Forgot your password?
typodupeerror

Comment: Re: Why? (Score 5, Insightful) 2219

by chrisv (#46182737) Attached to: Slashdot Tries Something New; Audience Responds!

As has been stated repeatedly before, elsewhere, I wish I had mod points right now.

With that in mind, the first two statements pretty much sum it up. "Because I want to change it" is not a good reason, nor really is a designer saying "I don't like how it looks" if, while ugly, it's intuitive for the user to figure out.

I think I've taken all of half a dozen looks at the beta site, and without fail, my response is "get me the f*** out of here", not because it's unfamiliar (though it is), but because what I see is a jumbled mess that makes following LKML in message-received order when there are multiple heated discussions going on in parallel an easy task.

With that said, I don't consider JS to be the harbinger of death and otherwise all that is evil. Some designers & developers have never heard of progressive enhancement though, causing problems left and right. There are things that can be added to the current UI without completely breaking it that make things more convenient ("Load more comments" is actually one I use regularly, because I'm also aware of how broken the pagination of comments happens to be - but then again, threaded commenting doesn't lend itself to pagination without complete disposal of context. I'd rather read the comment threads and if that means a bit of script, so be it.)

Apple

+ - Apple releases iTunes 10.5.1, iTunes Match->

Submitted by Anonymous Coward
An anonymous reader writes "Apple has finally released iTunes 10.5.1 to the public after months of internal and developer testing. Besides bug fixes, the big change that iTunes 10.5.1 brings is support for iTunes Match, Apple’s cloud-based music storage service that will allow your entire music library, purchased from Apple or not, to be accessible from all your computers and iOS devices for a yearly fee. iTunes Match is also now available."
Link to Original Source

Comment: Re:IRONIC COMMENT OF THE YEAR AWARD! (Score 1) 156

by chrisv (#27801123) Attached to: Google & Others Sued Over Android Trademark

Yup. It's sure the first result on Yahoo. Of course, the last update prior to yesterday that I can find has approximately nothing to do with this "Android Data" thing.

A bit more research, and you'll find: The site was last updated yesterday. The content that was there at it's last indexing on Google and MSN is the same as what is currently up at www.pushpuppets.net. As well, android-data.com (the actual domain for the "product") was registered on 2009/04/20; it's been around for a grand total of 12 days. The site that was there before, according to archive.org: it's a parking page for someone else operating a business by the name of "Android Data Services", though checking androiddata.com on archive.org gets you the same site: defunct since 2006, with it's last update being 2003/01/23. Searching for android-data.com gets you no site whatsoever, on Google, Yahoo, or MSN.

This reads to me as though truth is more idiotic than fiction. Nefarious is more likely the case: everything I've been able to tell suggests that the name and product have been dead for at least 3 years, if not more likely 6 years. Looks more like a case of "I might be able to sue Google for lots of money" than anything. The likelihood of actually winning any lawsuit there, suing over a product that nobody has ever heard of, on a trademark that nobody has ever heard of (until today)... um, right. Maybe if he were actually developing & promoting that product, then he'd have something to say.

Comment: Re:It is still a carbon based fuel (Score 1) 78

by chrisv (#27680013) Attached to: Yamaha Unveils Golf Cart Powered By Cow Dung
Hm. Well, methane will generate CO2 as it's end result, whether it's used for power or not - it undergoes an oxidation reaction over time: CH4 + 2O2 -> CO2 + 2H2O. It's also 75 times more potent than CO2 as a greenhouse gas, and as it decomposes to CO2 anyway, net output of CO2 from burning methane from such sources as cow dung is nil.

Wind, solar, and hydrogen all have their issues: wind and solar are unreliable over time, because they both ultimately depend on the weather conditions, and hydrogen isn't an energy source. Free H2 uses a lot of energy to obtain, unless it's obtained from fossil fuels, which, while potentially better for the environment, still leaves us with a non-renewable resource.

Comment: Re:It Works Just Fine in Portland (Score 1) 37

by chrisv (#27550811) Attached to: Clearwire Plans Silicon Valley "Sandbox" WiMax Net
Hm. I've got Clear in Portland; I'm in 97239, for what it's worth. They might not advertise it as being available - the primary reason that I've been able to tell is because the signal strength / quality isn't anything great. It's certainly enough to get the job done - once the equipment is placed in a good spot, I still get 5.5Mbit, but in a bad spot (which can be as little as a few inches from the good spot: at least I have ziploc bags and tape, since it's taped to the end of my balcony right now) I'll be lucky to get dialup speeds.
Sci-Fi

Sci Fi Channel Becoming Less Geek-Centric "SyFy" 798

Posted by ScuttleMonkey
from the or-you-could-quit-cancelling-good-programs dept.
narramissic writes "According to a TV Week article, NBC Universal has decided to change the name of their Sci Fi Channel to SyFy. Why? To pull in a more 'mainstream' audience. If you're unclear what 'more mainstream' means, TV Historian Tim Brooks spells it out for you: 'The name Sci Fi has been associated with geeks and dysfunctional, antisocial boys in their basements with video games and stuff like that, as opposed to the general public and the female audience in particular.' Yes, we should probably all be offended. And telling us that a crack marketing team came up with the name because that's how tech-savvy 18-to-34 year-olds would text it really doesn't help."
Privacy

20 Hours a Month Reading Privacy Policies 161

Posted by kdawson
from the half-the-bailout-every-year dept.
Barence sends word of research out of Carnegie Mellon University calling for changes in the way Web sites present privacy policies. The researchers, one of whom is an EFF board member, calculated how long it would take the average user to read through the privacy policies of the sites visited in a year. The answer: 200 hours, at a hypothetical cost to the US economy of $365 billion, more than half the financial bailout package. Every year. The researchers propose that, if the industry can't make privacy policies easier to read or skim, then federal intervention may be needed. This resulted in the predictable cry of outrage from online executives. Here's the study (PDF).
Censorship

+ - Removal of Anti-Scientology Videos on Youtube-> 1

Submitted by Anonymous Coward
An anonymous reader writes "From the EFF webpage: "Over a period of twelve hours, between this Thursday night and Friday morning, American Rights Counsel LLC sent out over 4000 DMCA takedown notices to YouTube, all making copyright infringement claims against videos with content critical of the Church of Scientology.""
Link to Original Source

Comment: Re:Please enter your credentials here: (Score 1) 157

by chrisv (#21911296) Attached to: Firefox Spoofing Bug Puts Passwords At Risk

The realm is only half of the identifying element - the URL requesting authentication is the other half. For basic authentication (RFC 2617, section 2), the realm value is only for the server sending it; if another server (identified typically by [ http/https, hostname, port ]) sends me a WWW-Authenticate header with the same realm name specified, for the purposes of authentication it is a different realm. In digest authentication (section 3), it is possible to have credentials go across multiple servers, but such servers have to be specified in the initial WWW-Authenticate header in a "domain" parameter; otherwise, the authentication is again only available to the server sending the WWW-Authenticate header in the first place.

Ultimately, unless your system, DNS server, proxy server (if you're using one), gateway, or the target server, have been broken into, obtaining the credentials for any given realm is going to be difficult; if your system has been broken into, this is pointless because they could just as easily install a keylogger to capture the authentication information as it's being entered; if your gateway has been broken into, then unless you're performing all authenticated transactions over HTTPS and/or not using HTTP Basic authentication, the information is going across there in cleartext anyway, and tcpdump is all that's needed to extract it. Since the proxy server tends to exist at the gateway level anyway, the same issues apply there. As far as the target server goes - you can either capture the authentication info there, or, since you've got permissions to do anything the webserver is capable of, including generally accessing the authentication DB, just grab the authentication information and be done with it.

So... good luck at attempting to reuse the exact realm of another server - since, for the purposes of comparing authentication realms, the realm name is little more than a token which identifies a given protection space on a single server (or multiple explicitly specified servers in HTTP Digest, but that's still explicit).

To do nothing is to be nothing.

Working...