Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 Internet speed test! ×

Comment Strings are the problem (Score 0) 193

So long as queries are composed of strings, there will be injection attacks. There are tools to perform escaping, but they're optional: " 'SELECT * FROM users WHERE id=' + userid" is always going to be something the programmer can choose to do. The only solution is to remove that option. Limit database interaction to framework ORMs or query building tools (e.g. Querydsl) and the programmer can no longer choose dangerous options.

Comment Re:"Can't trust Google cuz they're NSA buds" = sil (Score 1) 128

I'm not suggesting Google is impervious to coercion, only that the have an incentive to maintain as secure a platform as they are able. They are no more vulnerable to corruption than OpenSSL was (though it could even be argued that their political and economic clout makes them less vulnerable; but I wouldn't get behind that position).

Comment "Can't trust Google cuz they're NSA buds" = silly (Score 2) 128

Google makes a lot of money on your data. They mine the crap out of your email. Their CEO has said privacy online is silly since if you've done nothing wrong you have nothing to hide. Summed up: they're indifferent to your sense of privacy. But trust Google to protect it's own interests. It wants to control access to this data. They'll be happy to comply with government requests for data, but on their own terms, and not by willfully subverting the security itself and leaving the door wide open. Being the doorkeeper makes them powerful. Being a doormat is not in their interest.

Comment My top 5 concerns about the new net filter: (Score 4, Funny) 158

My top 5 concerns about the new net filter:
1) _______________everything______________.
2) _____________________________________________________
3) _______________________________is ______going________
4) _____________to ___________ be ____________________________
5) _______________ fine ____________________ .

Comment Re:I loathe this invitation 'nonsense' (Score 2) 62

Two reasons come to mind immediately:
  • limited access means a smaller group to monitor for problems. Buzz, for example, went live across the board and had serious privacy issues. If they'd done it on a smaller scale, maybe they could have nipped it in the bud.
  • illusion of exclusivity makes the product seem cooler. You want what you can't have.

Comment Re:Why tax Hybrids and Guzzlers equally? (Score 1) 1306

But it's not just about road repair. Fossil fuel use externalities are not currently reflected in the price of gas. Ideally, we should keep the gas tax (even increase it) to cover the damage done by gasoline and institute a road-use tax. We certainly should not replace the gas-tax with a road tax. Further, I think it's more than reasonable to keep the cost of road maintenance in gasoline-tax. This further incentivizes people to use hybrids/electrics, a technology which in its early stages of development would benefit from an uneven playing field.

Slashdot Top Deals

Your computer account is overdrawn. Please see Big Brother.