Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?

Comment Re:Sue Islam for killing innocents. (Score 1) 136

The grandparent is referring to the Official IRA, which is commonly referred to simply as the IRA as it has had the greatest claim to the name since 1969. During the period the OIRA was active, The Republic of Ireland was (and remains) an independent Catholic country. Northern Ireland is part of the UK, but has a majority Protestant population who do not wish to become part of the Republic of Ireland. Attempting to incorporate Northern Ireland into The Republic of Ireland against the wishes of the majority of the population of Northern Ireland sounds like conquest to me.

During the period that the OIRA was active, they killed more people in the UK than Islamic terrorists have done in total. They did not cause Catholic churches to empty and their supporters toured America (particularly New York) raising funds to buy weapons. The US Government refused to block this. It only ended when, for some reason, around 2001 it became unfashionable to fund terrorists.

Comment Re: Don't think Uber will be alone with this (Score 1) 235

They can only do so because Google and Apple are siding with app developers to the detriment of their real customers. Don't know why (perhaps app-revenue/payment intermediation)

App developers are Google's real customers. Both Apple and Google take a cut of any app sales through their store, but of the two only Apple gets any money from the person who buys the phone directly (and so has two sets of real customers, the phone users and the app developers).

Comment Re: um... (Score 4, Informative) 234

You don't know what the word "democratically" means

Not the GP, but in this thread the person who doesn't know what democracy means is you. Democracy means rule by the people (literally, by the city). Implementations of democracy are referred to as either direct democracy or indirect / representative democracy. In a direct democracy, eligible voters are permitted to decide issues directly. In a representative democracy, the people select, via some mechanism, representatives who decide issues on their behalf. Nothing in the definition of a representative democracy requires that the representatives be selected via a straight first-past-the-post single-constituency election.

You seem to have been taught a fallacy that is common in the US, that a democracy and a republic are different and incompatible systems of government, rather than orthogonal aspects of a system of government (you can have a democratic monarchy and an authoritarian republic, for example, but you can also have a democratic republic).

Comment Re:I used to work at Hanford Site... (Score 1, Insightful) 94

If you work at a site that stores and tracks nuclear waste, then you probably know that a smoke detector contains radioactive materials and so shouldn't be just thrown away. You put it in your backpack to take it somewhere to dispose of safely. You forget that you did it and go into work with that backpack. Not a particularly far-fetched set of circumstances...

Comment Re:Short sight (Score 5, Insightful) 579

Let's look at some examples of things running on a typical computer:
  • Operating system: If it's *NIX, mostly C with some C++. If it's Windows, then mostly C++ with some C.
  • Web browser: Chrome, Firefox and Edge are all written in a mixture of languages, with C++ being the dominant one.
  • Office suite: Microsoft Office, Open/LibreOffice, and KOffice are all mostly C++.
  • Video and music player: The UI is often C# or Objective-C, but the code that handles the file metadata parsing, decoding, and playback is all C or C++, depending on the platform.

Yup, sounds like the entire world has gone to Java or .NET to me...

Comment Re:This opinion isn't new and is still wrong. (Score 1) 408

Are you saying the backend is working for configuring the OS to be hardened against all sorts of malicious software, but the OS isn't configured/shipped that way?

I'm saying that the OS provides all of the features that you're requesting, but they're generally configured in a permissive way because users favour being able to run their legacy code over security.

Because regardless of ACLs, any .exe that I run can wipe most or all of the important files on my hard disk

Only if the files are writeable / deletable for the combination of application and user (the two keys in Windows ACLs). You can configure a default policy of no access for all apps other than whitelisted ones, and Windows 10 S does this, but then you won't be able to download a random app and have it able to access arbitrary files. Oh, and on vaguely recent Windows installs, the system files are not modifiable by normal users, so they can't wipe most of the files that are important to the system, only files that are important to the user (who explicitly or implicitly granted the app the right to do so).

This is not granular permissions

No, this is not granular permissions configured with the policy that you request. Don't conflate policy and mechanism. The mechanism is there.

Comment Re:futility (Score 2) 235

The one law that would make a big difference there would be requiring vendors to unlock bootloaders and provide documentation for all hardware interfaces when they stop providing security updates. When an iDevice stops getting iOS security updates, it quickly becomes unsafe to use on a network and basically a brick. If you could install a third-party OS on it then that would make a big difference to waste (and, given the relatively small number of device types, it would be comparatively easy to support). Of course, this would mean that after a few years you'd probably see more iPhones running Android than iOS...

Comment Re:This opinion isn't new and is still wrong. (Score 1) 408

It also shouldn't work with a sensibly configured corporate network. Our default config for Windows and *NIX machines other than laptops is to have the home directory stored on a NetApp filer, which keeps snapshots of every home directory, with decaying frequency over time. For several of the FreeBSD machines that have local home directories, we do the same thing locally with ZFS (the NetApp runs FreeBSD but with a proprietary filesystem). A ransomware system on these systems would need root privilege because the users can't modify the snapshots.

Comment Re:This opinion isn't new and is still wrong. (Score 1) 408

Windows is fundamentally insecure, due to the lack of granular permissions

You mean the ACLs that govern access to every kernel object exposed by the NT kernel?

For Windows to be a secure OS, you need to be able to install an untrustworthy app and not have it be able to ruin your system

This is entirely possible with the NT kernel infrastructure, except in the presence of kernel bugs (and no system is secure in the presence of bugs in the TCB). It's also possible on FreeBSD with Capsicum or the TrustedBSD MAC framework (also used on iOS and macOS for sandboxing), on Linux with SELinux or seccomp, or OpenBSD with pledge.

The other thing that Microsoft could address more easily is installers that need admin permissions. Every installer is a black box, and most get carte-blanche to do whatever they want.

Microsoft has had MSI installers that are not black boxes for well over a decade and are widely used in large-scale software deployments.

Comment Re: This opinion isn't new and is still wrong. (Score 1) 408

CVE-2016-7117. CVE-2016-10229. CVE-2016-3931. That's three remote code execution vulnerabilities from last year in the Linux kernel alone (and just the top three from a 20-second search - there were others). Most of those were in multiple kernel versions spanning several years. Other software that's found in a typical distribution (*cough*openssl*cough) adds to that.

Plus, older Linux installs are often maintained for security patches far longer than Windows

Windows XP was released in 2001 and went EOL in 2014 (2015 if you're the British government). Please can you point me to the Linux distro that's getting security backports for the entire system for 13 years?

Comment Re:One bunch should be happy... (Score 3, Insightful) 150

More plant live means that you'll see a carbon dioxide sink for a while, but unless the plants are being buried in the ice then they'll eventually decay and release the carbon back into the atmosphere (some as methane as a byproduct of decay, potentially causing a greater greenhouse effect until it reaches a new equilibrium). More immediately, you'll see a drop in the amount of sunlight reflected straight back from the ice into space and so see additional warming.

Slashdot Top Deals

Never put off till run-time what you can do at compile-time. -- D. Gries