Slashdot is powered by your submissions, so send in your scoop


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 Internet speed test! ×

Comment Re:Is Google trying to fragment web? (Score 1) 165

We had that shit before with ActiveX.

Native Client runs in a sandbox so it's nothing like ActiveX.

HTML5 does nothing in itself, it still needs some coding to be done in Javascript. While Javascript interpreters did get better and faster it's still far from native speed. And it's still only Javascript. If you have a game developped in C I still don't see how to convert it to Javascript. MAME is one example of a complex C program hard to translate to Javascript but could be ported easily (4 days) to the Native Client platform.

Chrome is available for most platform including Linux and is open source. So stop whining about it not being a standard. It's not IE we are talking about.


Submission + - RIM forced to change name of new platform (

Mastadex writes: RIM's brand new BlackBerry mobile OS, due in early 2012, was expected to be called "BBX." But due to a recently court ruling against it, RIM has dropped BBX and opted simply for "BlackBerry 10." Software company Basis International said a US federal court in Albuquerque has granted a temporary restraining order against RIM, barring it from using Basis' BBX trademark. The court decision bars RIM from using the trademark at its Asian DevCon conference on Wednesday and Thursday in Singapore.

Submission + - 8 Out of 10 Applications Don't Meet Security Stan (

Orome1 writes: Considered “low hanging fruit” because of their prevalence in software applications, XSS and SQL Injection are two of the most frequently exploited vulnerabilities, often providing a gateway to customer data and intellectual property. When applying the new analysis criteria, Veracode reports eight out of 10 applications fail to meet acceptable levels of security, marking a significant decline from past reports. Specifically for web applications, the report showed a high concentration of XSS and SQL Injection vulnerabilities, with XSS present in 68 percent of all web applications and SQL Injection present in 32 percent of all web applications.

Submission + - Microsoft offer Windows Store devs 80% revenue cut (

An anonymous reader writes: With the launch of the Windows Store alongside Windows 8 next year, Microsoft is changing the revenue split rules slightly. The default will still be a 30% cut (as announced in September) , but developers can increase their 70% cut to 80% if their app turns out to be very popular. Once an app has earned $25,000, Microsoft will automatically reduce their cut from each subsequent sale to 20%.

Microsoft is also undercutting Apple in terms of the how much a developer subscription costs. Companies will have to pay $99 every year, but individual developers get a cheaper $49 option.


Submission + - 40% of Gov Sites Vulnerable to SQL Injection (

Trailrunner7 writes: New research from security firm Veracode found 40% of government Web sites were found to contain SQL injection vulnerabilities on their first scan, compared with 29% of Web sites for financial-sector firms and 30% of software vertical sites. Overall, the prevalence of SQL injection holes declined from the same period six months ago, Veracode found, though that wasn't the case with government sites.

The story was even more grim with cross site scripting vulnerabilities. Seventy five percent of the government Web sites Veracode tested had cross site scripting holes on their first try. Finance sites faired only slightly better: 67% contained at least one cross site scripting hole and 55% of software industry Web sites.

Comment Re:Alternate Outcome: Greenpeace Activist Shot... (Score 1) 561

Since a law passed in 2009, it's the responsability of special teams of the Gendarmerie called peloton spécialisé de protection de la gendarmerie, trained by National Gendarmerie Intervention Group to secure special site like nuclear plant.

The question is why did they not intervene? Officially they are saying it's because they recognized it was some GP activists and as such did nothing. Sounds like a huge BS to me. There is some history between the French government and Greenpeace which demonstrate the French could be more than happy to shoot, and the role of such special team would have to intervene in some way.

Anyway Kudos to GP.

Comment Re:What if it turned out the other way? (Score 1) 561

There was supposed to have some gendarmes on site already since a law passed in 2009 (before the security was implemented by the French energy provider directly). Those units are supposed to be trained by the French Counter-Terrorists SWAT team (the GIGN).

Anyway they did nothing to stop Greenpeace. The French government said they recognized it was some activists and did nothing. Officially.

Comment Do you really need CGI??? (Score 3, Informative) 422

For your information, the most realistic Sci-Fi movie ever made, 2001: A Space Odyssey, did not used any CGI nor green screen. Of course those technologies did not exist back in 1968 and it was 9 years before Star Wars which again did not use CGI nor green screen at the time of its release.

The first movie to include most of its action in a computer generated set was Tron in 1982, almost 30 years ago. In that time we went from miniature models and ingenuity in creating special effect to a software based point-and-click interface.

LoTR still used sets, some being really large. I can't imagine Rivendell or Edoras being 100% CGI. Some TV shows now use CGI almost everywhere like Sanctuary, to make them cheaper to produce and in that it makes senses. In the end I think CGI is used not because it gives the best result but because it's cheaper and easier to produce than miniature models. On the other hand, we have shows like Doctor Who who still is a show produced on a budget with minimum CGI films with proper and "real" props and set, proving it still can be done.

In the end knowing the battle cruiser in the beginning of Star Wars is a lot smaller than you typical Sedan car and still being blown away would maybe not happen if we knew it was only done by a computer file.

Comment It is just a part (Score 1) 301

I've set up a few mail relay and spam filtering server and I can tell you it helps a lot to reduce the number of spam arriving to them.

I am a Postfix kind of admin (hell with sendmail!) and I know you can set some filter just before the reverse DNS check to accept the connection if it comes from a particular host/IP address, bypassing the reverse DNS check. Or you could add that reverse DNS to your local/client DNS server but it seems not that a good solution.

Anyway following standards is always the best solution.

Comment To the Windows users feeling pretty secure... (Score 1) 429

I have only one thing to say to you : Anti-Virus? What is it? :)

Reading the comments I see MBR virus, Email virus, malware, attacks banner ads infected computer and only one operating system seems to know those joys.

What? And you paid to have that system? And you have no control over what that mighty corporation will do to its next version? Hell you don't even have access to the source code to make a better one?!

And you're defending that piece of crap too. Whouah that's great mind control. :)

Comment Re:Blame PHP. Blame JavaScript. (Score 1) 87

The syntax is a shitty imitation of C. The semantics, even for basic things like boolean values and comparisons, are extremely fucked up.

And yet you are posting on a website coded in Perl which, no one will argue with, is a pretty f**ked up language but a powerful one. And Slashdot even use Javascript. Is this site insecure?

A language, in itself is just an abstraction for machine code. Assembler code is just a literal version of machine code. C is a the closest language to machine code and the primary one used everywhere like core OS components to video game. A language in never secure or unsecure, it's its interpretation in machine code that may be more secure with additional code to prevent hazardous events. PHP is just a script engine that use similar semantics to C and is mostly a big wrapper around some well known C libraries like PCRE and cURL. It is open-source and its community is regularly releasing maintenance releases to fix any security flaws, which is a must. On itself it is pretty secure.

That being said and with the majority of computer issues, the problem is most often found between the chair and the keyboard. If developers don't check users input and send that directly to a SQL backend, in any language it will result in a security flaw. Its developers practices that are to blame, not language semantics.

Slashdot Top Deals

If this is a service economy, why is the service so bad?