Follow Slashdot stories on Twitter


Forgot your password?
For the out-of-band Slashdot experience (mostly headlines), follow us on Twitter, or Facebook. ×

Comment: Re:No More Bennett (Score 2) 186 186

Brute forcing your own account isn't banned. But it's not rewarded, either. That's what the "If you believe you have found a method to conduct a brute-force or code injection attack, please report it to us without testing it." bit of the rules means.

In other words, no, Bennett, you did not outsmart those meanies in charge of making the rules of this bug bounty system. Your hack wasn't particularly clever, so doesn't get rewarded as if it were. However, the bug report itself is probably valid, and United obviously has some fixing to do. (No failed-PIN limiter? The 1970s called; they'd like their input validation methodology back.)

Comment: Re:Illogical (Score 1) 207 207

I'm going to go one step beyond.

I'm going to market a homeopathic router. Radiated power measured in femtowatts, properly diluted with open air and succussed* correctly, will have an effective wifi range measured in light-years. I figure a good 30C dilution will work fine.

(BTW, if the user doesn't get the proper range from the device in use, it'll be because they didn't hit the router correctly.)

Problem, wifi router market?

Comment: Hopefully, the old pre-opt-out will work (Score 5, Informative) 328 328

In Windows, use the Java Control Panel and select the "Advanced" tab.

At the very bottom of the list, completely out-of-sight unless you scroll aaaaaaal the way down, in a category called "Beware of the Leopard"... no, sorry, I meant "Miscellaneous"... there's a checkbox labeled "Suppress sponsor offers when installing or updating Java".

Of course, by default it's not checked. Because money.

But check it and apply or "OK" the settings change. In the current implementation, this prevents bundling the malware with Java upgrades -- it's a pre-opt-out, and you never have to think of it again. (At least, until Oracle decides the option should auto-magically unset itself when the user's not looking. Because money.)

Assuming this option continues to exist in future Oracle Java versions and is honored for the Yahoo tie-in, this would alleviate the pre-opt-in crapware issue. Big assumptions, of course, because Oracle.

(Or alternately, don't install Java if you don't actually need it. Or install OpenJava rather than Oracle's.)

Comment: Re:So? (Score 1) 180 180

I think Putin is capable of being photographed climbing onto a T-72 flying the Russian flag, surrounded by Russian soldiers while standing in front of the sign that says "Welcome to Donetsk, Ukraine! Population 944,000" while explaining to a NY Times correspondent that no Russian troops are in Ukraine.

And do it all with a straight face.

You ever noticed you never see Vladimir Putin and the Iraqi Minister of Information together at the same time? Hmmm....

Comment: Re:Don't worry, they'll try again (Score 2) 229 229

It'll take "canaries" inside of the system though to draw attention to it.

Next up: NDAs integrated into contracts that prevent disclosure of this kind of termination/outsourcing, on penalty of immediate termination for cause and no severance.

The next time Disney does this, it'll take more than a canary: it'll take a whistle-blower willing to eat the personal consequences. Because in Disney management's mind, they "would have gotten away with it too, if it weren't for those meddling kids!"*

*yeah, I know, that's Hanna-Barbera, not Disney.

Comment: Re:Wait a friggin minute... (Score 4, Interesting) 180 180

I'm a veteran too. I'm coming to the conclusion that OPSEC is dead, because social media guarantees the loosest lips in history.

The only way to "fix" this is either submitting social media participation of military personnel to military censorship, or a strongly enforced ban on military member participation in social media.

Which, I suspect, wouldn't work.

Comment: Re:Is there a site maintaining a list of "bad" SSD (Score 5, Informative) 182 182

ObPedant: those aren't regexes, they're globs. Otherwise (for instance), the Samsung entry would match

Samsung SSD<space>
Samsung SSD<space>8
Samsung SSD<space>88
Samsung SSD<space>888

ad nauseam: the "*" regex operator means "zero or more occurrences of the previous pattern", which in this case is the character "8".

At least, I hope they're not supposed to be regexes. Otherwise, the kernel blacklist itself will have some serious issues known-bad SSDs because someone never learned how to create a regular expression.

Comment: Re:But Motorola did it. (Score 3, Interesting) 33 33

But Motorola did it. (Ducks.) (Ducks 65 more times.)

But the history of Iridium tells a tale that Google appears to have listened to.

It's 66 satellites, not 77 (the actual atomic number of Iridium, the purported reason for the name) because 66 satellites are cheaper to launch and maintain than 77. And still, the company went bankrupt because they couldn't get customers willing to subscribe to the service. And the successor company depends on the US DoD as a major customer -- 23% of their 2012 revenue. That's quite a lifeline -- not one I envision Google's corporate culture rushing out to embrace.

The technical challenges aren't hard, notwithstanding the validity of the "it's rocket science" jokes. The financial and market challenges are the real ones. It's not the same as sticking a website out there and labeling it "Google Foobar (beta)". It makes money from Day One or it gets the hose again.

You will have many recoverable tape errors.