Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Comment Re:Curly braces = good. Indents = bad. (Score 3, Insightful) 173

The biggest problem with indentation-as-structure is that tools in general support it poorly. When cutting-and-pasting or moving code around, it's easy to mess up the indentation of the code being transformed. By contrast, I can move around brace-delimited code sloppily, then tell my IDE to auto-indent, and it looks nice and legible. (It also acts as a form of error-checking; if the resulting indentation looks weird, it's a strong signal that I've screwed my blocks somewhere.)

Comment Just ban common passwords (Score 2) 148

The solution is to just ban common passwords. Start with a list of dictionary words and leaked credentials from other sites, and simply ban the use of said passwords for accounts on your site. That's what Arenanet does for Guild Wars 2. You also ban new passwords as too many people try using them. As for messaging, you just straight up tell the user "That password is too well-known. Try something more creative."

You don't even need to store the password to implement popularity-based bans. When a user enters a new password, hash it and store the hash in a table (just the password hash, not the associated account). Each time someone else uses that password, increment the count. When it hits N, just ban new uses of that password, and optionally force current users of that password change it on login (by checking the plaintext they just entered against the banned hashes). (Meanwhile, store a salted hash associated with the account id for login purposes, to make it harder to crack passwords if your hashes get leaked.)

Comment Re:How useful really is password length? (Score 1) 78

You could also use the information to try to phish the users. "We noticed that your password is only x characters long, in order to increase security we are requiring passwords of at least x+y characters long, please click this link to reset your password"

I'm pretty sure any user this would work on would be equally susceptible to the same email with a universal value of 6, 7, or 8 for everyone.

Comment Re:what is Arimaa? (Score 1) 58

I would be surprised if a high-end smartphone in the world could out-compute a reasonably spec'ed desktop from the early 2000s (which was point at which computers began to rather consistently beat grandmasters.) The lack of CPU fan is the biggest limiting factor of all.

An iPhone 6 can do 77 GFLOPS. Deep Blue could only manage 11 GFLOPS. Now, Deep Blue had specialized VLSI chips that are hard to measure, and chess computations are going to be mostly integer, not floating-point, but the point stands that a modern phone has plenty of computing power for crushing puny meatbags at chess.

Comment Re:Bananas vs Grapes (Score 1) 127

Today's bananas are not the slippery bananas of vaudeville yore. The current cultivar of mass-produced banana is the Cavendish, which replaced the earlier Gros Michel when it started succumbing to widespread outbreaks of the Panama Disease fungus. Apart from having a somewhat different flavor and texture, they also have different peels, with the peel of the Gros Michel supposedly being much slipperier. Thus, the joke used to make a lot more sense (even though banana-related accidents were still a ridiculously rare occurrence in actual life).

Comment Re: The worrisome part (Score 1) 233

Secretly I hope that the next Iphone won't have the killswitch and won't be sold in California. Let's see how long the treehuggers are still in control of this State after that.

You're aware that iPhones have already had Activation Lock since the release of iOS 7 a year ago, before this was mandated by anyone, right?

Comment Freemium vs DLC (Score 3, Interesting) 139

What I wish app stores made it easier to do is to distinguish between apps that offer one-time DLC in the form additional content (e.g. more levels, maps, factions, game modes, etc.) vs freemium apps with repeatable purchases for in-game currency and power-ups (which you need to get around the "free" game's increasing difficulty and enforced waits). The former is fine, and a good way to let people try-before-they-buy, but the latter is a toxic plague of money-grubbing crapware. As-is, I have to do things like drill down into the list of top in-app purchases and read the titles to see if consists of things like "level pack" or "10,000 gems". I'd also love it if they showed what percentage of users buy which in-app purchases, or the median amount of money spent per user on in-app purchases.

Slashdot Top Deals

A computer without COBOL and Fortran is like a piece of chocolate cake without ketchup and mustard.