Become a fan of Slashdot on Facebook


Forgot your password?

Comment Re: So, in other words... (Score 2) 69

Because you have checked the following In Chrome settings:
  * Use a prediction service to help complete searches and URLs typed in the address bar
  * Enable phishing and malware protection

Incognito mode doesn't do much other than [tries] not write to local browser history or store cookies. But it fails at that too.

Comment Re:HTTPS-specific cookies and security .. (Score 2) 66

On the server side, if you only use a single cookie as a session ID (securely randomly generated), then you won't read any injected cookies, but this doesn't prevent leaks.

If a subdomain is compromised, say, then they may read your session ID set by (and any other cookies) if they can get you to visit the compromised site (e.g. by modifying a regular HTTP request if they're in the middle).

If you append a session ID to every URL, then you don't need any cookies. Attackers won't read anything if you visit a compromised site, and your server will ignore any injected cookies.

Of course, make sure all your services are only available over HTTPS (HTTP -> HTTPS redirects, which everyone uses, are not safe from MITM attacks if you use cookies).

Comment Phone as a pager (Score 2) 246

Would the phone as a pager idea really work? The towers would broadcast messages, and if your device matched the message, you would get a notification to connect to the network? Could you get 1-way text messages this way? If this were implemented on the cell networks, could I read all the broadcast or text messages in my local area by modifying my radio?

Comment Re:The problem is Android (Score 0) 208

To use Android effectively, you must root your device and freeze/remove unwanted apps. With root, you must also use a firewall to block or limit network access to you still want to use.

You must also mange your radios well - only enable Bluetooth and GPS when you need it, otherwise keep them off; toggle mobile data and wifi when you roam which means don't leave wifi on while you leave your residence or workplace, and don't leave either on at night or for extended time. (Yes there is a lag in the morning when you turn on wifi and all the background apps sync at once to get email, messages, updates, etc. but you trade that for longer battery life by not using as many charge cycles.)

Managing both software and hardware is a bitch, but if you spend a bit of time to learn, you can get great battery life and overall performance (less background apps), and enjoy enhanced privacy (block ads, prevent data leaks, don't respond to wifi/BT pings, etc).

Comment Free APIs (Score 1) 359

As we can see, much software is only available as a service (SaaS). Some of the software powering those services is Open Source, some is Free Software, and some is neither. The power in these types of systems is more about the data, and access to the data, than software.

Do you see any licenses that could be created to surround access to data, such as APIs? Perhaps an API could be licensed as Open Access or Free Access, allowing the users to do what they like with the service or data. Granted, the organization providing Free Access could close or simply halt access to the API. Are there licensing mechanisms developers can use today to grant their users better access to their user-supplied data?

Comment Google+ and LKML (Score 2) 383

You post publicly on both Google+ and the LKML. Some of your posts get a lot of attention on G+ like naming the next version 3.20 or 4.0, which is a different audience than the Linux Kernel mailing list.

What do you like and dislike about communicating on either platform, Google+ or the LKML? How do you feel about their respective audiences? Do you enjoy the tools you use to participate in public discussions on Google+ and the LKML?

"Lead us in a few words of silent prayer." -- Bill Peterson, former Houston Oiler football coach