Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 internet speed test! ×

Comment There's your "careful phrasing" (Score 4, Insightful) 139

I want to be absolutely clear that we have never worked with any government agency from any country to create a backdoor in any of our products or services. We have also never allowed access to our servers. And we never will.

Yeah, that's reassuring. Except, what's being described here falls under neither of those categories. It's not a backdoor, and it doesn't require providing access to Apple's servers. So, Apple is blithely sidestepping the issue with careful phrasing, denying only activities about which they were not asked, while artfully ignoring those about which they were.

Comment Shades of Archer (Score 1) 277

Sterling Archer: I thought you put it on autopilot!

Rip Riley: It just maintains course and altitude! It doesn't know how to find THE ONLY AIRSTRIP WITHIN A THOUSAND MILES SO IT CAN LAND ITSELF WHEN IT NEEDS GAS!

Sterling Archer: Then I, uh... misunderstood the concept.

Seriously, though, the problem for Tesla isn't just that people will misuse the system. The problem is, even when the system isn't at fault, and the driver knows it wasn't at fault, there will still be a subset of people who will try to lie and blame the system in order to weasel out of fines/criminal charges/general responsibility, because it's new enough, controversial enough, and makes for a sufficiently good sound bite that some media outlet will start screaming bloody murder about it being Tesla's fault, and other media outlets will pick it up and run with it without any form of fact checking.

Comment Re:Current version of Firefox is not vulnerable (Score 3, Informative) 95

Firefox fixed this issue in Firefox 43, not in 44.0.2. In particular, it was "fixed" in Firefox by updating to a version of libgraphite that did not have the problem, and this happend before the issue was even reported to libgraphite.

Hence no CVE for Firefox 43 or 44, because they were never vunerable, and no CVE for Firefox 42, because it was long-superseded by the time the vulnerability was even reported.

The CVE, if you note, is for Firefox 38 ESR, which _was_ vulnerable until the 38.6.1 release.

Comment What's the point? (Score 2) 34

What in the world could be the point of this? Suppose the deal goes through as described. From the security researcher's perspective, the code is already in the wild, downloaded repeatedly. Could easily be forked to a new project, hosted by someone else, etc. It will be back up and online the moment he takes it down. From the malware author's perspective, if he gives up all the existing keys, he loses his current "market", but he can just change the keys, and redeploy his malware. So, the malware author gains nothing because the project will undoubtedly remain online. The security researcher gains nothing, since the malware author can just deploy a new version with different keys. So, the exchange does nothing but generate headlines. Nothing else accomplished.

Slashdot Top Deals

Make sure your code does nothing gracefully.