Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror

Comment What should happen but won't (Score 5, Interesting) 65

Obama should word with rankng Senate members of both parties and nominate a politically-centrist judge whose judicial qualifications are impeccable.

The Democratic Party base will hate him for blowing an opportunity to name a liberal, and the Republican Party base will hate their party leaders for allowing Obama to fill the slot at all.

Comment Re:what? (Score 1) 264

You're forgetting the 3rd option:

Horribly insecure code that's too complex (or obfuscated or just plain badly written and possibly poorly commented) for most people to bother looking at, much less fixing & for those that DO bother, they submit a fix/patch which goes ignored or rejected by the maintainer. This, of course, followed by no one bothering to fork the project b/c no one has time for that. This is where most open-source users whine and complain about features, design flaws, and bugs while devs and fanboys tell them "If you don't like it, fork it and do it YOUR way." as if that were a trivial thing just anyone can do in their spare time... b/c we all have such amazing coding skills and free time to take on such an enormous effort by ourselves.

That's the same regardless of whether it's open source or not. So, no - I'm not forgetting. Been there, done that.

Comment Devices should be de-brickable (Score 1) 157

I've said it again and again, consumer devices should be de-brickable.

Business devices too for that matter.

They should all have a "factory reset jumper" or similar that resets the machine - or at least the non-replaceable parts of the machine - to factory conditions.

I can think of three exceptions to this rule:
* Things that must not be wiped due to legal reasons or fraud-prevention reasons, like a hard drive's in-use-hours, should not be wiped,
* Certain "write once" storage, such a log of reported thefts, should not be wiped, and
* if the consumer explicitly shoulds a different jumper, the ability to do a factory reset is permanently lost, rendering the device "brickable." Some users may want their devices to wipe their secuity keys and brick themselves if they are reported stolen or after too many unsuccessful logins in a row as a way to discourage theft.

On an iPhone, this might mean booting from a "restore" boot loader that would wipe the real boot loader, storage, ram, security, and everything else not "burned in" as "read only" at the factory or which wan't on the "no wipe" list such as a carrier-lock or powered-on-hour then set variables like the clock to sane albeit incorrect factory-default values. It would also preserve things normally "off limits" or "read only" to the bootloader and iOS for legal reasons (such as radio hardware). Then it would restore the regular bootloader and Apple security credentials from ROM and copy a temporary "iOS-restore" mini-operating system from ROM into storage and reboot. On the next boot, the special "iOS restore" OS would tell the user to either plug the USB cable into a PC running iTunes or to connect to the internet using USB, WiFi, or Bluetooth then it would load the real iOS from iTunes or an Apple internet server, then, after verifying the iOS was properly signed, set it so it would boot from the just-downloaded iOS and reboot. Sure, it would take awhile, and yes, all user data would be lost, but at least the phone would be usable.

On a PC with non-soldered RAM and disk or SSD storage, those devices would not need to be wiped as part of the machine's de-bricking routine - if those parts are contributing to the problem, the consumer can replace them.

Comment Re:what? (Score 1) 264

Something being open source has never, ever meant that it is more secure. That is a myth propagated by open source zealots. Open source only means that, the source can be viewed, and most likely changed, by anyone. Open source zealots assume that means it is rigorously vetted by security experts to find any flaws and fix them, which is a huge assumption that mostly likely is not true for most projects.

While I agree it is a myth, I don't think it's the zealots that really pushed it, but those that didn't really understand their message that open source has the *potential* to be more secure *because* of the many eyeballs effect. That doesn't mean it *will* be, just that it has the *potential* to be.

Open Source Zealots typically won't talk about security, they'll talk about bug fixes and may be equate that to security since more bugs fixed typically will mean less potential for exploits, which is true unless there are fundamental flaws in the programming related to security.

At worse, an open source project has the same security profile as a closed source project - only the people that started the project do anything on it.
At best, a large community builds around it and thereby the many eyeballs effect can take place and the bugs found/fixed (and thereby security improved) by magnitudes higher than a closed-source project of the same initial size.

Comment Moot point... (Score 1) 211

...unless you're also going to halt *all* AI development because any automated weapon without an AI can be controlled by any sufficiently advanced AI.

For instance, all the UAVs could be controlled by an AI, thereby taking a non-AI weapon and making it an autonomous weapon. As long as you have remotely controlled weaponry and AI development - however disconnected they may be - you have the potential for an autonomous weapon that could be outside of human control.

That said, a claymore is a very simple autonomous weapon - albeit one that can be easily disabled, but it's autonomous nonetheless.

Slashdot Top Deals

Administration: An ingenious abstraction in politics, designed to receive the kicks and cuffs due to the premier or president. -- Ambrose Bierce

Working...