Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror

Comment Re:FTL Faster Than Light (Score 1) 669

Really?

I think I can win the game 80% of the time, and the rest of the time i die due to mistakes. Yes random effects changes the difficulty level, but there are no cases where you don't have a change.

(At least for the standard start ship. Some of the other ships without shields and/or weapons are much much more difficult).

Comment And can we please have a "Newest first" option (Score 1) 2219

Can we please have our "Newest first, ignore threads" option back?

Usecase: I just re-visited this thread about the beta, and I would like to read all new entries since I last read it. Which is exactly what "Newest first, ignore threads" would do. But it seems that feature is lost too*.

Remember beta.slashdot.org should not be about making a new slashdot, but about making a better slashdot. It currently fails in that regard.

*And I lost that feature many years ago, but beta.slashdot.org might be a good time to got it back.

Oh and there seems to be a bug in this comment, where it doubles the line spacing between my paragraphs.

Comment Re:And that's exactly what I asked for. (Score 1) 2219

And I think message really shows the problem: Let me show how I as a user see the beta communication:

Hey, we have this total broken beta slashdot site, and in a few months you will all be forced to use it if you want to browse slashdot. But don't worry we hope we will fix the worst bugs before the cutoff date.

Which raise the question: If you know its so broken that most people find it useless, why do you present it as "The new slashdot, which all users will be forced to browse in a few months".

Comment Re:I don't think Dice realizes (Score 1) 234

So why are you forcing users to use the beta when you even admit it's not done ?

To stay kinda on-topic, it reminds me of the release of kde 4.0

But I really hope the tech team will take a step back, look at why anyone thinks beta stops, and then do a re-design so we get a new usable site instead of beta.

ps: What about talking to the guys which did stackoverflow. They might want to take over development and they kinda know how to make modern cool websites.

Comment Re:Good! (Score 1) 128

So search for "Firefox 28" instead.

The problem with using names is that you then have to map them back to numbers to use. If this feature is included in Firefox ugly cat, and later, does it work in firefox 24?

Comment Re:The important bit (Score 5, Informative) 233

Let me try to explain it:

Java (The language and vm) does in general allow code to do anything. Mess up the system, call native methods and so on. In this it is no different from other languages such as c++ and php, which is why no one are running c++ og php directly in a browser*.

But sun wanted to be able to run Java code in the browser, so they made an security manager, which in principle allow you to specify exactly what parts of the java standard library a program should have access to. So you can restrict file access, to specific sub directories. Control thread and process control, class loading and so on.

So each call to a potential dangerous method first goes to the system manager to ask for permission, and if permission is granted the rest of the method is executed. And here is part of the problem: Default for all methods is access granted if there is no call to the security manager.

So for every method in the Java library, they had to determine if it could me misused, and it it could be misused, they had to insert call to the security manager to verify that the user have access to use this method in this way based on the arguments to the method.

And just one method which don't verify its argument as good as it should is enough to grant access.

The problem is made far worse by the combination of the java class loader which loads classes dynamicly, and the java reflection api which allows dynamic class loading and method calling. Verifying that code can't use the reflection and class loader to bypass the security system is really difficult, as proved by the many security problems.

So when people say the problem is in the java browser plugin, they are not exactly right. The problems are in the java security manager, but I think the browser plugin is the only component which uses the security manager. Our server code for example don't need a security manager to control exactly what our code have access to, because the code is written by guys we trust, and the rest of the security is handled by the system.

*Or at least should not. Active X is Microsofts version of the "Try to run untrusted general purpose code in the browser project". And its security record is as bad as javas.

Slashdot Top Deals

"Protozoa are small, and bacteria are small, but viruses are smaller than the both put together."

Working...