Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).


Comment: Re:Rookie mistake... Also... (Score 3, Insightful) 230

DO NOT DISCLOSE THE INFORMATION TO ANYONE ELSE!!!! I can't state that enough. Also, DO NOT ACCESS IT EVER AGAIN!!!!!! I also can't state that enough either. Any subsequent accesses/"breach" of their security will be blamed on you, and used as evidence that you sent others the information, since you were the only one who knew. Anything anyone else does will be painted as you working in conjunction with a "group of hackers" in an attempt to defraud others, or even possibly extort the company in some way. Any continued access attempts on your part will be used to show that it wasn't a onetime mistake that let you uncover the issue, and that you continued to "hack" the site over a period of time.

Comment: Rookie mistake... (Score 4, Informative) 230

Well as others have already stated, you already made the rookie mistake of trying to report the issue and gave them your name and contact information. Now you are on the record as having breached their "security", even as pathetic as it is. When big money is possibly involved (as it would be in the case that financial information of hundreds/thousands of people are involved), you just became the "scapegoat". They will now use you as "hacking" them to attempt to make claims on their insurance to cover the cost of fixing the problem. That also means they will need to report to law enforcement, etc., to have the case brought forward.

Comment: Re:Perception has nothing to do with it... (Score 1) 412

by Fallen Kell (#49154457) Attached to: Is That Dress White and Gold Or Blue and Black?
You have a shit calibrated monitor/display. The reason why most people see white+gold is because the majority of monitors have crappy color calibration, lumen balance, contrast, and white/black levels, especially "out of the box". My monitors are calibrated at the factory and come with custom color map for each monitor from the factory, so that they have less than 0.1dE2000 from sRGB.

This is why your iPhone 5 or 6 shows the image and it looked black+blue (they have "decent" color calibration of under 2.5dE2000, but that still is not even close to the 0.1dE2000 of a really good monitor), and most probably is still pushing way to many lumens for environment, which washes out the image (making it look white+gold).

Comment: Almost... Needs a computer "literacy" placement (Score 1) 779

by Fallen Kell (#48960555) Attached to: WA Bill Takes Aim at Boys' Dominance In Computer Classes
Your solution is a good one, however, you need a computer "literacy" test first before implementing something like mandatory classes.

One of the prevailing theories on why boys dominate the field is due to the fact that they have had more exposure on their own time (in essence have done "self study" work in the field). When schools finally begin offering classes in computers, it is typically 6th grade and later. At which point, many students who have been exploring the field on their own know significant more advanced skills than ones who are only just being introduced to it for the first time. And in schools that teach for the "majority" of students, they will skip past a lot of the more "basic" things because it is below the average skill set of the majority of the students in the course, with the students who don't have the basics down getting lost and as a result discouraged from the field. The converse is also a problem when the schools try to teach to the students with the lowest skill sets in the course. The ones who know it already get bored, complain, and ridicule the students who don't know how to do it so they can speed up the classwork to get to things that meet their skill level.

The real solution is something that school officials and state legislatures will be likely to want to do. If they truly want to have more equality in computers, they need to start having computer classes in kindergarden/1st grade, with individualized progression for the students (i.e. be able to "test out" of any material being taught). Initial costs to setup a system like this would be expensive, but long-term may be relatively in-expensive. The only way for this to really work would be for a mostly automated coursework up and through programming theory, and object oriented design. Everything being most entirely based on the foundation of "online learning" principals, but on a more individual pacing. Grading would not really happen at all for the majority of the work, simply skill progression in passing and completing projects, modules, and practical exams (i.e. very little memorization of definitions, vocabulary, etc., but actual real world useful skill tests such as being able to create a proper formatted paper/document, creating spreadsheets, setting up and using the computer, basic debugging of computer problems, creating a basic program with input and output, etc., etc...). And because it is all self paced, the students don't become discouraged with both themselves or at the other students who "are slowing them down". But school systems would hate something like this because there is no scoring.

Comment: Re:Please no... (Score 1) 570

by Fallen Kell (#48872991) Attached to: Microsoft Reveals Windows 10 Will Be a Free Upgrade
I think you are reading more into the small print than actually exists.

Feature availability may vary by device.

They state this because you OBVIOUSLY won't have touch interface on non-touch devices, and thus any/all touch features available in the OS will not work on that device (that is just a single example of features that will vary, large screen UI won't make sense to use on a 4 inch smart phone, phone capabilities won't work on a desktop with no phone number, picture taking won't work on a device without a camera, etc., etc., etc., the list goes on and on).

Some editions excluded.

This is explained. They exclude upgrading Enterprise editions of the software. Those editions were purchased typically as site licenses for businesses, and are excluded. You need to arrange new site license agreements (or maintain your existing ones) in order to upgrade your windows licenses (in which you will be covered by your site licenses, and not the free upgrade license anyway).

Comment: The real fix... a recall of the socket (Score 2) 304

by Fallen Kell (#48698579) Attached to: Putting a MacBook Pro In the Oven To Fix It
This has been a problem for a long time on not just the Macbook Pro, but plenty of other laptops that used a few specific CPU/GPU sockets in their designs along with in-adequate heatsinks/fans for the thermal load. Those sockets should never have been used for those designs due to the temperature points of molten solder on a part that is specifically designed to be mobile (and thus subject to falls, movement, and other torques when the system may still be hot, especially moments after a shutdown or sleep when they are closed up and placed in a bag/backpack and slung over the shoulder).

Comment: Re:Pointless disruption and harm from Anonymous (Score 2) 149

by Fallen Kell (#48682453) Attached to: 13,000 Passwords, Usernames Leaked For Major Commerce, Porn Sites
Actually, they are simply continuing to prove the point that current security technology has gaping holes in it. And that until there is a MAJOR rework of system, software, and site security, these holes will continue to exist and continue to be exploited. The real bad guys would have simply kept, sold, or used the information themselves and no one would have really known until the credit cards were used to fill cars full of gas, or purchased gift cards which were emptied to accounts which were transferred, etc., etc., and by the time anyone could do anything the money would be out of the systems (no longer electronic) and the people gone.

Until passwords are not typed by people on keyboards, moved through accessible memory on client systems or servers, two factor confirmations, one time use payment numbers, etc., are all in place, these hacks will occur. Fundamental level changes need to occur to fix these things (including hardware interrupt handling, memory segmentation and randomization, whitelisted program execution/startup, passwords/credit card numbers with timebased key tokens required, etc...). Problem is, it will cost a lot of money to change many of these, including hardware changes. Even if the technology was available today that fixed all these things (and you couldn't buy a computer without these changes), we would still have vulnerable systems out there for 20 years or more while industry and consumers replace their hardware.

Comment: Re:A joke? (Score 1) 647

by Old Man Kensey (#48499639) Attached to: Debian Forked Over Systemd

Pottering doesn't work for MSFT, he works for the 3 letter agencies. Considering that MSFT would probably be a step up on the trust scale. Where does Pottering get his money? Red Hat...okay so where does RH get THEIR money? NSA,DoD, FBI,CIA, DoJ, something like 85% of their income is from .Gov institutions, most in the Intelligence community.

[citation needed]

Comment: Not what the app wants -- what Google makes it ask (Score 1) 234

by Old Man Kensey (#48478093) Attached to: Uber's Android App Caught Reporting Data Back Without Permission

The trouble is Android's permission model is crap. If an app has a feature that requires a permission the app may need at any point in the future, it has to be approved by the user at install time, and the app cannot control how the permissions are described or even explain to the user why it needs that permission. And lots of innocuous permissions are bundled up together non-granularly with scary dangerous (or dangerous-sounding) ones, so the app only needs EraseBunnyDrawing permissions but to get that it has to request KillFamily permissions, which doesn't actually mean kill *your* family, it means kill a process family, but all the user sees is "Permission to kill family members without warning" and OH GOD WHY DOES AN APP ABOUT DRAWING FLUFFY BUNNIES REQUIRE MY FAMILY TO DIE?! THIS APP SUCKS!!!!!!1111!!!!!oneoneonetyone1!!!

And then the story hits TechCrunch, where it's summarized so that it sounds like there have been actual deaths of family members, and then the mainstream press and the Today show start calling the app developer asking "Why are you a horrible person whose app killed little Stacey's favorite uncle?? :( :( :("

And all because Google can't get security UI right.

Comment: Re:Explanation of Uber permissions... (Score 1) 234

by Old Man Kensey (#48478027) Attached to: Uber's Android App Caught Reporting Data Back Without Permission

Read Google service configuration.
Modify system settings.
Full network access.

I've bolded the last three because there's no reason for them.

Sure there is. If Uber is doing anything that can't (or for some reason they they don't want to) be handled over HTTP, the app will need full network access. (I don't know what the Uber app uses it for, but apparently WhatsApp uses it for IM communications with other app users.) "Modify system settings" is apparently (per the linked explanation from WhatsApp) the only way to get permission to read system settings. "Read Google service configuration" (again, per previous link) is used for interacting with Google services like Maps, which you can easily imagine why Uber's app would want to do.

"An organization dries up if you don't challenge it with growth." -- Mark Shepherd, former President and CEO of Texas Instruments