Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror

Comment Re:Do-over (Score 1) 238

Bankruptcy is declared, like crying Uncle. I can be a friggin' hobo and not have declared bankruptcy, as I'm not required to until creditors are banging at the front door of my cardboard box.

Until then, I'm allowed to claim my cardboard box to be a fully-furnished mansion if I wanted to.

Comment Re:Please... (Score 1) 88

There's tons of fresh new games out there. You just have to look for them. A lot of great mainstream games of note have been Portal, and Braid, No More Heroes, Little Big Planet, Left4dead, the list goes on.

Of course, you may not like them all, but they definitely aren't sequels. (Well, I guess Portal is a kind of spiritual sequel to that one old game that was made by the same team...)

Comment Re:Wow... (Score 1) 629

Do not enter the intersection if you cannot get completely across before the light turns red. If you block the intersection, you can be cited.

This is what has been continually repeated in this thread. But it's a judgement call. And if you make the wrong judgement, then you're screwed, no take-sy back-sies. It's like saying "Too bad you thought that you could make it through before the amber and red lights!" People that live in the town may know that you can't (because of the funk-ed up traffic light patterns), but someone new or passing through would not.

If the light was still green, of course they would think that they could still make it, especially if the car ahead had not yet stopped.

Comment Re:OK, dumb question after reading the article (Score 1) 747

Well, in cases where you can't trust the client, that means you (the server) should not allow any client side code that isn't heavily checked and double-checked. GP is concerned about client side security.

Of course, as it stands now, there is no trivial way to prevent what RMS wants; user-specified client-side code. But if a third party is able to specify code for the user (using phishing techniques, etc;), therein lies the security hole.

The only way to really do this is to do away with javascript altogether, and create some new mechanism that either implements what RMS is talking about, or is able to run as totally black-boxed client-side code. The former would put the client at risk to dropped-in malicious code, whereas the latter is still vulnerable to persistent hacking (meaning again, that server still can't trust the client). I would argue that the former is more secure overall, since the latter seeks security in obscurity.

Personally, I'm all for an easier way to use your custom drop-in replacements for web page code. It would be like Grease Monkey, and people would stop complaining whenever Popular Social Website changes its interface yet again. Plus, it would make sense to use some local cache for Popular Social Website's code (which would be periodically updated, of course).

Slashdot Top Deals

"Don't drop acid, take it pass-fail!" -- Bryan Michael Wendt

Working...