Please create an account to participate in the Slashdot moderation system


Forgot your password?
Compare cell phone plans using Wirefly's innovative plan comparison tool ×

Microsoft Apps Will Be Pre-loaded On Lenovo and Motorola Android Devices ( 72

An anonymous reader writes: There was a time when Microsoft was seen as the enemy of Linux and Apple communities. Understandably, at the time, the company only wanted Windows to succeed. Nowadays, however, the operating system is sort of inconsequential. Microsoft seems happy to have its software succeed on 'competitor' platforms such as iOS, Android, macOS, Ubuntu and more. Today, Microsoft announces that it has partnered with Lenovo on a new mobile initiative. The Windows-maker's productivity apps will be pre-loaded on Lenovo and Motorola-branded devices running Google's Linux-based Android operating system.As of earlier this year, Microsoft had over 74 Android OEM partners. As for submitter's take on this, it's pretty simple. Microsoft is going where users are. If they are not going to purchase Windows Phones, Microsoft will go to Android and iOS.

Comment Re:What is it that you say? (Score 1) 439

No, they're not dropping that veneer.

Saying you compete with someone, isn't the same as saying you're the same kind of business. e.g. courier bikes, courier pigeons, telegrams and email can all compete with one another, but work differently and might have really good reasons for being regulated differently.

(BTW, I'm not taking a position about how Uber should or shouldn't be regulated; I'm just saying that there is nothing about their reaction which implies they're admitting anything.)

Comment Re: Do they really ignore them? (Score 2) 124

Oh, so you're manually inspecting the self signed certificate every time you visit your website? If not, then how do you know nobody is intercepting your communication, making your self signed certificate as useless as having no encryption at all.

No, and he didn't imply that. Here are several situations, in increasing order of security.

1) The connection is not encrypted or signed. No certs exist. Nobody knows who they're talking to. An active attacker on the network between the two parties, can proxy and impersonate each side. A passive attacker, someone who just gets copies of the traffic, while they can't impersonate, can at least read what everyone is saying. No warning.(?!)

2) The connection is encrypted, but with unknown parties' public keys. Certs exist but are essentially worthless. An active attacker on the network between the two parties, can proxy and impersonate each side. A passive attacker, someone who just gets copies of the traffic, can't read anything. DANGER! DANGER! FREAK OUT!!

3) The connection is encrypted, and if you believe certain faceless parties who are totally unaccountable to you and who you don't know anything about, you think you probably know the other side's identity. Active attackers can't do anything, unless they're active enough to coerce or trick the CA. Passive attackers can't read anything. No warning.

4) The connection is encrypted just like above, but the CA pinky-swears that they really tried hard to make sure. Green URL bar.

5) As case 3 or 4, but multiple CAs, which might be hard for a single attacker to simultaneously coerce or trick, have all signed the cert. We don't have this in our browsers yet; it's early 1990s level tech that we're still waiting for.

6) As case 3 but the user has verified the identity through a different channel. No trusted introducer was needed. The cert need not be signed at all, or might be signed by the user himself. No warning, but also no green URL bar. (Yet, this is the very best-possible case, definitely more secure than any other.)

See anything wrong here? Scenarios 1 and 2 have their warning severities reversed. (And there's also a UI defect at high degrees of security, too, but that's less important.) This trains the use to think of warnings as not necessarily meaning increased severity or risk. A user will adjust to this by ignoring warnings. This is bad communication, and it's making us all a little stupider.

What you should do is add your known self signed certificate to your local certificate store, which means that the warnings will stop

He's talking about a situation where it's not known. Adding it to the local store would be inappropriate. That would be an attempt to treat scenario 2 as scenario 6, just to get around a UI bug. It'd be much better to just fix the bug.

Comment Payoff table shows whose guys they are (Score 1) 272

Maybe they're our guys, maybe they're not.

Country A is full of citizens, businesses, and government orgs which routinely depend on working computers and networks. Country B is similar, but a little behind, because they're not as wealthy.

Both countries' citizens, businesses and government orgs pretty much run the same code. Same OSes, same big applications, etc.

For the most part, everyone's computers run pretty badly, and outages and various fuckup are frequent. Criminals in both countries are very happy with the situation. Both countries have a pretty easy time with espionage, but a nearly impossible problem with counter-espionage. Everyone can attack, but hardly anyone seems to be able to defend.

Well, they're about the same, but not exactly. In Country B, due to the lower tech, more people use cash, more things are done low-techy, etc. Computer crime isn't quite as easy there. Fewer government systems (both civilian and military) are vulnerable to cyber-attack simple because they're not as computerized. Fewer businesses depend on networks. The airlines' schedules in Country B are run by a guy who has a big notebook, but Country A has an airline schedule that's run in some datacenter.

A group of nerdy people figure out part of the problem with everyone's fucked up computers. Turn out, there are bugs in popular software. Sometimes the symptoms just happen (bad luck) and sometimes they are exploited by adversaries.

The nerds have to make a decision: "Do we tell software industry about the bugs and have them fixed, so that everyone (both our country and the other country) get a defense advantage? Or do we not talk about the bugs, thereby preserving everyone's attack advantage?"

The group of nerds chooses the latter, opting to not have the bugs fixed.

Tell me this: judging from the nerds' actions, which country do you infer they working for? Who has more to win or lose from the computers continuing to work so badly?

Comment Re: Get over it (Score 2) 181

If it's fair use, then we're talking about re-implementing the API being fair use, not how it's used after the fact. How that re-implemented API is used is not part of the discussion of whether re-implementing the API is fair use. The copyrighted elements were solely the API method signatures, and not any source code. If this had been a court case over patents (which is a whole other level of ridiculous, when talking about software, so thankfully it wasn't), then how the APIs were used and what they did would be at issue. The fact that Chrome has the ability to execute android application bytecode doesn't impact that argument.

Oracle Says Trial Wasn't Fair, It Should Have Known About Google Play For Chrome ( 181

Two and a half months after a federal jury concluded that Google's Android operating system does not infringe Oracle-owned copyrights because its re-implementation of 37 Java APIs is protected by "fair use," Oracle's attorney says her client missed a crucial detail in the trial, adding that this detail could change everything. ArsTechnica reports: Oracle lawyers argued in federal court today that their copyright trial loss against Google should be thrown out because they were denied key evidence in discovery. Oracle attorney Annette Hurst said that the launch of Google Play on Chrome OS, which happened in the middle of the trial, showed that Google was trying to break into the market for Java SE on desktops. In her view, that move dramatically changes the amount of market harm that Oracle experienced, and the evidence should have been shared with the jury. "This is a game-changer," Hurst told U.S. District Judge William Alsup, who oversaw the trial. "The whole foundation for their case is gone. [Android] isn't 'transformative'; it's on desktops and laptops." Google argued that its use of Java APIs was "fair use" for several reasons, including the fact that Android, which was built for smartphones, didn't compete with Java SE, which is used on desktops and laptops. During the post-trial hearing today, Hurst argued that it's clear that Google intends to use Android smartphones as a "leading wedge" and has plans to "suck in the entire Java SE market. [...] Android is doing this using Java code," said Hurst. "That's outrageous, under copyright law. This verdict is tainted by the jury's inability to hear this evidence. Viewing the smartphone in isolation is a Google-gerrymandered story."In the meanwhile, Google attorney said Oracle was aware of Google's intentions of porting Android to laptops and desktops, and that if Oracle wanted to use this piece of information, it could have.

Comment Leprechaun at Rio (Score 1) 180

I wish they still made those Warwick Davis Leprechaun movies. They could totally have an olympics one, where he dissolves some gold thief in the pool. OMFG, gold thief! The Leprechaun could be in the olympics, and he's pissed that other contestants are winning "his" gold medals. It's perfect; the movie writes itself.

But the last two (no, the last three, but especially the "Hood" ones) totally sucked, so I understand why they don't make 'em anymore. My friends and I were so pissed that the "Hood" ones sucked; within just a few minutes of trying to get over our disappointment after watching the first one, were were making up limerick-raps way better than anything in the movie. Those bastards put in so little effort in the end, and why they made "back 2 tha hood" I can't begin to imagine. Sigh.

So anyway, Warwick, tell your agent that you're up for doing another, but only if they'll do a good job, like in Leprechaun 3 (total classic, best of the series!).


Malware That Fakes Bank Login Screens Found In Google Ads ( 120

tedlistens quotes a report from Fast Company: For years, security firms have warned of keystroke logging malware that surreptitiously steals usernames and passwords on desktop and laptop computers. In the past year, a similar threat has begun to emerge on mobile devices: So-called overlay malware that impersonates login pages from popular apps and websites as users launch the apps, enticing them to enter their credentials to banking, social networking, and other services, which are then sent on to attackers. Such malware has even found its way onto Google's AdSense network, according to a report on Monday from Kaspersky Lab. The weapon would automatically download when users visited certain Russian news sites, without requiring users to click on the malicious advertisements. It then prompts users for administrative rights, which makes it harder for antivirus software or the user to remove it, and proceeds to steal credentials through fake login screens, and by intercepting, deleting, and sending text messages. The Kaspersky researchers call it "a gratuitous act of violence against Android users." "By simply viewing their favorite news sites over their morning coffee users can end up downloading last-browser-update.apk, a banking Trojan detected by Kaspersky Lab solutions as Trojan-Banker.AndroidOS.Svpeng.q," according to the company. "There you are, minding your own business, reading the news and BOOM! -- no additional clicks or following links required." The good news is that the issue has since been resolved, according to a Google spokeswoman. Fast Company provides more details about these types of attacks and how to stay safe in its report.

Facebook Rolls Out Code To Nullify Adblock Plus' Workaround ( 426

An anonymous reader writes: The Wall Street Journal issued a report Tuesday that said Facebook will begin forcing ads to appear for all users of its desktop site, even if they use ad-blocking software. Adblock Plus, the most popular ad-blocking software, opposed Facebook's plan and found a workaround to Facebook's revision two days later. Now, TechCrunch is reporting that Facebook is well aware of Adblock Plus' workaround and their "plan to address the issue" is coming quick. "A source close to Facebook tells [TechCrunch] that today possibly within hours, the company will push an update to its site's code that will nullify Adblock Plus' workaround," reports TechCrunch. "Apparently it took two days for Adblock Plus to come up with the workaround, and only a fraction of that time for Facebook to disable it." An update on their site says, "A source says Facebook is now rolling out the code update that will disable Adblock Plus' workaround. It should reach all users soon."

Comment Re:Misleading? (Score 1) 122

By defining "own" a thing that doesn't exist, you reduced the expressive power of language. That has negative utility.

In other words: even if you're right, that's a totally fuckwitted thing to do.

"Own" has meaning that is independent of whether or not you having permanently secured the asset from all possible attacks.

Comment Re:Shit, I was wrong (Score 1) 537

Okay, why do you think that insisting on being able to make an emergency phone call is stupid or evil?

(As other people have pointed out, one of the aspects of this story is that nobody's ability to make the call is seriously impaired. They can go outside or use wires, so it's a non-issue anyway. But that's not what we're talking about, so I'm going to answer your question.)

The stupid/evil is in the "insisting" part. Nobody is doing anything to the insister; the insister is making up a NEW thing that is suddenly "owed" to them, a pseudo-right which previously did not exist. If I'm minding my own business and you forcefully impose a new requirement on me, that's simple aggression. Nobody should ever have to tolerate that, and a big part of the purpose of government is to stomp on the people who get caught doing it.

You have the right to try to make a phone call with your equipment, but nobody ever had the right for it to necessarily work. There are so many reasons it might not work, that it will never be something that anyone will ever be able to take for granted. It will never be an entitlement. Your phone's performance will never be someone else's responsibility. We, all together with everything we have, will never have the power to make sure phones always work.

OTOH, the bar owner, sure as fuck, has the right to use metal construction! He also had the right to open a bar 50 years ago when you didn't have a cell phone. He has the right to open a bar 50 miles from the nearest cell tower, or to open a bar in a city which has cell towers fairly nearby but with iffy performance. He has the right to exist even if you forgot to charge your phone or if you left your phone at home. As long as he's not doing anything to you, your phone's problems shouldn't be his problem.

So while on the face of it, the insistance is clearly evil, I try to allow the stupid-out instead, simply because so many people don't think about rights, ethics, power relationships, etc.


Let's make up a tear-jerker (this thread needs more FUN). Your wife, kids, ten very cute puppies, the nicest nun in history and that celebrity that everyone thinks is a cool guy in real life, all have an acute problem which is easily treated. All it takes to help them, is that a magic syllable be uttered over a phone to another person. Alas, if it doesn't get done, they will burn to death, screaming in agony in front of you. You're at the bar with your family and puppies, the nun and the celebrity, when suddenly you get a whiff of smoke. Your wife chuckles, "Uh oh, it's happening again. Better make the call." You smirk, and say "Yes, dear," as you reach for your phone. It's routine.

No signal.

Oh, shit.

So you think about stepping outside, but there was a $5 cover charge and there's no re-entry. There's a landline phone behind the bar too, but you don't want to impose on the bartender, as he looks somewhat busy. The reasons don't really matter, but the point is that you hesitate, and ultimately take no effective action. They burn to death: your wife cursing you in her final seconds, the kids and puppies begging you to do something to save them, a look of betrayed trust in their eyes. The nun insincerely forgives you, and the celebrity says "wait until my fans hear how you let me die!"

You live the rest of your life sad and alone, your soul forever wounded, haunted by the terrible memory. Their fat, melting! Their skin, cracking! Their bones, smouldering like charcoal! The horror!

Later, once you figure out that the building contained metal construction, you can call the owner an asshole. I am ok with you doing that. "You should have realized that sometimes customers like to make phone calls! You don't serve food here. What if someone wanted to order a pizza? Or what if someone's family has a rare spontaneous combustion condition huh? ASSHOLE!!" That's your opinion and you're entitled to it. I might even agree with you!

But whose fault is it really, that your wife, kids, puppies, favorite nun and the cool celebrity died screaming on fire while you watched? It's sort of your fault (you should have gone outside, or you should have asked to use the bar's phone) but as I mentioned above, you never could be sure that it would have worked anyway. It was a shitty, risky situation at best. There might not have been good reception outside, the phone lines might have been down, or the person you call to say the magic syllable, might have stepped away from their phone to go to the bathroom. It might have happened the following week, when you would be camping. Don't get me wrong: You should have done better! But they all might have died anyway.

You know whose fault it is? The fucking universe's, that's who. That is totally fucked up, and it sucks that your wife, kids, puppies, favorite nun and the celebrity were always on the virge of spontaneous combustion. I am not kidding. That totally sucks. It's not fair! Spontaneous combustion, good grief! Who is ready for that?! Nobody really is. You thought you could handle it .. such hubris!

And it's not the bar owner's fault. And if you credibly threaten to use government power against him so frivolously, I would hope that you were the one who ended up getting governed, as a deterrent to other future aggressors. On the bright side, I would govern you compassionately, as I know you're bereaved, and stress makes people stupid and cranky. That's so easily confused with evil, or maybe temporary insanity is a "lite" version of evil.

Comment Voting Johnson because I like him, AND.... (Score 1) 993

The great thing about Johnson is that he simply isn't a spoiler. Anyone who thinks he might be like Nader in 2000, I challenge you to explain who is the 2016 equivalent of Gore.

You can't. The Democrats and Republicans are projected to spoil the election for him!

BTW, I have a message to all Democrats and Republicans, for why all of you you should vote for Johnson this year. Listen up, because this is important.

A Johnson victory is the only way that Trump can run as a Democrat in 2020.

If Trump wins, then it won't happen. If Clinton wins, then it won't happen. But if someone else wins, then it remains a possibility that the Democratic Party can be destroyed using the same recipe that just killed the Republicans. No matter where on the right/left spectrum you are, you have to agree: that would be one of the most joyeous things to have ever happened in American politics. (And you still get to argue with those other assholes, about whether it's the best or second best thing to have happened!) Isn't this an everyone-wins scenario? This November is your one chance.

America, make it so! Two vampires, one shit-stained stake. TRUMP (D) 2020!

Comment So freaking what? (Score 1) 271

Streaming Services are by definition a Service. Other Services in the state are taxed at 6%. Streaming services can be considered a Luxury item, nobody needs netflix to live. You won't die without it.

the Vaping taxes are essentially the same thing. You don't need to vape. It has health issues just like regular smoking. Kids pick it up as being "cool". Tax it like cigarettes..boom done. I can think of about 5 Vape stores in my town, why on God's green earth do we need 5 in small town? Survival of the fittest, some will close.. I'm sorry. oh well.

Do I like But Wolf also got passed a decent Education budget, finally after years of crap from Rendell and Corbett. So if you are going to tax me 6% for netflix and Amazon Prime, oh well. Maybe my kids will get a better computer system in their school. Or maybe their teachers will get a better contract and be more engaged in the class room .

State taxes don't necessarily suck 100% of the time. there are real benefits that can happen. People need to get their heads out of their asses and realize we all need to work together as a community to keep things from going to total shit. Taxes are one of the ways we are able to do this. /end rant.

Slashdot Top Deals

Many people write memos to tell you they have nothing to say.