage", as one of my former colleagues once characterized it, translates to object in a clearly understandable way (especially if you turn optimization down or off). Though it gives you more opportunities to create bugs, it makes it hard for the bugs to hide from inspection.

The "higher-level" the language, the more it takes over and inserts its own stuff between you and the metal, and the more opportunity for that to inject an invisible vulnerability - which you might have trouble removing even if you DO discover it.

Meanwhile, many of the things "higher-level" languages protect you from can also be detected and flagged by both modern C compilers and code examination tools - starting with the venerable "lint".

Comment: Re:Up next, automatic intelligence rating... (Score 4, Insightful) 217

by lgw (#48927721) Attached to: Anonymous No More: Your Coding Style Can Give You Away

For lack of mod points let me just say: beautiful!

It's like this in any engineering discipline:
* The apprentice doesn't do things by the book, for he thinks himself clever
* The journeyman does everything by the book, for he has learned the world of pain the book prevents
* The master goes beyond the book, for he understand why every rule is there and no longer needs the rules

Or put another way - the apprentice thinks he knows everything, the journeyman known how little he knows, the master knows everything in the field, and still knows how little he knows.

Never try to teach a pig to sing. It wastes your time and annoys the pig. -- Lazarus Long, "Time Enough for Love"