Slashdot is powered by your submissions, so send in your scoop


Forgot your password?

Comment Re:Does anyone remember... (Score 1) 150

Yes, that's what the pharma companies want. The terms are a bit more far reaching (i.e. you must also respect US patents, including software patents). If the drugs are patented, then no producing them locally. If they actually wanted to make a difference, then they'd fund building factories in countries that don't respect these patents and mass produce them for local consumption. They'd help bootstrap the local industry and they'd end up delivering the drugs much more cheaply.

Comment Re:Better link (Score 1) 42

Please go and read what the vulnerability does. It allows unprivileged code that is able to invoke a setuid binary, to append data to a root-readable file. If you have a browser exploit that allows arbitrary code execution in the context of the browser, then you have this ability unless the browser is running in a sandbox. Safari and Chrome run most of the code in such a sandbox, Firefox does not. A vulnerability in Firefox can be combined with this vulnerability to do anything that root can do.

Comment Re:Privlege escalation exploit change looks like t (Score 2) 41

Modifying the sudoers file was only one example use for this. It allows you to write to any file that is normally only writeable to root. Modifying sudoers is a fairly simple and visible change, but modifying one of the system startup scripts that launchd runs as root would work just as well. I think it only lets you append to a file, but it would also be possible to temporarily modify sudoers, then set your worm's setuid bit and change the owner to root, then revert the sudoers change. The only user-visible thing would be the setuid bit on a suspicious binary hidden somewhere in the system (how many people check for this?). Of course, once you are root then you can do things like modify firmware and boot settings and hide inside the kernel...

Comment Re:Better link (Score 1) 42

NO, Code execution in a browser CANNOT escalate privileges.... none of those applications have sufficient rights to change the /etc/sudoer file

Way to miss the point. If they had the rights to write to /etc/sudoers then they wouldn't need a privilege escalation vulnerability. The entire point of this exploit is that it allows someone with an unprivileged account to gain root access. That said, both Chrome and Safari run the WebKit renderers in sandboxes that don't have the ability to run any setuid binaries (which this needs), so the grandparent is only partially correct: only Firefox would be vulnerable, out of the ones that he listed.

Comment Re:DC is more dangerous (Score 1) 364

DC is harder to turn off safely. A high current contactor will arc under both AC and DC - but an AC arc tends to be self extinguishing

There's also the issue of touching the live wire. If you touch a DC main, your hand will spasm and you're likely to end up gripping it. If you touch AC, then you feel a buzzing at the frequency, but it's a lot easier to pull away.

Comment Re: Nonsense (Score 1) 364

He doesn't do laundry - but the charity he donates clothes is forced to do it. He's basically pushed the environmental impact, energy and cost of laundry onto some other 3rd party

That's fairly minor in comparison with the energy cost of having a new set of clothes shipped all of the way from China every time whatever he's wearing gets dirty. Does he really think that producing new clothes and shipping them half way around the world has a lower energy cost than running a washer-dryer for a couple of hours?

Comment Re:Most global diseases involve energy and water (Score 1) 150

Even in a modern mechanised war, where you have a relatively small percentage of the population fighting, success depends on a strong economy. Russia's ability to turn on massive production of tanks in the second world war was the most obvious example of this, but even before that in the Napoleonic wars the British ability to mass-produce rifles was a key factor. Without a healthy population, you can't easily maintain the civilian infrastructure that you need to drive the war machine. The drones won't fly without working power, the operators won't make it to work without working transportation infrastructure and food distribution.

Comment Re:Does anyone remember... (Score 1) 149

This is also true of the Bill and Melinda Gates Foundation. They donate a huge amount of 'free' medicine around the world to poor countries. There's only one very small catch: if you accept the donation (which it's basically impossible to refuse when it is likely to save millions of lives in your country) you have to sign a one-sided IP protection treaty with the USA. Not pushed by the B&MGF, you understand, it's a requirement of the pharmaceutical companies providing the drugs. The fact that it happens to significantly benefit the investments of the major donors of the foundation is purely coincidental, as is the long-term harm that it does to developing economies.

Comment Re:Microsoft (Score 3, Insightful) 185

Windows Phone is pretty nice. It's main drawback is the lack of apps (which is hard to fix, as no one wants to develop for a platform with few users and no one wants to buy a phone with no software). It's main problem selling is that people associate it with Windows on the desktop, which is a usability disaster that somehow manages to get worse each version, in spite of having passed the point where people thought it couldn't get any worse some time ago.

Comment Re:steve ballmer's legacy gets one last sucker pun (Score 2) 185

Around 2005, Nokia had a shiny new kernel (Symbian EKA2), designed from scratch to scale to future mobile systems with a good security model, clean abstractions, and power management built in at all layers. It was still hampered, however, by userspace APIs that were designed for a far more memory-constrained environment. Their solution to this involved multiple phases. Their first part was to try to replace the kernel with Linux. This did not go well. They then had no idea how to design a new set of userland APIs, so they set up multiple teams internally competing. These teams were very good at sabotaging each other, but not so good at bringing a usable product to market.

Elop came in when Nokia had failed to produce anything to compete with the iPhone or even with a moderately decent Android handset. He managed to persuade Microsoft to buy Nokia for what now turns out to be a significant multiple of their real value. Of all the companies that benefitted from this, Microsoft was pretty low down the list.

"In the face of entropy and nothingness, you kind of have to pretend it's not there if you want to keep writing good code." -- Karl Lehenbauer