Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?

Comment Re:I don't think so. (Score 5, Informative) 180

At least of you have an x86 Chromebook, you can always load Windows 10 on it if ChromeOS doesn't work out for you.

Depends on the bootloader. Some just ship with coreboot and that's it - you can't boot Windows that way. Windows requires either BIOS or EFI to boot, and most Chromebooks ship with neither.

Plus, chomebooks are a pain if you want to use them as anything other than chromeos - the security means you get prompted every boot (including reboots) that your chromebook is compromised. You have to hit a key combination (Ctrl-D?) to tell it you intentionally want to boot developer mode. Miss the opportunity and it goes into the recovery screen asking for you to insert a USB recovery key.

Yes, this is intentional. Chromebooks are supposed ot be super secure devices immune to malware. So the bootloader checks the kernel and filesystem it's about to run to make sure they're original.

Comment Re:WTF? (Score 2) 218

The only situation where something like the LSB really makes sense is proprietary copy and run programs that depend on proprietary pieces

That is, I believe, one of the primary reasons why the LSB was created - because a robust software archive, including both free and proprietary apps, is generally a good thing.

Then again, depending on the app, sometimes it's easier to just modify the environment than the app. Like a few programs we use that are designed and supported on RHEL. LSB would make life easier so we can run said program on say, Ubuntu, but given the general low quality of the code and high expense, it's easier ot just run RHEL for that software than try to get it working on Ubuntu. Hell, even running CentOS will probably work, but then again...

Chances are it'll work, but oddball failures and crashes are really something I don't want to waste time with.

LSB was probably more for consumer level applications like Photoshop and whatnot, where support is generally better, and games and stuff like that.

Comment Re:combine them? (Score 1) 85

Perhaps you might be able to optimize things so that both the md5 and sha1 hashes were computed simultaneously as the bytes were read so that they only had to be traversed once. But do you think you'd be able to shave in this example 30% the combined time to equal the sha256 time? And then you'd still be left with two individually broken algorithms.

The goal of combining isn't to save time, it's because it's what's available. Let's say you have an embedded device, and it can do SHA1 and MD5 already in hardware (hardware accelerators aren't much faster, but they are a lot easier to code up in primitive environments). So the hardware supports MD5 and SHA1 in hardware, and your verification code can be modified.

You can't add SHA2 support, nevermind SHA3, but you have to work with what you have. In this case, two broken algorithms, you can't upgrade the device (or you can, but people still use legacy devices), and want to at least make it harder.

Comment Re:Does that force it off your phone too? (Score 3, Interesting) 82

Android fanboy here... just wondering - when Apple pulls an app from the store, does it force it to uninstall from your device(s) as well?


So far, if Apple even has the ability to uninstall an app, they've never used it. They've never used their ability to disable apps, either (though limited to ones which use CoreLocation, since the disabling code is in there, so if you never touch GPS...).

All Apple has done is basically prevent users from redownloading apps. But even that's not as big a limitation - you can still back up an app using iTunes. Or download the app using iTunes and install it via iTunes (recommended method for large apps). Even if the app is removed, as long as you have the IPA (the app file, similar to apk for Android) file somewhere, and iTunes is available, you can install it via iTunes. iTunes doesn't check - as long as the app is in your name and account, iTunes will install it on your device long after the developer has disappeared.

This was how users of a particular (medical) assistance app kept using it - after the developer has been sued by some larger company or patent violations that forced Apple to remove the app, the users backed up the app via iTunes and use that to install it on every new device.

The only thing is, it's unmaintained, so if it doesn't work with a new OS version...

And if you wanted, using iTunes you can back up old versions of apps too, so if they try to screw you or add stuff like ads or IAPs (in app purchase) you don't like, you can always revert by installing that particular version of the app.

Comment Re:Theft waiting to happen (Score 1) 93

'Once it arrives, attach the appliance to your local network, download and run the Snowball client to establish a connection, and then use the client to select the file directories that you want to transfer to the appliance. The client will then encrypt and transfer the files to the appliance at high speed.'

So unless the client is absolute crap, it's a pretty good solution

Anyone see this as a way to infiltrate a network?

I mean, the only way to get data into and out of it is a 10gE connection, to which you need to use a client to connect to it. So it's entirely possible for the OS that's running on it (presumably it's just an x86 based PC with a lot of disk) to surreptitiously monitor, scan and potentially plant malware on your network. Sure, SOME people will do data precautions and firewalling, but considering the PC running the client needs access to the data AND access to the snowball, it seems like most people would probably just hook it up to a spare network port.

While I'm sure Amazon probably wants to ensure those things are clean, I'm not so sure if anything can be implanted in them along the way...

Comment Re:this is why (Score 1) 70

How with mobile devices? What about warranties when the company want them back to RMA?

Don't mobile devices have a clear and delete everything that works?

I know iOS does - since iOS 3. On iPhone 3GS and higher, what it does is it deletes the flash storage key and regenerates a new one (which is why the older ones needed a OS reload - it wiped the OS as well). On older iPhones, it physically erased the storage because the stores are unencrypted. Which is why on those phones it took hours to run, while on the new ones, it takes mere seconds.

As for RMA - that's where you have to decide - is your data more important than the drive? You have to realize a 2TB drive is well under $100 new these days, so if your data is worth more than $100 if it got out, you probably are better off not returning it and just buying a new one.

Our IT guy has decided that 2TB drives are not worth his time to RMA - they're cheap, and return shipping covers a good portion of the cost of a new drive, so it's pointless.

Comment Re:Why not just lock down the radio portion? (Score 5, Informative) 143

If they're going to mandate locking down, lock down the WiFi radio, as that's the part that uses the radio waves. The WiFi radio can be a "black box" with it own firmware, much like on cellular phones, where the cellular radio is a similar black box.

This keeps the FCC happy, because people won't be able to violate FCC rules, and it keeps users happy because they can keep running custom software. The WiFi firmware isn't typically something you want to mess with anyway.

And that's what the FCC really wants The problem the FCC is seeing right now is the modified firmware allows access to frequencies that aren't allowed to be used for WiFI in the US. This is more than just channels 12 and 13 on 2.4GHz, but also on the complex 5GHz band.

The FCC has many complaints already from airports and other entities whose radar is being interfered with by 5GHz WiFi (the band plan is complex enough that channels are "locked out" because they're used by higher priority services like radar).

And you really can't blame the open firmware guys either - mostly because they don't know any better and they only build one binary that works for all devices worldwide. (the available channels on 5GHz vary per country - depending on the radar in use).

All the FCC really wants (and they've clarified it in the Notice of Proposed Rulemaking) is the steps wifi manufacturers are taking to prevent people from loading on firmware that does not comply with FCC regulations - i.e., allows transmissions on frequencies they are not allowed to transmit on.

It can either take place as hardware (filters blocking out the frequencies), or software that cannot be modified by the open firmware (e.g., firmware on wifi chip reads a EEPROM or something and locks out those frequencies).

The thing it cannot be is rely on "goodwill" or firmware that respects the band plan - i.e., you cannot rely on "blessed" open firmware that only uses the right frequencies (because anyone can modify it to interfere).

The FCC has all the powers to enforce compliance right now - users of open firmware who are caught creating interference with higher priority services can already be fined, equipment seized and all that stuff (and that would not include just the WiFi router - any WiFi device like PCs can be seized if they attach to that network). That's the heavy handed legal approach they have. However, they don't want to do that, because most users probably don't realize the problem, and the FCC really doesn't want to destroy all that stuff. So instead, the FCC is working with manufacturers to fix the issue at the source.

The problem lies in the fact that most manufacturers are cheap and will not spend a penny more, so instead of locking out the radio from interfering, they'll lock out the entire firmware.

The FCC mentions DD-WRT and all that by name because their investigations revealed that when they investigate interference, the offending routers run that firmware (and which doesn't lock out frequencies that they aren't supposed to transmit on).

Comment Re:It's not what Google wants.... (Score 1) 422

This trope really needs to die. If people were treated like products they wouldn't use Google services. Google has to treat users as customers, and indeed does sell a lot of stuff to them (services, apps, hardware). If it didn't the users would go somewhere else and Google would die.

This is obvious. The situation is simply more complex than the trope makes out. Unless you can get past the trope we can't really discuss Google in any meaningful way. There are problems, but not "you are the product".

Basically, Google provides a service for FREE. Users use said service, and Google collects information about said users. Google sells information to their customers, who pay good money to advertise and analyze those users. Money goes into Google's pockets, paying engineers and providers to provide the service.

They key here is that Google provides the services for free. But the quid-pro-quo is that Google collects information about the users so they can sell that information to advertisers and anyone else who will pay for it.

Users currently value their privacy at less than free - they'd rather use a free email provider than pay some money. That's why Google is where they are - they sell you to other people. And for the most part, you don't care as long as Google gives you free stuff.

You want to create a mailing list with people who agree to receive such mailings? Just set up a sweepstake in a local mall over a weekend. Give away some $50 item and by the end of the weekend, the box will be full of names, addresses and phone numbers. Even better, all that is likely legit, since you probably will call the winner, and will mail the prize to them.

Anyhow, the other worry with such information sent to Google is well, it's a lot easier to subpoena that information from Google, who does not have to protect your Amendment rights, than it would if the information was in your control. Throttle position is useful to see if you were braking or trying to avoid the accident, or were street racing, etc.

Face it, it's going to be a law enforcement goldmine.

Comment Re:It's not what Google wants.... (Score 2) 422

Information about the car is what CONSUMERS want. Google is asking for it because we are asking for it.

Well, it's already available... I mean, coolant temp is that little gauge, fuel is the other gauge. I don't particularly care about throttle position since it's less useful (if I want to go faster, my foot presses harder on the gas pedal, and I watch the speedometer needle climb).


The Apple model is "Don't collect anything unless there's a reason we need it". Google's is "Collect all the data, and when we can find neat analytics to do, we can do it on the stuff we collected".

But you kinda-sorta already know Apple's been angling at the "you're not the product" aspect for privacy the past couple of years or so as a way to compete with Google.

Comment Re:Good for them! (Score 1) 92

But for the NYT, it's not just the New York population. It's the population of the English speaking upper crust. Lot's more than 12 million. That's why the one million number is pretty weak.

This is digital ONLY subscriptions.

You do realize the NYT is also available in regular deadtree format, right? And it's extremely popular in that format, well exceeding digital.

Personally, I prefer the deadtree. I don't need up to the minute coverage, and the deadtree means when I sit down to read it (on my commute), I get a reasonable summary of all the stuff that happened the day before. Sure, it's a day old, but if I didn't care about it yesterday to get up to the minute news, then it wasn't important for me to keep up with it.

But that doesn't mean it's not important - it's good to keep up with what's happening outside your field of interest (it's called being worldly, and even though it has zilch to do with what you care about, that doesn't mean it isn't necessarily important), after all. It's just I'd rather take it in a summary all at once than to go try to find out what happened.

Comment Re:Making money off real names (Score 1) 232

If you were facebook, you'd be insane not to have intelligence contracts.

And somehow, TLAs and other intelligence agencies require real names in order to identify people?

To be honest, whether or not anyone requires a real name policy is probably irrelevant to such agencies - they already either know the person's real name, or they don't. If they don't know, it's not like the real name policy will offer any help. And if they do know, whether the account is used as a pseudonym or not, makes zilch difference.

To be absolutely honest, I'm sure the lowlevel ones will use their handles as their facebook profile, and thus making facebook the go-to site for TLAs to identify people. If you're a careful hacker who maintains no links between your handle and your real world identity, then facebook's policy neither helps nor hinders.

So ironically, it'll give TLAs more opportunity to go after the stupid hackers and script kiddies who are stupid enough to use their handles on facebook, and post real pictures that help identify them and their locations to everyone.

Plus, I'm sure the TLAs are going to watch for profile name changes, making it even easier to identify and link handles to real identities.

Comment Re:Yeah, wait, hang on (Score 1) 406


And this is especially true about The Big Bang Theory, because it's among the highest-rated shows on TV. Its ratings numbers are basically unheard of for most programming except sports. Sports still dominate the ratings, but TBBT gets extremely big numbers compared to everyone else.

And CBS is racking in huge bucks because of this - from first run and syndication, so no, they're not likely to change anything.

If you want numbers, sports usually gets anywhere from 8-10+ ratings, while TBBT is a 3-6. Most other programming is between 0-2. Yes, that includes the ever popular "reality" shows.

Because of this, a rather significant number of those 300M people are actually watching, and with those numbers, you're going to get a lot of complaints.

Comment Re:I am curious about one thing... (Score 1) 66

* some enterprise based company has some windows only app. They want tablets in hands of users walking around (maybe for supervisors at a call center). Surface would make the entrance fee much higher than acceptable. Cheap android tables + a tweaked wine + their slightly tweaked app = MUCH cheaper. Could easily bring enough savings to be worth it.

There are cheap Windows tablets too. Often running the exact same processor that the Android version runs.

And by cheap, I mean $80 cheap. There's a bunch more around $130 or so. And they're really decent tablets at that - great screens, reasonable touch screens, and a lot more. In fact, I shudder at the "cheap" Android tablets. The cheap Windows tablets I used have all been decent.

There's no "Windows tax" for this - The reason they shipped with "Windows 8.1 with Bing" was to limit OEM customization in exchange for... free Windows licenses. All it means Is the OEM cannot do customizations like set Google as the default search. The user is, however, free to do so The user is even prompted during first run to set it up.

I own an HP Stream 7... cost me $100 back in the day. It's a surprisingly fast tablet, and to be honest, it's blown away all my expectations of a $100 tablet. Enough such that a low end Android may not make a whole lot of sense.

Comment Re: Not really a flaw... (Score 5, Informative) 69

Apple's method of securing appspace for the enterprise failed.

Actually, this is by design

One of the reasons for having the Enterprise certificate is to distribute apps without Apple approval. Because Apple can't really test, and enterprises really don't want to go through the hassle of having every line of business app approved.

So Apple always has offered an "out" - a way to get non-Apple-approved apps onto devices. Apple calls it their Enterprise program, where you guy a $500 (yearly) certificate from Apple, and that will let you self-sign apps and install them on devices that install the appropriate provisioning file.

So first, the provisioning file is installed (which also lets enterprises set key rules like lock screen password or PIN security and other policies). Then you can install apps signed by the same certificate.

It's not a big surprise that malware authors would use it, but for most normal users, such certificates often come by if you want to use pirated apps (there are plenty of sites out there selling you "re-signing" services for like $25 a year - they will sign cracked apps for you to install on your device).

In short, to install this malware - 1) You need to install the mobile provisioning certificate - a web page cannot do it, as the user must tap "OK" to actually install it. A user can list and view such provisioning certificates at will. They self-expire after a year.

2) You need to download the affected app, that's signed with the same certificate as the provisioning file. (So one company's apps cannot be installed via some other company's certificate).

3) The certificate hasn't been revoked.

The enterprise system is working exactly as designed

Comment Re:This is not about science. It's about dependenc (Score 1) 330

So out of curiosity how do you think we should develop GMO crops without patents? These things cost billions of dollars in very hard R&D to develop and bring to market. Without a patent then anyone will grow some of your seeds and then sell them next year to compete with your seeds and they had to do none of the work.

Then if it's so important, design the seeds to not do that. Montsanto is famous for "terminator genes" that do just that. Except well, they don't work. Turns out plants generally evolve out those traits. At which point, tough.

And there's plenty of "GMO" stuff that doesn't involve Monstanto - usually done by people cross-breeding or plants acquiring genetic material from bacterial and other things. And people STILL do it today - they still crossbreed. The world's hottest pepper was cross-bred, and was not genetically modified. It takes a little longer (it's generally easy to cross breed it, but a LOT harder to make the cross actually stick through subsequent generations)

And yet, farmers do it all the time because they want their crops to grow better. Survival of the fittest helps.

Real computer scientists like having a computer on their desk, else how could they read their mail?