Slashdot is powered by your submissions, so send in your scoop


Forgot your password?
Compare cell phone plans using Wirefly's innovative plan comparison tool ×

Comment Re:are. you. fucking. kidding. me? (Score 1) 76

There's a word for an organism that voluntarily "subjects itself" to natural selection.

That word is "cull".

Because natural selection, unlike ITGs, is actually tough. It does not give a fuck about your desire to feel superior. It does not give points for your delusions of infallibility. It does not play fair and it does not care if you do. It only cares about success.

If you pass up an easy way to assure success, natural selection will be completely happy to kill you.

You live in its world. It does not live in yours.

Comment Re:Cloud security for you! (Score 1) 41

Any third party service is an extra exposure, period.

You have to be an absolute unmitigated idiot to even think about using something that sends every fucking keystroke to a third party.

And even if you pick the best cloud service every time, you are going to lose if you go out and make yourself dependent on 100 of these things. Not to mention the fact that they often lie and often change their security postures over time. They also love to farm out critical parts of what they do to still more cloud services, increasing your exposure still further. I especially like "I logged into SwiftKey with Google+". So you farmed out not only your goddamned keyboard, but the AUTHENTICATION for access to your keyboard.

I just hope the inevitable collapse of all this "as a service" stuff comes sooner rather than later. Then we can go back to only having to deal with the fact that the local software is crap.

Comment Re:Tweak The Topic (Score 1) 160

But the truth is, the easier it is for terrorists to conduct attacks, the more of them there will be in the future (why not?).

It was easier in the past, and there weren't more of them then. Terrorism isn't cosmic inflation; it doesn't just spring magically from the laws of physics.

I could as easily argue that you create more terrorists by alienating people with heavy handed policing (why not?).

The folks sworn to protect us are probably decent for the most part

What does that have to do with anything? Decent people get caught up in all kinds of bad things. A lot of terrorists are probably decent in the same sense, just brainwashed about something they think is More Important(TM).

and they do not want to fail, no matter what.

That's what makes them dangerous. The fact that they have enormous resources and public support is what makes them more dangerous than terrorists.

But with every attack there will be more and more people pressure to protect their kids, etc., and this will cost money/freedoms too. "So what's the answer?",

Tell the idiots to suck it up and get over it.

Doing nothing will not work.

You're right. That would leave the present abuses untouched. We need to roll back about the last 17 years of this BS.

Comment Re:Has it been programmed to lie? (Score 1) 29

That is, of course, the whole point.

Once they spend however many years it takes to work the bugs out of this sort of thing, the obious hope is that it will be able to lie to you much better than a human could, because it will never, ever have any of the tells a human does... but it will be able to send the signals that trick your monkey brain into thinking it's your friend. Better yet, it will be good at misleading you without technically lying. It will never forget to upsell, and it won't just be following a fixed script. It will be superb at manipulating you to get the maximum amount of money out of you, and it will never, ever feel remorse at talking you into a bad deal, no matter how obviously poor and naive you are.

Not just at car dealerships, either. The creepiest thing so far along those lines is the cloud-connected talking Barbie doll.

Comment Re:Not JVM (Score 1) 172

As a user, having seen the kind of code that's actually offered for me to use, I don't want it to be any easier than it absolutely has to be to leak memory. It can be really easy to drop a cyclic reference, or conversely really hard to keep track of when you have them. The programmers writing phone apps have shown that they're not up to that kind of challenge.

In this day and age, programmers shouldn't have to think about the internals of the runtime. Stuff should just work. And I'm willing to take a performance hit for that if need be.

Comment Re:Seriously?? (Score 3, Informative) 307

  1. Battery life is what started this. Battery life on pagers is better than battery life on any phone, even the simplest. And replacement batteries are everywhere.
  2. Coverage is better inside buildings and in other hard to reach places. Many posters mentioned this before you posted.
  3. Somebody already replied to you about "secure areas".
  4. One-way pagers, at least, don't track or report your location; the page is just broadcast over the whole coverage area.
  5. Pagers can be physically smaller than any phone.
  6. Somebody further down mentioned the reliability advantages of being on a totally separate network from the cell network. You CAN have both.
  7. Pager software is simpler and therefore at least possibly more secure, even than the simplest phones.
  8. Pager hardware is slightly cheaper, which may matter if you expect you might break it.

Comment Re:.. visiting a web-site running as an onion ser. (Score 1) 37

Actually, when you configure a hidden service on Tor, you have a choice of where the traffic coming out of the tunnel will go. You can send it to any address on the host, or even to another host.

But it's easy to forget that isn't necessarily the best choice. And, worse, the Tor project's example configuration uses it.

It's actually usually better to run the server on a separate machine from the Tor process, anyway, for a lot of reasons.

Comment Fuck 'em (Score 1) 172

I've been running open WiFi for over a decade now, and I don't mean to stop. And the load is very low, by the way; I've only had one problem and was able to resolve that very quickly.

But if my connection is going to be loaded in any way by random people, I'll be damned if my ISP is going to get paid for it. I already pay them for that bandwidth.

Not that I'd ever use those particular ISPs anyway... one reason being that their contracts tend to try to tell me I can't run open WiFi.

Comment Re:No questions linger (Score 0) 78

That's dumb.

There are going to be spooks out there trying to subvert any major company. Probably spooks from more than one place. They will pressure the bosses. They will pressure peons without telling the bosses. They will penetrate. They will infiltrate. They will do it to everybody. That is what spooks do.

And they'll get success more or less at random. And that's on top of all the "organic" bugs they will find and exploit.

And people move between these companies all the time.

The strangest thing about this Juniper back door is how obvious it was. Maybe it was a rookie agent.

The lesson you need to take from this is that you can't really trust anything against certain adversaries unless you built it yourself. And then you can't trust the parts. So if the spooks are your worry, you'd better defend in depth and keep off the radar.

Comment Re:Why we need access to the *complete* set of cod (Score 1) 128

If you control a network interface, you can generally control the entire system, because those chipsets have DMA access to the internal memory of the rest of the computer. You may have to do some work to figure out how to find and corrupt the OS data structures, but you have access to everything.

If the owner of the system is very lucky, there'll be an IOMMU (without a back door) and the OS will have programmed that IOMMU to do something useful. But you can't rely on either, especially in embedded devices.

Also, the driver for that chip is very unlikely to be hardened against the chip sending back exploits. The driver will distrust the network data (and won't process them very much anyhow), but it's going to assume that, say, an offset in a chip register is a valid value.

Comment Re:This is really a regulatory problem (Score 1) 115

"using equipment long past their usable life span"

You realize that phrase is self-contradictory, right?

Windows XP and IE6 support SHA-2.

You realize that PC operating systems aren't the big problem, right?

users know the exact risks and are either working around them or living with them (and unlikely to be browsing Facebook anyway).

Facebook disagrees with your assessment of what people are using to browse Facebook, and is doing a lot of work to support those out of date systems.

Comment Re:This is really a regulatory problem (Score 1) 115

Actually yes. Hiding the costs is not OK and externalizing them is worse.

In this particular case, though, it might actually be cheaper to just upgrade all the affected devices than to screw around with some of the proposed workarounds. It's not free for, say, Facebook to come up with whatever weird fallback hack they're pushing. By the time you add up the costs of everybody having to deploy that kind of crap, it would almost certainly be cheaper just to fund somebody to fix most or all of the affected devices. It might or might not be hard to raise the capital to do that. But as it stands you can't do it anyway, because there are a bunch of other barriers in the way.

Slashdot Top Deals

It is masked but always present. I don't know who built to it. It came before the first kernel.