Slashdot is powered by your submissions, so send in your scoop


Forgot your password?
Take advantage of Black Friday with 15% off sitewide with coupon code "BLACKFRIDAY" on Slashdot Deals (some exclusions apply)". ×

Comment Re:Sadly.. (Score 1) 351

Wasn't there a story a couple of years ago about Adobe releasing the ancient versions of some of their products, including PS6 for free on their FTP site or something? If so, then you certainly could run PS6 in wine for free for simple jobs.

Comment Re:Bodes Really Well for a Fair Trial (Score 4, Interesting) 485

It makes a huge difference. Nearly all whistle blowers are violating the law in a technical sense to reveal greater breaches of the law by others who are powerful. A fair trial means that all the nuances and subtleties of the crime are made known and an appropriate sentence passed, based on all the factors (including the fact that the NSA violated the law and the constitution), not just technical guilt. This is the kind of justice that the US has prided herself on for generations. And the lack of fear of going after powerful (usually) men in high places for their own crimes revealed. This ex-CIA man has confirmed what we've known for years. There will be no such fair trial for Snowden. His guilt has been known for years, but apparently the full sentence has been known already too. This is morally wrong. And clearly those that violated the constitution and acted in an unlawful fashion (IE crimes) against the American people have no intention of being responsible for their actions either in any courts of law.

Comment Re:"fooling even the most seasoned security pros" (Score 4, Informative) 38

If you read the fine article, you'll find that what the author is really talking about is a full-blown compromise of corporate networks.

Today's adversary isn't merely a passive reader. They intercept and change emails, albeit slightly, when the need arises. Yes decisions may become no; no may become yes. Sometimes key recipients will be removed from the email's receiver list. More receivers may be added. Email groups may be modified. Encryption and signing may be turned off.

In one of the most notorious examples I've ever read, a company knew it was badly compromised with an APT. In an attempt to reclaim the network, the help desk sent out an email asking every recipient to change their password. Certainly, that would make it harder for the malicious intruders to hang out -- except that the intruders had control of the help desk's email account. Right before the email was sent, the intruders changed the embedded link so that it took users to a perfect copy of the company's password-change website hosted under the intruder's control. Users followed the help desk directions, but in doing so allowed intruders to capture every password change.

Seems to me the problem isn't phishing... it's the compromise to begin with, and the problems that led to that.

Comment Re: fighting carbon pollution? (Score 1) 369

Except that pipeline spills happen all the time in north america like weekly. The risk of fire is much lower but the environmental cost to land owners is still very high. Not saying it's worse. But pipelines are not definitely not safer. There was a major spill just a few of years ago in the Midwest that is still not cleaned up despite the oil company claiming recovery is complete. A real disaster. With the TransCanada pipeline the odds of a spill or multiple spills of this magnitude is very high.

Comment Can someone explain how the bug worked? (Score 1) 61

The actual bug is shown in the original article. The author says "It appears the seven-year-old Xen bug is caused by an entanglement of C macros, bit masking, and Intel x86's fiddly page table flags" but fails to explain exactly what's going on (probably he doesn't understand it himself). Can some explain what actually happens in this line and what failure modes caused the check to be bypassed?

The fact that such a simple-looking line could result in such seriously flawed code tells me that programming secure code in C is much much harder than I thought, especially when what looks like a clean function call is actually macro expansion, perhaps layers of macro expansion. Mot a fault of C per se, but a gotcha when using a lot of macros as if they were C functions.

Comment Re:Settings to check: (Score 1) 217

Read the article. Except for #1 and #5, he explicitly says he did all of these things. Given his experience, I wouldn't expect #1 or #5 to be the problem either. And others who also have a lot of experience can attest to this growing problem of email exclusivity. I ran an email server for 10 years for a university and it was a constant fight to make sure others were accepting our email, despite doing everything we could to ensure we were secure, followed the rules, best practices etc, doing all of #0-#5. So sorry, it's not that simple. If you're email server is working great, that's wonderful. You're grandfathered in, as it were. Starting from zero is now much, much harder than it ever used to be.

#0 is a particularly tough one. There's really no way to overcome that except by begging the blacklists to reconsider, or change IP addresses, which you really can't do anymore, now that there are so few free addresses available.

Email has become a horribly broken system and vigilante blacklist services are not helping things any.

Comment Re:But the real question is... (Score 1) 65

Round-trips are simply a function of the X11 asynchronous protocol, as well as the server/client nature of X11. Has nothing to do with how good or bad GTK programmers are. If as you say EFL is using OpenGL, then it's bypassing most of the X11 protocol, which is a great optimization for local apps. And if you remote an OpenGL window, and all the rendering is client-side anyway (which is the case for remote OpenGL if I'm not mistaken) then the remote server is just going to get a bitmap anyway. So I see it as sixes. Besides that, when X11 apps run on the same machine as the X server, shared memory is used so things are pretty fast (throughput) except for the natural latency that exists because of X11's asynchronous nature and the lack of a good way of synching redraws like Windows and OS X have done for years, and probably OpenGL as well.

Clearly GTK's issues on X11 are, well X11 caused. Because there are no such issues on Wayland. EFL will have Wayland support before too long, so you'll get a good comparison.

Comment Re:pointers & C (Score 1) 437

Certainly in the hobby embedded space, dominated by Arduino, C++ is exclusively used. Sometimes it's just C compiled with a C++ compiler, but often basic classes are used. Never the C++ standard library though.

There are certainly reasons why people eschew C++, some are better than others. The bloat argument is probably one of the poorer arguments.

Personally I avoid C++ primarily because it's so hard to access C++ classes from other languages without fairly complicated thunk layers.

Comment Re:The author really is paranoid (Score 1) 373

Yeah I agree.

Of course his bluetooth thing didn't intercept the word, walnuts, and then try to advertise it to him later. But the way we're heading, technology is rapidly enabling that kind of thing to actually happen.

What today is, or yesterday was, a conspiracy theory spouted by those crazy people we all know, tomorrow becomes reality. Like the example of TVs watching people back. Okay we're not there yet, but TVs are listening in a way. Maybe the crazy conspiracy theorists were more reasonable than we thought.

Comment Re:But the real question is... (Score 1) 65

You'll have to explain just what you are talking about. Are you saying that Enlightenment uses server-side X11 widgets (no anti-aliasing, and no compositing)? No I don't think so. Everything is rendered client-side and pushed to the server just like every other toolkit. And there are good reasons for all this. As well, protocols like RDP do a pretty darn good job at remoting the result. VNC works alright, certainly Xvnc is much faster than windows-based vnc servers.

Comment Re:But the real question is... (Score 1) 65

Umm, no. The problem has nothing to do with graphics, really, or how Gnome 3 is written. It appears to be an issue with PAM and session management when launching the desktop inside of Xvnc. . As to why it's been broken for so long, I don't know. And it appears to still be broken, though there are some config files you can edit that seem to make it work. I imagine not many people remote over VNC. And no idea if Gnome3 works over X2Go but I would think it does.

Gnome 3's integral use of a compositor in no way makes Gnome badly written. And this "modern X just spams remote sessions with bitmaps" is pretty much how all toolkits work today. Built-in X widgets were obsolete over 20 years ago. X hasn't been very usable over ssh on anything but a LAN for as long as I've used Linux. I think the last app that I could remote over a modem link was an ancient version of XEmacs. Kind of fun. Of course X2Go can remote modern apps at a pretty usable and respectable speed by eliminating server round-trips and compressing the bitmap stream. Makes X apps as usable over a slow connection as rdp does. Pretty impressive.

Nothing will ever be attempted if all possible objections must be first overcome. -- Dr. Johnson