Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 internet speed test! ×

Comment Re:Don't run root (Score 1) 228

I wouldn't be too sure about not running servers on this. Plenty of places really really want to have a standard build of windows on all their servers without exception. Plenty of developers want their stuff to run on a well understood LAMP stack that isn't a complete and utter pain in the arse to install and update. WSL lets everyone be happy - not sure it can run background services properly yet, but there is certainly a use-case for it running servers. Now whether such a machine is vulnerable to this kind of exploit is a bit of an open question. This seems to be describing a potential privilege escalation by writing into the memory of Linux applications, which seems like something that shouldn't be allowed by the windows kernel.

Comment Re:Punish the serf class. (Score 4, Interesting) 238

Well we can vote to rejoin the EU, sure, if all 27 other countries want us back, and if we join the Euro, and join the Shengen border free zone. And pay the full contribution without the rebates we negotiated. Personally I think we should do all that, and get over ourselves and stop being an awkward antagonistic special snowflake in Europe.
Europe is massively more democratic than it is perceived in the UK. The commission is headed by 28 representatives appointed by their democratically elected governments (albeit appointed to act in the interests of Europe) the European parliament is made up of MEPs voted in directly. The council is the elected heads of state of the member countries. Junker was the first president of the commission elected to the post by the elected European parliament.
There is a reasonably plausible democratic path to everyone involved, naturally there are lots of civil service type staff employed by the whole thing, and it is a bloated gravy train of bureaucracy, but that in itself is reformable and not undemocratic.

Comment stop promoting guns and invisible friends (Score 2) 1144

Bit of an innovative idea, but maybe lets try making it a little harder to get guns and stop promoting the idea that it is OK for an adult to have an invisible friend that talks to them and tells them who to hate. The current approach to the invisible friend problem seems to be to say "oh, I have the same invisible friend and they are totally nice" or "This bad person seems to have the wrong invisible friend, mine is totally nice". These are both unacceptable and fucking stupid responses to religious violence. It is not OK for an adult to abdicate their responsibility for their own ethical position to a supernatural entity and a book of hate. It is not OK to normalise those who do.
It is not OK to hate LGBT people. It is not OK to say "hate the sin and love the sinner" that isn't anywhere near good enough. It is not OK to send "thoughts and prayers" because in doing that you are promoting and normalising the position of having an invisible friend that hates people.
Yes, it should also be less trivial to obtain battlefield weapons, and we should stop normalising the ownership of guns, but we should do that in addition to challenging the ridiculous medieval beliefs that are distancing people from reality, gun control won't implement hate control but we should do it anyway.

Comment vertical descents might be a little hairy (Score 1) 59

whirlybirds can't safely descend vertically at speed, the rotors enter their own downwash and you end up in a Vortex Ring State this is how real helicopters crash and drones too. You can put a drone into that state fairly easily on a still day, just drop fast in one spot, then apply power and note you are still dropping under full power for quite a long way until you apply some tilt or just manage to stop when you get near the ground. If they don't understand the dynamics of this then I am not going to be getting into one.

Comment no, they have no obligation to open it (Score 1) 331

the lesson here isn't that Microsoft should open source their old and unmaintained stuff. The lesson here is that if you are thinking of using a new tool, consider whether the publisher is in a position to abandon it and you in the future, or whether it is Free Software that can't be unilaterally withdrawn by the publisher leaving you without the freedom to continue it yourself or find someone else to work with it.
I think we need to get out the world's smallest open source violin for those requesting the opening of visual basic.

Comment Re:woah, just a minute (Score 1) 133

naturally, but this is about the packaging. If you install a deb with sudo then you are running executable code that lives inside the deb with root privileges. With snap installation there is no postinst script or anything that runs as root as part of the install. You might run the snap installer as root, and that might process some commands in the snap, but it isn't running arbitrary code as root I think.

Comment woah, just a minute (Score 4, Insightful) 133

If you have some software in a deb, and put that software in a snap, then you have increased your security slightly, but not much. If that software is then put on a Wayland or Mir desktop then you have increased the isolation of it a lot.
If your software is in a .deb then you ran it's installation script as root. If it was bad then you are toast already.
Snaps can be installed without being root, into the user home directory. This is an increased level of ability to run untrustworthy software. This whole exercise is so that open source systems can run untrustworthy proprietary paid for apps without the untrustworthy apps being a huge risk to the peer-reviewed code and other proprietary apps.
Snaps are *not* a step backwards, but they don't get all the way to the end goal by themselves. They may have been over-sold slightly by Canonical because they are mainly for the phone which runs Mir, plus things like Firefox on the desktop which are trustworthy.

Comment Re:Nano straw to Earth (Score 3, Informative) 155

no, and sticking nano on the front of it doesn't make much difference.

You know how barometric pressure used to be given in inches of mercury? well that was the number of inches you could suck a pool of mercury up a straw (don't do that!) before you end up with a vacuum at the top of your straw and you are sucking away and nothing is rising any further because the pressure of the atmosphere won't push it up any more. Turns out you can't suck it up that far before it would rather not go any further. If you use other fluids the same kind of thing happens, but more so, because mercury is heavy. For water I think it is about 13 meters For the atmosphere itself the distance you can suck it up a straw is exactly the height of the atmosphere!

Comment they had one, they gave it up (Score 2) 345

it is patented, here it is differential workfactor encryption, as used in the International version of IBM Lotus Notes until the US government decided not to classify encryption as heavy munitions. It gives the US government 40 bits of encryption to crack and everyone else gets 128 bits. (and you can vary the assisted evesdropper and workfactors to taste). As far as I am aware they never once gave a single shit about it whilst they had it, and never wanted other products to implement it.

Comment it is about high frequency trading, or nothing. (Score 1) 273

It could be an entirely meaningless coincidence, the ship killing a bit of time, or doing some maintenance or a drill whilst out at sea in an area that happened to have a cable two miles below it, that is my option #1. It could be a bit of Russian research into whether they can find and disrupt these cables, that is option #2.
If we want to go down the fantasy route, and accept that the Russians would not just try to find a cable to see if they could, but would contemplate actually disrupting a cable, then that would adjust the ability of high frequency traders to play international stock markets, possibly allowing some kind of economic advantage to be taken somehow. In this fantasy, at some point in the future a cable mysteriously breaks due to a completely deniable cause, stock markets go into meltdown and someone in their Kremlin lair makes a lot of money. It is hard to describe the number of levels on which this fantasy makes no sense.

Comment Can we stop the bullshit reporting here please? (Score 5, Informative) 414

Someone asked her about homeopathy, she ducked the question. She was far from enthusiastic about it, but said she would be open to hearing arguments about it - which is what politicians say when they have no clue what their policy is and don't want to answer the question. She should have been decisive and said that the NHS should not ever fund anything that does not outperform a placebo and has no plausible theory of action, but she didn't, yet. This failure to respond to the question is now being spun, and slashdot is getting in on the action too. Maybe if she ever actually takes a position on homeopathy then there will be a story to report, but right now, @heidi_mp has not really done anything other than duck a question.

Slashdot Top Deals

Men take only their needs into consideration -- never their abilities. -- Napoleon Bonaparte