Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 internet speed test! ×

Comment Re:Firefox is getting worse (Score 1) 163

I felt like a holdout last year, and then gave up on it this past fall and fully switched to Chrome as my primary browser for both development and general use. Too many glitches in Firefox these days. Hopefully they can roll out something fresh that works, Mozilla really has made the web better over the years.

Comment Re:Not really a big deal. (Score 1) 280

Not sure why people are obsessed with the weird personal site, as that's not apparently his normal work site? He seems mostly obsessed with pimping out some security folks Tel Aviv and legal babble. Somehow missing from all of this is his sudden career shift http://www.gtlaw.com/People/Ru... This might give a better picture of where the guy is at: http://www.gtlaw.com/Experienc...

Comment Bloated webpages, advertisers, and web sockets (Score 1) 766

It definitely feels like things are slower these days. I find the whole hair brained decision to semi-save state and never close things after a program crashes or is actually terminated very user unfriendly. AdBlock, uBlock, and Privacy Badger seem to be doing more work than ever. I've seen plenty of professional web designers who are completely happy to just push a bunch of images over a MegaByte right over the wire. That was not normal so long ago. Throw a bunch of WebSockets, javascript thread loops, flash videos, and multiply that by a bunch of tabs that the some idealist thought should never be closed for the user, and we have a recipe for slow browsers that have been optimized for idyllic users, idyllic websites that are no longer there, and idyllic speed tests that mean less and less.

Comment Re:pixel (Score 1) 212

That goes without saying. Anyone who really understood how the market would behave wouldn't be blabbing about it for free on the internet. Instead they'd be keeping their mouth shut and buying and selling stocks and getting progressively more wealthy.

It's not a secret and the stock prices have already moved. This is the just writing on the wall. When your biggest, most direct competitor fails in such an epic way as to have a full and complete recall after the recall and additionally have its product banned from airports you are in a damn good position. I mean, no the iPhone 7 isn't meant to be used underwater. The Galaxy Note 7 isn't allowed on airplanes, and if you fly the airlines are notifying ALL OF THEIR PASSENGERS TO NOT USE A SAMSUNG PRODUCT, which has escalated to, YOU WILL BE FINED IF YOU BRING A SAMSUNG PRODUCT TO THE AIRPORT. Not all attention is good attention. The ocean doesn't scream at you, DON"T USE THE APPLE IPHONE IN THE OCEAN!

Comment Re:Java? (Score 1) 427

Ugh, are you sure you didn't post this 15 years ago? Swing and SWT have always struck me as a means to create a lot of work for no real platform advantage. If you had some kind of bizarre love for C++, you could just use Qt and be done with it. Hell, when it comes to web development and GWT, those devs bailed and built Angular.js, probably because it tried too hard to abstract away all the fantastic stuff you get using web frontend frameworks. Yes, you can use Struts 2 or JSTL, but by that point, you've pretty much eliminated Java from the whole GUI layer and instead cordoned it off into being your server model and business logic. Data Processing with C++? Java actually does a fantastic job of interconnecting to data sources through jdbc and tools built on top of that. There are plenty of great free libraries for reading/writing loading information. Still, it's not going to shine like something you might see from R or SAS. Restart often with Java? The code is broken. Horrible performance and footprint problems? The code is broken. Find some smarter programmers to lead and gatekeep development. Too many cycles? Developers are rolling Virtual Machines on cloud metal that have lesser virtual machine docker instances which might contain java virtual machines, which actually do a better job at managing memory resources than their parent containers. Java 9 is actually sounding like it will be even be more superior in this kind of application space.

Java can be used well or poorly in pretty much anything. There are specific cases where it's less applicable to more native solutions. There are also a ton of libraries and frameworks within and built primarily for Java. The quality of the frameworks you choose at that level will have more bearing on how well Java does for your use case than simply looking at "Java" or "JEE". Spring is fantastic.

Comment Re:You have to know how to secure a Windows 10 PC (Score 1) 982

I was going to say something something full disk encryption. If you have a SSD there are more requirements in that front. You might have the right hardware and configuration to jump through all the hoops correctly in the Windows world. http://arstechnica.com/informa... http://arstechnica.com/informa... If you have a gaming machine, why not update if just for DirectX? It's a toy. Is Windows 7 getting you anything for gaming? If you're doing serious work on Windows, I feel bad for you. I guess the question is, how many more years of use do you want out of your current setup?

Comment Re:Where does the money come from? (Score 1) 1116

Do this... Take the amount you pay in federal taxes each year... And double it... Then, here's the neat part, get $26k tax free... I don't know why all the kids would be getting this $26k, and that's a rather high figure. Turns out a lot of other programs are unnecessary when you do this. Cut those programs. You could probably balance it at a significantly lower tax increase. You could also eliminate the minimum wage. A large amount of money is lost to theft and waste. Chances are large swaths of our society are working completely pointless jobs that add nothing of value to society whatsoever. If you're completely financially secure, you're probably less likely to try and rob a bank or shoplift. Crime would go down. It's almost like the people doing the work would have to either be paid well or just be happy to be doing the work. Maybe jobs come with fringe perks, like all you can eat burgers...

Comment Re:yes they should (Score 1) 254

I'm not sure it really makes the case go away, it just makes the FBI look really stupid if it works. Be it that he's actually involved in the congressional questioning, I'd say his point is mainly the FBI did not in fact try. I'll throw it out there that the Chinese hardware was probably fabricated at an Apple factory... There's not much legal about copying that hardware... Nor is he really claiming it's something he's the only one coming up with it. While there's literally no nuance in this source article, you'd still have to buy yourself an extra iPhone or two and then plan a trip to China, for the primary purpose of pissing off the FBI... and Apple... There's no heroics involved.

Comment Re:yes they should (Score 1) 254

Zdziarski, author of iPhone forensics, seems to suggest it's quite likely a viable technique: http://www.zdziarski.com/blog/...

Directory Comey made another misleading statement – twice – to Congress yesterday; namely that the FBI has attempted every possibility of unlocking the device on their own, and is even willing to accept input from any experts. Quite the contrary, at least three possibilities have come to light that the FBI has not yet explored:

  • Imaging the NAND flash of the device and trying ten passcodes at a time; when the device wipes, re-flash the NAND with the original image and try again. This technique is done in kiosks in Chinese malls to upgrade your 16 GB iPhone to 128GB for about $60 US. $60 for ten tries, they could pay retail and still get this done for $60,000.

Comment Re:You should already assume this (Score 1) 137

Yes, it bothers me if a company tracks these things. I think there's a certain degree of, if you leave what you're doing out in the open, you should be putting some effort forth to do some things privately. But to the extent of what should matter to a company should be that they can secure their company information and their hardware. I have both a company laptop and phone. Once upon a time I was actively using an iPod touch, a work smart phone, a personal smart phone, a work Mac Pro, a home laptop, a work windows desktop, a home windows desktop, a landline, a work landline, google voice, and a mac mini (and I'm not even counting my wife's devices or various server farms). You should try going through an airport with a load of these. Fuck that shit, they're not tracking me on most things (much less actively), and I'm not running a separate business on their hardware. I'm not going to steal their property. I'd be wondering what my coworkers were doing, tracking my personal movements, and I don't know what business I would have basically stalking my coworkers. In an emergency, it would actually be nice for my employer to track down my location. Phone companies log calls automatically (and give that information to your employer AND THE GOVERNMENT), and there's the "find my phone" when it gets lost. Never mind that conceptually, as a company, you don't really get to call things "ok for not business purposes too" without the potential for it to turn into some sort of Kafkaesque IRS nightmare. I have seen employers that basically want to GPS track their hourly employees though. That would be the time to form a union. I heard that a person lost their job for installing a pornhub app on their phone in the USA after Apple fucked up the data usage. I'd say the employer, Apple, and the phone company were being shitty. At the same time, there's also such a thing as https and privacy mode...

Comment Re:yes they should (Score 1) 254

The thing is, the hardware UID key is software filesystem key. If you can't see the UID, a brute force attack goes from something like ten thousand posibilities to a septillion possiblities. The software filesystem key is stored in effaceable memory. What makes that memory inaccessible beyond someone failing the normal routine and it getting erased? Here's what the iOS security guide says: https://www.apple.com/business...

The metadata of all files in the file system is encrypted with a random key, which is created when iOS is first installed or when the device is wiped by a user. The file system key is stored in Effaceable Storage. Since it’s stored on the device, this key is not used to maintain the confidentiality of data; instead, it’s designed to be quickly erased on demand (by the user, with the “Erase all content and settings” option, or by a user or administrator issuing a remote wipe command from a mobile device management (MDM) server, Exchange ActiveSync, or iCloud). Erasing the key in this manner renders all files cryptographically inaccessible.

So - if you copy that key - that one key that's, "not used to maintain the confidentiality of the data", then prevent the erasing system from working its magic.

Comment Re:yes they should (Score 1) 254

The key is derived from a) a chip on the motherboard, and b) your PIN. The chip is specifically designed so that it ain't gonna tell you it's bit unless the PIN is right. You could probably get the hardware bit of the key by destroying the relevant chip to read it, but if you fuck that up the key is gone forever, and you still don't have a PIN. And the whole shebang kills itself (including the hardware bit of the key that you actually need if you wever want to read the iPhone's data) if you enter the wrong PIN 10 times.

The "Chip" you're talking about is the security enclave which is not on the iPhone 5C. The filesystem key is not stored in the security enclave. If you make a copy of the encrypted memory that stores the filesystem key bit for bit, then you've defeated the erasing system. It's also possible the FBI is terribly incompetent given they have multi million dollar forensic labs that can't figure out how to copy this memory.

Comment Re:You should already assume this (Score 1) 137

Because paranoia, paranoia, paranoia? I mean shit, we are all capable of carrying 10 different devices for 50 different purposes, or you know - a single general purpose computer that maybe shouldn't be monitoring people off active work duty. Is the phone supposed to be part of some sort of ultra secure secret network? Why did it leave the ultra secure secret building? Does it actually make sense from a non corporate brown nosing perspective to actually monitor your employees whilst they take a shit? Secure the device, yes. Secure your own network, yes. But seriously, do employees need to bury their work devices under a rock while they have sex and have bowel movements? Does it really matter if, god forbid, on their own time, home, and network use a general purpose computer they don't own for the purpose of whatever?

Slashdot Top Deals

If God had not given us sticky tape, it would have been necessary to invent it.