Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
Learn to Build 14 Websites with 28 Hours of Instruction on HTML, JavaScript, MySQL & More for $14 ×

Comment Re:Add-ons? (Score 1) 471

Argh. Yes. I've even outright said "it should be possible to disable by putting a file into the Firefox program folder, since the only people with access to that also have access to replace the Firefox binary" and yet still got "but we can't add a pref because malware can write to your profile folder" in response. Sometimes by the very same people that also tell me that they aren't trying to do anything against malware with admin rights.

Comment Re:What's good about GPL? (Score 1) 208

Nope, it's not. You need to consider the consequences of the licenses too. "You have the ability to place restrictions on other people" means, in practice, that other people will place restrictions on you. (Remember that there's a lot more of them than there are of you.)

Seems to me that having more restrictions placed on you makes you less free.

Comment Re:Dear asshole utopians who hate NAT (Score 1) 294

Not infinitely nested NATs. Just one level of nesting is usually needed.

Good luck with that when your ISP puts you behind NAT, or when their ISP puts them behind NAT.

Without NAT, our corporate and government overlords will know exactly which computer each packet is going to

Please look up privacy extensions. They've only been mentioned in the comments of every single Slashdot article that mentions IPv6.

Comment Re:Fuck You! (Score 3, Insightful) 294

Those are all excuses. None of that stuff needs to be touched to deploy v6. Deploying v6 won't make any of it work worse than it currently is. You don't need to upgrade all your DOCSIS1/2 modems to get v6 to the DOCSIS3 modems.

Also if you're an ISP that's been buying hardware in the past half a decade that's not v6 capable, then you screwed up -- or if your hardware is much older than that, then you're probably looking towards a replacement soon anyway.

Comment Re:Web-scale breach (Score 1) 96

Not NATing is sensible. Not firewalling your unpassworded database? Not so much.

In the (slight) defense of people running these servers, the article points out that MongoDB's default configuration used to be to accept connections from the internet. They've changed that, but upgrading uses your old config file so you won't get the new defaults automatically.

But still, this is something you should be checking for.

Comment Re:Give up PCs? Not likely... (Score 1) 223

"This technology isn't reliable. [...] The people who want your computer to include a back door are evil and you can't trust them."

Sure, that's the actual situation, but most people are just going to hear "secure boot" and think it makes them secure. Mix in a bit of "I don't do anything complicated with my computer, so it's ok if nobody can do anything complicated with their computers" and oh dear.

Today, I'm told, the ratio of computers to kids is almost 1:1

My old school is similar, but all their computers are heavily locked down, with an application whitelist that limits what you can run to just authorized binaries. Which is a pretty good example of the problem.

Comment Re:Give up PCs? Not likely... (Score 1) 223

It's a big if, sure. But phrase it as something we need to do to stop terrorists/paedophiles, and suddenly you'll have lots of support from people that don't know better. "EFI firmware should check PCs for known checksums of child porn and report them to the authorities, and why would you want to disable that unless you're a paedophile yourself?"

And the resulting monopoly-related lawsuits in every nation that would support them, not to mention almost inevitable regulatory action in jurisdictions like the EU, would most likely be the final nail in the MS coffin.

Yet we have none of this for the machines that are locked down today. (After all, it's not even MS's fault that these machines come with unconfigurable Secure Boot. They just set the Secure Boot requirement for Windows certification, they didn't force anybody to put it in!)

A new generation has grown up never not knowing what it's like to have their own PCs and consoles and mobile devices

The sad part is that this isn't true any more. A lot of children these days grow up with only a mobile phone, not a PC... and you can hardly call the phone theirs when it's so locked down that it may as well still belong to the manufacturer. And they consider that normal, because that's what they grew up with, and probably won't see how bringing the same situation to the desktop would be any worse.

I realize I'm being pessimistic here, and I really, seriously hope that you turn out to be right, but I fear I'm just going to discover that I'm not being pessimistic enough.

Comment Re:Give up PCs? Not likely... (Score 1) 223

I feel you are overly optimistic.

If we want to do this kind of lockdown, we'd need some way to make computers only run authorized software. We'd need a standard for digitally signing OSs, and the BIOS would need to check the signature and enforce that only signed OSs can run. Then the OSs would need to run only whitelisted software.

How hard would it be for governments to coordinate getting a lockdown feature like that into every computer? Well... they don't need to. We already have it. MS has already bludgeoned everybody into supporting Secure Boot, which is exactly this feature/misfeature, in all new computers that ship with Windows (which is most of them -- and the rest support it too because nobody's going to make a separate motherboard just for computers that ship with Windows).

Sure, you can disable Secure Boot... except for when you can't. There are machines (often, not always, laptops) out there right now which don't let you disable Secure Boot, so you're stuck running only approved OSs on them. (MS do the approving, in case you were wondering.) It wouldn't take much at all to expand that to every machine; all it'd take would be MS adding "in order to keep machines secure, don't allow disabling Secure Boot" to the Windows Hardware Certification requirements

Given that we already have systems that will only run approved OSs, it doesn't seem like such a huge leap to "you can only run the software we let you run", especially when all the technology to make that happen is already in place. And, for that matter, being used routinely on tablets and phones.

The coming war on general-purpose computing and The Coming Civil War over General Purpose Computing are a good idea to read. I really wish I had my tinfoil hat on here, but sadly this is looking all too realistic.

Comment Re:Sadly.. (Score 1) 352

The GIMP is a very useful, highly functional, stable and reliable piece of software.

...written by developers that think it's ok to piss off a sizeable chunk of their user base.

You're right, I think there should be a word for it.

Slashdot Top Deals

PL/I -- "the fatal disease" -- belongs more to the problem set than to the solution set. -- Edsger W. Dijkstra, SIGPLAN Notices, Volume 17, Number 5

Working...