Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
Get HideMyAss! VPN, PC Mag's Top 10 VPNs of 2016 for 55% off for a Limited Time ×

Comment Re:This story is garbage (Score 0) 109

No, it COULD NOT 'potentially' do that. Full Google account access IS NOT, and DOES NOT INCLUDE Gmail access. So it CAN NOT access your email, docs, etc, even potentially.

You would do well to read what you are disputing before spouting more garbage. It can, but not in a straight forward way. It is a problem, and needs to be fixed.

Comment Re:Not really ready for prime time (Score 1) 123

I've been holding my breath for a long time for this, and it's pretty disappointing to have to say... This is really not ready for real use -- at least for most non-trivial use.

We're seeing that something is keeping a spinlock going instead of actually waiting - as a process that is waiting for data is using 100% CPU while waiting. Doesn't do the same on Windows. The guys are now refactoring for this release to see if its fixed in this vs Preview 1.

Comment Re:But it runs on Windows! (Score 1) 260

I'm a longtime Linux user and every article I've seen decries Linux's extremely poor power management especially on Laptops.

Can you go into more detail on your setup?

Did you install any custom or non-standard kernels modules?

Any specific config tweaks?

What version of W10?

No special tweaks, or kernel modules - just 'systemctl enable powertop'.

Windows 10 was the ultimate version that was upgraded from the Insider project.

Not only is the RAM usage less (right now, ksysguard is showing 2.2Gb / 7.7Gb RAM used), but the disk activity is less. Performance seems about on par as to loading programs (Chrome / Thunderbird etc). I even get the bonus of being able to use luks for a fully encrypted root partition as well.

Comment Re:perfectly secure! (Score 1) 193

Don't worry, the banks are working hard to solve this security hole... by telling anyone who will listen that these cards are secure, and sticking their fingers in their ears any time anyone says any different.

Yeah, its that much of a threat that I can't even remember a time in Australia that I owned a credit card that wasn't a tap & pay card.

That's at least 14 years. It hasn't caused an explosion in fraud here.

In fact, now my bank even has an NFC payment option baked into any system that also does Tap & Pay that uses NFC on my Android phone to pay without even having the card. I haven't carried a wallet for nearly 6 months now - all I need is a phone.

Comment Re:Why the heck (Score 1) 81

This is where I realize you don't know what you're talking about because SSLv3 has been disabled in modern browsers for 2 years now. Have a good day with your uninformed, knee-jerk opinions.

So you're going to tell a guy with a 5 digit slashdot ID that SSLv3 problems don't exist because the browser disabled it?

You realise that unless you disable it *ON THE SERVER* it is still offered, right?

Comment Re:Why the heck (Score 0) 81

If Let's Encrypt refuses to grant any certificates longer than 90 days then your credentials are actually NOT as valuable as they would be otherwise.

Really? Is this what we've become? We expect that systems are that insecure that they can't say unhacked for longer than 90 days?

Sorry, but 90 days is just stupid and expecting everyone to just trust this to a script is just silly.

Lets really get to the point of what LE is all about - people who have no idea of security - but it lets them get this green padlock in their browser (even though its probably SSLv3 by default).

Comment Re:I'm curious... (Score 1) 155

The apps are huge battery hogs - Facebook on Android is one of the worst offenders. Removing it virtually doubled my battery life.

Not to mention that the Messenger app completely ignores the quiet time settings in Android. Enjoy getting woken up by BINGS in the middle of the night because someone sent a message.

Microsoft

Terrorists No Longer Welcome On OneDrive, Outlook, Xbox Live (betanews.com) 81

Microsoft has updated its anti-terrorism policies. In a blog post, the Redmond, Washington-based company said that it would remove "terrorist content" from a fleet of its services including OneDrive, Outlook and Xbox Live, reports BetaNews. For its search engine Bing, however, Microsoft says that it would only remove links when it is required by local law, citing free expression for all. The company adds that it would fund research for a tool that could help it better scan such content and flag image, audio and video. From company's blog post: There is no universally accepted definition of terrorist content. For purposes of our services, we will consider terrorist content to be material posted by or in support of organizations included on the Consolidated United Nations Security Council Sanctions List that depicts graphic violence, encourages violent action, endorses a terrorist organization or its acts, or encourages people to join such groups. The UN Sanctions List includes a list of groups that the UN Security Council considers to be terrorist organizations.

Comment Re:Still depends on gcc? Still needs root? (Score 2) 29

Hah - and being too quick on the Submit button, I forgot the more important point I was getting at... (Say, I should apply to be an editor)

Once you validate the root domain with StartSSL / StartAPI, you can create certificates for any subdomain attached to that domain - so you don't have to have port 80 to the world - or even a web server installed on anything but the root domain - and most people already have a setup like www.mydomain.com / mydomain.com going to the same web server.

Comment Re:Still depends on gcc? Still needs root? (Score 4, Informative) 29

You need to prove to Let's encrypt that you own the domain. For that you have to add a special file to a special place inside the http accessible part of the website.

So, I'd also have to open up the standard HTTP port to outside traffic just so they can check I 'own the domain'? that, and the idea of running
a 'certificate management agent' on my web server....

I've been using StartSSL's free certs for that exact reason. They've got free 1 year certs vs LE's 30 days - and recently they've done a StartAPI to get these automagically.

Right now though, they still use HTTP validation - like LE - but hoping they'll have other options.

I've also just finished a proof of concept implementation of their API at https://github.com/CRCinAU/sta...

Hoping to get some review on it and hopefully some submissions to add to the functionality.

Comment Re:Blame DRM (Score 3, Insightful) 202

I subscribe to HBO. I own a TiVo. But HBO forces TiVo to prevent copying of HBO content off the TiVo and onto, say, a mobile device (note that this is not a problem with most TiVo content). Thus, if I want to watch an HBO show on the subway, I have no choice but to download it illegally.

And that's the real problem that the media monopolies refuse to acknowledge. I will gladly pay for content. Seriously, I want to give you my money. But, in return, I want to download it to my computer's hard drive with no DRM. Otherwise, fuck you. I'll get it from unlegal sources.

Here in Australia, the only way you can watch it is to subscribe to FoxTel (one of the few choices for PayTV). It doesn't put things like Game of Thrones on their basic packages - so it can cost you up to $80/mo to see a season of GoT.

So, we download it from a service that is another letter on top of that time syncing protocol, and all is well.

Then delete it and buy the HD version from Google Play when it becomes available.

Slashdot Top Deals

"I shall expect a chemical cure for psychopathic behavior by 10 A.M. tomorrow, or I'll have your guts for spaghetti." -- a comic panel by Cotham

Working...