Follow Slashdot stories on Twitter


Forgot your password?

Comment Alternate Title: MS Disables Faulty AV Software (Score 5, Insightful) 208

Or for a non-inflammatory title: Microsoft Disables Faulty AV Software so Win10 Uses Can Safely Update To Latest OS

AV software is some of the worst crap to get foisted on Windows installations. I wish MS would just disallow it outright. But as the Kaspersky suit shows, AV vendors aren't going to let go of that teet if they find any way to avoid being forced to do so.

Comment Re:Yet another trek (Score 1) 243

The question for me is, why would I want to pay $6/month just to watch a few episodes of Star Trek: Discovery?

Heck, it's not even paying that's the problem. It's that I'm paying for a subscription TV streaming service, so when that subscription lapses, I have nothing.

In the era of iTunes/Amazon/Google where I can buy a season pass for a couple of bucks an episode and go back and watch it any time I want, a subscription streaming service doesn't bring much to the table. I'll pay once, but I'm not going to pay twice.

Comment Re:Thoughts and prayers (Score 0) 1197

Thoughts and prayers out to the victims and their families. Speedy recovery for the injured.

I'll be quick here. This is Slashdot, not Sunday School. This is a site for rational people. Thoughts and prayers are an idiotic way to make yourself feel good about yourself, but do nothing for the victims. At the same time, fuck the victims. I hope this is the beginning of the violent revolution we've been hoping for. Considering you have have an FBI record for your prayer, it matters not that I get an entry for my statement. We are all screwed unless someone can reset Franklin's great experiment. This may be a start.

Comment Re:What the hell... (Score 1) 178

And they come preloaded with addons, some of which are legal because they have substantial non-infringing use, all of which are preconfigured to grab stuff you're not authorized to watch. It's this very last part that makes them illegal. If they're not preconfigured to or advertised for the purpose of copyright infringement, then they are legal.

And to add to that, there are vendors out there explicitly advertising/selling these as piracy boxes. They're not even trying to hide behind plausible deniability, they're outright trying to sell hardware to people for the purposes of committing copyright infringement.

In fact I just got an ad on RevContent today for one of these:

"But how can you watch for free? The secret to that is an app called KODI. TVFrog has completely reprogrammed and redesigned it so it works even easier. The TVFrog technology searches the internet where it will locate and stream, virtually any television show, hollywood movie, or live sports event you want to watch without having to worry about paying rental fees or monthly subscriptions."

Comment Re:Of Course (Score 1) 464

That sounds like a place where they need to hire more people because there's no excuse for single coverage of anything.

Think of it like this: do you have a spare car in case one of your two cars breaks down? The answer of course being no. So why would you have a spare employee?

Redundancy is nice on paper. But in the long run I reckon it's rarely worth the $100K/year cost.

Comment Re:Of Course (Score 0) 464

IMO, it's not the boss you need to fear. It's your co-workers, myself included.

You being gone for the day may only be 25% more work for me, but that 25% gives me 75% more stress, as I now have to work a 10 hour day to take care of it. So if you take a vacation during a busy period, yeah, there's a good chance someone like me is going to take it out on you.

The unspoken rule of business is that I don't take vacations so that my work doesn't get dumped on you, and I in turn expect the same from you. Otherwise it's like a traffic jam: only a few people have to start misbehaving to inflict great suffering on everyone.

Comment So What's the Right Way to do Telemetry? (Score 1) 284

I want to zig-zag here a bit. We all agree that MS is doing it wrong with telemetry on Windows 10. So then, fellow Slashdotters, what is the right (or at least, righter) way to do it?

  • Do we make it opt out or opt in? If it's opt out then most people unknowingly participate, which increases the chance of telemetry seeing something it shouldn't. If it's opt in then most people unknowingly don't participate, and the pool of telemetry-enabled systems will be very small and biased towards power users.
  • What's okay to collect? What should be forbidden? Very roughly speaking, the more you understand how your users use your software, the better you can optimize it for their needs. But the opposite side of that is again privacy issues. So where's the line?
  • How do you communicate with users what you're doing with the data? No one seems like MS's built-in descriptors or the website. People want details, but then many more of them will gloss over anything that's more than a paragraph long...

I don't see telemetry ever going away entirely, and I'm not sure that would be a good thing even if it could. If there's one lesson to take from the first couple of decades of computing, it's that the general public and their computers-as-appliances attitude have no idea what they want, and even when they do, they can't explain it very well. Whereas telemetry, for better or worse, tells you precisely what the user is actually doing.

Comment Re:This is all overblown (Score 1) 36

I figured after the scary story about Windows machines being infected by WannaCry in MINUTES, I could have some fun with it. But no. This machine is still sitting there perfectly fine. None of the random documents I put on it have been encrypted. No signs of infection by anything.

Windows 10 is not vulnerable to the worm propagation mechanism of WannaCry. The exploit is mitigated (though not truly resolved) as part of the overall security hardening done throughout the OS.

Only Windows Vista, 7, and 8 are vulnerable. (Windows XP is apparently not vulnerable to the worm either, though it would seem for different reasons)

Comment Re:Why should we be different to studios? (Score 1) 206

A studio is afraid to try something new because a movie costs millions, often hundreds of millions, to make.

No it doesn't. There's no reason for any movie to cost that. It is assumed that any movie will pull in that kind of profit, so the producers are given that kind of money to compete against all the other high prices movies. Most of that money goes to bidding for top name actors, just like a sports team will bid for top athletes. Some of the best movies were made on a shoe string.

Comment Re:Microsoft is 100% right on this one (Score 5, Interesting) 324

I know this isn't a popular opinion around here, but hear me out.

The NSA is the US's SIGINT operation. Their job is to be both the offense and the defense when it comes to dealing with electronic systems. So developing attacks against other systems is part of their purview, and we want them to continue doing so such that we can spy on, and if necessary attack other nations. The need for an offensive SIGINT group will always exist, even if it's not the NSA.

Back in the days of yore, it used to be that exporting valuable software was restricted. If the Soviets wanted software for controlling gas pipelines, for example, they either had to develop their own or steal it. And exporting useful encryption was right-out banned. The end result was that for SIGINT purposes, there was a very clear line between "us" and "them" in what each side's systems could do, how they worked, and what they ran.

The Internet has put an end to national borders for software. Now everyone runs the same Oracle database, the same Cisco/Juniper routers, the same Microsoft OS, etc. It's allowed commerce to explode on our end by exporting valuable software to new market. However the flip side of that is that the line between "us" and "them" has almost entirely been erased. Now the nations we spy on run much the same software we do; now the nations that we need to be able to attack don't run antiquated little systems that are easy for us to break into. How do you balance offense and defense in that situation, when any weapon you make can be used against you, and any defense to develop can be used by your enemies to shield themselves from you?

Had our relevant TLAs bothered to tell the relevant companies about the holes they found we would all be a hundredfold safer. But no, they kept them secret, figuring they could hack Some Bad Guy's computer and Stop Some Low Level Bad Thing.

If our relevant TLAs informed software vendors about every exploit they found, it would improve the quality of software to be sure. And that definitely has some benefits. But then we'd be committing to an entirely defensive operation, due to the fact that everyone else is running this better-hardened software.

Meanwhile when it comes to offense, we'd have no exploits let which to use to spy on or attack other nations with. But the same is not true for other nations. Their own SIGINT groups would be searching for exploits as well, and since they wouldn't be bound by what we're doing, they'd continue stockpiling them and using them against us as they deem necessary. Our software-hardening efforts would make this task a lot harder, but not even the NSA is going to find every bug in Windows. So at the end of the day, other nations would still be able to attack us, even if we did report all exploits we found.

The problem with a purely defensive operation then, especially in the software sense, is that your defense only has to fail once for you to lose. Once they're in your systems you have no ability to retaliate (since you have no exploits to use as weapons), so hostile forces have very little incentive not to attack you. And while you can clean up afterwards, the damage is done: the blueprints have been stolen, the cyclotron has been busted, and Amazon is shipping everyone 50 gallon drums of lube.

Ultimately Cyber security when both sides have the same systems is little more than a new variant on the Prisoner's Dilemma. We can stop ratting on the other prisoner, but they're not going to stop ratting on us. No matter what we do, it's in the best interests of foreign powers to be able to attack our systems. And that means we need to keep exploits of our own in order to be able to mount a credible (if not overwhelming) offense.

The one problem here - and not to discount it, because it is a real problem - is that the NSA obviously didn't secure these tools well enough. They're the freaking NSA, they are supposed to be the best SIGINT group in the world. And that means they either got outplayed (and they weren't prepared for that possibility), or there is a classical mole in the organization. Neither one of these is acceptable. They need to continue developing exploits, but for the love of Pete they need to treat them with the utmost security.

Comment Re:Physical distribution media? (Score 5, Informative) 260

That "quaint" method is still the only method to actually receive high-quality copies of movies and TV shows. Video streaming bitrates are a joke, comparatively speaking. Everyone tries to stuff into 10-20Mbps what takes 50+. The result is banding, blocky artifacts (especially in dark scenes), and blocking with rapid action. A properly mastered Blu-Ray or UHD disc on the other hand will have none of those problems, as the overall bitrate and the peak bitrate are high enough to properly capture a scene no matter how detailed it is.

The DRM is a pain in the rear, but for the quality I'm quite happy with my "quaint" optical media.

Slashdot Top Deals

I cannot conceive that anybody will require multiplications at the rate of 40,000 or even 4,000 per hour ... -- F. H. Wales (1936)