Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
Open Source

Submission + - Don't Panic About Closed Source MySQL Extensions (itworld.com)

jfruhlinger writes: "Oracle has released proprietary extensions to the open source MySQL database, seeming to reinforce the worst fears of those in the open source community who opposed Oracle's acquisition of MySQL in the first place. But open source observer Brian Proffitt urges you not to panic: This dual source strategy really isn't unusual in the commercial open source world, Oracle has already released a bevy of open source improvements to the database, and anyway the EU extracted a commitment to keep MySQL open for another four years when it approved the Sun-Oracle merger."

Comment Re:Not just a malware trap (Score 1) 180

Perhaps a bit off-topic, but relevant to the OP...

In Linux everything I need comes from one or more trusted software repositories, and all of the updates are performed through the same tool in the same way, so I do not need to familiarize myself with the different update systems for different pieces of software.

In iOS everything is downloaded and installed through the app store, updates are similarly pushed through a single (presumably trusted) source. Same with Android and the various marketplaces and presumably with Windows-based smartphones. (Symbian and RIM aren't really in the game anymore, and it is likely related to this.)

So that leaves Mac OS X and Windows as really the only predominant platforms where you grab stuff from every which where and install it. And IIRC, even Mac OS X tries to consolidate the updates into a central tool (I remember Java and Adobe updates coming through the Mac OS X update tool).

I expect that this model will prevail and within 5 years the majority of software for any system (Windows included) will start coming through central repos (or "App Stores"). Linux has been there for over a decade, but hasn't got their act together with respect to branding, ease-of-use, and revenue sharing (Ubuntu is bridging that gap). So if we can get to a point where software is signed, or at least has a verifiable hash, and it all comes from the same trusted place, then a lot of these issues will be moot.

On Android you can download from third-party sources, including app stores which operate separately from the Android Market. Additionally, those applications have free reign to update themselves. The Amazon App Store must be downloaded outside of the Android Market (due to it being a competing service), and updates itself independently.

Comment Blindtype does this better... (Score 1) 45

The article discusses a keyboard that makes subtle adjustments to the keys. Take a look at this software though: http://www.youtube.com/watch?v=M9b8NlMd79w It looks much more interesting, with the keyboard software able to infer the orientation and scale of the virtual keyboard from your keypresses alone. They show how it basically transforms everything on the fly depending on where your keypresses are. Google bought them some time ago, and I've been waiting for it to be integrated into Android.

Comment Re:Ha Ha, mine goes to 11 (Score 1) 615

And to further complicate things, the password that it gets at the end might not even be the right one. Sure, it will work for the specific type of hashing algorithm whose hashes you bruteforced, but if it's just a collision and not the actual password a user used, then it won't work at other sites which use a different hashing algorithm.

Comment Re:So remind me again... (Score 1) 236

If you want to be as safe as apple's walled garden, stay within the official marketplaces and you get that.

The other alternative would be if the OS asked for user permission before an application could access the internet (just one time, not every time).

Android already does this. When installing an app, it displays all the permissions an app can use, and you get to accept or reject the app at that point. After accepting and then installing the application you no longer get prompted. Network Access is one of the permissions that must be requested by the app.

Comment Re:IMAP? (Score 1) 399

Read the article. There is a randomly-generated application-specific 16 digit password that is used for things like IMAP and POP3. If someone gets access to that (unlikely, since you would never need to write it down, and Google encrypts IMAP and POP3), they can only access that specific service, and its not going to be the same password you use anywhere else.

To add to the parent's statement, the application-specific passwords you generate aren't temporary. Instead, they continue to work in perpetuity until you decide to revoke them from your Google account page.

Slashdot Top Deals

"May the forces of evil become confused on the way to your house." -- George Carlin

Working...