Slashdot Mirror


User: TheLink

TheLink's activity in the archive.

Stories
0
Comments
12,789
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 12,789

  1. pretty disappointing. on What's Different About Vista's GUI? · · Score: 1

    It would be great if they designed UIs that can significantly enhance the abilities of experienced users, rather than designed UIs that just assume that all users will have learning difficulties and will never figure it out.

    Look at Douglas Engelbart's 1968 demo, and you'll see we haven't really made significant progress.

    A good UI should be easily learnt by a naive/new user, but still greatly augment an experienced user.

    The starcraft game UI appears to allow experienced/skilled users the ability to sustain and perform 300 actions per minute (300 APM).

    I don't think the starcraft UI is the best possible UI. Far from it.

  2. Re:Improved animations on What's Different About Vista's GUI? · · Score: 1

    Heh, I hate it when you stick a CD in and almost everything on Windows stops responding.

    This doesn't seem to be so bad on Linux.

  3. Re:Improved animations on What's Different About Vista's GUI? · · Score: 1

    Problem is if helpdesk people want to figure out what IP/MAC the user has (run cmd, ipconfig /all), it's now different from windows 9x/NT/2K/XP. Getting users to find and select the checkbox is going to be one more hurdle.

    Now if vista had a shortcut called "Tech Support Info" which displays a whole bunch of tech support related info in an easy for user to find (in the blue box look for "IP address".), now that would be good, and would be nice if there's also an easy way to send that info through the net, but that might be a security risk.

    Anyway, I hope Microsoft doesn't fix Vista and makes it even worse. Then maybe the WINE team or others can come up with a Windows compatible that's even more compatible to Windows XP than Vista is.

    And then Windows will become like a BIOS.

  4. Re:Binary blobs are not automatically evil on Root Exploit For NVIDIA Closed-Source Linux Driver · · Score: 1

    Doh.

    Everything is usually built from source (I have hexedited stuff to fix things, but I don't do that regularly).

    So I really don't see how your "patch source, install rebuilt packages" method is superior to "install packages that someone else built" in terms of "not going to break anything".

    What you are saying sounds quite ridiculous actually - you are confident you aren't going to break anything just because it's a "simple patch" to open source... As if open source is some kind of magic that miraculously prevents anything from breaking.

    And what if it's actually not such a simple patch?

    Whatever it is, you're supposed to test stuff first before rolling out, and that's what gives you the confidence that stuff won't break. And if it's important enough, come up with plans for cases when things break.

    I like open source software, but there isn't any magic in OSS that ensures quality. Most of it is just as crap as closed source software.

  5. Re:For those of you wondering on Listening for Cancer Cells · · Score: 1

    Just curious - have you heard about people using dogs to detect cancer (by smelling)? How effective is that method?

  6. Binary blobs are not automatically evil on Root Exploit For NVIDIA Closed-Source Linux Driver · · Score: 1

    Computers are already filled with binary blobs in their CPUs, BIOS and so on.

    I don't see the difference in quality, most software is crap whether OSS or closed source.

    There have been 2 year old problems in open source code as well. There are flaky open source drivers, and open source software that's full of holes. One could even argue that PHP is more evil than nvidia's binary blob...

    The old open-source Netscape was a multiyear security problem, so much so even till today I look at Mozilla/Firefox with suspicion - and my suspicions seem to be justified every month or so...

    The big problem is on Linux the nvidia driver code has high privileges and there's no way to get around that other than not use the driver. In contrast I run Firefox using a different user account from my main user account, so any normal browser exploit won't affect my other accounts.

    Any linux driver level exploit can just bypass that. Whether or not it is closed or opensource if there's such a bug it'll be the same problem.

    The only difference supposedly is that the fix could be faster if it's opensource. BUT even that's not guaranteed - not that many people understand the big picture enough to make a decent fix. I have seen cases in the OSS world where a volunteer's quick fix is not accepted by the main developers because it's not good enough or could cause other problems.

    There's currently no incentive for Nvidia to make much better quality drivers since it seems that ATI's drivers are even worse, and Matrox just isn't much of a competitor. The appears to be insufficient incentive for Nvidia to release sufficient specs to allow the OSS community to write full-featured open source drivers for Nvidia hardware.

    If anyone can come up with compelling reasons that will _benefit_ Nvidia enough please do. Just saying "binary blob = evil and OSS = good" is pretty stupid.

  7. Re:Annoying sig alert on Backyard Rocketeers Keep the Solid Fuel Burning · · Score: 0, Offtopic

    And while you're at it, be careful when clicking on tinyurl and other similar links.

    At least tinyurl has an option to prevent the immediate display of a page. If you are vulnerable to such things you should use it.

  8. Sounds like a good idea to me. on Backyard Rocketeers Keep the Solid Fuel Burning · · Score: 0

    Laws controlling the building and storing of rockets and their propellants sound like a good idea to me.

    But of course it's the details that count, and that determines whether the laws are stupid or not.

  9. Doh on This Rare Friday the 13th · · Score: 1

    It is fun and useful to celebrate weekends, annual events, birthdays etc.

    But never forget that this very second hasn't ever happened and will never ever happen again (unless God decides to rerun this very moment of Universe 0.1 ;) ).

    And I'm wasting it on Slashdot :p

  10. Re:Unbelievable on Hans Reiser Arrested On Suspicion of Murder · · Score: 1

    I've been having this sig for many many months, and nonlogout version of it for even longer. Strange that I'm suddenly getting lots of comments about it now.

    Why should it be forbidden? Just over your mouse over it and it's obvious what will happen if you click on it. And it's not like it sneakily causes you to change your sig to my sig...

    I think of it as a relatively harmless way of teaching people to be more careful.

    I did some iframe worm stuff on advogato.org (mod_virgule) in 2002, and that was definitely naughtier.

    Then there are many sites that allow you to use images as your avatars and the only check they use is that the url ends with .jpg .gif etc.

    This can be faked with tinyurl and possibly other url shortening sites.

    for example:
    I submit http://slashdot.org/my/logout?foo=
    and get
    http://tinyurl.com/y922c6

    And if I use http://tinyurl.com/y922c6/bar.jpg as my avatar image

    People who view it will retrieve http://slashdot.org/my/logout?foo=/bar.jpg
    And get logged out ;).

    There are plenty of simple countermeasures to these.

    BTW I haven't bothered checking on how all that "one click" to buy stuff works ;).

    It's amazing how insecure many sites are. But people really don't care.

  11. Re:DRM etc aren't being used to improve safety on Vista DRM Prevents Kernel Tampering · · Score: 1

    The virtual TPM could have more than one key and use a different key depending on the circumstances (scan of the stack). It might be slower than a real TPM when compared to a genuine external clock, but how fast should a real TPM be?

    Also determining whether the external clock was genuine could become an "arms race" - given that the controller of the VM can also tamper with the process that's trying to talk to the clock...

    BTW using this to ensure that no rootkits are installed is laughable. Notice that the AV people did not flag Sony's stuff as a problem at all even though it was a problem. Verisign has made pretty significant signing mistakes before. Plenty of signed stuff has had exploitable bugs.

    I don't see anyone responsible for the Sony rootkit being prosecuted. So why should anyone be that discouraged from doing the same thing again?

  12. Re:I still use Eudora for its portability... on Future Eudora Based on Thunderbird · · Score: 1

    We used to do this in the days of Novell and Win 3.x and Win 95.

    Everyone got their personal folder mapped to a drive when they log in.

    And the shortcut for eudora was i:\apps\eudora.exe j:\mail or something like that.

    So even if users logged on to different computers they'll still get their own mail, even their own bookmarks.

    As long as they didn't use MS Outlook and IE, which didn't work well with that sort of network drive thing. Even to this day, implementing roaming profiles seem to be a lot more troublesome and problematic than the above.

    I wonder if there's a Knoppix Corporate Desktop, where you just network boot off the fastest server and then if you log on successfully you get to access your home directory stuff.

  13. DRM etc aren't being used to improve safety on Vista DRM Prevents Kernel Tampering · · Score: 1

    Running stuff in a virtual machine could help bypass DRM and those bootloader issues. You can fiddle with stuff as much as you want, and at best the stuff stuck in your Matrix is going to have a bit of Deja Vu, or time dilation...

    Things aren't going to be safer. This is because DRM isn't being used to make things safer. DRM is being used to make the rich richer.

    Sony and friends will still get their evil stuff certified.

    Hackers will still find holes in signed stuff and thus run stuff at higher privileges.

    Spamware/Malware/Botware people can just run malicious scripts. I doubt the intepreters or byte code executors will all require stuff to be signed. There's a lot you can do with a single line of perl...

  14. DRM doesn't solve security problems on Vista DRM Prevents Kernel Tampering · · Score: 1

    How about just suspend the virtual machine you are running the software under. Get some program to mess with the suspended image (make a backup if you're paranoid), resume the altered image.

    Once you get the hang of it, it probably makes it easier to alter things on a real machine.

    The hardware virtualization stuff is improving so the virtual machines will be running not much slower than the real machines, and the stuff in the virtual machine may not be able to easily tell whether it's in a real or virtual machine.

    The DRM stuff doesn't protect you from Sony, and I doubt it will protect you from the bad guys.

    For example: say Python/Perl stumps up the USD500 and gets certified. It doesn't mean that perl and python scripts will be safe to run.

    I'd say spammers or bot farmers can do practically all they want with perl or python, so what if it's slower? Those quad core CPUs are coming soon, and most people aren't going to be using all of the cores anyway...

  15. Re:Coercion? on Vista DRM Prevents Kernel Tampering · · Score: 1

    This won't keep you safe from Sony and friends. USD500 is nothing to Sony. Nobody got jailed for that too, so odds are it will happen again.

    Sure the crackers have to find a hole in signed software that runs at a high enough privilege level. But Sony's rootkit itself had holes in it that _others_ were able to exploit. So how safe will you be from root kit crackers?

    DRM does have its uses, but its main use nowadays is to make the rich even richer, and not for making things safer at all.

  16. Treason? on Three Years in Prison for Posting Hatespeak · · Score: 1

    "Providing material support to an organization hostile to the US is providing aid to the enemy and therefore treason"

    Does that mean anyone who donated to Bush's campaign was committing treason?

    GW Bush is probably one of the top enemies of the USA. Just judge him by his actions and the results of his actions.

    Diebold is another.

    I'm not a US citizen, so you could consider me biased and ignorant. But in my opinion it is hard to find anyone who has done more damage to the USA in the past 20 years than G W Bush and his "friends".

  17. Re:Better late than suck on Why Spore Is Special · · Score: 1

    Late (adj)- Recently deceased: The late (and Great) Mr Duke Nukem...

  18. Intel's Ben Sandler? on AMD Unveils Barcelona Quad-Core Details · · Score: 1, Funny

    "Intel's Ben Sander laid out architecture details of the number-two CPU maker's upcoming quad-core Opterons."

    Talk about dual processing being grafted on... ;)

  19. Re:Unbelievable on Hans Reiser Arrested On Suspicion of Murder · · Score: 1

    At CEO/Politician University they probably estimate the short term/long term benefit of the event to them, and what actions to take to maximise the benefit (like not saying they are doing such a thing in the first place).

    And that's the diff between CEOs/Politicians and nerds/geeks.

  20. Re:Better late than suck on Why Spore Is Special · · Score: 1

    Duke Nukem Forever!!!

  21. Re:The Chinese Fusion report was still usefull to on Slashback: What Dell Knew, China's Fusion, Vista · · Score: 1

    Actually power grids aren't that wonderful.

    Having reliable electrical power is wonderful, but power grids don't automatically mean higher reliability.

    With grids sometimes instead of just one city going down due to a fault, you have an entire region going down.

    Whereas that can't happen if you don't have a grid.

  22. Re:Only 100kb ? on Pi Recited to 100,000 Digits · · Score: 1

    Why don't you just store it as "ratio of circumference to diameter"?

    How many bits does that take? Maybe it takes a lot of "bits", but those "bits" are also used for other stuff as well.

    The way minds work is quite different from computers and the lack of understanding about how they work is why the AI field is still a "dismal science" IMO.

  23. Re:100,000 digits is nothing... on Pi Recited to 100,000 Digits · · Score: 1

    Intel inside?

  24. Huh? on How Prevalent Are SQL Injection Vulnerabilities? · · Score: 1

    How do a) and b) help?

    Which "decent architect" designs a system where verbose error logs are sent to untrusted public users.

    And which "decent architect" writes web apps where GET would inherently causes security problems.

    In fact, post causes more problems if the target page doesn't issue a redirect, because then the form could be reposted. This shouldn't be a security problem of course (unless it's a login page), since duplicate posts should be handled gracefully. However with most browsers, users would be annoyed with "click ok to repost" prompts.

    Of course one shouldn't use GET when confidential parameters are being sent (since it could appear in url histories etc), but GET allows users to bookmark a page or query, and in many cases that's a plus.

  25. But does Vista really make you more productive? on What a Vista Upgrade Will Really Cost You · · Score: 1

    Sure new hardware could be worth it. But is Vista worth it? I don't see any significant benefit from it. Only Microsoft gains much from Vista.

    If "everyone" told Dell, HP etc to keep preloading Windows XP on the _new_ systems they are purchasing, then even though MS still gets money, there are some benefits:

    1) If everything is XP, it keeps the software support and training costs the same as before.
    2) It could potentially weaken Microsoft's monopoly and open up the market to 3rd parties.

    Explanation of 2) if 90% of the people who want Windows, _insist_ on XP for new machines for the next 5+ years, 3rd party software vendors will continue to target XP, and WINE and others will catch up on compatibility, and then MS might end up like Intel in the Itanic vs Opteron scenario - where Intel couldn't get the industry on the Itanic. Then even Microsoft can't escape from maintaining high "Windows XP compatibility".

    And if more "Windows XP" compatibles enter the market, MS could end up like a BIOS manufacturer.

    Not likely to happen (since hardly anyone listens to me), but it's a thought ;).