Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Slashdot Deals: Deal of the Day - 6 month subscription of Pandora One at 46% off. ×

Comment Re:To do list (Score 2) 289

Alternatively, you can just use AdBlock to block their AdBlock blocking.

According to this post, you can avoid their blocking by adding this custom filter:


I can't test it since they aren't blocking my ancient Yahoo mail account, but unless they're doing some heavy server-side detection, a combination of custom AdBlock filters and/or a NoScript surrogate script should take care of things. And it's just a matter of time before the former gets added to a list like Easylist's AdBlock Warning Removal list.

Comment Re:We don't need "backdoors" (Score 1) 259

Put simply, there exist plenty of systems and techniques that don't depend on a third-party who could possibly grant access to secure communications. These systems aren't going to disappear. Why would terrorists or other criminals use a system that could be monitored by authorities when secure alternatives exist? Why would ordinary people?

That's a really easy answer -- terrorists use these simple platforms for the same reason normal people do: because they're easy to use. Obviously a lot of our techniques and capabilities have been laid bare, but people use things like WhatsApp, iMessage, and Telegram because they're easy. It's the same reason that ordinary people -- and terrorists -- don't use Ello instead of Facebook, or ProtonMail instead of Gmail. And when people switch to more complicated, non-turnkey encryption solutions -- no matter how "simple" the more savvy may think them -- they make mistakes that can render their communications security measures vulnerable to defeat.

I'm not saying that the vendors and cloud providers ALWAYS can provide assistance; but sometimes they can, given a particular target (device, email address, etc.), and they can do so in a way that comports with the rule of law in free society, doesn't require creating backdoors in encryption, and doesn't require "weakening" their products. And of course, it would be good if we were able to leverage certain things against legitimate foreign intelligence targets without the entire world knowing exactly what we are doing, so our enemies know exactly how to avoid it. Secrecy is required for the successful conduct of intelligence operations, even in free societies.

Comment Re:We don't need "backdoors" (Score 1) 259

Sure. One hypothetical example:

The communication has to be decrypted somewhere; the endpoint(s) can be exploited in various ways. That can be done now. US vendors could, in theory, be at least a partial aid in that process on a device-by-device basis, within clear and specific legal authorities, without doing anything like key escrow, wholesale weakening of encryption, or similar with regard to software or devices themselves.

The point is that when US adversaries use systems and services physically located in the US, designed and operated by US companies, there are many things that could be discussed depending on the precise system, service, software, or device. Pretending that there is absolutely nothing that can be done, and it's either unbreakable, universal encryption for all, or nothing, is a false choice.

To sit here and pretend that it's some kind of "people's victory" when a technical system renders itself effectively impenetrable to the legitimate legal, judicial, and intelligence processes of even democratic governments operating under the rule of law in free civil society is curious indeed.

Comment We don't need "backdoors" (Score 3, Informative) 259

And the NYT has a new and extensive story that absolutely "mentions" crypto.

We don't need "backdoors". What we need is a clear acknowledgment that what increasingly exists essentially amounts to a virtual fortress impenetrable by the legal mechanisms of free society, that many of those systems are developed and employed by US companies, and that US adversaries use those systems against the US and our allies, and for a discussion to start from that point.

The US has a clear and compelling interest in strong encryption, and especially in protecting US encryption systems used by our government, our citizens, and people around the world from defeat. But the assumption that the only alternatives are either universal strong encryption, or wholesale and deliberate weakening of encryption systems and/or "backdoors", is a false dichotomy.

Comment Re:No problem. (Score 3, Insightful) 199

Every time Mozilla releases an update, I have to search through the config settings for new ".enabled" things to disable.

Don't forget the part where you hope to hell they haven't removed even more "about:config" settings you rely on since "nobody uses the feature we intentionally hid behind an obscure configuration setting (surprise!)".


Boot Camps Introducing More Women To Tech (dice.com) 196

Nerval's Lobster writes: A new study from Course Report suggests that boot camps are introducing more women to the tech-employment pipeline. Data for the study came from 769 graduates from 43 qualifying coding schools (a.k.a. boot camps). Some 66 percent of those graduates reported landing a full-time job that hinged on skills learned at the boot camp. Although the typical "bootcamper" is 31 years old, with 7.6 years of work experience, relatively few had a job as a programmer before participating in a boot camp. Perhaps the most interesting data-point from Course Report, though, is that 36 percent of "bootcampers" are women, compared to 14.1 percent coming into the tech industry via undergraduate programs. Bringing more women and underrepresented groups into the tech industry is a stated goal of many companies. Over the past few years, these companies' diversity reports have bemoaned how engineering and leadership teams skew overwhelmingly white and male. Proposed strategies for the issue include adjusting how companies recruit new workers; boot camps could also quickly deepen the pool of potential employees with the right skills.

Comment Re:Is it really a waste of time? (Score 1) 304

Given that C has shorthands like ++, I've always wondered why K&R chose && for logical-and and & for bitwise-and. If it were the other way around, you'd save having to write the second & most of the time since one tends to write far more logical-and expressions than bitwise-and expressions.

I was curious about that too a while back so I looked into it. Turns out that C uses & and | for bitwise operations because its predecessor B did. Why did B use & and |? Because it was derived from BCPL which used words such as and and or for bitwise, and logand and logor for logical. When creating B K&R seem to have decided to directly convert those words to their symbols, & and |. B originally had no logical operators other than not (!) with False and True being 0 and !0, which was also carried into C (later versions of B coerced the bitwise operators into a logical operation if a truth value was expected).

So why does C use && and || for logical operators? Because & and | were already taken, and from a historical standpoint && actually does save typing, since && is shorter than logand :)

Comment Re:Is it really a waste of time? (Score 5, Insightful) 304

We could say ">", "GT" or "gt", or perhaps even "greater than."

I disagree. I believe > is easier to parse while reading code since it separates it from identifiers, control statements, constants, numbers, and other keywords. It's the same reason && is better than "AND" in C syntax derivatives.

I'd be quite pleased with a language that understood all three to be the same thing, with similar broad expression capabilities for everything else as well.

Please, no. Syntactic sugar is one thing but creating multiple equivalent ways to express the same thing is just a readability, support, and maintenance nightmare.

explicit and English-like for the newcomer.

Which is how we got COBOL. It turned out that just making source code use lots (and lots) of English words isn't enough to allow laymen to understand it or make changes, so all you end up with is a language that programmers find exhausting to read and annoying to write.

Comment Re:The browser wars are over (Score 1) 140

I have now, but obviously hadn't when I posted my original comment. I saw the icon, but for all I knew it was just a custom version of ghostery that they'd added to the browser. Of course even your link says "it supports the majority of extensions published for Google Chrome", so who knows what works and what doesn't (though they do say uBlock appears to function, so that's good).

So perhaps it's on par with Chrome when it comes to extensions, but that almost makes me wonder even more what the point of Vivaldi is. Seems like it's just Chrome with an ugly theme and some built-in extensions.

Comment Re:Why does every site try to open video now? (Score 3, Informative) 134

Yeah, audio indicators are a good first step, but can we just block all auto-playing videos outright?

You can try the about:config setting media.autoplay.enabled, but that seemingly-benign feature has it's own long sad story. As of version 41 this setting finally applies to HTML5 video, preventing the video from playing unless there's been "user interaction", but it makes some sites behave a little oddly (for example, YouTube thinks the video is playing even though it's not).

Comment Re:The browser wars are over (Score 4, Insightful) 140

Especially not one that looks like the UI was designed with MS Paint. Seriously... this is what passes for a modern and aesthetically pleasing application these days?

The Notes feature sounds marginally useful, but that's already in Firefox via one of a dozen addons. Actually, all of their "killer features" exist already or could easily be implemented as addons for Firefox. Remind me again why I should change to an ugly Chromium clone without advertising or script blocking features?

Don't get me wrong -- Firefox is going to hell too, but it seems to be running a slightly slower race than other browsers. I'm not going to switch to a front-runner.

Comment Nicely done, connecting to NSA (Score 1) 139

Guess what people the NSA isn't going after with something as close-held as the linked exploit?

"Hackers, Activists, and Journos"

I know that doesn't really seem to matter to people, and that it's easier to cherry-pick contextless, misunderstood, fringe examples that are believed to prove some "point", or isolated examples of outright abuse and extrapolating, without any proof whatever, that to mean it is obviously systemic and widespread, instead of realizing that NSA's chief mission, as a foreign intelligence agency, is foreign signals intelligence collection, and that US adversaries use the same phones, laptops, networks, systems, devices, services, and providers as you.

And, stunningly, we still develop ways to actually target and collect against them.

Mind-bending, I know.

I've got a bad feeling about this.