Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror

Comment: Re:This is no surprise... (Score 3, Informative) 270

by dissy (#48942761) Attached to: VirtualBox Development At a Standstill

The core virtualbox is open source and free, but the guest tools extension pack is closed and commercial. Under restrictive use cases you are allowed to install the guest tools for personal use for yourself and not need to pay for a license. But even so much as installing it for someone else is a license violation and Oracle expects you to pay for that.

No guest tools extensions means you have no drivers for the guest VM, no shared folders, no mouse/window integration, no accelerated 2d or 3d graphics nor resolutions over 1024x768 vesa.

Whom ever installs the guest tools extension is the ONLY person legally allowed to run that copy of virtualbox afterwards (following the legal agreement when you downloaded it at least.)
If you install virtualbox and the guest extensions on a PC for your mom, mom isn't licensed to run it and Oracle wants a paid license in that case.
Installing virtualbox via scripts including the guest extensions requires a license for each install, even if you are the one using a copy.
(Academic use is somewhat excluded last I saw, but not being in academia I don't know any of those details)

There is an open source version of the guest tools, at least for Linux guests (maybe others by now.)
I'm not sure what features it lacks or differences in the drivers, but they are made by a different development team unrelated to sun/oracle.

Comment: Re:Does It Matter? (Score 1) 270

by dissy (#48942601) Attached to: VirtualBox Development At a Standstill

Are there some other core VirtualBox features I'm not aware of that keep people pinned to it?

It's the only way to virtualize OS/2 Warp as of six months ago and very likely to this moment.

(You didn't specify how many people a "core feature" must be useful to - although you would likely be shocked at the number of people who do just this)

Comment: Re:Windows Phone (Score 1) 105

by dissy (#48942571) Attached to: Fixing Verizon's Supercookie

...or you can just use a Windows Phone and disable the advertising ID as part of the OS in the Settings menu.

Or you could read at the very least the one sentence title of the story.

Verizon inserts the cookie, long after the traffic has left your phone and your phone has any ability to do shit all about it.

The only thing your phone could do or be effected by is if it also added a cookie with the same header name, in which case Verizon deletes your data and replaces it with their own.

It should be a requirement that you can read before you are allowed to write and post...

Comment: Re:Old news (Score 1) 86

by dissy (#48935607) Attached to: Georgia Institute of Technology Researchers Bridge the Airgap

Missing from the summary: THEY HAVE SOFTWARE INSTALLED ON THE VICTIM LAPTOP that modules the CPU usage.
You don't need any fancy equipment, any AM radio will do.

That reminds me of the Altair 8800 and what some call the machines first program that actually "did something", which ran various lengths of different timing loops in the CPU which had the effect of playing Fool on the Hill as RF interference on an AM radio placed near by.

https://www.youtube.com/watch?...

Comment: Re:Can someone explainn (Score 1) 164

by dissy (#48935453) Attached to: Drone Maker Enforces No-Fly Zone Over DC, Hijacking Malware Demonstrated

It seems the sensible solution is to mount the telescope to the camera all self-contained on/in the drone.

I can then pilot the drone a sizable distance away from me and closer to you, but park the drone the *500m away from you so that you are in view of its telescope yet still far enough away so the sound mixes with the normal background environment.

I'd imagine one would want the telescope camera to be in addition to any normal cameras, as the former is more for spying and less for navigating.

* I'm not familiar with the current state of the art in telescope optics - that 500m figure came from a parent post
I'm also not familiar with such a telescopes weight and am assuming it would still be on the heavier side and so needing a more powerful and thus loud drone to carry it. The lighter the telescope would be, the quieter of a drone that can be used.

Comment: Re:Heartbleed (Score 1) 211

by dissy (#48918877) Attached to: Serious Network Function Vulnerability Found In Glibc

How many years was Heartbleed around before anyone noticed? Apparently "many eyes" were not reading that bit of code.

Even you admit heartbleed *WAS* around (not *IS* around) and thus was found and fixed.
Clearly at least two eyes reviewed the code, found the bug, and it is now fixed as a result.

That is two more eyes than is searching through closed source code.
Two is still greater than zero so it is still a net positive.

Comment: Re:jessh (Score 1) 397

by Martin Blank (#48918307) Attached to: "Mammoth Snow Storm" Underwhelms

You're not factoring in the number of workers who would not have gone in anyway, the lost productivity from being late due to weather for at least some of those who did go in, potential losses to businesses that didn't shut down completely for paying employees to show up but who had little to no business that day, and the costs associated with personal and property damage due to accidents. It gets complex quickly.

Without government intervention, a lot of people would have simply gone in to work because they were afraid that if they didn't show up, they could be in trouble with their employers. When the city makes the call, it's easier to point to that as a justification, and it's more likely to be accepted by the employer.

Comment: Re:Consumers? No just whiny fanboys (Score 1) 113

by dissy (#48908997) Attached to: NVIDIA GTX 970 Specifications Corrected, Memory Pools Explained

As an owner of a GTX 970 card, all I can say is I can run Shadow of Mordor at full 1920x1080 res with the "ultra" texture setting and it never dips below 30fps, usually getting 45-60.

The additional fact I got the card as an open-box return at the local computer store for $220 makes things a no-brainer for me even if the allegations of 3.5gb vram were true.

There is no game in existence that a 980 or titan card can play that my 970 couldn't, even if I had to bump the settings down to just "very high".

If I bought a thousand of the things for super computer style multi-GPU number crunching, then I would probably be more upset and yelling a bit louder at Nvidia.
As a gamer I just can't see myself getting any worked up over this.

Comment: Re:Once more (Score 1) 100

by dissy (#48889009) Attached to: U.S. Gas Stations Vulnerable To Internet Attacks

>We have to ask why everything NEEDS to be internet connected. A local connection to the sensors will allow the station to determine when they need to refill said tanks. Not much point in putting it out there on the big scary internet. :D

It isn't a "need", it is only a "want"

Just imagine the cost difference between a fleet of IT people posistioned in every city the gas station chain does business in, paying their US pay rates - compared to a poor lone indian guy on the other side of the planet being paid a tiny fraction of US pay rates, not multiplied by the number of employees (or multiplied by one technically) able to manage all 100000 pumps owned by the chain.

The psychopaths at the top of the gas station chain companies get to keep that unspent money for themselves, so the less they pay out the better it is in their mind.

Of course you both get what you pay for, and must suffer the consequences of your own choices and actions once made, but it's pretty rare either of those factors even pops into their minds - and when it does the only reaction is to beef up the golden parachute package for when the inevitable happens.

The point is the whole intention here is not to do things right but to save money and raise profits without concern for the future or security of the company as a whole.

Going by those terms, not only do the pumps need to be on the Internet, but does make them more short term profits, so clearly is the correct solution to their incorrect and needless problem.

Comment: Re:End of support, not "end of life". (Score 2) 156

by dissy (#48864953) Attached to: Windows Server 2003 Reaches End of Life In July

I agree with IBM to a point but Google doesn't have the best track record of supporting their products after they decide the product has reached the end of its life. In fact, they probably have one of the worst.

Sadly that is true.

In my previous post I was more thinking along the lines of trusting IBM/Google/etc to release updates that actually fix vulnerabilities instead of intentionally injecting new ones - more as in comparison to those shady sites out there hosting windows update msis for people using pirated windows without full access to legit update channels.

While I personally would trust Google in that sense, I do have to agree I can't say the same about them "sticking with it" for the long run.

Of course I don't really see them even starting this to worry about them closing down the beta a few months later ;P
But your point remains.

Comment: Re:End of support, not "end of life". (Score 1) 156

by dissy (#48864895) Attached to: Windows Server 2003 Reaches End of Life In July

Just because something is "inside" doesn't mean you can ignore its security.

I'm curious, which one of "low risk", "risk limited to lan", or "not zero risk for sure" did you interpret as me saying there was no risk and thus security is being ignored?

Or was it just the statement that it actually is being upgraded that sounded like " being ignored"?

I of course was light on details, since they don't really matter here, but I feel I spelled out most of the points in my risk analysis process such that "ignore" is a pretty unfitting adjective for what I actually said.

Comment: Re:End of support, not "end of life". (Score 4, Informative) 156

by dissy (#48863995) Attached to: Windows Server 2003 Reaches End of Life In July

My understanding is that fixing newly discovered vulnerabilities in Windows XP or Windows Server 2003 would be fairly inexpensive.

One more downside to being closed source - if Microsoft won't fix vulnerabilities, no one else can for any sane price.

At work I'm still migrating our last two 2003 servers, one migration nearing completion the end of this month, and the next not even started yet but expecting to take 9-12 months.

Exchange server was our primary risk because by its nature it has to handle SMTP, and while you can't poke that server directly from the Internet (a postfix relay server is the only one with direct internet exposed ports) but those emails still flow through it, and it sends outgoing mail directly so has to connect to other MTAs and everything involved with that like DNS queries... A pretty big risk footprint on that one, so no argument from me that it needs upgraded.

The last 2003 server however doesn't technically require being replaced, the risk is very small and mostly controlled for even then. It would likely run fine until enough hardware failures make keeping the server up cost prohibitive, which is really the biggest reason (though a fairly justified one) to upgrade.

The vulnerability risk footprint is limited to the LAN, and then only really to windows file sharing (that and SQL server are the only exposed services)
Not zero for sure, but taken alone not enough of a reason to justify the cost of an upgrade. Only everything taken together combined with a string of purchase approvals to upgrade everything else that demands it, is why it ultimately will be.

If only another big player could release continued security updates, or ideally more than one to help both competition on price and a choice of whom to trust for such a thing.
There is definitely a market for very long term support, which you have to look no further than IBM to see.

In fact many would trust IBM to fill such a role if they were to do so. Others may trust Google. I'm sure there are plenty of other examples as well.
But I don't see "long term windows support" being in many of those companies interests, nor see microsoft going along with such a plan even if they were.
Microsoft wants you to buy their latest shiney instead, Google would prefer you didn't use Windows at all, and IBM doesn't seem to be as big on the support thing these days even for their own products let alone microsofts.

All of those facts factor in to the cost of providing security updates, and does raise the bar quite a bit higher than it would appear at first glance.

Comment: And five minutes later... (Score 0) 238

by Samantha Wright (#48858215) Attached to: Google Thinks the Insurance Industry May Be Ripe For Disruption

...Someone from the back row shouts out "Because our AdSense profile has determined you were visiting websites about cigarettes recently, your health insurance premium has gone up by 5% and you will probably die slightly sooner. Remember, [i]f you have something that you don't want anyone to know, maybe you shouldn't be doing it in the first place!"

Is it cynicism if you're just using a Markov chain to predict what other Slashdotters will say?

(Although obviously this is auto insurance, so I'm sure someone can translate the threat appropriately.)

The human mind ordinarily operates at only ten percent of its capacity -- the rest is overhead for the operating system.

Working...