Slashdot Mirror


User: swillden

swillden's activity in the archive.

Stories
0
Comments
18,006
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 18,006

  1. Re:Wrong on Google Chrome: the New Web Platform? · · Score: 1

    In case you had not noticed (and you have not) the CEO can talk shareholders into anything if they really want to.

    And in the case of Google, Larry Page and Sergey Brin can outvote all of the rest of the shareholders combined, if they need to.

  2. Re:Is this really a problem? on Ask Slashdot: Companies That Force Employees To Join Social Networks? · · Score: 1

    Even Google Execs don't use google +

    http://mashable.com/2011/10/04/google-needs-to-use-google-plus/

    One has to wonder just how serious your employer is about this.

    Google execs may not be using the public version of Google+, but keep in mind that there's a completely separate, internal Google+. All @google.com e-mail addresses who join Google+ get this one. Google employees who want to use the public Google+ have to use a different, non-work e-mail address (there may be a way to get an exception to allow an @google.com account to post to the public site, I don't know).

    The internal Google+ is used heavily by some groups, less so by others. Mine uses it lightly, as a social network, not as a communication tool for work-related stuff.

  3. Re:Not needed on Google Working On Password Generator For Chrome · · Score: 1

    Anyone who cares about having different passwords for different sites will already be using a password database manager such as KeePass. Most password database managers also have random password generators. This is Google's solution in search of a problem.

    Or Google's attempt to convince more people to use diverse passwords, to push this good security practice out to a broader user base.

  4. Re:What's the random number generator? on Google Working On Password Generator For Chrome · · Score: 1

    Does Google Chrome have a cryptographic-grade random number generator with a good source of enthropy? Javascript math.random() is known to be predictable. Has someone with respected crypto qualifications checked over the code and signed off on it?

    Chrome already has facilities for generating random numbers for generation of SSL session keys (or inputs to generation of SSL session keys) and for generation of key pairs. I've never looked at the source, but we also haven't heard about any issues with Chrome in those contexts. I would expect that Chrome uses the OS-provided RNG (e.g. /dev/random) facilities where available.

  5. Re:I don't understand on Google Working On Password Generator For Chrome · · Score: 1

    Now, the article is not clear about it, but I think there's gonna be a chrome-embedded tool to manage all passwords.

    Like most (all?) browsers, Chrome already has an embedded password manager. And it's better in one way than the desktop-based PW manager, at least for people who use multiple devices, because Chrome Sync will synchronize your passwords to Chrome on all of your other devices. So you have your passwords everywhere.

  6. Re:xkcd on Google Working On Password Generator For Chrome · · Score: 1

    But Munroe's concept is irrelevant.

    Yes, it's certainly true that you can get significant entropy from a multi-word phrase (BTW, Munroe assumed a 2048-word dictionary), and that it will be easier to remember than comparable entropy from a random character string. But low-entropy passwords are only part of the problem, and the smaller part. The bigger part is password reuse. The majority of people use the same password for their slashdot account, their bank account and everything in between. Some more savvy users have a small number of passwords, ranked roughly by "security level", so financial institutions all get one password, throwaway web accounts all get another, etc. But even in that case, all it takes is one breach at one "high-security" institution, and attackers have a large set of e-mail addresses with corresponding passwords.

    There are really only two solutions: Consolidating authentication into some credential that can't be replayed or use different credentials everywhere.

    The first approach is addressed by client-side digital certificate-based authenticate or by OpenID, or similar. As a practical matter, OpenID is something that is easier for people to manage and use correctly, and has the password-like advantage that it works on any web browser. It's the best solution we have at the moment -- and then you can use a multi-word passphrase for that singular authentication credential.

    Barring that, you need some sort of password management solution. Given that browsers already do one portion of that job, it seems like a very good idea to help users use them to generate high-quality, unique passwords. Chrome's synchronization feature means that users who use different computers on a regular basis can expect their generated-and-stored passwords to work everywhere. It's not the best solution, but it's a good one. And if a computer is generating and managing the passwords, they don't need to be human-memorable anyway. Except, of course, for the password that is used to encrypt the Chrome password store. Use your multi-word passphrase there.

    Of course, there are plenty of password management tools out there, so the Chrome solution isn't really necessary, but it seems likely to convince more people to use good and diverse passwords, which is the point.

  7. Re:I'm not sure I see the need on Should Microsoft Put Office On the iPad? · · Score: 2

    I can't imagine you'd want to be doing a lot of text input on it, would you?

    I do quite a bit or text input on my Galaxy Tab. Mostly e-mail, but some other stuff as well, including some work with Google Docs, though Docs is pretty limited on Android as of yet. I have a Zagg folio case which includes a Bluetooth keyboard. The keyboard is small, but very usable, and when I close the case with the keyboard, the whole bundle is still small and light enough that it's more convenient to carry around than a full-sized laptop or even a netbook.

    Of course I don't use Microsoft Office, and haven't for years, so I'm not really their target market.

  8. Re:Except it would be suicide for Google... on HP CEO Says Google-Motorola Deal Could Close-Source Android · · Score: 3, Insightful

    f google gets serious about making their own google branded phones and tablets watch how quickly LG, Samsung, and HTC start releasing phones with other OS's such as windows mobile or adopt another platform (like a webos).

    You can bet Google is going to be working hard to make sure that doesn't happen, because while it wouldn't kill Android as a major player in the mobile phone OS space, it'd cost Android dearly. Google's press releases on the topic so far say they're going to be very careful not to give Motorola any kind of special access to the Android development process, or to give Motorola earlier access to new releases.

    That might seem difficult to do, but the fact is that Android development is already quite insulated from the rest of Google. With few exceptions, every Google engineer has access to every line of code from every project in Google -- and Android is one of those exceptions. In fact Android is even more isolated within Google than highly sensitive stuff like the search ranking algorithm. The highly-sensitive stuff is in the main repository alongside everything else, but with controls to limit access, while Android is in a separate repository entirely.

  9. Re:It's all the customers' fault... on AT&T On Data Throttling: Blame Yourselves · · Score: 2

    Hmm.

    I was involuntarily refused boarding once. Delta gave me a $400 check and booked me a first class seat on the next available flight to my destination, which was an American Airlines flight. They also apologized profusely. This was about five years ago, but I don't think anything has changed in that time.

    It may have been a little different in my case because I not only had a confirmed reservation, I actually had an assigned seat.

  10. Re:Just hope they don't abandon Firefox on Linux Of the Future May Be About Which Environment, Not Which Distribution · · Score: 1

    I've been worried for a while that they were going to kill off Firefox in the face of Chrome

    I don't see how that would make any sense, either to Google or to Mozilla. Google doesn't want Firefox to go away; from Google's perspective more browser diversity and competition is a good thing, as long as it's standards-based competition. From Mozilla's perspective, if they didn't make Firefox, what would they do that would motivate Google and/or Microsoft to pay them hundreds of millions of dollars per year?

  11. Re:Brian Eno on Mozart and Bach Handel Subway Station Crime · · Score: 1

    In Germany, there is the GEMA organization. It collects royalties for PLAYING music. If you have a shop and you play music from a legally bought CD, you still have to pay royalties to the GEMA.

    That's what ASCAP and BMI do in the US.

  12. Re:Please mod parent Funny on All-IP Network Produces $100B Real Estate Windfall · · Score: 1

    And you've never run a business the size of AT&T.

    LOL. And you have? Yeah... that's a meaningless argument.

    I explained my side.

    No, you asserted that maintaining prices wouldn't be maximizing profit, with no justification for the statement. Ever heard of the demand curve? Optimal pricing depends on supply and demand; cost of production only acts as a lower bound. This is true for monopoly and non-monopoly businesses.

  13. Re:Please mod parent Funny on All-IP Network Produces $100B Real Estate Windfall · · Score: 1

    That makes no sense. If I'm a business owner, I'm interested in maximizing my profit. If the competitive nature of the marketplace means that charging less will enable me to increase my profits by acquiring more customers, or maintain my profits by not losing customers, I'd already be doing that with or without the windfall.

    No you wouldn't because it wouldn't be maximizing your profit. Only in the monopoly situation would there be no incentive to reduce your price of services when you lower the fixed costs.

    You've never run a business, have you?

  14. Re:Maybe... on Is Santorum's "Google Problem" a Google Problem? · · Score: 2

    What's that "Google" you are talking about, the hypocrites that sponsored this: http://cpac2012.conservative.org/sponsorship/2012-sponsors/ ?

    Why does that make Google hypocritical? I'm not saying it doesn't, just wonder if there's some reason behind your rant. My guess is that Google sponsored it in order to fight SOPA / PIPA, since that's been the primary focus of Google's political lobbying recently.

  15. Re:Requires root on After Rewrites, Google Wallet Still Has Holes · · Score: 2

    Root is no longer required: http://gizmodo.com/5883913/google-wallet-has-been-hacked-again-now-you-should-panic However, I did just get off the phone with Money Network (the company that manages the Google Prepaid card on Google Wallet. After speaking with them and doing a little reading, I discovered that the phone owner is not liable for fraudulent charges. You must notify them as soon as possible though (855-492-5538, toll free).

    BTW, to address this Google has temporarily disabled re-provisioning of Prepaid cards. If you or someone else erases your Google Wallet configuration and then attempts to re-configure it, you will not be able to get your Prepaid card back. Currently-provisioned devices will work as they should, meaning you can add and spend value at will, and new devices that have never been provisioned can be provisioned and will work properly, but any device that once had a Google Prepaid card added to it and then was subsequently wiped will not be able to have the Prepaid card added again.

    This is a temporary situation until the long-term fix can be deployed. This temporary fix is an improvement over the temporary fix deployed late last week, which completely disabled provisioning and balance increases for all Google Prepaid cards (though money already on a card already provisioned on a phone could still be spent).

    The correct, long-term fix will be deployed soon. It will restore the ability to delete and re-provision, but with an authentication step to verify the ownership of the prepaid card before re-provisioning it.

  16. Re:Maybe... on Is Santorum's "Google Problem" a Google Problem? · · Score: 4, Informative

    Because I don't want my 12-year-old daughter to see that definition if she suddenly takes an interest in my disgust at the primary returns.

    Then you shouldn't allow your daughter to use Google with SafeSearch turned off. Set it to strict and lock it if this is your concern. Otherwise, Google will find a lot of other offensive things for her, connected to various other innocuous (and not-so-innocuous) search terms.

  17. Re:I have an idea for the style guide on Why Microsoft Developers Need a Style Guide · · Score: 1

    The C language existed long before the ANSI standard was drafted. In K&R C, there were implicit conversion rules for many types, so a naive programmer might have thought there was no type checking.

    Yes, I'm familiar with (and used!) K&R. And I don't believe ANSI changed the implicit conversion rules, though it did add function prototypes and therefore parameter typechecking which didn't exist in K&R. Of course, using Hungarian System notation wouldn't have helped very much with the lack of argument typechecking anyway.

    When the ANSI standard finally came in 1989 as a draft and 1990 as the first standard

    Ah, I misremembered the age of the ANSI standard, though. I could have sworn I used an MS C compiler in the late 80s that had prototypes... I may be wrong about that, though.

  18. Re:I have an idea for the style guide on Why Microsoft Developers Need a Style Guide · · Score: 3, Informative

    The real reason for the rise of Hungarian Notation is that the Microsoft C compiler didn't do type checking for some time after other C compilers had it. If you wanted to have a clue what type you were using you adopted Charles Simonyi's notation (which was used by FORTRAN devs at the time).

    Cite? The early Microsoft C compiler was Lattice C, which was an ANSI C compiler. It had to have typechecking.

    Also, everything I read says Simonyi invented his notation, or at least the rudiments of it, in the 70s while working for Xerox PARC. So it couldn't have been a reaction to a deficient MS compiler that didn't yet exist.

  19. Re:Please mod parent Funny on All-IP Network Produces $100B Real Estate Windfall · · Score: 4, Interesting

    That will affect your bottom line and allows you to charge less for your services and still earn the same amount of profit. If you're in a competitive market, then you probably will do so to some degree in order to get or keep business.

    That makes no sense. If I'm a business owner, I'm interested in maximizing my profit. If the competitive nature of the marketplace means that charging less will enable me to increase my profits by acquiring more customers, or maintain my profits by not losing customers, I'd already be doing that with or without the windfall. No, if I have a $60K immediate windfall, plus an ongoing decrease in operational costs, I just improved my profitability. There's no reason to lower my prices, assuming I'm already competing successfully -- which means that my customers are happy with my services at my current prices relative to the competition.

    The only way your scenario makes any sense is if I'm already bleeding customers because my prices are too high, and I'd already cut my profitability to the bone and still can't lower my prices enough to be competitive without losing my shirt. In that case, the $60K windfall is at best a short-term band-aid. I can lower my prices to shirt-losing level and still stay afloat for a while by living on the windfall, but once it's gone, I'm right back where I was. So it really only works if the difference between me being able to stay afloat and not is the cost of the ongoing operational expenses related to the truck.

    But assuming I'm already competitive and profitable, why in the world would I want to lower my prices? If your long-lost aunt left you $100K would you go talk to your boss and say "Hey, you can lower my salary because I have this other money I can live on"?

  20. Re:Please mod parent Funny on All-IP Network Produces $100B Real Estate Windfall · · Score: 1

    It is unlikely that the costs that these properties incur are significant compared to the total operating costs of AT&T. The $100 billion is in the value of the properties themselves, and as such the sale of them arent supposed to effect the price of service that AT&T provides.

    The value of these assets is part of the stock price -- the theoretical value of a dividend-paying stock is the value of the company's assets plus the net present value of its future dividend stream. If the AT&T liquidates the assets, nothing changes, except that rather than $100B of real estate assets they have $100B of cash assets. This should have no effect on the stock price, except perhaps to improve it slightly due to the company's improved liquidity, which means more options. If AT&T then lowers prices to subscribers they'll either have to lower dividend payouts or they'll have to begin spending the cash surplus to keep the dividends up. In the first case the value of the stock is reduced because the net present value of the dividend stream declines. In the second case the value of the stock is reduced because the assets are reduced, plus eventually the cash surplus will be gone, so prices will have to be raised again -- if they can be.

    In terms of the company's duties to its shareholders, none of that would make any sense whatsoever.

    What AT&T will do with this money is either pay it out as dividends -- which does lower the stock price, but the shareholders don't lose anything because they get cash -- or else invest it. Invest it how? There are many options, including plowing it into the markets, but more likely they'll invest it in other assets which generate revenue under the new all-IP model. Building out infrastructure is one option. Buying out some of the competition is another (assuming the SEC, FCC and DOJ sign off). I'm sure there are plenty more. But lowering prices is not. If a business case could be made that lowering prices would generate increased profits due to increasing market share, they'd already be doing it.

  21. Re:Just Might Take Them Up On It on Google Offering Cash For Your Cache · · Score: 1

    The opt-outs settings are stored in cookies, so you don't need to be logged in to opt out. The easiest way is to use Chrome and install the "Keep My Opt Outs" extension. It'll make sure the opt-out cookies are never removed.

  22. Re:So don't use Google services on Google Offering Cash For Your Cache · · Score: 1

    Then why not find new ways to tag information, instead of your the users looking for the information? Not that I claim those two exclude each other, but still.... nice try.

    Lots of that is going on as well.

    But no matter how well you can describe and classify the information, that only addresses one side of the problem -- and not the hardest one, frankly. Google became popular not because it had a great web crawler but because the PageRank algorithm allowed it to do a better job of figuring out which parts of that were relevant to the user. Now, with orders of magnitude more information out there, relevance is vastly harder to obtain.

    There needs to be an open source peer to peer search engines or whatever, everything else is bollocks.

    I don't see how that could work, but it would be really cool.

    If I never use personalized results, why does Google feed my behaviour into its algorithms?

    If you've never used the results, that just means Google isn't making the results good enough yet.

    It's however sellable, anonymous or not.

    But Google doesn't sell it.

    Anyway, I'm not trying to convince you of anything, just offering up what I see from my perspective.

    All that "Google loves you" shit is getting creepy, too

    Not sure what you're referring to there. Maybe something from the TV ads? I don't watch TV, so I don't know anything about that beyond that there are some TV ads.

  23. Re:Requires root on After Rewrites, Google Wallet Still Has Holes · · Score: 1

    No, it's only more secure than the joke swipe cards you use in the US. A pin+chip card is way more secure than the Wallet crap.

    Somewhat more secure, yes, at present. When the outstanding vulnerabilities in Wallet are fixed, the reverse will be true because of the Chip & PIN PIN spoofing attack, which AFAIK still hasn't been fixed (it's an EMV protocol design flaw, so not easy to repair).

    Do you ever get any work done or you just spend your day refreshing /. hoping for more Google stories so you can spew your garbage?

    I've gotten plenty done today, how about you? And can you point out something I've said which is "garbage"?

  24. Re:Requires root on After Rewrites, Google Wallet Still Has Holes · · Score: 1

    So you suggest I voluntarily give my credit card information to Google?

    Well, if you use Android and buy apps from the Android Market, or buy stuff with Google Books, or through Google Checkout (recently renamed Wallet), or use the paid developer APIs, or... you already have. Google, like any other large on-line seller, routinely manages tens of millions of customer credit card numbers, and has been doing so for years. Google is PCI compliant, and actually goes far beyond PCI requirements in terms of the security precautions it takes. That's the area I work on most of the time, actually.

    What are you thinking Google will do with your credit card number that would bother you?

    Little tinfoil hattish, I agree, but meh. Datamining is the primary goal, and from the wardriving we know that personal data privacy be damned.

    There's no datamining value in acquiring credit card numbers. Really the only use of credit card information is to make charges against it. Google isn't going to start issuing fraudulent charges against your card.

  25. Re:Google Highjump into Shallow End on Google Offering Cash For Your Cache · · Score: 1

    It's way simpler to use NoScript combined with alternative services (DDG for search, OSM for maps)

    Simpler? That's a matter of perspective, I suppose. But you're certainly free to do that as well.