Follow Slashdot blog updates by subscribing to our blog RSS feed


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 Internet speed test! ×

Comment Re:I call BS... (Score 1) 186

Things are pretty bad in Ontario, and Bell and Rogers are completely to blame. But get outside Ontario, and things are significantly better in many places.

Here in Victoria, BC, I'm running 100/30Mb through Shaw for fairly reasonable rates (on its own it's about $85/mo, but as we're on a bundle with digital HDTV service we pay less than that -- unfortunately, they don't break it out for the sake of comparison...

I think the fact that you consider $85/month for 100/30 a reasonable rate goes to show how big a piece of BS that report is. Here's a counter example: I pay ~$10/month for 100/100, no caps.

To be honest that is actually below average, fiber goes for ~$30 before discounts are added here in Tokyo. And while I have no personal experience outside of the city limits, my in-laws, who live on the outskirts of a town of ~20k far removed from the industrial centers, recently installed fiber because "it's only a little extra on the phone bill and came with a free tablet".

Comment Re:Wrong Question (Score 2) 583

You did not answer your own question. You answered whether you though it was "likely", not whether you though it was "feasible".

While, unfortunately, I cannot disagree with you on the likelihood of there being such an attempt, I do believe that establishing a permanent moon base within a decade is both feasible and a good course of action.

The arguments I'd give for it are the same that were given for putting a man on moon. While we may no longer have the soviets to worry about, the rest of the arguments given are just as valid today as they were back then.

Comment Misleading article & summary (Score 1) 45

I just RTFA and it is just as confusing as the summary. I wish blog authors would at least try and understand the subject before writing about it.. OpenID is a specification. As far as I can tell the specification is safe, so implementations that follow the specification correctly are safe. However it seems that there are a few implementations that skip an important part of the process, namely input verification. Basically saying OpenID is broken because of this is like saying SQL is broken because some sites are vulnerable to SQL injection attacks.

Comment Re:Wait what...Oracle isn't being evil...? (Score 3, Informative) 337

RTFA. The code was used within the permissions granted, so there was no copyright infringement. The problem was that the license, while permissive for 1984 was not up to modern FSF standards and was not GPL compatible (falling foul of the "no other restrictions" clause).

There was no financial or legal reason for Oracle not to release the code and bad PR if the didn't. It is nice that they did release it of course, because, as I understand it, rewriting it would of been a nightmare.

Comment Re:Eventually they will be in dictionaries. (Score 1) 563

Just use an easily remembered phrase to generate the password.

"To Be or not to Be, that is the question" -> "2Bon2B,titq"

Quite simple. After typing it in a few dozen times, your fingers find the keys without having to think about it.

You are right of course, that dictionary attacks and rainbow tables aren't much use against a decent configuration, but once a site has been broken into and the password store obtained, then they are still quite effective.

Comment Re:TFA is wrong (Score 2, Informative) 568

That is not the only place the TFA is wrong. Here are just a few of the other places that were incorrect:

1) Labour are not socialists.
2) There is nothing indefinite about it. The Queen makes a speech at the end of May, which is then voted on in parliament. If the vote fails, it's game-over for the proposed government.
3) You don't need a majority to form a government, you just need to survive votes of no-confidence.

In other words, the most likely outcome is a Lib-Lab minority government, with the Greens, SDLP, Alliance, SNP & PC supporting them on votes of no confidence and on a per-issue basis. BTW said 'minority' government will have over 50% of the popular vote.

Comment Re:Non-American Tax Days? (Score 1) 432

Japan here. I pay around 17.5%, but it comes out of my salary, so no forms. That sum includes local tax, federal tax, pension and health insurance (OMG we are socialists! O_O). Overall I think it is worth it. My wife and son's Insurance is covered, I get ~$400 per month towards nursery. The only thing I don't like is that 50% of what I pay is towards a pension that I will not get. I'd much prefer that sum to be paid as local tax, so more community services could be funded.

Comment Re:PHP security object (Score 2, Insightful) 267

Quick answer: A lot.

Long answer:

You are mistaking escaping with sanitising. These are two very different things.

Sanitising should occur as soon as possible, before the values are used. It involves validating and optionally filtering _each_ field, so that you know the data you are getting is exactly what you are expecting it to be. This is a lot of work, which is why a lot of people skip it, hence the large number of vulnerabilities in the wild. I suggest looking into libraries like Zend_Form to help with this.

Escaping on the other hand, is done just before the variable is used. This is because different output formats have different escape sequences. E.G for SQL you would use named variables and let the engine handle the escaping for you, but for HTML you would use something like htmlspecialchars().

Both sanitising and escaping are required for a secure application.

Comment Re:Hmmm (Score 4, Informative) 99

It was state of the art when it was announced, but the state of the art is always on the move. The reason XEV got pulled is that Sony has decided to spend it's money on RnD instead of fighting over razor thin margins in OLED production. Smart move considering the market conditions.

Make no mistake however, SONY is not surrendering the market, just making a tactical withdrawal. They will be back in a few years time with some new state of the art technology.

Comment Re:Charge a monster price (Score 3, Interesting) 245

You phrased it as a joke, but that is exactly what the poster should do.

Take the BSD 3-clause license and change the name to something like " developer license", then agree to license your code under said license for $x, where x is a reasonable amount. Basically they are paying for your written acknowledgement that the code is yours to give away and that if there are any copyright problems they know who to blame.

Slashdot Top Deals

I have the simplest tastes. I am always satisfied with the best. -- Oscar Wilde