Follow Slashdot stories on Twitter


Forgot your password?
Take advantage of Black Friday with 15% off sitewide with coupon code "BLACKFRIDAY" on Slashdot Deals (some exclusions apply)". ×

Comment Pledging for automatic updates? (Score 2) 74

The guy is pledging for automatic updates:

We have to build a mechanism to automatically update things. We did not do that. The right way to design, if we were to update things an updating protocol that automatically updates itself so when the next version comes up it knows where to find the next version rather than having to wait for a Windows update or whatever.

Actually, newer windows versions (Vista and later) use Microsoft's online Certificate Trusts Lists which allows exactly this. Microsoft revoked the DigiNotar certificate without issuing a real Windows update:

On August 29, 2011, Microsoft removed the trust from one DigiNotar root certificate by updating the Microsoft CTL. Why is Microsoft releasing an update? Windows Vista, Windows 7, Windows Server 2008, and Windows Server 2008 R2 use the Microsoft Certificate Trust List to validate the trust of a certification authority. Windows XP and Windows Server 2003 do not use the Microsoft Certificate Trust List to validate the trust of a certification authority. As a result, an update is needed for all editions of Windows XP and Windows Server 2003 to protect customers.


Data Storage

LackRack Makes Home Colocation More Affordable 4

An anonymous reader writes "The LackRack is the ultimate, low-cost, high shinyness solution for your modular datacenter-in-the-living-room. Featuring the LACK side table from Ikea, the LackRack is an easy-to-implement, exact-fit datacenter building block. It provides superior mounting for up to 8 U of 19" hardware, such as switches and other professional gear. Multi-shiny LackRack can also be painted to your specific preferences and the airflow is unprecedented."

Comment Re:IE8 is *not* vulnerable (Score 1) 83

That doesn't make sense:
1. Google serves all ads within from that same domain. No cross-site scripting anywhere, so nothing for the XSS filter to block.
2. For external sites (AdSense), disabling the XSS filter on won't help either: the external site would have to disable it. Otherwise anyone could just disable the XSS filter on their own domain and hack away on other sites.

Comment Re:IE8 is *not* vulnerable (Score 5, Informative) 83

Except, that was the FIRST security flaw linked in the article. The SECOND one (at The Register) is about a different security flaw, in the XSS filter. The XSS filter is new in IE8.

And, BTW, Google does indeed disable it so that they are not vulnerable to the flaw: their servers send a "X-XSS-Protection: 0" header.

Comment Re:Er, no (Score 1) 154

There have been several beta releases for Internet Explorer 7 and 8. Still no need for nightly builds: if it's not release quality, why publish it at all?

In open source projects, nightly builds are mostly a service for developers/testers as well. And since everybody can help improve the code, having more people test can certainly be beneficial.

Comment Re:Obvious... (Score 2, Informative) 154

In recent interviews, the IE team explained that they run many testsets (W3C sets, Acid3, themselves anyway. They have also contributed a lot of new tests to W3C (e.g. They ask for feedback about their tests. The only thing we can do to improve IE is to make sure there's enough test coverage.

Comment Re:Obvious... (Score 1) 154

What if they'd just release their rendering engine, with a very simple UI which only lets testers enter a URL? After all, most of the problems are in IE's rendering engine, not in its UI. That would solve the problem of journalists etc. looking at it as a real product.

Now, I do doubt the usefulness. We can't improve the code like we can with open source projects. Giving feedback about the rendering engine isn't all too useful either, because the IE team cares about standards nowadays and uses many tests themselves (W3C testsets, Acid3, They already know the bugs, so the only thing we could conclude with a nightly is how far along they are.

Comment BitTorrent links (Score 5, Informative) 744

Comment How will it work? (Score 1) 423

How will the ballot screen work? Will it redirect to the chosen browser maker's website, will it download an installer? If so, that'd be way too much work for 'simple' users and they'll just close the ballot screen leaving IE as the default browser.

Also, I can't help thinking that there must be a prettier way to make this ballot screen (outside of IE, preferably!).

6 Curses = 1 Hexahex