Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. ×

Comment Re:do you want to get mugged behind a bar? (Score 1) 135

rule 16 - there are no girls on the internet.

While that cliche may once have been broadly- albeit never completely- true, it's a long time since that was the case.

Now that I think about it, it's no longer just a long time since that was the case... it's even been a long time since people felt it necessary to point out that the stereotype no longer applied. We've completely moved on now- when smartphones are more common than not among the female population, it's probably not something it would even occur to most people to think about nowadays.

Comment Re: The real question is (Score 1) 86

Poundland batteries only last a few minutes if you draw real current from them! They are lighter too.

Can't swear that they last as long as Duracells, but I've never had that problem with the various brands I bought there.

Are you absolutely sure those were alkaline batteries (i.e. the ones I was discussing) and not zinc carbon/chloride (the "dirt-cheap-but-underpowered-for-most-real-uses" type)? They sell both, often in similar packaging.

The zinc ones are usually, but not always, cheaper (because they're crap) and if you're getting like ten or more for a pound (10+6 free) they're almost certainly not alkalines. Don't be fooled by the "Heavy Duty" label; that came from the fact that zinc chloride cells once offered a noticeable improvement over zinc carbon, but they're still feeble by modern standards.

Comment Re:The real question is (Score 1) 86

HP fail: compare your product to something that no competitor should be worse than by far.

This is like how- in the United Kingdom at least- Duracell are still selling their (alkaline) batteries by comparing them against zinc batteries. (#) I mean, really?

That might have been valid thirty years ago when alkalines were semi-premium and zinc carbons *were* the competition, but nowadays zincs are relegated to the dirt-cheap-but-underpowered-for-most-real-uses market segment. Alkalines are mainstream and I can get four or six of them for a quid from Poundland.

How do your batteries compare against those? Twenty percent more capacity for two and a half times the price or something? Doesn't sound so good... but then, neither does relying on comparisons to an archaic technology to make yourselves look better.

(#) This advert is three years old, but I'm sure I saw a similar one less than a year ago.

Comment Re:Oh please (Score 4, Interesting) 204

Any language where the default equality comparison operator is *true* given two string-type variables with values "0E54321" and "0E12345" is not a cryptographically secure language. In fact there is a nonzero chance of the default equality operator returning true between two different MD5 or SHA256 hashes if they happen to fall into a hexadecimal form that is all digits except for one E or F.

Technically, that (in itself) doesn't necessarily mean that the built-in cryptography nor the language itself are inherently insecure. In theory, that is, provided you understand the language and use it correctly.

And that's the problem. Because in practice, PHP's design philosophy of trying to be clever- often too clever by half- when it comes to comparisons, equality, automatic coercion, data types, etc. etc. too often gives unpredictable and unexpected results from people who weren't aware of that behaviour.

You absolutely do *not* want any risk of this happening when you're designing a system that has to be secure. You want boringly explicit and utterly predictable data and type handling.

My prediction is that far, *far* more security holes will be down to bugs caused by unforeseen subtle aspects- i.e. pitfalls- of PHP's type handling and equality behaviour (etc.) in the apps using it rather than bugs in the cryptographic module itself.

PHP being a language more favoured by inexperienced users, this is likely to be made far worse. Expect lots of newbies with misplaced confidence designing what they think are "secure" apps that are in fact full of holes- either because they've misused or misunderstood the cryptographic module, or because they've overlooked some basic aspect of computer security elsewhere (e.g. failure to parse input securely) that makes the use of cryptography irrelevant.

And those are the sorts of mistakes newbies would make when using any language- with PHP's language design issues on top of that, it has the potential to be far worse.

So, yeah. I trust that the module will be secure. The main problems- I guarantee- will be caused by caused by overlooked (or not known about) aspects of PHP's too-clever-by-half data handling (in client apps using it) leading to exploitable holes, and by the fact that too many of PHP's newbie-skewing userbase will overconfidently assume it makes their apps foolproof while using it incorrectly and ignoring security holes elsewhere that make it redundant.

Comment Re:Horses and barns (Score 1) 32

The horses have run away and you're now opening the barn hoping they come back, but they have long found something better.

If they've found greener pastures, that implies that they were out to pasture in the first place, i.e. not in the stable or barn. But... yeah, I knew what you meant.

I actually found it very witty, sorry to be so cocky.

Your original comment came over as sort of funny, albeit not quite as clever as it was obviously meant to be.

However, if you want to be self-congratulatory, it helps not to undermine things completely...

And yes, I know that the original metaphor requires you to shut the door after the horse ran away instead of opening it. But that part of the metaphor didn't make sense if anything, you would have to OPEN the door when you notice that the horse is gone and hope that the horse comes back home.

That's because you've entirely missed the point of the original metaphor!

Keeping the stable door shut (to stop the horse escaping) represents the thing that was *supposed* to have been done beforehand.

If you fail to do that and "the horse escapes" then... there is no point in trying to remedy things or make amends by shutting the stable door. Of course it doesn't make sense any more... that's the whole point!! The horse is already gone. Shutting the stable door beforehand would have prevented this. Shutting the stable door now is too late to solve the problem.

The point is that doing what you should have done in the first place only *after* the thing it was intended to prevent has already happened makes no sense.

Comment Re:Mobile games too (Score 1) 40

The Wii was a fluke that happened at exactly the right time, hence why Wii U tanked. (removing the Wii, the Wii U had the expected number of buyers from the slowly decaying trend on their total console sales)

I don't know that the original Wii was entirely a fluke; I'd give them the benefit of the doubt and credit them with doing something different to MS and Sony's chasing of the traditional, mainstream "serious" gaming market by going for the casual market (which, to some extent, the DS had already had success in pioneering).

But basically, yes, I agree with you regarding the timing and the fact the casual market had moved on by the point the Wii U came out. I said much the same thing myself a few days back- the Wii U was a contrived attempt to replicate the original Wii's success by doing exactly the same thing (especially its controller, trying too hard to be as original as the Wiimote)... and without recognising that the casual gaming market the DS and original Wii had pioneered had started moving on to tablets and smartphones by then.

The fact that- from what I've heard- a relatively high proportion of the original Wii consoles tended to end up gathering dust in cupboards after the initial burst of enthusiasm and novelty wore off probably didn't help convince the same people to rush out and buy a Wii U. Particularly as the marketing- and name- didn't make clear that it was an entirely new console, and not just a slightly improved Wii.

Comment Re:I Use Mine (Score 1) 59

My daughter prefers to play Wii U single-player games on the GamePad rather than on the television

I have to admit that I've never played the Wii U. However, I remember when it first came out it- and in particular, the screen-based gamepad- struck me as a contrived attempt to replicate the success of the original Wii.

That- of course- enjoyed success because it *didn't* attempt to go down the well-trodden, stereotypical path of reliant-on-graphical-specs hardware and traditional "serious" gamer demographics, but instead targeted the casual gaming market (which had already been opened up by the Nintendo DS which did much the same thing) and used a novel, interesting and more "active" controller- i.e. the Wiimote.

I won't accuse them of wanting lightning to strike twice- since that would imply the original Wii's success was pure luck the first time round, which I don't believe- but it's obvious that they thought they could pull of the same trick again.

Hence, the Wii had a novel controller, so the Wii U had a (contrivedly) novel controller. The Wii got away with being underpowered, so the Wii U would get away with being underpowered. The Wii was a success by targeting the casual market, thus its lack of traditional mainstream arcade games wasn't such an issue- so the Wii U would do the same thing.

One problem as I see it is the "casual" market that the Wii opened up had already moved on by 2012- towards "Farmville"-type Facebook skinner boxes and smartphone and tablet games- and that the Wii U's trying-too-hard controller was pretty expensive and hardly ideal for family and multiplayer games.

But the marketing was also pretty crap- failing to make clear enough that "Wii U" was an entirely new, next generation console rather than a tarted-up Wii or giving people who had a Wii gathering dust in a cupboard any reason to buy a new one. (And that was possibly another issue- the Wii seemed like a good idea to many people at the time, but I gather a lot of them ended up not being used, so they weren't likely to rush out and buy the next Wii).

Comment Re: Zombie Nation (Score 1) 145

Zombie Nation describes the harm sleep deprivation is doing to the United States.

I was going to ask what the hell a bunch of German techno producers would know about it, but I guess they've spent a few late nights in clubs over the years.

(And yeah- I know. I used to think that too, but "Kernkraft 400" was actually the name of the song...)

Slashdot Top Deals

Much of the excitement we get out of our work is that we don't really know what we are doing. -- E. Dijkstra

Working...