Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror

Comment: Re:If it's accessing your X server, it's elevated (Score 2) 307

by vux984 (#48925949) Attached to: Why Screen Lockers On X11 Cannot Be Secure

Are you familiar with the traditional attack

Computer somewhere running some OS.
Regular authorized but non-priviledged user logs in and runs regular non-priviledged user-space application "program that looks like lock screen" and then leaves computer.

Another coworker, or perhaps an administrator walks up to use the computer; types in his credentials... and the app saves them...

Windows solution to the attack implemented decade(s) ago:

real windows desktop lock screen can only be unlocked with ctrl-alt-delete which user-land non-priviledged apps can't intercept.
train users never to login to a computer unless they hit ctrl-alt-delete to unlock it first.

Comment: Re:grandmother reference (Score 1) 456

by vux984 (#48921331) Attached to: Ubisoft Revokes Digital Keys For Games Purchased Via Unauthorised Retailers

No. A refund is a return payment made from a merchant to a customer. Refunds are not made to third parties that were never part of the original business transaction.

Ok. Agreed. Ubi shouldn't owe them a 'refund'. But they are the party that owes restitution here.

The customer should seek restitution from the middleman that made the fraudulent charge.

"fraudulent charge" is a pretty strong charge to make. The keys were sold legally in Eastern Europe by buyers who then exported them legally elsewhere.

The only "contradiction" would be to what Ubi -wants-. That doesn't amount to fraud. It is not fraud to buy something in a price discriminated market, and legally export the product.

Europe is very economically diverse. Germany has nearly 4x the per-capita GDP as Poland, which happens to be right next door. What's affordable to someone in Germany is not necessarily affordable to someone in Poland.

My city is very economically diverse. Less than a mile away are people making a fraction of what is typical in my neighborhood. Yet we both pay the same price for milk, cars, and movie rentals.

I hear your argument, but I'm not sure what makes the line between germany and poland a magical line the free market dare not cross.

That bike rack that you mentioned above is purchased outright, whereas Ubisoft's games are licensed.

Semantics. I *purchased* a license. I don't pretend I have any special exceptional copyright ownership of the underlying intellectual property any more than when I purchase a copy of a book... but I did *purchase* a license. The store had a "buy" button, I pressed it. A one time transaction was completed. I know own a license. Its listed as one of my games. And I can click a link to my "purchase history".

  There's a principle in law... if it looks like a duck, and quacks like a duck, then its a duck. (You see this principle applied in other areas too like when corporations dress up their employees as "independent contractors" and the law sees right through it.)

Many leasing companies will not allow the lessee to take the vehicle out of the country without permission.

A lease agreement is a negotiated several page document that both parties sign multiple times over. Pretty sure that's not a better analogy for buying a video game.

Region locked game consoles are a good example of this. Outright revoking access to the service is crude, which is why many publishers are switching to language-locked editions. A high-priced English-French-German-Spanish-Italian edition on one side, and a cheap Polish edition on the other. This can negatively affected ex-pats that don't speak the native language, but that's a very small group.

Yup. I agree they can do stuff like this. But you can take a region locked game console to North America and play games purchased in that region for it. They don't get to show up your house with a hammer and smash your console.

or you agreed to the ToS and accept the consequences of breaking them.

Which terms of service did I any one agree to before buying the key that indicated UBI could revoke the game if they weren't from the country the key originated from?

I don't deny they exist... but I'd like to see them.

Comment: Re:grandmother reference (Score 2) 456

They didn't purchase the product from Ubisoft, so why should Ubisoft give them a refund?

Ubisoft revoked their product.

They should seek a refund from the unauthorized retailer.

No Ubisoft should refund me my money; and seek restitution from the unauthorized seller.

Suppose I buy a bike rack from amazon.com and use one of the services available to redirect the shipment to Canada. Because the same rack is nearly 50% more in Canada. ( Yakima Holdup MSRP $580 CAD); available for $520 CAD on Amazon.ca. $305 is the best price I can find on Amazon.com. That's $378 CAD.

So if I decide to save $120+ by bringing it in from the states; its grey market product. Canadian authorized resellers hate this, but am I really supposed to pay 50% more, when I can legally purchase it for less? Corporations shift their expenses and profits around like crazy... but it's unethical if I play the same game?

Should Yakima really be allowed to show up at my house and take it away? And tell me to try to collect a refund from the seller in the USA? Or perhaps I should QQ to the shipment redirect/import service?

Why is it ok for Ubi?

Low income markets usually constitute a rather small portion of a large manufacturer's revenue, so they can live with out it. On the other hand, the low income markets will lose access to the vendor's goods and services.

This is true. But the border between eastern europe and western europe is a line on a map. If your selling the same product on both sides of the line at radically different prices to maximize YOUR profits, how can you villainize the people on the two sides of the line from correcting what would anywhere else be an obvious market FAILURE.

I hear your point; and I don't object to Ubi ~trying~ to price discriminate; but if they can't then they have to deal with that, they can't just start revoking sales and taking things away from people who bought the product on the wrong side of their special line. *I* certainly didn't make any agreement with Ubisoft about where or from whom I would purchase X.

Their beef is with their eastern european and asian distribution channel not me.

Coming after me... just ensures they've lost a customer. Permanently. (And to be honest, I haven't bought an ubisoft game in years already, precisely because of their various dick moves. And I do buy lots of games.)

Comment: Re:Now using TOR after WH threats to invade homes (Score 4, Insightful) 274

by vux984 (#48914341) Attached to: EFF Unveils Plan For Ending Mass Surveillance

Where are these unicorns? Has there ever been a single verifiable case of this?

I don't know about elsewhere, but here in Kanuckistan the RCMP has been working, with the cooperation of the muslim community, to deradicalize people, with some success.

"With the cooperation of the muslim community. Meaning; the RCMP were alerted to potential bad eggs from within the muslim community by volunteers; thanks to the RCMP being accessible and opening channels of communication. Its an example of truly good police work.

That's exactly what we need, and more of it.

But the unicorns I'm talking about are the terrorist attacks stopped by the panopticon, by the mass surveillance of everybody.

Comment: Re:Now using TOR after WH threats to invade homes (Score 5, Insightful) 274

by vux984 (#48912339) Attached to: EFF Unveils Plan For Ending Mass Surveillance

It is a catch 22; You can't get a warrant without evidence and you can't get evidence without a warrant.

No. Its really not. Its called regular police work. And police have been identifying suspects, building cases against them, culminating in search and arrest warrants for a hundred years now without "mass surveillance".

Will the EFF be the ones who apologize to the families of those killed by attacks that could have been stopped?

Where are these unicorns? Has there ever been a single verifiable case of this?

And even if they do exist? So what? Why should the EFF apologize for pushing for policies that make us all more free; even if a tiny handful of people die as a result?

Should the police be allowed to just randomly stop and frisk you? Maybe give you an anal probe right on the street? Maybe come into your house at night, and search the place for evidence of terrorism? No? You don't think that's ok?

Will you personally apologize to the families of those killed by attacks that could have been stopped if these searches had been allowed?

Comment: Re:Who eats doughnuts with the doughnut men? (Score 1) 452

by vux984 (#48912311) Attached to: Police Organization Wants Cop-Spotting Dropped From Waze App

I've been speeding safely for 30+ years.

Yeah, that's what everyone says until they have an accident.
Statistically most people do not have speed related accidents even if they speed. So statisically there's a lot of people like you who think they "speed safely" but many of them don't. The odds just haven't caught up with them.

That includes devoting significant brain time to scanning for cops.

Well, good. I'm glad to see your spending signficant time scanning bushes for cops. It would be a shame if that brain time was devoted to actually driving safely.

Maybe your above average. Maybe you really are great driver.

Then again, my grandfather was absolutely TERRIBLE. He went his whole life and died of old age without any tickets or wrecks too. But as kids my parents wouldn't let us in a car if he was driving, and as adults we understood why, why parents were releived when he gave up his license at 85 voluntarily, before killing someone. But how we went 65+ years behind the wheel without killing anyone, kiling himself, or even being pulled over, is nothing short of a miracle.

He thought he was a safe driver too and always trotted out his pristine driving record as "proof" too. So maybe that's you.

Or maybe not you, but its a lot of people who talk the same talk as you.

Comment: Re:Now using TOR after WH threats to invade homes (Score 4, Insightful) 274

by vux984 (#48912135) Attached to: EFF Unveils Plan For Ending Mass Surveillance

Starting using TOR browser bundle after White House threats in previous Slashdot article

WTFBBQ?!

Ok... White House threats?

The ones made by Sir David Omand
former head of GHCQ
in the UK (the "sir" and "GHCQ" should have been clues)

That guy is now a policy making executive in the White House?

Look I agree with your sentiment, but your total ignorance ruins your credibility here.

Some retired guy in the UK explaining that without surveillance spies will need to do more intrusive spying to get at intelligence does not amount to White House threats, even if he was the head of the British equivalent of the NSA. He's still just a retired guy rendering an opinion.

What's more what he is suggesting will happen is actually a good thing. We want the NSA to make intrusive spying efforts at targeted individuals, under warrant and court supervision. That's their job, and we all more or less agree with them doing exactly that. What we don't like is them sitting back and tapping everything from everyone, everwhere. But if they literally have to go somewhere and physically plant a bug in some suspected terrorists laptop to get at his info ... GREAT.

We should be raising Omand on our shoulders and parading him around as the voice of reason.

Comment: Re:grandmother reference (Score 0) 456

Grey market activities ultimately harm lower-income markets

Grey market activities do not harm lower income markets. Vendor reactions to grey market activities might but the grey market itself does not affect them.

If revenue from the manufacturer's primary markets is threatened, they'll simply end price discrimination or cut off the weaker markets all together.

Or they'll do what Ubi did. And just start revoking the product from anyone who bought it that they think shouldn't have. No refunds of course. I'm surprised if that's actually legal.

Comment: Re:Going to/from a Mac isn't hard (Score 1) 375

by vux984 (#48907803) Attached to: Windows 10: Charms Bar Removed, No Start Screen For Desktops

The Mac interface is a LOT closer to classic Windows (XP through 7) than Windows 8 is.

Nope. Not even close.

If anything Windows 8 and OSX are the closest. (Start Screen = Application Launcher); and the taskbar and dock continue to converge.

I've transitioned plenty of people between OSX and Windows XP/Vista/7 in both directions. They're not all that different and transitioning between them isn't hard for most folks

Agreed. Its not that hard to transition to OSX. Less so than people would imagine. But its far harder than your letting on.

But transitioning form 7 to 8 isn't hard either. It's far easier than transitioning to OSX because once they know how to find and launch a program in 8 it looks exactly the same on 8 as it did on 7. And the names of all the apps and utilities etc are all the same. Snipping Tool, Notepad, Internet Explorer, Stickies, etc.

Whereas everything equivalent on a Mac is a bit different, and has a new name. "command-shift-4 for screenshots", TextEdit for notepad, Safari for IE, Notes.app... etc. And even the familiar stuff like Microsoft Office has a completely new skin, and doesn't work quite the same in a zillion places.

Its simply completely dishonest to suggest OSX is easy to transition to while 8 is hard.

I can't really see why anyone would pay to upgrade to 8.1 from 7; but I can't imagine getting worked up about a new computer coming with 8.1.

And 10 is looking better still. I'm sure it'll have its flaws. Every OS does. (XP was widely "loathed" on /. for its fisher-price look and then-new two-column start menu when it arrived too...) And people were falling over themselves to boast how the first thing they did was restore it to "Classic" Win2K themes.

Maybe it's fine on a tablet

It is.

but I absolutely hate using it on a desktop.

I agree it needs about 5 - 10 minutes to cleanup its settings to make sense on a default, pin what you need, cleanup the live-tile overload on the start screen, tell it to boot to desktop, and use the desktop versions of the photo viewer, etc so you aren't being thrown into "Modern UI" at random all over the place. Turn off the extra hot-corners, etc.

But you don't need any third party utilities or anything to make Win8.1 a completely serviceable desktop OS. I'm at this point indifferent which one I'm using.

I like the start-menu search on 7 better than being tossed to full-screen for that in 8.1 enough to recommend "launchy" to power users who use the 'feature' but that's about it.

Comment: Re:Charms Bar vs Action Center (Score 1) 375

by vux984 (#48907507) Attached to: Windows 10: Charms Bar Removed, No Start Screen For Desktops

It's not at all clear to me what "Replacing the Charms bar is the Action center which has many of the same shortcuts as the Charms bar but also has a plethora of other information too." actually means.

First, the Action Center was a feature of Windows 7 (Vista?). It is not a new thing.

So I guess it means the charms bar is gone. And its functionality has been moved to the action center. Seems pretty reasonable.

I never liked the charms bar. Glad its going away. I hate hot corners.

Having a secondary OS Settings menu to complement the Start menu for programs isn't necessarily a poor design choice

Its really just expanding the role of an existing control panel.

Comment: Re:Midrange? (Score 1) 114

by vux984 (#48907407) Attached to: NVIDIA Launches New Midrange Maxwell-Based GeForce GTX 960 Graphics Card

the screen size comes into play. i would play 4k with maybe a 32+ inch screen but then it may be too close for a desktop experience. I output to a 4k projector if I truly need color corrected picture quality, plus my old eyes really appreciate the beauty of high res but at a much bigger screen.

I don't get this at all. The only reasons ever not to game at the screens native resolution is

a) due to framerate losses due to pushing more pixels

b) due to poor game designs where the fonts become unread-ably small because they are fixed pixel size instead of scaled.

If your down sizing because of framerate on a 970GTX; that tells me that video cards really aren't ready to push 4K yet.

If your down sizing because of readability and font issues; that tells me that the games themselves aren't really 4K ready yet.

Or perhaps a combination of both issues; depending on which game we are looking at.

Either way, it tells me that 4K isn't really quite "there" yet for gamers.

Comment: Re:Modula-3 FTW! (Score 4, Interesting) 484

by vux984 (#48900587) Attached to: Ask Slashdot: Is Pascal Underrated?

. What can you do in Pascal that you can't do in C++, or Python, or Java?

So the world only needs 3 languages? Everything from Lua to OjectiveC to Javascript to Haskell... we already have C++, Python, and Java.

And frankly that's an odd 3 to choose. Why Python? Why not Javascript? Why not Lisp?

Maybe we just need Pascal, Lisp, and C#.

"all the extra typing"? I don't even know what to say to that. 99% of programming, is design and debugging. 1% is the actual "typing out the code". If you lost 50% of your time to typing out the code due to typing out begin and and I've got serious concerns about the design.

and reduced readability

begin
          Formatting, indentation, and syntax highlighting make using being and end work just fine as block markerers.
end

Plus I admit I hate python's semantic white space. At least begin and end don't get mangled simply by copy and pasting a snippet. And since all the semantic information is in the content, the IDE can do the pretty formatting FOR YOU to improve readability.

Comment: Re:Internet Explorer (Score 4, Insightful) 99

That was it. That was why corporations went with it.

That's a big part of it, but you do have to factor in activeX. While it was always a bit of a boondoggle on the consumer internet; it did provide some much needed glue that those old browsers didn't have.

Wanted your cool new enterprise intranet application to be able to print to the receipt printer? Or upload local files with an elegant interface? Or (and a long list of other stuff.) There simply was no cross-platform way to do it. Netscape Plugsins OR ActiveX... and if the enterprise had the luxury of controlling what people were using so it could pick just one... and IE in addition to everything else you said ALSO was easy to manage via AD group policy etc. So it just made sense to use it.

And once they'd gone down the activeX road, and became dependent on it... well the whole planet has suffered for that mistake. :)

Comment: Re:In after somebody says don't run Windows. (Score 1) 467

by vux984 (#48893999) Attached to: Ask Slashdot: Best Anti-Virus Software In 2015? Free Or Paid?

What's next, are you going to start talking about how there's a worm hidden in everyone's ring 0?

Reboot. Solved.

which "tells windows not to report it" and "doesn't show up in the registry editor"

So I kept it in laymen's terms? is there really any need to be technical with respect to how that's accomplished?

(why a virus would have to write in the registry in the first place is beyond me)

Usually to hide a gazillion triggers to restart / heal itself after at reboot.

They're far, far more likely to be built off CatPicturesScreensaver.exe than from some crazily smart drive-by which is completely undetectable and doesn't do anything... until the doomsday comes.

That's harder to say really.

There is going to be a clear confirmation bias. Like the idea that all criminals are stupid... just watch cops. Yes, LOTS of criminals are stupid. But the ones that are smarter? The ones that don't get caught? Where its not even obvious a crime was ever committed? Can we really say there's more dumb criminals than smart ones based on the fact that we don't see them as much?

I agree with you, but I'm not so sure what the ratio of good unobtrusive stuff to in your face nonsense really is. I concede we're not likely facing 'james bond' grade viruses ... and I think the majority out there is the fast and dirty social engineering to get a toolbar added to your browser... but I think we underestimate the just how prevalent unobtrusive malware might be; simply because by virtue of being unobtrusive we don't even know when were infected.

And for the less technical... they simply would just never know. They'd never complain, because nothing was 'wrong'. Eventually it would get old, replaced, or they'd pay some kid to wipe and refresh it because they were giving it to someone else and they'd be none the wiser that it was ever infected.

I found my parents computer once had been very discretely turned into someone elses "cloud storage". I only stumbled over it by complete fluke. I was troubleshooting something else; and just stumbled over it as there was a lock preventing a folder move or rename or something like that and that and it got me to look deeper.

I can only speculate that I've missed an unknown number of others over the years.

Comment: Re:In after somebody says don't run Windows. (Score 1) 467

by vux984 (#48890541) Attached to: Ask Slashdot: Best Anti-Virus Software In 2015? Free Or Paid?

If this botnet is that good then unless you can monitor all your traffic to and from the suspected infected system with a separate, knowingly uncompromised system.

Pretty much. Yes. Unless its designed to overload your centrifuges and not communicate with the internet.

I think a good botnet would be dormant offline and invisible to the kernel, making an offline scan using the suspected system to inspect itself useless as well.

Which is I said it needed to be an offline scan.

If this awesome botnet gets me, hey...oh well.

Agreed. That level of security is out of most our reach.

However, the point remains that you could be part of a pretty run of the mill botnet, have your passwords harvested, and a variety of other nasty stuff and you'd have little to no chance of catching it in time. Even if it wasn't hyper-adept at hiding from the kernel itself.

Just not being particularly "obtrusive" will let run for months... perhaps years before you catch it. And most botnets these days qualify for "unobtrustive" because if they start throwing up piles of ads, redirecting your searches, and puking all over the place you'll wipe and rebuild and take them out. And they're in it for the longer game... while the puke on your system shit is just looking for some quick ad revenue before you find someone to "fix it" again.

Whom the gods would destroy, they first teach BASIC.

Working...