Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Comment Re:Replacing CMD (Score 1) 101

Furthermore, you overestimate how difficult it is to obtain a valid certificate. All I need to do is own a domain.

This is true of TLS but not of code signing. There's no counterpart to Let's Encrypt ($0 for 90 days) or SSLs.com ($15 for three years), as far as I've been made aware. And a TLS certificate works across all major platforms, unlike an Authenticode certificate that works only for Windows, not for macOS or anything else. Apple is the only CA on macOS, and it charges $99 per year for a certificate that passes Gatekeeper.

I have a feeling I missed something important.

Comment Re:The Streisand Effect has been triggered (Score 1) 232

For the first point, I haven't claimed anyone was a pedophile, just that there was some weird and suspicious stuff going on that people were going to spend a long time looking into. For the second, yes, I do think it's pretty weird when a child protection charity uses a pedo symbol in their logo. It's not just the pizza places, there are like 4 separate places on the same block, which is why it came to attention.

You... seem to be assuming that everyone thinks there's clear proof of pedos here. This is not the case.

Also, that NYT article was quite bad. More details can be found here: http://archive.is/X6KxW

Comment Re:That's why script execution is off by default (Score 1) 101

It's a little bit like TLS certificates for internal applications -- many admins I know will do the absolute minimum required to stop the browser from showing a certificate error, then run away screaming.

The difference being that with TLS, browsers treat a domain-validated certificate as sufficient, but there's no counterpart to DV certificates in code signing.

Comment Re:Replacing CMD (Score 2) 101

What would a signature possibly mean to me as a user if I don't know you?

All code signing certificates issued by CAs trusted by popular operating systems are at least organizationally validated. This means two things: 1. the executable wasn't modified since it left the publisher's build farm, and 2. you know whom to sue if there are problems (especially in jurisdictions that don't allow a blanket disclaimer of all liability).

With or without a signature, my choice is still: either I run this script I need to my job, or I don't and I can't do my job (or it gets much, much harder).

I think the idea is that when faced with an unsigned script and a competitor's signed script, users will choose the signed script because of the guarantees of an OV certificate.

Comment Re:Another one to add to the list (Score 1) 23

Exactly how is that supposed to be offensive?

Yeah, my bad. I wrote that before I learned you're part of the silent majority.

Congrats on your long con, BTW. I can only imagine the patience it took you to keep it up. You can collect your scalp and fuck off back to Breitbart now.

Phew, glad that's over!

Comment Re:The democratic party is a lost cause (Score 1) 14

Trudeau? Eh, another centrist... Not much will happen...

Of course not, our country's not a fucking hellhole. Brilliant analysis there, bub.

But, I guess you would rather people not vote and take the chance

LOL, yeah I'm the guy telling people the system's shit and not worth a damn. Whatever, projection boy.

The Animal Planet explains it much better.

I hear if you spend a little more money, you can get the grownup channels too. Just saying.

that makes this conversation a wash!

Such a petty little scorekeeper!

In addition to your obvious bias

So obvious you can't dig up a credible example! Fuck me, Imma need a macro for this response...

you are only blaming the object of desire and not the desire itself

Ah, the Animal Planet reference makes sense now! You kinky little fucker!

A good safety valve to prevent a simple majority from being the dictator.

Which means the minority get to be. So, undemocratic.

something closer to an actual consensus

HAHAHAHAHAHAHA, more like groupthink. You really haven't' thought this through, have you?

Makes no sense, but, whatever.

Tut tut. Thinks the constitution is just peachy. Always frothing about the Clintons. Thinks exploitative capitalism is just fine. Keeps the talking about how awful 97% of the politicans are, but never singles out anyone but democrats. Pull the other one, Trumpista.

Comment 3rd party apps lack privilege to re-mark pages (Score 1) 83

That only means you have to mark the pages containing the code you just generated read-only once you're done.

Several operating systems in wide use, such as Apple iOS and the operating systems of modern video game consoles, offer no way for third-party applications to switch a page from read-write to read-execute. When a page is allocated for data, the OS clears it first, and it stays non-executable until deallocated. Only the OS's executable loader* has the privilege to allocate pages for code, and once the loader loads a module, verifies its digital signature, and flips its pages from read-write to read-execute, the pages stay non-writable until deallocated.

* Or, in the case of Apple iOS, the WebKit JavaScript virtual machine.

Slashdot Top Deals

Put not your trust in money, but put your money in trust.