Forgot your password?

Comment: Re:wtf ? (Score 2) 151

by jones_supa (#46786995) Attached to: Heartbleed Sparks 'Responsible' Disclosure Debate

Newflash: The vast majority of 0-days are known in the underground long before they are disclosed publicly. In fact, quite a few exploits are found because - drumroll - they are actively being exploited in the wild and someone's honeypot is hit or a forensic analysis turns it up.

It's not that black and white. You expose the vulnerability to even more crackers if you go shouting it around like was done here.

Comment: Re:Not that good (Score 2) 151

by jones_supa (#46786975) Attached to: Heartbleed Sparks 'Responsible' Disclosure Debate

Open source only has the advantage that they will be found and published. In closed source, usually NDAs keep you from publishing anything you might come across, ensuring that knowledge about these bugs stays within certain groups that have a special interest in not only knowing about it but abusing them.

That doesn't still automatically mean that closed source fares worse in found bugs. Companies often have quite bad-ass internal quality assurance measures. They have money to put in it and, it actually produces them value. There is an incentive to do it properly. Of course the tools and methodologies vary from company to company. But let's take Microsoft: they have very rigorous code quality standards and very thorough code audits, before anything gets out from the house.

Sure, we can have lots of eyeballs scanning open source code, but there is no guarantee that a quantified amount of review ever happens. That's really, really bad.

Comment: Re:I'm unclear (Score 1) 130

by jones_supa (#46786569) Attached to: Plant Breeders Release 'Open Source Seeds'

There have been situations where a seed company was collecting seeds of traditional crops, selecting the ones with the most marketable potential, patenting and reselling them again

That is allowed with Public Domain material.

PD license basically means that you throw the product to the wilderness and dogs might shred it into pieces. :)

+ - New Facebook Phone App Lets You Stalk Your Friends

Submitted by Hugh Pickens DOT Com
Hugh Pickens DOT Com (2995471) writes "Iain Thomson reports that Facebook is adding a new application called "Nearby Friends" that alerts smartphone users when their friends are nearby. "If you turn on Nearby Friends, you'll occasionally be notified when friends are nearby, so you can get in touch with them and meet up," says Facebook in a statement. "For example, when you're headed to the movies, Nearby Friends will let you know if friends are nearby so you can see the movie together or meet up afterward." The feature, which is opt-in, allows users to select which friends get a warning that you are in the area, and prepare a subset of people who might like to know when you're near, if they have the Nearby Friends activated as well. According to Josh Constine what makes "Nearby Friends" different than competitors and could give it an advantage is that it’s centered around broadcasting proximity, not location. " If someone’s close, you’ll know, and can ping them about their precise location and meeting up. Broadcasting location is creepy so we’re less likely to share it, and can cause awkward drop-ins where someone tries to come see you when you didn’t want them to.""

The more cordial the buyer's secretary, the greater the odds that the competition already has the order.