Slashdot Mirror


User: julesh

julesh's activity in the archive.

Stories
0
Comments
8,446
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 8,446

  1. Re:Good reason to use Linux on UK Police To Step Up Hacking of Home PCs · · Score: 1

    I think we both know you're lying.

    Actually, I'm not. I have nosy housemates.

  2. Re:Good reason to use Linux on UK Police To Step Up Hacking of Home PCs · · Score: 2, Interesting

    It's less great when they get in while you're using it via network or physical means - you know grabbing your ass and shoving you away from the keyboard.

    My computer is set up with a simple key combination to dismount my encrypted drives and wipe the memory the key was stored in. Somebody would have to be pretty sneaky to get me away from the keyboard while those drives were mounted without me hitting it.

  3. Re:Is this....legal? on UK Police To Step Up Hacking of Home PCs · · Score: 1

    What's the criminal punishment in the UK for a teenager who is found carrying a knife, incidentally?

    Up to 4 years in prison, if he's indicted, which he probably wouldn't be unless there's some aggrevating situation, so up to 6 months in prison in most cases. He'd generally be released after half of the sentence, but would have the remaining half added on to his next sentence if he reoffends.

  4. Re:Is this....legal? on UK Police To Step Up Hacking of Home PCs · · Score: 3, Insightful

    Then those doctors have never prepared a meal more complicated than a microwave dinner.

    Actually, I find pointed knives critical for preparing microwave dinners. How else do you puncture the film across the top of tray?

  5. Re:Written vs. "Un-Written" Constitutions on UK Police To Step Up Hacking of Home PCs · · Score: 2, Insightful

    Want to complain that the US government is doing illegal searches and seizures? At least you have a 4th Amendment to point to and say "you're violating this law". In a country with an un-written Constitution, even if there's a court precedent on the issue, without a written Constitution, the government can simply decree a thing, and it's so, until they're booted out of office.

    Whereas in the UK, you'd point them at ECHR article 8.

    Unless the UK decides to rescind its signature of the ECHR.l

  6. Re:Is this....legal? on UK Police To Step Up Hacking of Home PCs · · Score: 2, Informative

    You can even have your precious handgun if you can convince the police you have a "good reason" and they sign off on your license.

    Err.. no, that's what the situation was in 1997. Now, you have to convince the Defence Council, which is much harder.

  7. Re:how to check your certs on CCC Create a Rogue CA Certificate · · Score: 1

    The number of people who would know how to do this is vanishingly small. At a guess the fallout will be that over the next month or so all the relevant CAs will fix their procedures and the problem will go away.

  8. Re:Doesn't really matter what *WE* think, does it? on Wikipedia Almost Reaches $6 Million Target · · Score: 4, Informative

    The fact that a lot of good articles are getting deleted at the moment due to "not being notable enough" prevented me from giving them a penny

    I don't suppose you're doing something about this, like for instance dropping by WP:AFD and commenting on discussions of articles you don't think should be deleted? Or commenting on the discussion pages of WP:N and the other notability guidelines that you think they should be more relaxed?

    If a critical mass of users started doing this (and I see more than enough pissed off people _outside_ of the site to achieve this) then we could change the situation. As it is, I only see myself and one or two others. Plus the people who only seem to care about one or two articles. We need people committed to the cause of keeping all these articles.

  9. Re:You know what I hate? on CCC Create a Rogue CA Certificate · · Score: 1

    You're on /. and you've actually seen panties?

    Stop making shit up.....

    Psssst. I know this great lingerie shop that's got racks and racks of the things, all out on display... do you wanna know the address?

  10. Re:how to check your certs on CCC Create a Rogue CA Certificate · · Score: 1

    Not that there's any actual point in checking your own certificates. The weakness in MD5 doesn't allow them to generate a certificate that matches yours with their own signature, it only allows them to generate their own certificate with whatever data they want. Basically: the algorithm used by your cert is irrelevant.

    I wouldn't panic (yet) if you're still using an MD5-signed certificate. Generating collisions with MD5 (so far) requires you to generate both halves of the collision. As long as you produced your own cert, that isn't a problem for you.

    This attack, OTOH, is a problem for _everyone_.

  11. Re:Maybe a Firefox config setting on CCC Create a Rogue CA Certificate · · Score: 1

    Wouldn't setting security.ssl3.rsa_rc4_128_md5 to false prohibit these kind of attacks?

    I don't think so, no. First of all, I'd guess that that setting only applies to SSL3; the attacker could simply choose to use SSL2 instead. Secondly, I believe that this applies only to the MAC blocks that are used within the SSL protocol for validating the origin of data blocks; the certificates would be verified using an entirely separate code path that I do not believe honours the cipher options for the connections.

    Look at it this way: you could *also* disable all the cipher options that use SHA. If that affected certificates, almost nothing would work.

  12. Re:No weakness on CCC Create a Rogue CA Certificate · · Score: 1

    The way I understand it, for example, 4096-bit RSA either requires a dramatically new approach (quantum computing), or, with current technologies, requires every atom in the Universe to be assembled into a massive compute cluster, and that cluster needs to run for longer than the heat death of the Universe.

    AIUI, that's only true if P != NP, which is assumed but not proven.

  13. Re:objective is correctness, always on Hardware Is Cheap, Programmers Are Expensive · · Score: 3, Insightful

    But the observation on cost also means that good programmers should focus on correctness rather than performance.

    Just to illustrate how difficult it is to get correctness right, on page 56 of The Practice of Programming by Kernighan and Pike---very highly regarded book and highly regarded authors---there is a hash table lookup function that is combined with insert to perform optional insertion when the key is not found in the table. It assumes that the value argument can be safely discarded if insertion is not performed. That assumption works fine with integers, but not with pointers to memory objects, file descriptors, or any handle to a resource. An inexperienced programmer trying to generalize int value to void *value will induce memory leak on behalf of the user of the function.

    Or, for a modest increase in hardware requirements to get the same performance, we can introduce automatic resource management (aka garbage collection) which makes this particular little difficulty go away.

  14. Re:Wait, what? on Hardware Is Cheap, Programmers Are Expensive · · Score: 1

    Surely that might work for a one-off, but if you're selling millions or even thousands of copies of your software, even a $100 increase in hardware requirements costs the economy millions. Just because it doesn't cost YOU millions doesn't mean you don't see the cost.

    Yes. But remember that somewhere around 99% of all software development is for deployment to only a handful of users (or, more often these days, servers) inside a single company. The case you're talking about is vanishingly rare. The suggestion in the article is helpful a lot more often than it isn't.

  15. Re:But who's going to fly it? on Hardware Is Cheap, Programmers Are Expensive · · Score: 1

    You've met my boss?

    "Why isn't this done yet?" "You only gave it to me four days ago." "Don't give me excuses; I would have had it done by now." (whispers quietly): "So why don't YOU do it then?"

    Jesus. Didn't know you worked for my company. And... wait... there's only the two of us here! Are you invisible or what? Perhaps my boss has a side project he hasn't told me about??

  16. Re:I agree. on Hardware Is Cheap, Programmers Are Expensive · · Score: 1

    Recently my boss reviewed my schematic and asked me to replace 1% resistors with 2 or 5% "because they are cheaper". Yes true, but I spend most of the day doing that, so he spent about $650 on the task, thereby spending MORE not less.

    Perhaps he assumed, like I would, that it would be a 5 minute job? I mean, every EDA tool I've ever used has an automatic update facility that could easily be used to script a change like this.

  17. Re:The Original Story from Coding Horror on Hardware Is Cheap, Programmers Are Expensive · · Score: 1

    Use a little reasoning fool, this story was posted nearly two hours ago. The GP post was linking when the original link in the story was to a scraper.

    When a story on a site like this is changed, for whatever reason, it's usual for the editor to put something like updated 16:45 - linked to original source, not a spam site. I'm not sure why this hasn't been done in this case, but it is a practice that is normally followed here, and I can understand why the poster you're replying to may have been confused by the lack of an update note.

  18. Re:Speaking of tin foil on Scientists Find Hole In Earth's Magnetic Field · · Score: 4, Funny

    before the LHC "we see nothing". And now, after the LHC was turned on... "oh, look at the too shiny two holes!" - coincidence?

    Before LHC: George W. Bush.
    After LHC: Barack Obama.

    I think we need more high energy physics expirements.

  19. Re:I saw this in "The Core" on Scientists Find Hole In Earth's Magnetic Field · · Score: 2, Funny

    A bright shaft of light is going to sneak through the hole in the field and melt the Golden Gate Bridge. Just you wait.

    It's the attack of the killer pigeons I'm worried about. Everybody should get out of urban areas and stock up on shotgun shells now, just in case.

  20. Re:64 bit Java? on 64-Bit Java For Linux · · Score: 5, Insightful

    The only real alternative for Java applets is Flash. Of course, compared to Flash, Java applets have a lot of downfalls. The VM takes a ridiculous amount of time to start up, and it's really intrusive when it sits in your system tray and constantly announces its new updates.

    Down to less than 2 seconds on my system, these days. Each new release seems to take less time than the last. And the update announcements can be disabled, if they annoy you.

    Also, Java applets have a lot of upsides to flash as well:

    * Ability to access network services (not just via XMLHttpRequests), so live streaming data is a possibility
    * Signed applets can access local system resources that Flash cannot
    * Use useful APIs to do stuff that's beyond the capabilities of Flash (e.g. the Java port of OpenGL)
    * Don't have to design your user interface as a series of frames that you move between to show and hide aspects of it (yeuch... I've done one project of Flash UI design, and that was more than enough for a lifetime thanks.)
    * Much, much easier to support internationalisation
    * Acceptable calculation speed for CPU-intensive stuff

    I'm sure there're more. OK, Java applets are a heavyweight solution. But they are the only solution other than ActiveX for many problems.

  21. Re:64 bit Java? on 64-Bit Java For Linux · · Score: 2, Interesting

    Can't recall seeing a big gaping hole on a page where a Java Applet would be in at least a year. And this story is only important if somebody out there has a burning need to run a 64bit Java app... in a web browser.

    Which you can't do, because Java runs all applications with a memory usage limit, which for an applet there's no way of changing, so you'll get the standard limit.

    Actually, it's important if someone wants to run a 64 bit web browser and use Java, because 64 bit browsers can't interface with 32 bit plugins.

    IIRC, there's now also a 64 bit flash plugin available (another recent release). This might mean that 64 bit linux distros no longer need to install 32 bit compatibility environments by default, which would be a welcome improvement.

  22. Re:64 bit Java? on 64-Bit Java For Linux · · Score: 1

    Linux has had 64 bit java for donkeys years... *rereads summary* - oh, Java browser plugin. A piece of the 90s I was hoping we'd all left behind.

    Java applets are still useful for many tasks. I use them daily to access email (via hushmail), for example. I also use online share trading systems that use Java applets to display charts. For these reasons, I've had to stick to a 32 bit browser, despite being on a 64 bit OS.

    Of course, you could question how much need there is for 64 bit browsers...

  23. Re:Boo to bloggers on Followup To "When Teachers Are Obstacles To Linux" · · Score: 2, Funny

    That's not super friendly. It is however, alliteration.

    Which means, of course, that it is freakily fucking friendly, filling our frail hearts with fear of further forthcoming friendliness, foiling our faltering flight, fading our fanciful fantasy of flat, emotionless interactions.

  24. Re:Saving power, but increasing frustrations on Five PC Power Myths Debunked · · Score: 1

    20w for an LCD

    You sure about this figure? According to the specs on the back, mine consumes 45W, and that's measured in low voltage DC... the AC power going into the transformer block is likely significantly above this.

  25. Re:Winter on Five PC Power Myths Debunked · · Score: 1

    Natural gas is cheaper than electricity.

    And when you burn natural gas, you end up pumping a huge amount of heat to the outside of your house. Don't forget to consider that you probably only get about 60% or so efficiency from your gas-burning heating system.