Forgot your password?

Comment: CISSP opinion: the patch proves Google f***ed up (Score 1) 24

by xxxJonBoyxxx (#46786835) Attached to: Heartbleed Sparks 'Responsible' Disclosure Debate

>> Google notified OpenSSL about the bug on April 1 in the US – at least 11 days after discovering it.

"OK, maybe it was caught up in legal. Suits at large corporations can take a while."

>> Google would not reveal the exact date it found the bug, but logs show it created a patch on March 21,

"On second thought, if the geeks on the ground had the authority to patch and roll to production, then why the finger to the Open Source community, Google?"

Comment: I doubt "no one knew" (Score 2) 114

>> What none of the attendees of the conference knew was that Google was pulling many of the strings behind the event

I doubt/hope that "no one knew." Conference agendas, like news stories, should always be read for brand-name frequency. (The brand name that appears most frequently or in the most positive manner is usually the one that hired the PR agency to plant the story in the first place. Same thing goes for a conference agenda.) What's the number one name on this conference agenda? Google.

So...if the academics attending the conference didn't guess it was Google sponsored...then they're probably not as bright as their titles suggest.

Comment: Nah...TL:DR (Score 5, Informative) 115

by xxxJonBoyxxx (#46698583) Attached to: Google Chrome 34 Is Out: Responsive Images, Supervised Users

A "responsive image" will load either a small or large version (or multiple versions) depending on the browsers's screen resolution. To do this, it makes an extra request to the server before requesting the appropriate image size.

(The referenced Opera article prattles on and on - Google's faster.)

Comment: Er...what's left in "open source" to talk about? (Score 4, Interesting) 129

by xxxJonBoyxxx (#46650247) Attached to: Interview: Ask Bruce Perens What You Will

Having lived through the entire lifecycle of "open source," it seems like its place in development communities and businesses is well-established, with a mix of different licensing and deployment models for whatever anyone wants to do. there really anything interesting left in "open source" to talk about? (Software patents, maybe, but even that's picked up some case law.)

Comment: He pretty much agrees with you on page 12. (Score 1) 277

>> Sane people will stay with salting and stretching, ideally with scrypt() to neutralize GPUs.

"Key stretching is orthogonal to PolyPassHash and could be trivially used in conjunction."

Hell, just the bit about bcrypt, etc. using a unique hash per password would have stopped most of these "grab the file then crack the table" hacks; the current focus of developers should probably just be to replace anything still using unsalted (or common salt) MD5/SHA1/SHA256 schemes.

Comment: WTF would you think we would enjoy an "audio ver"? (Score 5, Insightful) 142

by xxxJonBoyxxx (#46629763) Attached to: The Inside Story of Gmail On Its Tenth Anniversary

>> some readers may note that with this story we are slowly rolling out one we hope you enjoy -- an audio version of each Slashdot story. thanks. There's a reason video tanked on this site too - your readership is too damn busy to wait for the talky-talk. So, we skim (and type) like crazy, and value text-heavy sites like Slashdot and Reddit. (OK, 15 seconds - time up - back to work!)

Comment: TL;DR (Score 3, Informative) 142

by xxxJonBoyxxx (#46629529) Attached to: The Inside Story of Gmail On Its Tenth Anniversary

Early use by a major company of Javascript consuming XML-based web services. Successfully leveraged Google's search engine. Design conflicted with the all-on-one-page "portal" paradigm of the time. Text ads instead of banner ads, and controversial because they were tied to the content of the messages. Original cluster was 300 servers.

Comment: PLANNING to introduce a LEGISLATIVE PACKAGE (Score 1, Insightful) 208

by xxxJonBoyxxx (#46573003) Attached to: White House To Propose Ending NSA Phone Records Collection

>> planning to introduce a legislative package

Since when did Obama think a lawful path through Congress was a good option? Wasn't he the guy who said he'd work around our elected representatives to mandate the important things on his agenda?

Oh...I see. This is just a "planning to" press release. In other words, this is a BS trial balloon designed to get people off his back about the NSA without actually changing anything.

The clearest way into the Universe is through a forest wilderness. -- John Muir