Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Comment Re:Dirty COW (Score 1) 108

Google had already finalized the latest security update when Dirty COW was discovered. December's update will be their first chance to patch it.

Furthermore given Android is an open platform ANYONE can develop for it, and this isn't Google's code at fault here. This is just a case of getting what you pay for when you buy a low-end Android phone that was made without adequate code review or security testing.

Comment Re:Can't even match Cygwin (Score 1) 163

Cygwin sometimes throws the strangest errors, and when searching for info I find lots of dev comments on how support for various things that don't exist natively in Windows often had to be hacked together and doesn't always quite work. Cygwin is a giant hack, and while it's a hack that for the most park works quite nicely, I am glad to see MS take a stab at it.

Comment They can't even hide it. (Score 3, Informative) 81

Before I get into it, I must admit it's not clear if refilled cartridges work or not. I think we have just some anecdotes that they don't but it could be isolated cases. So HP's claims there might have merit.

Now that that's over with, I want to draw your attention to this gem that caught my eye from HP's statements:

We updated a cartridge authentication procedure in select models of HP office inkjet printers to ensure the best consumer experience and protect them from counterfeit and third-party ink cartridges that do not contain an original HP security chip and that infringe on our IP,

This is amazing when you break it down. First of all you have this reasonable part:

We updated a cartridge authentication procedure in select models of HP office inkjet printers to ensure the best consumer experience and protect them from counterfeit and third-party ink cartridges

So far so good. Without any context it seems a reasonable enough statement.

that

The use of "that" here, though, indicates they are talking about a specific subset of counterfeit or third party ink cartridges (or that they believe all of them fit the following criteria). This is where they shoot themselves in the foot I think.

do not contain an original HP security chip

So, in other words, they are requiring you to only buy cartridges with their DRM in order to ensure you only buy cartridges with their DRM. Great circular logic there. But the best part is next:

and that infringe on our IP,

Why do they infringe? Because big companies have lobbied for laws to give themselves more power when it comes to their IP, and its these laws that give HP the authority to do what they do (as opposed to laws that might protect creators of competitive products). So HP's reasoning here is because it's legal, they're gonna do it. So if you strip away will the corporate speak, their OFFICIAL statement is not too far from that they're doing it because they thought they could get away with it.

Comment Re:It's a pity... (Score 2) 126

Yup. Sending the plain text password to the server is the way to go, since you can't and should not trust the client to do any cryptographic work for you with it. But what you SHOULD do for sure is use HTTPS... then it doesn't matter that it's plain text, using HTTPS will be your encryption for sending it over the network. Chrome has started flagging pages that have login forms submitting to HTTP to notify users the page is not secure. Good move.

Slashdot Top Deals

"There are some good people in it, but the orchestra as a whole is equivalent to a gang bent on destruction." -- John Cage, composer

Working...