Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror

Comment Re:Don't buy from them? (Score 1) 764

Your point is that Amazon is a publicly traded bookstore. They don't sell items they don't like.

But what does this make Google ? They are a publicly traded library.

Google is also in the process of digitizing vast numbers of real world libraries. Presumably so that we don't have to visit libraries in the future.

Do they also remove (digitally burn) the books that contain words that are not compatible with their current/future corporate image?

Comment Typical revolutionary (Score 1) 538

Anyone else would have taken the safe road, formed comities or a special interest group. These are all organisations which governments understand. They are easily managed and co-opted. Give them funding, ask them for regular reports, have a yearly dinner party and then threaten to cut the funding if they go out of bounds.

So yes, for something like Wikileaks to be successful you need a revolutionary.

Someone who persists in the face of governments and a general public happy with the status quo.

Assange being an asshat is Wikileaks only and largest quality.

Comment Re:BBC vs Murdoch (Score 1) 214

The BBC is going to feel the heat in a much different way.

Publishers (eg. Murdoch) have been trying to roast the Beeb for competing unfairly with them online and they might have just been handed a stick.

Over the water in the Netherlands the newly installed Dutch government has stated that its undesirable for publicly funded broadcasters in the Netherlands to be competing with commercial publishers on the Internet. It wants to take this to the logical conclusion and shut down websites maintained by the various publicly funded (broadcasting) organisations.

Whether this is sanity or lunacy is of course debatable.

Comment Re:Javascript (Score 1) 363

The language is horrible for all it lacks. I have read the Crockford book because I am writing larger and larger pieces of code in Javascript and found myself drifting.

I want to code things in a structured fashion and to do this I have a constant need to hack my own solutions.

OO in Javascript is a terrible hack. No ability to check if an object decents from a specific class. (yes, you can hack your own)
No native ability to include other source files (yes, you can fake it -- but it forces me to build my loader)
Rubbish exception handling ....

Frameworks for Javascript (as in: for use in client only applications) are all at very early stages. You need to constantly reinvent the wheel.
So yes, we are going back 20 years.

Its possible and if you write more than just a few pages you should use it.

Comment This is my shortcut to learning chinese... (Score 4, Insightful) 508

The only way to learn how to write Chinese is to write it out for years on end, from kindergarten until university. It ain't much fun.

Since I am a bit older than this and like to write at least basic chinese in this lifetime I am just letting the computer pick the characters for me when I type.

My brain then tells me which of the offered characters feels "right" ; but it does that by looking at the overall shape, not the individual strokes.

Comment Re:Not an Apple issue (Score 1) 248

Sorry, what is new about this?

European GSM operators routinely sell customer locations to third parties. Real-Time traffic jam warnings used by car navigation software makes extensive use of this.

The mobile phone data is also much more accurate than Apple's application layer reporting -- as the mobile phone is always broadcasting its location.

And no, it still doesn't make me feel warm and fuzzy about apple.

Comment Re:Beter later than never. (Score 1) 688

http://www.rferl.org/content/article/1079190.html

The Chinese offer beat out bids by four other firms that were considered finalists. They include Strikeforce -- part of Russia's Basic Element Group, the London-based Kazakhmys Consortium, Hunter Dickinson of Canada, and the U.S. copper-mining firm Phelps Dodge.

This article is 2007.

And although the mine is in a relatively secure part of Afghanistan, the railroad and electric power lines would be difficult to defend around the clock from guerrilla attacks by Taliban militants.

Chinese go for gold. Americans provide security.

Comment Re:HTTPS -- default -- solution? (Score 1) 354

The problem is at two points:

1) We cannot (easily) install SSL certificates on the server as most sites are hosted, and this 'feature' costs $$$$
2) Webbrowsers actively discourage the use of non-signed certificates by showing flashy warning banners

The solution is to turn the current encryption / certification system upside down.

Instead of the web server providing the initial security , it should be the user requesting this.

1) A firefox / chrome plugin that generates an private/public key and advertises this through a HTTP header and provides encrypt/decryption of all information received.
2) A Apache/IIS module or even simple PHP library of that recognizes the HTTP header and completes the handshake.

A small PHP library would allow for very quick installation on Bulletin Boards, Wordpress etc.

The key is easy deployment.

This would provide security initially for a small group who cares -- and maybe an RFC standard later on.

Related reading:

* http://www.ohdave.com/rsa/
* http://php.net/manual/en/book.openssl.php

Comment Re:HTTPS -- default (Score 1) 354

I am not saying that HTTPS is the end of all our problems.

Tracking an internet that is by default encrypted is much harder than an internet that is pure text. They would know which server farm the website terminated at -- but most hosting providers run 200+ websites at the same server.

So that gives at least some plausible deniability ; and very limited access to what is being communicated.

Besides browser warnings for user signed certificates there also is the problem that we currently require a unique IP address per HTTPS server.

In my limited understanding that is to stop man-in-the-middle attacks as the browser caches & verifies the certificate/ip combination.

For a "low level default" encryption setting this also overkill.

Web browsers should handle this by not trusting a certificates identity -- continue to use paid for / certified certificates for this. (So your average internet scam artist cannot claim to be "Citibank Ltd")

The web browser should however accept the security offered by the encryption keys of a user signed certificate -- and show it as a normal connection, not scare people away by showing flashing warning signs.

Comment HTTPS -- default (Score 4, Interesting) 354

When do we finally make the move to a fully encrypted internet? An unencrypted internet made sense in the days that CPU power was expensive and there were no good encryption libraries. Both these problems were solved a decade ago.

The block seems to be the current idiotically expensive SSL certificate business.

The first step would be for the web browsers to add a "low default security" level : user signed certificates are accepted as "normal" connections without throwing up big errors and don't give much of an additional indication.

Expensive SSL certificates can continue to give the "feel good" level of indication by showing the name of the verified company.

Slashdot Top Deals

The 11 is for people with the pride of a 10 and the pocketbook of an 8. -- R.B. Greenberg [referring to PDPs?]

Working...