Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?

Comment Re:what a moron (Score 1) 64 64

Read: he should point out our faults then just let us take whatever revenge we feel like.

Or more likely, hide what he has to say, tell him he'll go to prison for the rest of his life if he tells, and then do absolutely nothing differently.

So, he had the choice, be silenced and live in fear in the US ... or not be silenced and live in fear somewhere else.

But there is no way in hell if he'd brought these concerns though "proper channels" a damned thing would changed.

They just got embarrassed when the truth came out. They only really care about the fact that people found out, not what they did.

There is no way he could have achieved a damned thing by doing anything other than release this stuff.

She is a total moron. How do such people ever get such responsible jobs?

The scary thing is there's lots of people willing to be fascists because they think it's OK. The justification is "I can do anything as long as I say I'm doing it to defend my country", even if they're undermining everything worth defending about their country.

The sad thing is, apparently a lot of Americans would agree, and believe security at any cost is an OK thing.

Comment Re:unless you need it wait... (Score 1) 82 82

Oh, don't misunderstand me ... I know people do need this stuff when it's fresh and steaming, and have no choice.

I'm saying that, in general, as a change management strategy, taking the first day release of a fix has been demonstrated to be a terrible idea. Over and over and over by pretty much every software vendor.

Many of us support production machines and mission critical things, which means there's no way in hell we'd apply these on the day they get released.

What really annoys me is Microsoft's increasing push to force people to take those updates on day one, and be stuck with the consequences of that.

So, imagine a world in which some poor schmuck is running the version of Windows 10 which doesn't let you defer updates. When Microsoft pushes this crap out, suddenly a huge amount of people have broken systems. Microsoft isn't going to pay to fix that. Microsoft isn't going to have to deal with the consequences of the outage.

So, the general advice of "if you don't absolutely need this on the day of release, wait" is the best strategy if you can't be on the bleeding edge every day Microsoft has a new fix.

Microsoft seems bent on taking that away. And that, in my opinion, is idiotic and dangerous.

If you need to be on the cutting edge, you should probably be taking your own steps to recover from that. Mine is let everyone else test first. ;-)

Comment Re:No Compromises (Score 1) 94 94

Well, honestly, given that people make bluetooth keyboard cases this is fairly trivially solved if you care enough.

Maybe phone companies figure the accessories market can solve this problem?

I'm willing to bet it's a smaller amount of people who want a physical keyboard than those who don't. In which case, you're not a profitable enough segment for the companies who make phones, but an excellent niche market for people who make accessories.

It's not like you can't have what you want now, you just won't get it from the main companies selling phones.

Comment Re:unless you need it wait... (Score 1) 82 82

There's a massive difference between knowing there are likely bugs in your software and believing that the day a fix or patch comes out it doesn't introduce new issues.

Microsoft, and pretty much every other software vendor I've ever seen have demonstrated time and time again that they're incapable of releasing updates without breaking something else.

So, we let the reckless and the silly be the beta testers, and wait until the dust settles. And, that's fine, because we can simply choose to wait to apply the fix for a while.

Microsoft wants to go to a "break first and fix it later" approach, and that's just asinine. Because it isn't their computers which will be broken in the meantime.

Sometimes you just have to ship the product.

Sure you do. But don't be surprised that your users refuse to be your beta testers and wait for more people to do that. Your QA is your problem, and I have no intention of making it mine.

The people who go "oh, boy, a brand new update" provide the valuable service to the rest of us of being test subjects. And they can live with the consequences.

The rest of us, well, after the first bunch of times we've learned our lesson.

So, be my guest. Run through the fresh steaming shit with reckless abandon. But I won't. Because I've seen Microsoft updates be broken upon release quite a few times, as I have from pretty much every other vendor.

Comment Re:Change Is Life (Score 2) 82 82

You know, if Microsoft changes the library in place and breaks it ... I don't blame professional developers at all.

I blame whatever idiot at Microsoft was responsible for not fucking breaking existing stuff.

This is just lousy QA.

I feel bad for anybody who is going to be the victim of Micrtosoft's idiotic policy of deciding it's their computer and they'll update it as they see fit. Because it is a certainty Microsoft will break a large amount of computers and leave that to be the problem of the people who own it.

And, I'm sorry, but if Microsoft is going to force updates and break machines, they should be charged under the computer fraud and abuse act, or whatever it is.

Because this is pretty much damaging other people's property, and shouldn't be legal just because some asshole at Microsoft updated an EULA which says they're allowed to do this.

Comment Re:unless you need it wait... (Score 1) 82 82

So to your point, taking a .0 release from any vendor is risky but if you have to have it, you have to have it and learn to deal with the consequences.

Why, yes, I even said that

My experience says taking a day 1 anything from Microsoft is a recipe for disaster. In fact, taking a day 1 from anybody is.

I don't care who you are, I simply do not trust your fresh release of anything, I do not wish to fix your mistakes, and do not believe over time you'll be awesome at not breaking anything ever. In fact, I think that's impossible to do 100% of the time.

Not now, not ever. Because many many years of doing change management has told me that would be stupid and reckless, and I don't work in places which are willing to do that.

Unfortunately, Microsoft seems to be trying to go down the route of pretty much forcing as many people as possible to get the updates immediately.

Either because they're arrogant morons, or they figure it's just easier if everybody else does their beta testing.

There isn't a software vendor on the planet I would accept a first day release from. And I've seen far too many day 1 mistakes from Microsoft and other vendors to ever change that.

Comment Re:Who cares? (Score 4, Interesting) 82 82

Why is the story of Slashdot being sold not on SLASHDOT!?!?!?

Well, ignoring the rest of your comment, this is actually worth highlighting.

The Company acquired Slashdot Media in 2012 both to provide the Dice business with broader reach into Slashdot's user community base and to extend the Dice business outside North America by engaging with SourceForge's significant international technology user community. The Company, however, has not successfully leveraged the Slashdot user base to further Dice's digital recruitment business; and with the acquisition of The IT Job Board and success of Open Web, the anticipated value to the Company of the SourceForge traffic outside North America has not materialized. The Company now plans to divest the business, as it does not fit within the Company's strategic initiatives and believes the Slashdot Media business will have the opportunity to improve its financial performance under different ownership.

Good riddance, dice.

Sorry we couldn't help you leverage your synergies.

Actually, we're not sorry at all.

Comment Re:unless you need it wait... (Score 2) 82 82

Which is the problem with Microsoft trying to force people to use it, and deciding they're going to be forcing updates.

They're saying they're doing it for security, but time and time again Microsoft has demonstrated they're not trustworthy in their updates.

My experience says taking a day 1 anything from Microsoft is a recipe for disaster. In fact, taking a day 1 from anybody is.

Microsoft is basically breaking first and fixing later. The problem is it isn't Microsoft's stuff which ends up broken, and bad release engineering is costly to companies.

Sorry, but Microsoft hasn't demonstrated we should ever trust them with continuous releases. They've demonstrated the opposite, in fact.

Comment Re:No Compromises (Score 1) 94 94

What are you, some kind of masochist? Why would you want a smartphone that can only actually work as a smartphone when you have wifi? That would drive me crazy - and it almost has several times while traveling.

Honestly, because I don't use those features, and don't care about them.

For the overwhelming majority of the time, my phone is used minimally except for calls and texts. I'm not using it for conference calls and emails .. that's the last thing I want.

And, like my tablet, I only use internet features when I'm near wifi. I usually find what I need before I travel and keep it available offline.

Not all of us care about being constantly connected to the intertubes. I don't need to access the internet while I'm in the grocery store, and I don't care to have my phone telling advertisers everywhere I go.

I'm not a masochist, I'm just old enough to view the internet as something which I don't need constant access to, because it used to involve phones and modems.

Hell, when I download a game to my tablet, the first thing I do is turn off wifi and run the game ... if it bitches that it wants access to the internet, I delete it.

You would be amazed at how many people do not feel the need to be constantly checking their email and other stuff online.

You use it how you want to, and I'll do the same. For me, I don't see any pressing need in having an internet connected device at all times.

Comment Re:If you have physical access... (Score 1) 68 68

So what?

Ever hear of Stuxnet? Do you know it was largely spread with infected USB drives?

It's not like there has never been a situation in which someone has gotten malware installed through this kind of thing. And once you know you have the exploit, you can start figuring out how to get it there.

Security tends to fail when humans are involved, because sooner or later someone messes up.

History has told us repeatedly that this is achievable without ever actually needing to have physical access yourself, you let the target do that for you.

Comment Re:No Compromises (Score 3, Insightful) 94 94

I actually want a real, physical keyboard but I know that's simply not in the cards.

I figure by the time you have a fairly large touch screen an physical keyboard is just bulk ... and can probably be done with Bluetooth anyway.

I've actually found the Google keyboard which lets you type by dragging your finger over a virtual keyboard is almost as fast as a real keyboard

They're doing it to force consumers to buy new phones in a couple of years

Or they're trying to keep costs down and cover "most" of the market instead of all of it.

Comment Re:If you have physical access... (Score 1) 68 68

Or, conversely, if your machine never has any data which comes in or out, then you somehow have created a perfect closed system which has all the information it ever needs and can never be updated.

In which case it's probably useless.

Air gapped doesn't mean you never periodically put in new data or extract results, it means you don't have it connected to anything.

If you never add new data, and you never extract any, your computer is probably doing a really damned boring task which probably doesn't need to be air gapped in the first place.

If you put a computer in a secure room, and hermetically seal it so you can never do anything with it, you might as well turn it off while you're at it. If you're doing something so mundane as to know it will never ever need updating, then print out everything it can ever tell you and put it in a damned book.

Because it will never ever tell you anything you don't already know.

Comment Re:No Compromises (Score 1) 94 94

Well, 64GB of internal storage is a fair bit, but yes, it's cheap to add one ... I don't give a damn about Wireless charging ... the speakers I need enough to use it as a speakerphone, so I'm not sure ... I actively don't want any fscking NFC ... I have dedicated cameras for real work, and I'm meh about the battery (since I've never removed the battery from my current phone so it's not like I'd be missing anything).

I'm starting to be in the market for something to replace my aging phone, and really don't want to buy a carrier locked phone, especially since I don't want a data plan and carriers won't give you those phones without one. My phone needs to text and make calls, and use wifi from time to time.

The existence of (somewhat more) affordable phones not tied to a carrier sounds appealing.

For some of us, those missing features aren't that big of a deal. And since I have no intention of ever using my phone with a tap-to-pay, the absence of NFC is a bonus.

Will this phone cover the wishlist of everybody? Of course not. Will it suffice for a lot of people? Absolutely.

Comment Re:If you have physical access... (Score 4, Insightful) 68 68

It requires someone to have access, but not necessarily you.

Say I know every Tuesday you need to transfer data to your air gapped computers. Now, assume the source of that data is somehow less secure and I can target that. Now, the person who is supposed to be in there is the only one who ever is, and unknowingly transfers the appropriate code to get into your systems.

See, the thing about security is that it's only as strong as the weakest link. If there is ever any data transfer in or out of your secure system, that becomes the weak link.

With some cleverness and patience, it is entirely possible this can be done entirely remotely, with all of the physical access being done by trusted people. And then your assertion about needing physical access becomes provably false.

Assuming your air-gapped machine periodically needs new inputs, and assuming you don't have people type that in from paper copy ... then however you get stuff on or off that computer is the thing you target.

Sure, the guys with guns and video cameras won't let me into your secure room. But they do let someone in. And that someone can be made to be unwittingly do your dirty work.

I don't think my scenario is even remotely implausible. If you have enough motivation, patience, and resources, you can accomplish an awful lot when it comes to bypassing security. And most nation states have all of those things, and lots of people actively working on it.

If you have to ask how much it is, you can't afford it.