Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. ×

Comment No chroot()? No privilege separation? (Score 1) 90

Google, your design of Android has been so phenomenally bad that you issued 115 patches for Stagefright/Mediaserver CVEs in 2015. Let's just review exactly how terrible the design of Android's media system really is:

Don't start me on Stagefright and Mediaserver, I could rant for 2 or 3 hours non-stop! Seriously, the code over there is crap, and has insane concepts, like aborting the whole mediaserver (and all related media decoding of all other applications running at the same time), when it parses a file with attributes it does not know, instead of skipping the file. We discovered some issues in Stagefright (busy loops, device reboots, mediaserver crashes) quite early, but we never thought about submitting them.
--Jean-Baptiste Kempf, Lead Developer of VLC

Anything that you are doing with attachments in a new messaging app should fork any outside processes in separate chroot() jails as individually-distinct, non-root users.

If you can't figure out how to write secure code, then just stop writing code.

Comment Re:Weak/nonexistent punishments for faulty notices (Score 1) 81

All patent applications are signed under penalty of perjury. However, the US Patent and Trademark office disbanded its enforcement department in 1974. So, you can perjure yourself on a patent application with impunity.

Unless it's testimony in a criminal case, or the perjury trap in front of a grand jury, or something they want to prosecute like lying on your tax form, the Federal government is in general lassiez faire about perjury, or even encouraging of it with their reluctance to prosecute, especially perjury committed by a so-called intellectual property holder.

Comment Re:ECC (Score 1) 263

No boot ROM means that a hardware device constructed from discrete logic and analog chips directly demodulates digital data from the radio, addresses the memory, and writes the data. Once this process is completed, it de-asserts the RESET line of the CPU and the CPU starts executing from an address in memory. Really no ROM!

Slashdot Top Deals

Don't tell me how hard you work. Tell me how much you get done. -- James J. Ling

Working...