Become a fan of Slashdot on Facebook


Forgot your password?

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).


Comment: Probably unfixable ... (Score 1) 171

... on the Windows side. Too much stuff would break if you had to approve every server connection.

The applications that are providing the attack vector might be fixable. It isn't really a good thing for a remote attacker to be able to get your machine to try to open a file, especially a remote one. The main problem, from the sounds of it, is the sheer number of applications affected.

Reminiscent of DLL hijacking attacks, really.

Comment: Re:Systemic and widespread? (Score 1) 489

by harryjohnston (#49443629) Attached to: The Courage of Bystanders Who Press "Record"

You can't change people's behaviour with statistics, though. I really don't know whether there is any effective way to train police officers not to see themselves as at risk.

If the statistics support it being safe enough, you might be able to prohibit them from carrying handguns while on routine patrol, I suppose. I can't see that flying, though, to be honest.

Comment: Re:ESA (Score 2) 153

I have to wonder why there was no class action lawsuit (or was there?) over this.

But yes, you shouldn't need a lawsuit. In New Zealand the consumer guarantees act should apply, though I have no idea whether anyone tried using it to obtain a refund. I don't imagine we're the only nation with a similar law.

At an absolute minimum, they should be obliged to grant permission to third parties wanting to provide ongoing support if they are unwilling to do so themselves.

Comment: Contract details? (Score 1) 100

by harryjohnston (#49442641) Attached to: Apple Leaves Chinese CNNIC Root In OS X and iOS Trusted Stores

IIRC, when Google announced that they were removing the certificate, they referred to specific terms in CNNIC's contract with them that had been violated. Not sure about Mozilla.

Does CNNIC have similar contracts with Apple and Microsoft? Do they have similar terms? It occurs to me that they might not be as rigorous, because they might have been drafted several years earlier than Google's one - seeing as Chrome is a relative newcomer.

Comment: Re:Apple is not providing security updates in gene (Score 1) 100

by harryjohnston (#49442623) Attached to: Apple Leaves Chinese CNNIC Root In OS X and iOS Trusted Stores

Meantime, I can run a supported version of Windows on PCs, even laptops, that are 10+ years old. (If I need to, I mean. Linux would be my first choice for performance reasons.)

But if you're rich enough to buy a Mac in the first place, you should be able to afford to replace it every few years, IMO.

Comment: Re:Remind you of anything? (Score 1) 198

MS included non-core calls in their implementation of Java and put it in the library set

Exactly. In other words, it was a non-compliant implementation.

Now, however, Microsoft are insisting that nobody create non-compliant implementations based on their work - just what they did to Java - and (I suspect) many of the same pundits that decried Microsoft back then are now saying that it's not a reasonable restriction.

Comment: Re:Explain this to me. (Score 1) 148

by harryjohnston (#49360181) Attached to: First Nuclear Power Plant Planned In Jordan

So ... now the Americans are a trustworthy source? You might want to make up your mind about that.

(Never mind that that quote merely claims that they had stopped their program for the time being, which is entirely plausible. Doesn't mean they can't start up it again if we let them get away with it.)

To spot the expert, pick the one who predicts the job will take the longest and cost the most.