Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror

+ - Sourceforge staff takes over a user's account and wraps their software installer-> 6

Submitted by Anonymous Coward
An anonymous reader writes: Sourceforge staff took over the account of the GIMP-for-Windows maintainer claiming it was abandoned and used this opportunity to wrap the installer in crapware. Quoting Ars:

SourceForge, the code repository site owned by Slashdot Media, has apparently seized control of the account hosting GIMP for Windows on the service, according to e-mails and discussions amongst members of the GIMP community—locking out GIMP's lead Windows developer. And now anyone downloading the Windows version of the open source image editing tool from SourceForge gets the software wrapped in an installer replete with advertisements.


Link to Original Source

Comment: Re:Not the testing, the interpretation. (Score 2) 36

by Rich0 (#49790005) Attached to: Gene Testing Often Gets It Wrong

Agree. It seems like a simple solution is to unbundle the testing and interpretation.

This is really no different from any other area of testing. A lab can assay the creatinine in my blood, or the microalbumin in my urine, or the concentration of glucose in my blood. Those results are likely to be very accurate and reproducible unless the lab is just criminally negligent.

What those results mean is an entirely different matter. A doctor will certainly utilize those results as well as the results of many other tests, history, interviewing the patient, and so on to make a diagnosis, and refine it as more data comes in.

Just make the labs, well, labs. Now you can certify them far more objectively.

Comment: Re:Answer (Score 1) 317

by Alioth (#49789235) Attached to: How Much C++ Should You Know For an Entry-Level C++ Job?

Long ago, after writing C++ like Java, I decided it would be much easier and I would be much more productive if I just actually used Java. Many headaches of trying to write C++ like Java go away if you just use Java (or C# instead) and you get easier to understand and easier to maintain software systems.

Comment: Re:Mr. shattered hope (Score 3, Insightful) 374

by mrchaotica (#49784163) Attached to: Obama Asks Congress To Renew 'Patriot Act' Snooping

don't have a magical fix. My latest pet theory is that, at a Federal level, there should be a specified number of politicians. Rather than state-by-state, gerrymandered-district-by-gerrymandered-district, shit should be direct. Is there 3% of the US population who are pot-smoking tree-humping eco-dweebs? Then 3% of the politicians should be from the Nature Molestin' Party. Sure, we wouldn't have the 'hope and change' of meaningless party swaps over individual seats. We might get locked into some terrible shit if the majority of the country are, in fact, clueless assholes. But it'd be better representation.

A much "simpler" change (in terms of concept, not ease of execution) would be to go re-learn the concept of Federalism and take a bunch of power away from the Federal government and give it to state and local ones. The less the Federal government has responsibility over, the less harm unaccountable Congresscritters can do.

Comment: Re:Seems reasonable (Score 4, Insightful) 115

by Rich0 (#49781061) Attached to: Insurer Won't Pay Out For Security Breach Because of Lax Security

everyone accepts that (for a given purpose; bank vaults and nuclear installations get judged differently than houses) there is some level of 'reasonable security', which reflects appropriate caution on the policyholder's part; but is known to be breakable.

I agree with your post. I'll just add that a big problem with IT security is that companies cannot rely on the same level of protection from governments in preventing intrusion.

For example, if I have a safe in my house, the means an attacker would have to penetrate it are going to be limited. Since my township has police and neighbors that wander around, they can only spend so much time there before they're likely to be detected. They can generally only carry in stuff that will fit in the doors and is man-portable, since if they have to cut a hole in the house and lower their equipment using a giant crane somebody is likely to notice. If they want to use explosives they will have to defeat numerous regulatory and border controls designed to prevent criminals from gaining access to them, and of course they will be detected quickly. Some destructive devices like nuclear weapons are theoretically possible to use to crack a safe, but in practice as so tightly controlled that no common thief will have them. If the criminal is detected at any point, the police will respond and will escalate force as necessary - it is extremely unlikely that the intruder will actually be able to defeat the police. If the criminal attempted to bring a platoon of tanks along to support their getaway the US would mobilize its considerable military and destroy them.

On the other hand, if somebody wants to break into my computer over the internet, most likely nobody is going to be looking for their intrusion attempts but me, and if they succeed there will be no immediate response unless I beg for a response from the FBI/etc. An intruder can attack me from a foreign country without ever having to go through a customs control point. They can use the absolute latest technology to pull off their intrusion. Indeed, a foreign military might even sponsor the intrusion using the resources of a major sate and most likely the military of my own state will not do anything to resist them.

The only reason our homes and businesses have physical security is that we have built governments that provide a reasonable assurance of physical security. Sure, we need to make small efforts like locking our doors to sufficiently deter an attacker, but these measures are very inexpensive because taxpayers are spending the necessary billions to build all the other infrastructure.

When it comes to computer security, for various reasons that secure environment does not exist.

Comment: Re:Seems reasonable (Score 2) 115

by Rich0 (#49780999) Attached to: Insurer Won't Pay Out For Security Breach Because of Lax Security

If a company cuts corners on security, then in the same way that if I leave my door unlocked and get burgled, I can't make a claim. There's going to be a good living for lawyers establishing what is the required level of security. But if this incentivises senior managers to ask the right questions, then it's probably a good development.

Maybe. If you're buying an insurance policy to cover leaks of information, then almost by definition any claim is going to be the result of lax security. So, why bother buying insurance at all if the insurer can get out of it? The likely result is that those harmed won't be able to collect damages since there will be no insurance, and the company that lost the data will simply declare bankruptcy.

I think there are better precedents. For example, my company is routinely audited by its insurers or other certification bodies. If they spot a blocked electrical panel, that has consequences for the company. The purpose of the audits is to PREVENT bad things from happening, and of course passed audits will support later claims if something bad things happen anyway.

So, why not do the same with "cyber policies" or whatever they're calling them. The insurer states some standard that the policyholder is to be audited against. The policyholder agrees to be audited. If the audit passes, they're in the clear.

And that is what insurance is about - elimination of risk. If you are in charge of some big company you can get the blessing of the appropriate auditors and now it isn't you're fault if something bad happens. It is a bit like having an IT team with skin in the game.

Sure, you can hire what you think is a good IT security team, but how do you really know if you've gotten one? If you buy a cyber insurance policy you're getting that IT audit, but then if you're declared clean and you get burned anyway, that insurance company comes in and puts their money behind their words and pays for your loss. THAT is what insurance is supposed to be.

Comment: Re:New fangled technology (Score 1) 86

by mrchaotica (#49779549) Attached to: Hyundai Now Offers an Android Car, Even For Current Owners

Nah, I'm not nearly rad enough to drive an AMC Pacer. My car is just a nice, low-miles Miata.

Also, these days, Vanilla Ice is a general contractor / house-flipper. Not a bad gig, to be honest -- once I'm making enough money I'm maxing my tax-deferred investments, I indeed might try acting like him.

Comment: Re:For those in Power,oversimplification is the Po (Score 1) 318

by Rich0 (#49779145) Attached to: Why PowerPoint Should Be Banned

Plus, oversimplification can be used to justify all kinds of short-sighted behavior, with all the plausible deniability you describe.

I remember learning my company's brand of six sigma, and they stressed not having more than a few CTQs for any process. It made for really nice-looking powerpoint slides (which seemed to be the main output of my company's six sigma efforts). It also made for some really broken processes in some cases, because the stuff the company was making was really hard to make. There were cases where somebody would optimize out some $10 part and end up destroying a million dollars worth of product from time to time due to a failure to deliver an acceptable level of quality. But, when you only focus on 3-5 key quality attributes, it is hard to justify every little $10 part in the multi-million-dollar manufacturing process.

I'm fairly convinced that far more was lost in market share due to an inability to meet demand than was ever gained from optimizing out the odd $10 part.

"For every complex problem there is an answer that is clear, simple, and wrong."
--H. L. Mencken

Comment: Re:New fangled technology (Score 2) 86

by mrchaotica (#49776037) Attached to: Hyundai Now Offers an Android Car, Even For Current Owners

My 25-year-old Mazda* has a tape deck, and I'm perfectly happy with that. (Okay, I do have a minor quibble that there's no line-in port, but that's no big deal. At least it doesn't have a CD player instead; if that were the case then I'd actually have to get an aftermarket stereo.)

(*Don't knock it; it's very much on the "classic sports car" end of the spectrum, not the "old junky econobox" end.)

Any sufficiently advanced technology is indistinguishable from magic. -- Arthur C. Clarke

Working...