Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror

Comment: This will probably kill a few startups... (Score 1) 152

by rwhiffen (#38993309) Attached to: Google Offering Cash For Your Cache

This move will probably kill a few startups, or at least force them to alter their strategy. There are a few out there who were trying to allow users monetize their private information in some form and give you the opt-in/opt-out ability in a centralized fashion (kind of like the apps settings page in Facebook). They all face the same problem of critical mass for adoption and their problem just got harder. Why would you bother with a www.personal.com (which has a neat app) or anything like that if you're already a google.com account holder in some form (and between gmail, google/android and YouTube, who isn't?) and could get paid in real cash instead of free services. Like the saying goes, If you're not paying for it, the product they're selling is you.

It'll be interesting to see what the next step is in this. What if you could increase your payout by allowing 3rd parties access to your usage profile? Say an advertising agency or consumer research agency? Instead of a virtual wallet it could become your virtual dossier. Link your gym membership and your grocery store loyalty card to your virtual dossier and you have a treasure trove of information that could actually be cashed in on. We currently give that information away for free email or other web services online and for slightly lower shopping prices with the store loyalty cards. This would give you a single entity to deal with who could aggregate and allow you to profit from all of this consumer data. That's the 'hugs and lollipops' vision. The sinister vision (which is probably more likely) is one where companies only target the high profit potential consumers and marginalize everyone else. The have/have-not divide would widen.

Why am I not asleep again?

Comment: Priorities aligned? (Score 1) 848

by rwhiffen (#38525028) Attached to: Ask Slashdot: Handing Over Personal Work Without Compensation?

I know this ship has basically sailed and the conversation has moved on, but wanted to add my $0.02 to the mix. First off, I'm basically a dilbertonian Pointy-Haired-Boss. I'm also not going to get into the issue that you used your insider knowledge to custom taylor a statement of work to present to me. I have engineers who write stuff in their own time, like you have done. Most of the time it pisses me off. Not because they took the initiative, not because they wrote it in Ruby when we're a java shop, but because it didn't align with my priorities. I'd be angry at myself, because that means I wasn't clear what the priorities are. I'd be angry at the individual because they weren't listening and/or didn't come and ask for clarification if they didn't understand. So my questions to you would be: When your boss gets his ass chewed, is it because his team isn't efficient and streamlined? Has he ever mentioned your team spends too much time on process and workflow and not enough time "their respective punch lists" as you state? Does your tool leverage languages and software packages that you already have in house (care and feeding after your gone)?

For me, unless you're solving a problem that I have stated as a problem or in some way eluded to I'd say, no thanks, you're fired. Of all the holes in the leaking IT Bucket, is the one you plugged the same one your boss would plug?

Comment: Re:nothing new (Score 1) 300

by rwhiffen (#26214409) Attached to: Perfect MITM Attacks With No-Check SSL Certs

Why bother mucking with the real source tree? Just make a clone on your mozilla.org-impostor site with an update that has all the appropriate back doors in it.

Just deliver a DNS spoof/change (like dns cache poison, etc) via another exploit, get the browser to self-update (and clean up your previous exploit tracks) and then sit back and wait to spring your trap. The only code change you need to insert at first is to get future updates from the impostor site.

Later on you can 'update' the browser to proxy all $MONEY web traffic through you and your proxy farm. You could even add a new trusted CA to your code base to make it all the more convincing and to cover tracks from the 'imposter-mozilla.org' cert in case it's discovered and revoked.

Comment: Re:Late in the game? (Score 2, Interesting) 304

by rwhiffen (#18249312) Attached to: Linux Systems and the New DST
Funny thing about the 'act' that was passed is it has a clause about congressional review. So at some point, congress could have said "This is stupid" and undone the DST change. Everyone was waiting for the fall session to start, I suspect, to ensure the DST change was going to stick.

Further, if your running Solaris it's not just a TZ patch. There's libc changes:

http://src.opensolaris.org/source/diff/onnv/onnv-g ate/usr/src/lib/libc/port/gen/localtime.c?r1=1138& r2=0

There's also glibc issues in RHEL 2.1 but they're not quite the same as Solaris.
http://kbase.redhat.com/faq/FAQ_41_9949

Cheers,
Rich

"Any excuse will serve a tyrant." -- Aesop

Working...