Forgot your password?
typodupeerror

Comment: Also disable Safari's 'Open"safe" files. (Score 4, Informative) 306

by landonf (#28023161) Attached to: Mac OS X Users Vulnerable To Major Java Flaw

In addition to disabling Java support, Safari's 'Open "safe" files after downloading' must also be disabled to prevent websites from automatically loading a Java WebStart application via a JNLP file.

I've also posted a demonstration of the vulnerability at http://landonf.bikemonkey.org/code/macosx/CVE-2008-5353.20090519.html

Privacy

Wiretapping Program Ruled Legal 575

Posted by CmdrTaco
from the can-we-rule-the-ruling-illegal dept.
BuhDuh writes "The New York Times is carrying a story concerning that well known bastion of legal authority, the 'Foreign Intelligence Surveillance' court, which has ruled that the National Security Agency's warrantless eavesdropping program was perfectly legal. It says, 'A federal intelligence court, in a rare public opinion, is expected to issue a major ruling validating the power of the president and Congress to wiretap international phone calls and intercept e-mail messages without a court order, even when Americans' private communications may be involved, according to a person with knowledge of the opinion.'"

Comment: Re:Mix Fun and Fair (Score 1) 262

by landonf (#26303431) Attached to: Getting Started With Part-Time Development Work?

Instead, look at fairsoftware.net (hey, if I invented it, I can brag about it). You won't earn immediate cash, instead you'll be getting equity into whatever fun software project you find. Or start your own and get more geeks to join you, also for revenue share, not upfront cash.

This is very, very cool.

Do you have any plans to support existing legal entities using FairSoftware? This would provide us with a low-friction approach to collaboration, allowing trust and more permanent relationships to form organically between independent contractors and our organization.

Also, do you have any thoughts on models where external billing is required, such as the iPhone App Store? Serving as a publisher could be one option here (and would be a fairly significant advantage given the difficulties individuals often have dealing with the app store). That's something I'd definitely be interested in collaborating on.

Lastly, a related project -- have you seen One-click Organizations? The information was here, but the the webhost has gone kaput today, so here's the Google Cache version

Comment: Re:Developer=Engineer (Score 1) 465

by landonf (#26184521) Attached to: Hardware Is Cheap, Programmers Are Expensive

Commenting to remove accidental redundant moderation. It's right next to "Insightful".

Sorry!

Since I'm here -- I've always though that the "hardware is cheap, programmers are expensive" position presented a false dichotomy: a choice between achieving passable performance through good design, versus optimizing for developer efficiency. Efficient use of resources and ease of development are not mutually exclusive.

Comment: Re:Java, Java, Java, Java, (Score 1) 136

by landonf (#25597671) Attached to: Motorola Moving to Android, Windows Mobile for Smartphones

Modern mobile devices have fast CPUs yet very limited RAM. And no swap.

They have faster CPUs than they used to. The CPUs are still not "fast".

I spent the last week implementing, profiling, and improving up disk-backed image caching with a front-end LRU memory cache for the iPhone, and experimenting with offloading batch image processing off to a OpenGL FBO. Doing image interpolation while scaling is so expensive on the iPhone's relatively fast CPU that it's absolutely necessary for me to cache thumbnails.

The cache implementations themselves had to be highly optimized in order to pull images off disk fast enough to run inside of a tight animation loop, while also supporting a background thread rendering of not-yet-cached thumbnail images and saving to the disk cache.

I can't even fathom writing this in Python. Any spare CPU I have, I put to good use -- there's absolutely none available to spend on a slow interpreter, even for non "performance critical" parts. If there's a non-performance critical code path, then I can always use any available CPU time to do more background work and achieve better perceived UI performance.

Image

Bottom of The Barrel Book Reviews-Confessions of a Recovering Preppie 228 Screenshot-sm

Posted by samzenpus
from the terminal-case dept.
An anonymous reader writes "Michael de Mare's, Confessions of a Recovering Preppie, has been sitting on my desk a long time, for good reason. They say you can't always judge a book by it's cover but in this case, the unintentionally embarrassing front is perfect. Confessions is a painfully ordinary collection of college stories. Michael seems to have a different definition for the word preppie than the good people at Webster or I do. Even though the author specializes in cryptography, he seems unable to decipher any social situation, himself or the code to writing a book worth reading. Click below to see how confusing it gets.
Mozilla

Firefox SSL-Certificate Debate Rages On 733

Posted by kdawson
from the four-screens-i-mean-really dept.
BobB-nw points out the ever more raucous debate over the way Firefox 3 handles self-signed certificates. The scary browser warnings have affected a number of legitimate sites (such as Google AdWords and LinkedIn) that didn't renew certs in time. Lauren Weinstein loudly called attention to the problem early in July. "If you visit a website with either an expired or a self-signed SSL certificate, Firefox 3 will not show that page at all. Instead it will display an error message... To get past this error page, users have to go through four different steps before they can access the website, which from a usability standpoint is far from ideal. This way of handling websites with expired or self-signed SSL certificates is bound to scare away a lot of inexperienced users, no matter how legitimate the website is."
Encryption

When Is a Self-Signed SSL Certificate Acceptable? 627

Posted by kdawson
from the how-about-never-is-never-good-for-you dept.
UltraLoser writes "When is it acceptable to encourage users to accept a self-signed SSL cert? Recently the staff of a certain Web site turned on optional SSL with a self-signed and domain-mismatched certificate for its users and encourages them to add an exception for this certificate. Their defense is that it is just as secure as one signed by a commercial CA; and because their site exists for the distribution of copyrighted material the staff do not want to have their personal information in the hands of a CA. In their situation is it acceptable to encourage users to trust this certificate or is this giving users a false sense of security?"
Politics

Ralph Nader Might Announce Run For President 333

Posted by kdawson
from the third-time's-the-charm dept.
SonicSpike writes "According to the AP, Ralph Nader could be poised for another presidential campaign. Nader will appear on NBC's 'Meet the Press' tomorrow to announce whether he will launch another White House bid. Nader kicked off his 2004 presidential run on the show. Kevin Zeese, who was Nader's spokesman during the 2004 presidential race said, 'Obviously, I don't think Meet the Press host Tim Russert would have him on for no reason.'"
Technology

MIT Offers City Car for the Masses 290

Posted by ScuttleMonkey
from the popeil-pocket-car dept.
MIT's stackable electric car, a project to improve urban transportation will make its debut this week in Milan. "The City Car, a design project under way at the Massachusetts Institute of Technology, is envisioned as a two-seater electric vehicle powered by lithium-ion batteries. It would weigh between 1,000 and 1,200 pounds and could collapse, then stack like a shopping cart with six to eight fitting into a typical parking space. It isn't just a car, but is designed as a system of shared cars with kiosks at locations around a city or small community."
Utilities (Apple)

+ - Adium code forked over Leopard Dispute->

Submitted by admiralfrijole
admiralfrijole (712311) writes "Earlier this week, several people opened tickets against Adium crashes occurring in the latest Leopard Beta, which started a veritable firestorm of controversy that included discussions of GPL violations, disabling features, and quite a spat across no less than 3 different IRC channels.

Today, one of the people who filed a ticket and was told that it would not be fixed until Leopard ships announced on his blog that he, and several other unnamed individuals, have forked Adium to create A.org."

Link to Original Source
The Internet

Best Buy Acquires SpeakEasy 285

Posted by Zonk
from the who-owns-your-isp-today dept.
spazimodo writes "From the announcement e-mail from Speakeasy CEO Bruce Chatterley: 'I am pleased to announce that Speakeasy has been acquired by Best Buy, an innovative and growing Fortune 100 company and the top consumer electronics retailer in North America. This is a significant milestone for our company as our new relationship will help us realize our goals of becoming the No. 1 provider of voice and data solutions to small businesses. It is important to note that though Speakeasy will now be a wholly owned subsidiary of Best Buy, we will continue to operate as a standalone, independent operating division with headquarters in Seattle.' As a longtime Speakeasy customer, it's too bad to see their business moving in this direction. Back in the day when I called up their support with a problem, and mentioned I was using an OpenBSD box as a firewall/gateway the response was: 'cool!' — slightly different from the response Comcast or Verizon would give. I can't imagine they'll be able to maintain that independence, and there's no way I'm paying a premium for Internet service to Best Buy."
Security

Wordpress 2.1.1 Release Compromised by Cracker 48

Posted by Zonk
from the not-my-emo-comments-and-angsty-statements dept.
GrumpySimon writes "The recent 2.1.1 release of the popular blog software Wordpress was compromised by a cracker who made it easier for to execute code remotely. This is interesting because the official release was quietly and subtly compromised, and has been in the wild for a few days now. There's no word on if any affected sites have been compromised, but anyone running Wordpress is urged to upgrade to 2.1.2 immediately, and admins can check their logs for access to 'theme.php' or 'feed.php', and query strings with 'ix=' or 'iz=' in them."

Natural laws have no pity.

Working...