Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror

Comment Well, probably NOT a problem (Score 2, Interesting) 194

As has been said, it identifies the phone, and not the user (though a majority of the time it'll be the phone's owner). Many apps use the UUID as a unique ID (ahem) to store state, e.g. viewed pages, favorites, etc. Yes, this is also done with a log in, or it could be done transparently via the UUID; not sure there's a best/worse here. I know -- it's the transparency that's the controversy, but I'm a bit pressed to think of anything that's revealed that couldn't also be revealed with (or without) "vendor collusion" (e.g. an App-to-UUID database to see which apps are on the same phone -- oh, wait, Apple knows that).
Microsoft

Submission + - Secunia: Apple replaces Oracle in SW insecurity. (arstechnica.com)

zentechno writes: Ars Technica has a security story from Secunia saying Apple has replaced Oracle as producing the most insecure software. This is based on the company's reporting of the number of security flaws. It also does NOT take into account the severity, or "install-base" of the flaw. Microsoft retains its spot as number 3.

As a 'security hobbyist' I find stories like this a bit offensive, and wish there were better, or at least more consistent "standards" for analyzing things like software security, which is certainly more than a one-dimensional metric. It turns the public view of serious things like the actual security of their ever-growing on-line world into a who-can-find-the-best-way-to-weigh-data for marketing reasons — not that the point of the article is marketing, for anyone other than Secunia — but seriously, should something as serious as how protected we are be left to tag lines?

The Secunia PDF is their first ever half-year report.

Comment Geocentric?!? (Score 1) 2

"The world's largest Internet market" -- perhaps geographically, but more-so for China because China isolates itself, and because most people still think of the world geo-politically. The internet's financial picture is mostly based on social demographics, such as age-markets, and if China were treated that way then it's citizens may make up the largest portion of each social demographic, but there'd be more that could be done independent of geographic politics. Sending "explain yourself" letters works between governments, but not as directly for businesses (e.g. Google sending the same letter essentially makes no difference), so the decision from a business perspective is keep doing business in that environment, or stop.

Comment Re:Fix the headline? (Score 5, Informative) 420

http://www.att.com/ --> Wireless --> Shop/Cell Phones --> PDAs and Smartphones --> iPhone 3G. Opening the (last) iPhone link in another tab prompts me for my zip, followed by "not available in your area", *then* refreshing the list of phones in the previous tab *removes* iPhone from the listing.
Science

Programmable Quantum Computer Created 132

An anonymous reader writes "A team at NIST (the National Institute of Standards and Technology) used berylium ions, lasers and electrodes to develop a quantum system that performed 160 randomly chosen routines. Other quantum systems to date have only been able to perform single, prescribed tasks. Other researchers say the system could be scaled up. 'The researchers ran each program 900 times. On average, the quantum computer operated accurately 79 percent of the time, the team reported in their paper.'"

Comment Re:Houston Has Similar Plans (Score 1) 456

I'd hazard a guess that the heating method would be forced hot air, so some technology could be thrown and filtering the air, though I'm not sure where they're going to put all this heating and filtering equipment, since it basically means being able to filter however much air the dome holds every day. If they put in some amazing electric public transport, then they could generate the extra electricity themselves, venting it directly out of the dome, and their downwind neighbors would have to deal with it.

Comment Mac's Typography; in short: transcribe your notes (Score 4, Interesting) 823

Firstly, the Mac has an incredibly rich simple character set. This is NOT coincidental, as Apple copied their editing capabilities from the publishing industry decades ago. E.g. in TextEdit type alt-b and you'll see a '' integral symbol (looks correct as I type it, hopefully the post wont change it). If you can learn these keyboard shortcuts (learning-curve arguments aside), you *may* be able to type these directly into your mac in class, BUT... If you take notes by hand, then transcribe them into your mac using these short cuts, or simply via the Mac's Font (e.g. TextEdit --> commant-T) and characters (e.g. via the gear drop-down in the Font) pane, you're doing yourself a much bigger favor.

Comment Re:Also... (Score 1) 433

So, this means they've clung to their dynamic library model to the point where they've invented a system to identify unique versions of these DLLs so each application can load multiple copies of the same DLL -- and *somehow* this is better than just using static linking? How, in practice (that is "in the real world) doesn't this completely marginalize the benefit of dynamic linking -- *especially* since they insist on using huge "dynamic" libraries? Fanatics, for sure.

Comment This is De-Authorizing, not De-Authenticating (Score 4, Interesting) 336

One other system used more prevalently is the simple locking screen saver. The idea is only the user, and sysadmin have the password to unlock the screen, and access through the system is prohibited until the screen saver password is entered. I'm not a fan of this, as generally screen-saver passwords are more-often assigned by the users themselves, and so are easier to guess than the back-end passwords which on occasion are set by the site, or by the sysadmin in the case of accessing corporate systems via corporate-policy. Now a minor, but important distinction. This isn't "un-authentication" this is de-authorizing the computer from which you're logged in accessing the place you're logged in to. You want to "authenticate a de-authorization" that is verify that you are the person removing access privileges. If the system doesn't require authentication to de-authorize access, then a denial of service attack is made (somewhat) trivial, and if more thought process went into understanding the difference I think more places would realize how serious the solution needs to be.

Comment RFC 2504 (Score 2, Informative) 260

An all-too-quick 40 minutes? At a user/usage level? There's a LOT to choose from, but as a great start, try RFC2504. http://www.ietf.org/rfc/rfc2504.txt?number=2504 Pick and choose as appropriate to your needs. We tried to make it very useful as a reference for the generic user. You can even hand out copies if you like. For a bit more detail, and as a good read in case you get asked some lower-level questions, try RFC 2196, more specifically targeted for IT folks, and "Middle Managers" who have to at least be exposed to the concepts. http://www.ietf.org/rfc/rfc2196.txt?number=2196 Cheers, Steve PS(don't let the fact that these are TEN years old fool you, most of these concerns are still quite current, most companies (read: those of popular OSes) don't exactly *want* people to understand the why's because they start to question the why-not (yet)s. If you found any of this useful, or not, just reply here, Most if not all those email addresses are defunct at this point -- we've moved onto and into other things).

Comment Must be app-store approved... (Score 1) 327

Even before we get to the performance issue, there are at least two others that could run blocking. 1) I wonder if this is the sort of thing Apple would approve. Recent rants would seem to indicate if it allows any sort of a shell, no way. Otherwise, who knows? 2) Apple enforces it's look-and-feel rules religiously. Last I saw there was NOTHING .Net that looked at all Aqua. The stuff at unity3d.com looks cool, and would seem to *imply* Apple's OK with however their stuff looks, but I couldn't find a screen shot that showed me e.g. a typical config panel so I could compare it to iPhone's native bits.

Comment Re:You already know where to go for disks.... (Score 1) 533

I have a bunch of period (ha!) 5.25" disks, from DOS 3.1, and a bunch of utilities, plus games, games, games -- if you get the machine working we can talk about those (see previous post). I haven't taken a formal inventory, just going from memory, but 'm happy to donate them, but not wanting the quantity and quality of spam posting my email address here can get me, let me know if you're interested and we can see how to get them to you without more 'influx' than this is worth. Obvious caveat: they haven't been in a computer in at least 15 years. Now if I only had the cycles to boot that old Encore Multimax (2100 watts!), and could find a home for those PDP-11 parts I'd go to computing karma heaven for sure. 8^)

Comment Re:What amazing coverage of the event! (Score 1) 619

Yes, it does -- with any GSM provider, but AT&T wants to keep you locked in; they paid for a 5 year exclusive (don't take my word for it, google away). I'm about to *finally* dump T-Mobile, when I told them I was doing it because I have an iPhone, they told me (and I quote), "No problem moving it over here" and I was immediately put in-touch with a 3rd-tier support guy, who told me he helps customers do this all the time, just walking them through installing an application -- Cydia. Yes, Cydia. TMobile is going to walk me through Jailbreaking my iPhone. I stopped him and said, "it's not TMobile's App" he said, "yes." I said, "I'll bet you can't even use the word "Jailbreak" -- he said "that is also correct." I wonder if AT&T knows their competition is helping steal users by violating the manufacturer's warranty (-- rhetorical). FWIW, the claim is you keep Edge and WiFi connectivity, but loose 3G access when you move to TMobile, and that's not Apple's doing either, TMobile doesn't support AT&T's 3G frequency. Yes, another nasty hardware thing, those evil Hardware guys, designing hardware specific to it's purpose and business model. Thank God Microsoft isn't in charge of any phone hardware (also rhetorical, also sincere -- can you say "feb29th bug", and even a bit sarcastic with no intent to offend any specific parties).

Slashdot Top Deals

Gravity is a myth, the Earth sucks.

Working...