Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?
Take advantage of Black Friday with 15% off sitewide with coupon code "BLACKFRIDAY" on Slashdot Deals (some exclusions apply)". ×

Comment Re:Directive ethical hacking solves nothing (Score 1) 37

The problem is that the definition for hacking is overly broad.

It is clearly advised by the published guidelines that an organisation should define for themselves what they consider acceptable and what's not acceptable. An organisation might, for example, rule out social engineering attacks or DDoS.

IT journalist Brenno de Winter calls the guidance useless. "If hackers first have to report the vulnerability, they lose their anonymity without having a guarantee that they will not be prosecuted. And even if a company promises that it will not press charges, the Public Prosecutions Department can start a case."

A published responsible disclosure policy is a legaly binding document. If a organisation states that it find's certain behavior acceptable and even clearly states that it won't take legal action against people holding themselves to that document they have to follow that promise. As for the public prosecutor there are two parts that will protect responsible hackers. The first is the fact that the crime of hacking (computervredebreuk in Dutch law) requires the access gained by the hacker to be unlawful (wederrechtelijk). When a company states that certain behavior is acceptable, the legal test for wederrechtelijkheid will fail and the public prosecutor will have no case for the crime of computervredebreuk. Further more, the Dutch minister Opstelten has promised to talk to the public prosecutor about how they will handle responsible disclosure cases. Given the well thought-out contents of the released documents and the clear intentions of the gouvernment I have no reason to doubt the results of these talks.

Comment Eye contact (Score 1) 293

While I really like this development, there's one thing I'd like to see resolved: eye contact with the driver. When passing in front of a car I always try to make eye contact with the driver. For me this is the best way judge if the driver has spotted me and if I can cross safely. A robot driver should have some really simple visual way of saying: Hey, I've spotted you and I will break for you.

Comment Re:How are upgrades handled? (Score 3, Informative) 176

I'm curious. Having never used a BSD-based system, how are upgrades managed? I understand that instead of installing packages, one uses ports. My impression of that is that you run a file in a ports directory and it compiles the software and installs it. Correct me if I'm wrong.

Ports are meant for building packages. Users should only use packages normally. You can update your packages after you upgraded your base system with "pkg_add -ui -D update -D updatedepends"

But how does one upgrade from, say, OpenBSD 4.7 to 4.8?

OpenBSD has excellent docs and FAQ's:

"Spock, did you see the looks on their faces?" "Yes, Captain, a sort of vacant contentment."