Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror

Comment Re:Because there's already an LTS Ubuntu: Debian (Score 1) 222

Debian is no substitute for Ubuntu LTS. If you look at http://en.wikipedia.org/wiki/Debian#Release_history , Debian releases have generally only been supported for 3 years. Ubuntu LTS is supported for 5 years. The extra 2 years of not being forced to dist-upgrade a stable working system just to get security upgrades are very useful!

Comment Re:The hole is only relevant to the Java plugin? (Score 4, Insightful) 265

Standalone Java apps already have full arbitrary code execution and full access to the system. What would be the point of using an exploit to gain access to a system you can already access. If you are running a standalone Java app, you have already chosen to trust the code completely, unlike a sandboxed app in a browser.

Comment Re:TURKTRUST's explanation (Score 2) 75

In summary, they claim that a testing profile (which creates intermediate certificates) on a test system were accidentally copied to a production system, and in effect for two days. The MitM *.google.com cert is claimed to be have been automatically issued by a Checkpoint firewall once a CA cert is installed, without intention from the owner of the accidental CA cert.

So TURKTRUST claims it has all been an accident.

Comment Re:In Linux drivers, Intel is still king. (Score 2) 161

While AMD is releasing documentation, Intel is releasing actual open source drivers. And now that Intel's graphics hardware is no longer a complete joke, Intel is becoming a real alternative for some users.

AMD is still better than NVIDIA, which doesn't release documentation.

Comment Re:Can someone explain... (Score 4, Insightful) 262

For a concrete example, the RSA public key includes a number n, which is the sum of two secret primes p and q. The encryption is broken if an attacker can derive p and q from n by factorization. ( http://en.wikipedia.org/wiki/RSA_(algorithm)#Operation )

if you could factorize an RSA public key 48% of the time then it would be a pretty big deal, since it would render RSA completely obsolete.

Comment Re:I always thought leap seconds were stupid (Score 1) 230

> That would break the main goal of NTP, which is to provide high accuracy time to computers. Many systems, such as telescope control systems, financial trading software etc, depend on NTP to regulate the computer clock at the millisecond or microsecond level, and this accuracy would be lost during a google-style smearing operation.

Anybody who really cares about reliable time, such as telescopes, should use TAI and not UTC (and I think they do).

To me it is incomprehensible why Unix uses UTC instead of TAI for the hardware clock - TAI is the obviously correct choice.

Comment Re:I always thought leap seconds were stupid (Score 4, Insightful) 230

> Why not bundle them and apply them every 10 or 20 years?

The problem we have here is that leap seconds are rare. Things that are common are tested for, and quickly found if broken. Having something which only happens every 20 years is a recipee for disaster every 20 years.

My view is that NTP is at fault, because the 61th second is a brittle way to handle it. NTP should use the same method as google for smearing the leap second out over fx an hour: http://googleblog.blogspot.dk/2011/09/time-technology-and-leaping-seconds.html

Slashdot Top Deals

What this country needs is a good five cent nickel.

Working...