Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 internet speed test! ×

Comment "a much better pattern" (Score 1) 600

That's a bit subjective. I think I would call it an alternative pattern.

I have seen it work well but more often than not I have seen create code that looks like an arrow. In real life, outside of trivial snippets, arrow code can be horrible to read and maintain. That's not always the case though hence I don't say it's a "worse" pattern - just an alternative.

Comment Re:Maintenance... (Score 1) 600

That's not a reason to outlaw their use. If all you have are mediocre developers then no amount of coding standards will help you.

Less experienced developers can learn from good code. Sure they will get it wrong as they find their feet - we have code reviews to deal with that - but we shouldn't seek to handicap them by taking away tools they can use to express themselves.

Comment Linux Distribution? (Score 1) 28

"This Linux distribution is designed to serve as a media center -- nothing more, nothing less."
It's a media center appliance that uses the Linux kernel and a few user space bits and bobs to start up Kodi (XBMC). Last I checked it was non-trivial to install your own stuff and generally hack about without rebuilding the lot from source... so sure it's a "linux distribution," in that it distributes "Linux" but I find that term unhelpful.

Comment Already modified? (Score 2) 193

Given the safety implications, they would want to minimise the chance of anyone disabling updates so I wouldn't be surprised if they have already modified the software and this is notice that 15th December (or 6 days of runtime) is already baked in as a date of death.

At least, they should have done that.

Comment Re:Cheap chargers (Score 1) 192

I feel I should point out that the items you've linked to are not being sold by Amazon but by third parties using Amazon's website. The same problems occur anywhere you allow Tom, Dick and Harry to sell things using your website.

Last year I bought some LED Christmas tree lights from E-bay. When they arrived I immediately was concerned about the mains cabling not being of sufficient quality so I cut off the moulded plug to inspect the cable cross section. That confirmed my suspicions - the cables were the cheapest possible things with the thinnest slither of metal surrounded by dodgy insulation that could break far too easily.

My attention then turned to the inline box with a CE stamp that was advertised as being a transformer. It was very light so, having already decided there was no way these things are getting used in my house, I started to cut open the box and it practically fell open without much effort. Inside discovered that there was in fact no transformer. Instead there was just a single 1/4w resistor in series with the mains, held in place with a blob of hot glue with incredibly bad soldering. If/when the glue melts the resistor would have been free to pull out of the hole exposing the unfused mains voltage to the outside.

The scary thing for me is that 99% of people will just plug these things in not realising the potential dangers.

Comment Re:He basically said "give us a back door" (Score 1) 546

Aah, yes. I had jumped ahead in my thinking imagining that everyone was on the same page! Doh. Sorry. :-)

In the event of the password being lost, the phone would be useless unless a new key could be created and securely transported to the Great Database. I thought that, in practice, would be unnecessarily complicated.

Also a fixed symmetric key could be compromised by the user himself, prior to selling the phone to some unsuspecting user. No more pin needed.

I think the public-private keypair suggestion fixes those issues.

The key splitting idea is a good one btw.

Comment Re:He basically said "give us a back door" (Score 1) 546

3) Seems far too complicated. How about shipping each phone with a unique back door public key. Every time the user changes the key, two copies are stored. The first encrypted using some derivative of the user's password, the second encrypted using the phone's unique backdoor public key.

When gubbermint wants access they get a subpoena and make manufacturer cough up the code.

In theory that's no less secure than we have it now - given that the manufacturer already holds a golden signing key for your phone.

Comment Windows built-in sockets library exposes OS... (Score 1) 97

Windows 10, Microsoft's new operating system, uses the Winsock Sockets library to automatically manage socket connections while navigating the web. This is what Java does with applets, and Flash with SWF files -- it unintentionally allows a hacker to append malicious code to data and trigger drive-by attacks, which exploit Winsock vulnerabilities to target Windows 10 users. All that an attacker needs to do is to find and create a database of Winsock vulnerabilities it could leverage to distribute his malware.

Comment Re:IP solution (Score 1) 172

Here's my ideal so-called Intellectual Property (IP) solution. All IP must be abolished immediately and rent seekers be damned.

I doubt my ideal solution will be implemented so I'd settle for copyright laws being scaled back massively. Mickey bloody Mouse is way past its copyright date. Collusion with lawmakers to extend it shows exactly why nobody trusts the establishment and why people like Trump will become the next president.

Slashdot Top Deals

Science is what happens when preconception meets verification.

Working...