Follow Slashdot stories on Twitter


Forgot your password?
What's the story with these ads on Slashdot? Check out our new blog post to find out. ×

Comment Re:blame the voter (Score 3, Interesting) 191

Ah. I think I see what you mean. The key phrase is "The diversity of interests represented in any large political body makes such an approach relatively ineffective" - in other words, in the US, voters in different parts of the nation may want very different things. That's much less true pretty much everywhere else in the world, which might well explain why the US system is so different.

In a pure democracy, the voters in different parts of the US would have to negotiate directly with one another. That's implausible, so you have a representative democracy, and the representatives negotiate with one another.

When you put it that way, it actually makes sense. ... it still isn't how democracy was *first* designed to work, which is what I was originally thinking of - but it seems fair to say it is how American democracy was designed to work, and that's what I should have been thinking of. :-)

Comment Re:blame the voter (Score 1) 191

No, it's not how democracy is designed to work. The decision to support or oppose a policy is supposed to be based on whether the policy is a good one, not on whether or not you can get support for one of your policies in return.

The US is unusual in this respect, I believe, though presumably not unique. Whether the more usual system (party line voting) is any better is open to question; I prefer it, but that's presumably just because it's what I'm used to.

Comment Re:Was MS wrong? (Score 1) 49

Actually the article confuses two unrelated security issues. Microsoft said they weren't planning to do anything about the counter-mitigation technique, which may allow an attacker to bypass ASLR in IE on 32-bit Windows. The cookie-stealing vulnerability will presumably be patched in due course.

Comment Re:Self-fulfilling statement (Score 1) 49

No, those are two unrelated issues. There's an exploit against IE that allows an attacker to steal localhost cookies. This affects both 32-bit and 64-bit Windows, and will presumably be patched in due course. Then there's a new counter-mitigation technique, which only affects IE on 32-bit Windows, and which Microsoft apparently aren't planning to fix. That one might allow an attacker, in possession of an exploit that potentially allows code execution, to run code when the mitigation would otherwise have made it impossible - but it is only a counter-mitigation technique, not a vulnerability in and of itself.

Comment Re:University network (Score 1) 49

These are two unrelated issues - a vulnerability which affects machines that have web servers running on localhost, and a counter-mitigation technique that affects IE running on 32-bit Windows. Those machines are probably affected by both issues, but the first will probably be patched in due course and the second isn't an exploit as such but a method of making other exploits more effective.

There are a number of mitigation techniques that either don't exist or aren't as effective on 32-bit Windows. I don't think this one is necessarily a game-changer.

Comment Unrelated vulnerabilities (Score 1) 49

The vulnerability described in the first link appears to be completely unrelated to the vulnerability discussed in the second link. One is a straightforward information exposure vulnerability, the other is a counter-mitigation technique that bypasses ASLR.

I've checked the detailed reports, too; neither "ASLR" nor "mitigation" appear in the first report, and neither "cookies" nor "localhost" appear in the second report. They're from different people and different organizations. Apart from the fact that they both affect IE, they've got nothing to do with one another.

"Bond reflected that good Americans were fine people and that most of them seemed to come from Texas." - Ian Fleming, "Casino Royale"