Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. ×

Comment What should convince a user to enable JS? (Score 1) 61

Running with javascript default-enabled is like letting any stranger in the world use your house for any purpose they want.

If most people change the default to no JS, what steps should a developer of a web application take to convince prospective users that the web application is legitimate? Or should all applications instead be native and therefore specific to a single operating system?

Comment The state could require breeders to be insured (Score 1) 136

True, you'd have to be in VHEMT to say breeders ought not to exist. But in the same way that many U.S. states require drivers of motor vehicles to carry liability insurance, generally privately underwritten, the state could require breeders to carry unemployment insurance that covers the full cost of the child's upbringing, also probably privately underwritten.

Comment Trump doesn't plan to pursue Rx pot (Score 1) 136

From a story in The Morning Call :

White House Press Secretary Sean Spicer [...] may have actually done Pennsylvania's effort a small favor by simultaneously voicing the administration's intention not to interfere with medical marijuana programs.

"There are two distinct issues here, medical marijuana and recreational marijuana," Spicer said. "Medical marijuana, I've said before, the president understands the pain and suffering many people go through who are facing especially terminal diseases and the comfort that some of these drugs, including medical marijuana can bring to them."

Comment Re:Part of a botnet != ultimate attack target (Score 1) 161

Against a bandwidth consumption attack, patches to the machine that is the ultimate target of the attack are ineffective, but patches to the machine that would form part of the botnet are effective.

A firewall would take care of that.

Such a firewall would have to be installed at the ISP. Otherwise, the attack traffic sent by your unpatched, Internet-connected Windows PC would congest a subscriber's link, keeping legitimate traffic from getting even as far as the firewall. In addition, if the firewall is vulnerable to other attacks, your unpatched, Internet-connected Windows PC could be used as an amplifier to attack it.

I know of no IoT devices or any significant number of non-PCs that run Windows.

That's not the point. Your unpatched, Internet-connected Windows PC could be used as an amplifier to attack unpatched non-Windows non-PC devices that cannot be patched for some reason.

That is called "blaming the victim".

The existence of secondary liability and recklessness as a mens rea shows that at least some measure of victim blaming is the law of the land.

Comment Proprietary software makes anonymity unverifiable (Score 2) 43

Data is gathered and sent encrypted and in a completely anonymous fashion

Unless an application is downloaded from a repository that builds from public source, such as F-Droid, the end user has no way to verify this.

at no time is personally identifiable data shared with marketing companies or sold.

The end user has no way to verify this.

There will always be the tin-foil hat crowd that attaches some type of nefarious motive to such product improvement efforts

I think the fear is that a hostile government could subpoena private information in crash dumps and the like for a fishing expedition.

Comment 15 percent user share or revenue share? (Score 1) 130

Or you can just forget about iOS and loose only about 15% of the market

Is iOS 15 percent of the market by user count, or is it 15 percent of the market by revenue? There's a big difference. Assume for the moment that the mean iOS user spends $40 per year on apps, while the mean Android user spends $5 per year. Then 15 percent of the market by user count represents a 15 * 40 / (15 * 40 + 85 * 5) * 100 = 59 percent of the market by revenue.

Comment Re:Would you prefer an interpreted crypto library? (Score 1) 204

An add-on crypto library compiled to native code and distributed as a PHP extension

use an add on binary library that runs at full speed but that the user can install together with their scripts through dynamic loading

That depends on two things: whether the shared hosting provider has configured the interpreter to allow such dynamic loading, particularly from within the subscriber's home directory, and whether the shared hosting provider allows the subscriber to install a compiler and corresponding headers to compile said library. As the PHP manual states:

The main reason for turning dynamic loading off is security. With dynamic loading, it's possible to ignore all open_basedir restrictions.

Comment Re:Let's Compare App Stores (Score 1) 130

[Buying a Mac instead of another computer] Seems liike the most versatile and most economically smart decision.

Unless you rely on sharing a computer with someone else in the household, such as a college student not living on campus. In this case, the computer you already have is $0, while the Mac is $599+.

Slashdot Top Deals

We were so poor we couldn't afford a watchdog. If we heard a noise at night, we'd bark ourselves. -- Crazy Jimmy

Working...