Follow Slashdot blog updates by subscribing to our blog RSS feed


Forgot your password?

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).


Comment: Re:I would not be surprised... (Score 5, Informative) 137

Have you even checked how this attack looks like? The traffic is *NOT* coming from Chinese servers, but that's not the point. That's actually why it's so powerful. Baidu serves the malicious JavaScript in place of their analytics tracking script. Inside of China it's normal, but when it goes through the Great Firewall it gets changed to malicious script that turns any visitors of webpages with Baidu script (Google Analytics equivalent) attached to them into part of DDoS. The way that script worked initially was actually pretty hilarious. It attached new tag to the page with src attribute being github URL. This allowed github to replace content under those URLs to "alert('WARNING: malicious script detected');", which got executed in every browser that was turned into an attacker (and due to blocking nature of alert, limiting the impact). Of course there's more to that and the techniques used by attackers changed over past days - for instance, now TCP SYN floods started as well. But the fact is that there's definitely some big Chinese player behind it, even if it's actually not the most likely one - the government.

Comment: Re:Proof (Score 3, Informative) 137

But the actual traffic is international and there's nothing odd in it. It's the actual source of the attack - the hijacked Baidu script that changed non-Chinese visitors of Chinese pages into botnet (well, not really, but very botnet-like) nodes instructed to attack GitHub - that without any doubt came from the Great Firewall of China. It might not be the government, but unless there's a massive man-in-the-middle attack covering the whole non-Chinese Internet, it's definitely something that comes from China.

Comment: Re:White balance and contrast in camera. (Score 1) 420

by dos1 (#49153913) Attached to: Is That Dress White and Gold Or Blue and Black?
You're mistaken. The proper point to look at searching for white reference is in lower left part of the image - there's a part of some other, clearly black and white dress visible, and it has obvious orange - not blue - tint. Also, it's not hard to find other pictures of the same dress. There's also somewhere a confirmation of the taker of that photo saying that this dress is obviously blue and black.

Comment: Re:Why do I want to upgrade? (Score 1) 437

by dos1 (#48763779) Attached to: Is Kitkat Killing Lollipop Uptake?

This was a problem before, and is probably due to SMS messaging standards (total guess, I've never investigated).

With SMS, you have no way to find out if the message has been sent to anyone else than you as well. If some messaging app lets you send message to multiple recipients, it actually just sends as many single, separate messages with the same content as there are recipients specified.

Comment: Re:Whoa (Score 3, Informative) 132

by dos1 (#48082869) Attached to: Test-Driving a $35 Firefox OS Smartphone

Looks like you have absolutely no experience in designing mobile devices. Arguments like "as cheap as RAM is" are bullshit. If you're not so big that you can design your own chips or at least be taken into consideration by manufacturers, you simply have to live with whatever is available on the market in quantities you need (and most of the options used by big gamers aren't even available on free market). For smaller projects (and I can imagine for a project like that with "as cheap as possible" constraint it's true as well), you're often limited to just a few SoC options, which in turn limit you further on available RAM packages (which aren't standardized in any way).

I'm working on Neo900 project and I know that finding 1GB PoP for DM3730 which wouldn't handicap our ability to connect NAND memory as well was a nightmare - and 1GB is actually hard limit on OMAP3 which was utilized only by a few devices out there. BTW, OMAP3's Cortex-A8 was actually meant for higher-end devices than A5 used in this phone.

Comment: Re:Why is this important? (Score 1) 136

by dos1 (#47625981) Attached to: Parallax Completes Open Hardware Vision With Open Source CPU

Actually, knowing the state of security in cellular networks - especially old 2G and availability of "downgrade to 2G" techniques for newer ones - despite of being strong FLOSS and OH supporter I'm kinda glad that any tech-curious kid next door can't easily play with baseband in his mobile phone.

Sadly, there's also kind of people that won't care that it's illegal and with enough motivation will get all needed hardware, so we're not really protected either way.

Make sure your code does nothing gracefully.