Follow Slashdot blog updates by subscribing to our blog RSS feed


Forgot your password?
Compare cell phone plans using Wirefly's innovative plan comparison tool ×

Comment Re:Insult no programmer wants to hear: (Score 2) 523

I'm guilty of similar.
"What the hell were you thinking?"
answer about thinking about security by design
"clearly not, since I can overflow your input right here."
but you shouldn't do that
"and your code shouldn't roll over and die just because of malformed input!"

That landed me in a meeting about sensitivity.
Mind you, this was a public facing API I was criticizing and the dev had rejected the bug I filed on it for this reason.

Comment Re:Bullshit (Score 2) 195

likely now they have to give a location or will break services that assume no token for "not found". Since most of the trouble is caused by criminal complaints... 1600 Pennsylvania ave should work (or even better, whatever the address for congress is).

Realistically they should return 0.0 0.0, a nice point in the ocean.

Comment Re:Bad summary. (Score 3, Interesting) 158

Netflix's deep catalog ended my piracy, since they made it so much easier...
I even bought a fire stick to get access to Prime content, only to find that nearly everything on prime you still have to pay extra for.
Time to fire up uTorrent and Plex once again :/
(I liked not having to manage my own content catalog for a few years).

Comment Re:Air gapped (Score 2) 83

" see one of my co-workers lose his new iPhone to the shredder"

Bwahahahahaha awesome!
We have systems that are not air gapped (as I can remotely access them) but are not connected to the network either. We use an IP KVM solution to connect keyboard, mouse, monitor remotely. Much more secure against this kind of attack. Of course bad guy at terminal or prepared for such setup can script keyboard commands and series of screenshots, but the barrier is much higher than direct connected systems.

Defense in depth.

Slashdot Top Deals

An algorithm must be seen to be believed. -- D.E. Knuth