Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 Internet speed test! ×

Comment Customers... (Score 3, Informative) 71

Can keep their e-mail address, Verizon has just pushed the e-mail infrastructure over to AOL. I'm quite sure a lot of customers are confused but my 70 year old mother managed the transition on her own just fine. Apparently Verizon did provide instructions that were not lies.

She did need help re-configuring her Android phone, but she got the rest done without any help.

This is certainly annoying, but Verizon actually appeared to handle it reasonably, for once.

Comment Oh boy (Score 0) 380

'pretend that the suggestion is bad' - do you listen to yourself? If you can't conceive that your suggestion may BE bad, then the problem is almost certainly you. Either in the way you approach things, or that your suggestions ARE bad.

Some hints:
You are not the only smart person on the internet. Statistically, you probably aren't any nearer the smartest than I am.

If you've been using a package for a couple of weeks you might have some suggestions. If you act like you can't possibly be wrong, then your attitude alone will make the old timers ignore you.

Perfectionism is the enemy of actually getting shit done. Small improvements that make me re-learn how to do things are a big time suck in the near term. You know, when I have to get shit done. Even if the change is long-term beneficial, the amount of time lost right now is probably not worth it.

Asking questions generally gets a far better response than 'you should change this!' comments. Asking why it's done like X instead of Y indicates a willingness to understand. And frankly in many cases there is (or was) some good reason that things were done a given way. Asking questions can get to the bottom of that, and in some cases make it easy to show that it should be changed (because the original reason is gone).

Code talks, bullshit walks. If it's open source and you don't like how it works, submit a change set. It may still get rejected, but no one will question your willingness to make things better. Just your judgement about what 'better' might mean.

Comment Re:/. won't either (Score 4, Insightful) 448

Google will demostrate it is serious about security

Snerk. Sorry, but voice interfaces are a MASSIVE security hole (think tape recorder). There's really no way to completely secure the damn things. You could prevent this attack, but there's lots more where that came from.

As long as Google thinks people want them (and, from the fact that people buy the things, I have to say it looks that way), Google will keep making them. The only way to clean up the mess is to point out the flaws to the point that people don't WANT an always-on voice command system. And the only way that happens is if people find it more annoying than helpful.

So kudos to Burger King for forcibly pointing out that there's a big problem in a way that DOESN'T drain customer's bank accounts.

Comment How... (Score 1) 143

is there a file anywhere with usernames and passwords? Is that jut mis-understanding and he cracked the hashes, or do these guys actually have everyone's password written down somewhere?

An yea these days, if your shit matters, you need 2FA of some sort.

Also, apparently, you need the guy who checks in the returned laptops to check serial & model numbers...

Comment Re: but you arent a traditional CA (Score 1) 250

You have a basic lack of understanding of the purpose of certs. They guarantee that if you try to connect to phishme.com that you indeed are connecting to phishme.com and not being MITMed. It is NOT the purpose of a cert to say that phishme.com is or is not a safe place to go. The onus of that remains upon you regardless of if you use HTTP or HTTPS.

Yea, but have you noticed that the general public has no idea how much of anything actually works, or frankly what most things are actually for? Most people have no real idea what that little lock icon means, so (assuming that someone managed to train them to look for such things at all), they think the lock icon means they are good to go. The slightly more subtle message of 'yea, this website IS who it says it is, but that doesn't mean it's not a criminal' is lost on these people.

So yea, it's a problem, but at this point it's fairly obvious that trying to train the users to pay attention to the things the browser tells them, and teaching them what those things really mean IS NOT WORKING.

I can't fault Let's Encrypt for not wanting to try to police everything, but if they could do a few keyword matches and pay attention to the really blatant stuff, it would probably help.

Comment Re:Never saw that coming (Score 2) 250

and very few people would check EV

Given how an EV produces a very clear and noticeable indication of the name of the organisation in the title bar, if someone doesn't "check" it then they should probably disconnect the internet as they are a danger to themselves.

If only. Most of the people who would be helped by such a thing are the sort of folks who would follow the instructions on how to disable their AV software to see the dancing cat video. EV is a nice mechanism, but PEBKAC still rules the day.

Comment Wow, that's a deal... (Score 3, Interesting) 86

This is...quite something. She's still in charge (and collecting a paycheck, presumably). She'll get rid of some of her shares, AND drop being majority stakeholder, so she can get fired by the board, instead of quitting, thus triggering whatever golden parachute she's got. If she's smart she'll sell off the rest of her shares before the whole things winds down.

From the investor's side, I guess it makes sense - if they start suing, the lawyers probably end up with all the money, so just letting it play out might be their best hope for a return.

Sigh. For all the problems it has (and the FDA has many), this kind of nonsense is why it exists in the first place.

Comment So...giving up on passwords somehow? (Score 2) 152

I mean, if you've got full surveillance of the workplace, then a camera can be looking at you keyboard as you type the password.

So what do you do instead of passwords? Biometrics? Some kind of plug-in token? Does Comcast get the business for your conversion of that too?

Or are the employees supposed to hunch over and shield the keyboard with their bodies when typing in passwords?

Who's taking bets on how long before some company is seriously compromised by this?

Comment Re:Paypal too (Score 1) 72

PayPal and eBay shared the same keyfobs for a long time, but sometime about two years ago, PayPal logins stopped working for me and nobody from their side could figure out why. Long story short, the only fix was to turn off the keyfob and use PIN codes sent by SMS.

I am not sure if this really impacts security as PayPal was trivially easy to social engineer and have the keyfob taken off a target account, so having a keyfob on your account really didn't mean that much.

Now eBay is doing the same thing. Oh well.

Interesting - my fob never stopped working. I changed over to using the android app instead of the physical fob (because my old fob looked like it had been through the wash too many times), but I've never had a problem with it.

My guess is that Paypal/Ebay don't actually know enough to debug subtle problems with the system, so you got screwed.

Annoying, and now we all get to be annoyed.

Note that so far my sign-in still works with the app - they haven't actually started forcing people off of the fob yet.

Comment Re:Terrible (Score 1) 407

Honestly, the way the article is worded, it sounds like the 'safety doors' were supposed to lock out the other robots, rather than say a breaker being flipped. I'd love to know how those doors are supposed to work, I'd also love to know whether what she was doing was supposed to be done with the robots powered or not (not everything can be done with them powered down).

Comment Re:What happens if you don't give notice? (Score 1) 114

If I understand correctly, in India it's more or less illegal to have more than one job at a time. So, they have this thing called a 'relieving letter', which your old company gives you on the way out the door. You need this in order to become legally employed at your next company. (My understanding is that this law is intended to make as many people as possible employed by preventing one person from taking up two jobs. I've no idea if it's really working or not, and as in every culture, there's surely lots of under-the-table stuff going on).

So, they can basically prevent you becoming employed.

Yes, this sounds VERY strange to those of us outside of India, And from the little bit of reading I've done, it seems like some less-than-honest employers play games with these letters on a regular basis.

So, it's a totally suck-tastic situation for the employees, and I think that the guys petitioning the government are probably on the best track they can be.

Slashdot Top Deals

Intel CPUs are not defective, they just act that way. -- Henry Spencer

Working...