Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror

Comment: Re:Plant? (Score -1, Troll) 361

by ledow (#49749831) Attached to: How Java Changed Programming Forever

Because Chrome is turning Java off and they're trying to make sure other browsers don't follow suit.

Seriously, I see no NEED for Java any more. I probably have more Silverlight things I like to use than I do Java, and neither are vital any more.

And the sooner we get out of the mindset of ancient-java-plugin being accepted as "more secure" for banking etc. the better. Hell, I remember the early days of the secure web where if you couldn't afford SSL, you pushed the transactions through a "secure" Java app.

What do you NEED Java for nowadays? What do you NEED enough of it to justify a control panel icon, background services, etc.? Basically nothing. As such, Java is dead in the water, and a major browser ditching it could be the end.

However, as some of the comments on here show, it won't be missed.

It does make me wonder, however, quite what Oracle have left - Java is dead, MySQL is dead, OpenOffice is dead, etc. Seems like they bought these things, did nothing with them, then let them all die (some quite publicly) and gained nothing by it.

I can only imagine they thought there was a lawsuit or patent in there that was worth billions. Maybe that was the impetus for the whole Java/Dalvik thing? All that did was kill off Java and its derivatives even more.

So they have to find some news to keep the name of the language alive.

Comment: Re:If that's possible, then it isn't encryption. (Score 4, Informative) 90

by ledow (#49749751) Attached to: Factory Reset On Millions of Android Devices Doesn't Wipe Storage

Indeed - the whole point of full-disk encryption is that "reset" really consists of "zero the place where the master key was stored, which was encrypted by the user passphrase".

Do that, and do that effectively, and you don't have to touch ANYTHING else - it all becomes random gibberish without a valid key. It could literally mean just keeping a couple of hundred bytes of RAM in an EEPROM and then destroying it on "factory reset".

For convenience of detection, however, you may want to zero the first few sectors of the storage so that filesystem probes see it as "no filesystem" rather than as random gibberish. But that's got zero impact on the data that WAS within it.

There's a reason that everything before 4.4 was third-party encryption and untrusted. There's a reason that proper, system-level full storage encryption (including SD card encryption) required changes to the OS. Since then, however, you just need to make sure nobody has your passphrase to stop them getting into your device. Then make sure that nobody has the passphrase-encrypted key blocks at the beginning of the disk (usually) and the data is nothing more than random gibberish.

About the only thing needing a complete wipe of all data is really if you're put into duress to provide a key (which would obviously then provide the data) or if a key is discovered and someone wishes to prove that you DID hold the key / data (by provably decrypting with that key to show that it must have been the right one and, maybe, therefore that you had knowledge of it).

Wipe the key-block, and the encrypted data is basically undecryptable. Same way TrueCrypt etc. work. And even though your passphrase may only be 10 characters, the key block might well be hundreds of bytes long and THAT's what actually has to be decrypted first in order to get the real key to decrypt the rest of the data.

Comment: Re:Cost (Score 1) 131

by ledow (#49749397) Attached to: Pre-Orders Start For Neo900 Open Source Phone

Erm.... yes?

www.youtube.com/watch?v=lPjrRNlTmPU

A quick Google just now shows that just about any Samsung device from the Galaxy Fit to the Ace to the main phones has ALREADY had some distro retro-fitted to it. Android IS Linux, it's just that the interface isn't Gnome or KDE and the application format isn't ELF binary but Dalvik etc.

It's just an ARM device. As such, running a mainstream distro on a Galaxy device is probably orders of magnitude EASIER than pissing about trying to build a board that fits into an old case... and gives you the same result if you bother to tinker with it (or if there's a single project in the world that's already tinkered with it for you to customise to phone).

In the same way, I can emulate almost any Android phone with VirtualBox etc. setups on my PC - they are just standard ARM Linux devices at the end of the day.

The iPad? I'm completely anti-apple but there's no reason why not, but I imagine it would be much harder work.

But running a Linux distro on a Samsung phone?

1) You already are, it's just been pared back to the phone basics.
2) Yes, you can already do exactly that.

One Google it took and DOZENS of projects popped up that have done exactly that.

Comment: Unintended consequences (Score 5, Insightful) 87

by ledow (#49749305) Attached to: NSA Planned To Hijack Google App Store To Hack Smartphones

And, since then, almost every Internet service I use has started bringing their stuff out of the US. Not saying that makes us "hack-proof" (not least from our own intelligence agencies) but businesses can't do business with other governments or even large corporations if this kind of thing is suspected to be going on.

Every week or so, another large company tells me that they've pulled all their EU users and their data to their Ireland datacentre so that only the US people's data can be "collected" by the US authorities and otherwise the NSA are just the same as any other foreign hostile entity trying to get into their systems.

DropBox was the latest one I got an email from. The government and education services already do everything in-EU anyway because of a lovely thing called the Data Protection Act (which the US really needs to start adopting its own version of), and now even people's photo-sharing sites are doing the same because they just don't want this kind of stuff reflecting on them because they happen to do business in the US too.

Tell me, people, if China were doing this everybody would be up in arms. But because it's the US, it's okay?

All they've done is made everybody go from "Maybe the NSA could do this if they wanted" to "We have to assume they are doing this, all day, every day, no matter what the law says", move their data abroad, and massively increase awareness of security and encryption.

Hell, I'm now suspicious of Elliptic Curve, especially if it relies on published curve parameters rather than them being an inherently configurable part of the exchange (like Diffie-Helman - agree on a curve that nobody has used before but has certain properties and then use that as the basis for encryption) - I have a feeling that all the push to move on COULD be a cleverly orchestrated move to something such agencies "approve" of in secret even if they say it causes them problems in public.

When you think the trick is happening, maybe it's already been done...

Comment: Re:Cost (Score 0) 131

by ledow (#49749099) Attached to: Pre-Orders Start For Neo900 Open Source Phone

0.5Gb internal storage. The Galaxy phone I point at can put a microSD in too - it's not quite the same as saying that it's got that as primary internal storage. And that Galaxy has 1Gb internal storage. My point is that YOU pay for the microSD. The device INCLUDE the internal storage in the price. And you get less with this device, for more cost.

And again, my point is cost. If you can get off-the-shelf components to do something similar for VASTLY reduced prices, then you have to wonder what you're paying for. If you can get a Samsung phone - with roughly the same makeup and components for 1/5th the price, and if you can build stuff with similar chips for similar purposes (even including LCD touchscreens, etc.) that use open-standards to communicate and no "hidden firmware" for a pittance - again, what are you PAYING for with this device?

This isn't how much things like this cost, clearly. Maybe the BOARD is more expensive, as it's custom. Maybe a PARTICULAR screen is more expensive as it's in limited supply. But the overall device? It's a bog-standard phone. Quite what "unfree" firmware does a commercial device like a Galaxy have once you've rooted the Android install on it? Pretty much the same as this device - the GSM chip will have a proprietary firmware to ensure radio compliance.

And if not, how much would it cost to replace, say, the GPS functionality on the Samsung with an "open" replacement? Again, nowhere NEAR the cost of this device (which is basically doing something similar by relying on the manufacturing for a previous device to provide the baseline).

In runs of one and tens, yes, maybe this price is reasonable. In runs of 100's and 1000's - no.. it's really not. Not in the age of ubiquitous fast low-power common-bus chips for all these functions.

This reminds me of the open-graphics-card initiatives. The time spent on starting from scratch (and inevitably relying on some closed piece of hardware at the end anyway) means that by the time it comes along few are interested, the costs are enormous, the parts are hard to obtain and the device quickly becomes obsolete (the project that springs to mind was still advertising PCI-only functionality just a year ago, not even PCIe). And it's based on FGPA's that you have to buy from a commercial vendor that doesn't publish their designs...

I'm a purchaser of niche products. I have a GP2X and some of its predecessors and successors, I programmed for it, it was built in tiny runs, cost more than equivalents, and was quickly obsoleted by commercial devices but it was "open" - it was ARM chips with a Linux install that you could code down to the bootloader.

5 times the cost of a (pretty expensive) commercial device that does the same and has the support of a major international company is a lot to ask for a niche product that doesn't do anything "special" (any Android machine, by definition, could run a plain Linux install if you so wanted to do that), is reliant on finding parts from old phones, and needs a tiny production run meaning you probably can never get the parts for it again if it goes wrong.

I'm not against the idea, here. I'm against the execution. There are cheaper phones that have bog-standard hardware that you can replace any firmware with open-firmware if you needed to (or even the entire functionality of that particular feature with another free equivalent) and put them in a case. In fact, here, the case is the CHEAP part. That's the part you could easily redesign to shove any board taken from a phone into. The electronics for a hobby project, however, is never going to get near the cost, reliability, even safety of a commercial product re-purposed.

The ideal isn't mine, particularly, but the execution seems incredibly poor is that's the closest you can get to price-point. Double-the-cost, maybe. FIVE TIMES is ludicrous.

Comment: Cost (Score 5, Insightful) 131

by ledow (#49743809) Attached to: Pre-Orders Start For Neo900 Open Source Phone

"According to current calculations, the cost of the motherboard should be somewhere around 990 EUR. The complete device will cost about 150 EUR more, depending on prices and availability of N900 spare parts."

Holy cow, freedom (at least partial freedom) comes at a seriously hefty price. That's five times the cost of a half-decent Samsung Galaxy (S4 or S4 Mini, not network-locked), where I'm from.

And for 1GHz, 1Gb RAM, 0.5Gb storage. That's not even close to the spec of the above Samsung.

Pay five times the cost, get less back, and the possibility of component shortage making repair/replacement impossible.

How do this stack up against the $9 CHIP project, etc. with its processor? I can build a GSM "phone" with Wifi, SD, touchscreen etc. from Arduino shields for way, way, way less than this costs on top of that.

I mean, for God's sake, they've bothered to put IrDA and FM radio on it!

Niche doesn't even begin to cover it. When you're more expensive than Apple, and can't do anywhere near as much, you know that you're onto a loser.

Comment: Re:It's Jason Scott (Score 1) 121

by ledow (#49733641) Attached to: Jason Scott of Textfiles.com Wants Your AOL & Shovelware CDs

I have any number of old disks but just sitting and ISO'ing them would take forever. Shipping costs would also be prohibitive.

However, I would be interested in finding a few old DOS utils that I used to have, and several of those old "we send you a floppy catalogue, you create an order, send the floppy back and we send you the shareware you ordered" services that had the weirdest of things that you couldn't get hold of anywhere else.

Comment: Re: chalk? (Score 1) 386

by ledow (#49733633) Attached to: Microsoft To Teachers: Using Pens and Paper Not Fair To Students

Interactive touchscreens now, and short-throw projectors directly above the board.

And it's a standard part of a UK teacher job interview to do a lesson on an interactive whiteboard. You can't escape it and teacher-training prepares you for it.

It's quite literally an all-day-every-day tool in every school I've ever worked in.

If all else fails, lower your standards.

Working...