Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?

Comment: Re:Yay (Score 2) 58

Yeah, wouldn't it make sense to see where the GPS signal dies, and when it comes back, and persume they took transport from one position to the other? No inertia guessing needed. The Yellow to the Red line is the only way to connect those dots without looping or doubling back. So why do you need to have the accelerometer to confirm?

Because the accelerometer is often free to use. Accessing GPS requires permission and often has an indicator.

With this, an app can use the accelerometer surreptitiously while leaving no indication that movement is being tracked - so many apps use it that no one gives a second thought. Using GPS often brings up an alert so the user knows they're being tracked. If your app uses the accelerometer anyways, you can sell that information for tracking. Whereas If you app suddenly popped up "MyCoolApp needs to use the GPS - Allow/Deny?" then people get suspicious.

At least it does on iOS. I don't know - do apps have free reign over the GPS on Android or do you get alerts when they attempt to use it?

Comment: Re:Why do this in the first place? (Score 1) 65

No. Hence why I said that they can't have a third-party web engine. They have to use the system-provided WebKit.

Ironically, Firefox for iOS uses system WebKit as well. This could result in an interesting situation where Firefox on Android runs like crap, but Firefox on iOS runs pretty nicely (still like crap because embedded WebKit disables Nitro).

As for why, Safari runs with reduced permissions that allow JIT code compiling, embedded WebKit runs with standard (i.e., greater) permissions so JIT code is a security vulnerability.

But apparently it's not about the HTML renderer that matters - it's everything around it that matters in a browser.

Comment: Re:Except when it suddenly dies (Score 3, Informative) 83

by tlhIngan (#49769007) Attached to: No, Your SSD Won't Quickly Lose Data While Powered Down

Lost another SSD over the weekend. Crucial m4 512GB. Lost detection of the drive by the computer (Win 7 desktop), plugged it in through a USB adaptor and it's still not detected (Windows and Mac). That's 3 in the last 18 months.

Muskin Chronos 120GB (Windows 7 laptop)
Crucial m4 512GB (MacBook Pro 2012)
Crucial m4 512GB (Windows 7 desktop)

That being said I run everything on SSD: 2 HTPC, 2 desktops, 2 MacBooks, 2 Windows laptop.

I can't find the common factor that causes the failures. It would just be working one day, then next day fail detection by the computer and it's all gone.

How do you turn off your computers? And do your storage drivers put the drive into low power mode prior to turn off?

The thing with SSDs (and you don't appear to use the OEM ones like Samsung, Intel or Toshiba) is power failure can be deadly. Modern SSDs are fast and because SATA3 is a bottleneck, many sacrifice speed for data protection (if you can do 1GB/sec, and SATA3 is limited to 540MB/sec, you can sacrifice 40% of the speed in the name of data safety).

SSDs require a bunch of tables to work - the tables manage the flash translation layer software (the software that maps physical flash blocks to what the drive exposes, including wear levelling, TRIM and other features). In data safe SSDs, those flash tables are usually write-through cached so updates are committed to media, and so media always contains a consistent table. (There are tricks done to ensure that even if the table is partially written, there's a recovery table which is an older version. Think of it like a journaling file system).

Older SSDs cached the tables in RAM, wrote to them in RAM, then relied on a bank of capacitors to let them flush the tables from RAM to media on power loss.

Some SSDs cache them into RAM, and don't handle power failure, which can result in failures if the tables are corrupted.

The GOOD news is there's often a way to recover them - if you do an ATA_SECURE_ERASE command, it forces the SSD to reset the tables to a blank state and will often get them completely operational again, albeit losing all your data.

Comment: Re:Screenshots? (Score 0) 195

by tlhIngan (#49768931) Attached to: Microsoft Tries Another Icon Theme For Windows 10

Those "screenshots" are only 600x375. They're more on the side of being huge thumbnails than actual screenshots.

It's actually kind of incredible given that Windows still uses 16x16 and 32x32 icons ("large" icons are 48x48). OS X was slightly more forthcoming when it allowed icons as big as 512x512 (and larger now, I think, with 2x "retina" icons...), turning pixel art into huge paintings.

Or heck, what was a "large" screenshot back then was 640x480 (most thumbnails were smaller than QVGA). Even now, on a 4K monitor, "giant" images that are under 1080p look tiny.

Comment: Re:Bullshit ... (Score 3, Insightful) 179

The slowness comes from letting 3rd party tracking sites set cookies and run scripts ... which modern browsers seem to treat as the default, or letting any crap set cookies or run scripts.

Their tracking protection isn't magic, it's just blocking crap. Some of which can be blocked by default anyway.

Well, the reason it's faster is you avoid making extraneous HTTP connections which can be slow by slow servers.

A lot of ad and tracking servers stall out the browser, and because everyone uses them, they're overloaded. The browser might have everything it needs to render the page, but all the tracking stuff stalls out the renderer so you get only the headers. You can easily increase the speed if you tell the renderer to ignore those tracking objects and the network stack to not retrieve that content.

Slow ad servers are the bane of the internet - why ad companies don't purchase more bandwidth and capacity is beyond me.

Comment: Re:Are they LEOs (Score 1) 86

Is an apparent law enforcement officer (or group thereof) who is conducting their work illegally, really a law enforcement officer?

Well, they're *enforcing* the law (against you). Their methods are just illegal (to them).

So technically still correct - they're enforcing the law.

Now, if you want to talk about upholding the law...

Comment: Re:GNU Affero General Public License (AGPL) (Score 1) 48

Same reason people use companies like 1and1 for webhosting or one of the companies that provide Big Blue Button instances - sure, anyone can get a VPS or a dedicated 'net connection and server machine(s) and install Linux, Apache, PHP, etc. and run a site or a mail server or BBB instance. All with Free (and free) code. But not everyone is an expert at doing it, or keepign it up and running, or configuring it just right, or integrating your authentication, or answering end-users support questions or ....

Well, the enlightened groups do.

The un-enlightened see it as an opportunity to save money - why pay some company money to host the stuff when you can do it yourself?

The downside is, of course, maintenance, and while you pay a vendor to do it for you, most "DIY-ers" budget $0 for it, which leads to all sorts of interesting security vulnerabilities. even today Heartbleed is still around, serving up production content by people who don't care, other than they're "beating the man" by taking 100% of the cut.

Penny wise, pound (or dollar?) foolish.

Comment: Re:Banksters (Score 1) 638

by tlhIngan (#49766481) Attached to: Greece Is Running Out of Money, Cannot Make June IMF Repayment

Remember, it's the shareholders that pay these fines. And no one in the bank corporation is held accountable.

Shareholders own the company. If they want to hold the people who run the company accountable, they can.

That's the way business is done. Shareholders own a piece of the company, and they elect a Board of Directors who help represent their interests. The board then tasks the executive (CEO, etc) to to perform the day-to-day operations of the company in accordance with the shareholder's wishes.

If the company does something that earns a fine, the shareholders are vulnerable, because they own the company. If the shareholders feel this is causing the company to lose focus, they can pressure the board to change thing. Of course, shareholders have to balance the need for punishing those responsible with the value to the company - if despite the fines the company is better off the way things are, then it is in their interest to just eat the loss and go on with life because their value will be preserved.

Comment: Re:OPSEC (Score 1) 173

my god, people, if you are going to use a site like that, don't use your real name, work email address, etc.

Well, you're making an assumption that people who use those sites are smart.

I mean, I see ads for Ashley Madison, a site that gears itself for having affairs. Since they're TV ads, I can't imagine the people who log into it looking to have an affair are too bright to not use their real names or anything. Especially since the information contained on that site would be particularly interesting to a lot of people (suspicious partners, for example).

As for those wanting people to pay so they can track them - I don't see the point. If the hackers were threatened with exposure, the best course of action is to release the entire list online. Sure it screws up future chances to make money, but those wanting to find them will suddenly get exposed (while the hackers take their money and run).

Comment: Re:Why? (Score 1) 167

Why is the "internet of things" still a thing?

Actually, it's always been a "thing". Just the term "Internet of things" is relatively new, but the concept quite old.

We used to call them "Smart Devices" and our demo boards came with software that allowed them to be remotely managed (the boards were StrongARM based SBCs with Ethernet controllers). They were "smart" in that you connected them to a network and could be managed without physically having to be there.

Or hell, the "internet connected toaster" is a concept that predates even that.

Internet of things is just the trendy catchphrase.

Comment: Re:In other news... (Score 1) 222

Source? I know you're being facetious, but I see this comment show up here often, yet no one seems to be able to correlate it with reality. I mean I have no doubt that some people really are just using VPN services, but the unless Canada is some technological superpower where every citizen has an IT Admin background, I'm guessing most users wouldn't even know what a VPN is.

VPNs are stupidly simple to set up - every VPN provider has an OpenVPN based client software for every platform, or basically walkthrough step-by-step instructions on how to set up the VPN. (And from experience, if people want something, if you provide detailed enough steps including where to click, what to type, etc, they can achieve it - as long as you make it monkey-simple steps).

Canadians use VPNs for many reasons, including getting access to US Netflix, Hulu, Amazon Prime and other US-only services (which is a primary driver for VPN services). There's also DNS redirection services like unblock.us that do similar things.

It's also likely the intersection of those who use VPN services for entertainment and those who use piracy things has overlap.

Plus, I'd also think there's a rise of casual sharing networks again - perhaps instead of everyone downloading a copy, one person does and then shares it via portable hard drives or something.

Comment: Re:Twitter is junk (Score 1) 91

by tlhIngan (#49735709) Attached to: Tweets To Appear In Google Search Results

As a 20-year veteran of Perl programming, I am authorized to say: Twitter looks like line noise.

Actually, has there been any contest where the goal is to write the most useful program that can be stored in a tweet? (Useful is defined as "non-trivial", so hello world doesn't count).

Bonus points if you start your tweet with the shebang and thus limit the number of available characters.

Comment: Re:Maybe because users feel entitltled (Score 1) 150

If renaming a server is not easily fixed by a config change then whoever wrote the system is an idiot. Sorry but we can't deal with your and the other 20 naming schemes that individuals though were "cool".

If you are relying on a outdated control or monitoring software it is your problem. Your software may even be using the security flaw.

a user will always choose dancing pigs over security every time. Get in the way of their work, and users will figure out very creative ways around it. Or users will do very complex tasks if you tell them it'll get them what they want. Tell a user they can get free apps, and they'll install and use SSH and the command line...

Comment: Re:Real Life Skills (Score 1) 299

by tlhIngan (#49730381) Attached to: Ask Slashdot: What Tech Skills Do HS Students Need To Know Now?

I would add basic arithmetic, and the ability to do sums in your head.

Where do you use it? In real life, when dealing with money. You go to the grocery store, you pick up stuff, you check out. How about knowing if your basket of food is in your budget? Or if buying that extra treat will break the budget?

Being able to estimate your basket with tax is handy, and doing so without dragging out a calculator doubly so.

Yes, the register does it all, but how do you know the price got scanned correctly? Many times you can save a few bucks through scanning errors by realizing what was $3 scanned for $4. And sometimes, if you read those little posted notices, you can get $10 off a scanned error (or for stuff under $10, free!).

For #5, I'd change that to "Safe handling and familiarization of firearms". Understand what is what, actually go to a range and fire them, and all that. As a non-American, I don't believe everyone needs firearms, but I believe educating everyone on the safe and responsible use and storage of them should be mandatory. I don't care if you're for gun control (I personally am), or against it. I believe everyone should be informed about them, their dangers, their uses and be able to actually come up with decent legislation to keep them free to those who want to be responsible enough to use them, while away from those who really aim to do evil with them.

Comment: Re:Texting Maths (Score 2) 386

by tlhIngan (#49729721) Attached to: Microsoft To Teachers: Using Pens and Paper Not Fair To Students

It's the only subject we force on kids where 99.9% of them will never use it for a single thing in their entire lives.

Actually, if that's true, no wonder we have problems with personal debt.

While most of the subjects are useless to most people, we should advocate for basic arithmetic literacy. And to be able to do it mentally, including the ability to approximate.

Why? You'll use this at the checkout line. Do you know how much your shopping cart is? Maybe not to the penny, but can you roughly compute how much your food is going to cost? Plus tax?

No digging out the calculator, either.

And from there, into stuff like budgeting - your food this week cost $150. How much does food cost per month? Is $150 the right amount? Or is it too high for your budget?

Again, no calculator - this is a rough calculation you should do in the store.

That should be what we emphasize - basic arithmetic. And the ability to do it quickly, mentally and organize our budgets.

If I have seen farther than others, it is because I was standing on the shoulders of giants. -- Isaac Newton