Follow Slashdot stories on Twitter


Forgot your password?
Get HideMyAss! VPN, PC Mag's Top 10 VPNs of 2016 for 55% off for a Limited Time ×

Comment Re:If you are using IE, that's what you get (Score 2) 490

I actually wonder why it's so hard for any company to say "Here's what we collect, here's why we use it. Here's an option to submit automatically, review before submit, or not send at all. And oh yeah, here's an option to remove data from reports or to decline to ever send a selected field."

I can say this- if a company were transparent and provided a means to verify what they were doing (IE not secretly sending a few extra undocumented pieces), I might be more inclined to send data based on that honesty than I should be. There might still be stuff I take out, but if I know what's being sent instead of just "Hey there's a crapton of data on my line, I've no clue what it is, where it's going, or why!!"

Barely related side note- crap like this actually makes me miss dialup. With broadband, sending these little reports back isn't too noticeable if you're just on a workstation on a dsl line at home, and while you might have firewall or other setup, most folks including IT nerds "set it and forget it.". People really don't tend to care if there's no user experience impact.

Back in Win XP days a friend of mine, who *damn well* shoulda known better, linked a pretty cool Matrix screen saver in group chat about the time the movie was gaining steam in media. Everyone knowing he's competent admin, always does due diligence etc, checks it out. At the time I was at bumfuck Missouri visiting family where dialup was the only option (even until less than 5 years ago.) Well, after installing the screensaver, I noticed that the modem activity indicator was going in the systray for 10-20sec periods. I only had IRC loaded, no web browser, nothing else that would be hitting the network, and knew what to expect traffic wise of standard OS functions. (I HEREBY ACCEPT MY PUNISHMENT OF ETERNAL JUDGEMENT, UNPAID MALWARE REMOVAL, AND FINGERPOINT AND LAUGHING- You guessed it, this screensaver had a new nasty riding its coattails. Yes, I should have checked myself etc etc, trust me I knew instantly my errors, and have used that lesson well in life since. The screensaver actually wasn't sending much data at all, apparently a C&C check that had no new instructions at that time.. but enough data that I noticed- only because of dialup. The group chat of admins did some reverse engineering on it, reported to McAfee and Norton (back when, relatively to today, they didn't suck, and were the big AV players, we hit several minor ones as well)- both companies worked with us, updated defs within 6hr, gave us credit for the find. Seriously though- dialup was the hero here, it would have likely gone undetected for a while if not for seeing small data being forced to take a long time to transmit.

Kinda sucked, because for the time, it really was a dang decent screensaver with 3d effects that by today's standards wouldn't be awesome but not aged/antiquated.

Comment Re:Bet few knew this... (Score 1) 259

FWIW- I worked with a small business server (I didn't choose the OS, I inherited.) around 2008. It got deactivated due to hardware change (HD failure, we upgraded RAM while at it before reinstalling new drive and restoring backup). SBS wouldn't activate. I called MS per phone number listed clearly on screen, they asked a few basic pieces of info to ascertain the original license and I assume find the reason for decline in their records. I told them the situation and basic, not precise, details of HW changes that occurred, they provided an activation over the code, no purchase necessary. Total time was 10 minutes on phone. They really weren't unreasonable at all about it, pretty solid customer experience with individual on phone not treating me like idiot or pirate or etc. I'm no fan of them, but I do give them props for how smoothly that process went.

If it's substantially the same hardware, even if their system flagged it, they're actually not out to gouge on this side of things. (I make no claims about gouging in any other part of the process here.) If someone were reactivating constantly due to reinstall/hardware/etc, they would have needed to call MS at some point I'm pretty sure, and would have explained what's going on. I'm sure that MS keeps records of that, and looked for such before pursuing in court.

Comment Re: Something will be gained ... (Score 1) 139

I'm sitting here thinking it wouldn't be hard to wire the clock to stop on whistle. Put a sensor in ball, ref pushes button after he hands ball to inbounding player, it detects acceleration of throw in then starts clock on next (capacitive?) touch. (Ok probably it only transmits acceleration/touch and score table receiver does logic on that). As always human standby, if they hit start after transmitter starts clock or stop after whistle stops ignore it, but if they start/stop when a sensor missed it it accepts the human command and resumes logic. The programming seems easy here, the tech of not imbalancing the ball, durable for impact etc probably not that far off... As a bonus this system might help remove much of human skew on timing, but doesn't help refs slow to whistle etc.

On the surface this isn't news for nerds.. But really with a bit of imagination it could be!


Submission + - Secure Application Password Management

JPyObjC Dude writes: When designing any system that requires automated privileged access to databases or services, developers often rely on hard coding (embedding) passwords within the source code. This is obviously a bad practice as the password is then made available to anybody who has access to the source code (eg. software source control). Putting the passwords in configuration files is another practice but it is still quite insecure as cracking hashed passwords from a text file is still a trivial exercise.

[Q] What do you do to manage your application passwords so that your system can stil run completely automated and yet make it as difficult for hackers to get their hands on this precious information?

Submission + - Welcome to the controversy - MS wants laptops back

newscloud writes: "Snap. Apparently, after yesterday's Slashdot post on Microsoft giving bloggers $2,200 laptops, the company reversed itself. GeekNews says:
Someone at Microsoft has lost their minds! Well first Microsoft gives bloggers laptops with Vista loaded on it for review and they are told they can do whatever they want with the laptop as in keep it, give it away when they were done with the review. But shockingly today Microsoft has asked that the laptops be returned after the people get done doing the reviews.
Hey Microsoft, where's my laptop? Could I have one of these? I hear it runs Windows."

Slashdot Top Deals

It is not every question that deserves an answer. -- Publilius Syrus