Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?
Take advantage of Black Friday with 15% off sitewide with coupon code "BLACKFRIDAY" on Slashdot Deals (some exclusions apply)". ×

Comment I avoid OLED when buying displays (Score 0) 181

I actively avoid OLED when purchasing tech with displays. OLED suffers from CRT style burnin on steroids, more prone to failure with usage/age and offers inferior daylight visibility.

I don't care about which of the two panels looks slightly better than the other. I can't tell the difference and frankly I wouldn't care if I could.

Comment Re:I Should Be A Judge (Score 1) 792

It wasn't designed to "look like a bomb", it was designed to look like a clock a kid modified. It just happened to look like a cartoon or movie bomb, which is nothing at all like what real IED's look like.

Nobody knows for sure what actual intent was.

What did it for me was when he plugged in and set the alarm of his suitcase clock to go off in the middle of class. Given family history I'm more inclined to believe they got precisely response they were hoping for and then some.

Comment Re:Everyone has to learn about it. (Score 1) 193

It solves it in the sense that a procedure requires you pass inputs as query parameters.

No absolutely not. It does no such thing. Anyone can call stored procedures from strings without binding parameters. Using stored procedures in and of itself solves exactly nothing.

The types of people who still code in SQL injection attack vectors are the same types of people who aren't going to understand the subtleties of content versus context.

I'm sick of these lame ass excuses for ignorance. It isn't a hard concept at all in any shape or form to understand. Anyone who can't grasp it has no business in the industry.

Giving them a tool which will always force them to parameterize their queries is a means of saving them from themselves.

I worship at the church of designing systems requiring people to try really hard to fail yet this isn't what my comment is about. It is about "common wisdom" that is actively harmful.

Comment Re:The attack that _would_ go away (Score 1) 193

Perl?!? Are you serious? That's the language you will have problems with to read back your own code after a minute you wrote it.

This is the same person who recently posted the following jem:

A language is not secure or unsecure. It's what developers do with it that makes the result secure or unsecure. I can write a .NET or Java application that has all the vulnerabilities you can think of.

Comment Re:Everyone has to learn about it. (Score 5, Informative) 193

It's irresponsible to continue to do this. With stored procedures

Does using stored procedures solve SQL Injection? Show of hands... all of you who raised yours are part of the problem.

Also, validate and sanitize your input data man. If you're writing code for the web you *have* to do this, no excuses. Albeit, most "web developers" I've seen don't have a clue. Now, get off my lawn!

The number of people who incorrectly believe SQL Injection is in any way related to data validation means the problem will never go away. SQL Injection is a failure to enforce context and has got exactly nothing to do with content.

The data validation misinformation is so prevalent the only way you are probably even reading this is you regularly browse -1 as many of you will have modded my comment into oblivion.

Comment Re:Can you liberals please wake the fuck up? (Score 1) 965

Note: I'm not endorsing this, I'm tossing it out as a thought, I get that it has problems and isn't perfect...

Nothing wrong with a problem solver just tossing those ideas under the nearest troll bridge.

It is easy to say "well more bombing won't solve the problem", and that might be true, the way we do it. What if we started using nuclear weapons? The point could be made, "either join the 21st century or be exterminated".

Do you not even see the irony in this statement?

It worked against Japan. They simply didn't get it, couldn't change, and wouldn't listen, even when we were firebombing Tokyo. It took the threat of extermination to finally get the Emperor to see reason.

Well handing columns of US provided armored military vehicles over to Daesh didn't seem to work... so why not...

It saddens me to even say that, it is a horrible thing, but we're facing a horrible situation that won't get better by being nice about it.

No I totally get it... killing everyone would solve what is mostly a regional civil war.

"Survey says..." -- Richard Dawson, weenie, on "Family Feud"