Slashdot Mirror


User: Alex+Belits

Alex+Belits's activity in the archive.

Stories
0
Comments
6,525
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 6,525

  1. Re:Windows still built on non-x86 platforms ... on Microsoft Ready To Talk Windows On ARM · · Score: 1

    What a load rubbish. What is your justification for that?

    They are Microsoft.

    How is Compaq releasing the IPAQ using Windows Mobile rather than Linux any indication that Microsoft can't write portable code?

    It explains how the first generation of handheld computing devices (PDAs then) failed.

    Manufacturers cancelled non-Windows development believing that users will like "Windows" on those devices or, more likely, as a result of pressure from Microsoft. Windows CE was total shit, so PDAs ended up running total shit, and it was too late to move them to another platform after they have spent all their budget on trying to make things work with Windows CE.

    The fact that Windows NT has run on 6 different architectures and Windows CE runs on 4 architectures proves that they can write portable code.

    They could do it for a few years. Nobody outside Microsoft knows how much of this was portable code and how much of it was each hardware architecture splitting into its own branch of code. The fact that non-Intel platforms all disappeared strongly indicates that it was mostly the latter in the end.

  2. Re:Windows still built on non-x86 platforms ... on Microsoft Ready To Talk Windows On ARM · · Score: 0

    I call bullshit on that.

    They don't support other architectures because they can't write portable code. If they will try to "support ARM", they will do it like they did everything -- by creating a new product that supposedly perfectly imitates the existing one on x86. With typical Microsoft quality it will inevitably fail, but by the time users will discover it, it will take another generation of "Windows" devices with itself just like Windows CE destroyed first batch of tablets and PDAs.

    Does anyone remember that iPAQ was originally Linux-based Itsy, and yet released version was all Microsoft, with no official support for anything else, and total crap for any practical purpose? This is the most Microsoft can do, and this is what it is supposed to achieve now.

  3. Re:Great idea despite the naysayers on Intel's Sandy Bridge Processor Has a Kill Switch · · Score: 1

    that an I enable *any* specific algorithm

    Parse error.

  4. Re:Let the bloating begin...? on Microsoft Security Essentials 2.0 Released · · Score: 1

    Actually the effect is surprisingly similar, thanks to complete disregard for memory footprint of frequently performed operations in modern desktop software. Fear of swapping kept developers from writing things that used cache inefficiently.

  5. Re:Great idea despite the naysayers on Intel's Sandy Bridge Processor Has a Kill Switch · · Score: 1

    What the fuck are you talking about?

    Encryption can no be "patched", it's either based on a sufficiently secure algorithm or not. It's not access restrictions implemented by software that may be bypassed through various flaws and then those flaws are fixed so they can not be exploited anymore. Once encryption algorithm is discovered to be insecure, all data encrypted by it is compromised if anyone ever got a copy.

  6. Re:Essential? on Microsoft Security Essentials 2.0 Released · · Score: 1

    For the same reason code pattern matching and heuristics in operating system are "security" in Microsoft world.

    It's bullshit.

  7. Re:Let the bloating begin...? on Microsoft Security Essentials 2.0 Released · · Score: 1

    You can have terabytes of RAM, and performance will be still determined by how often few megabytes of L1 and L2 CPU cache are updated from your giant but slow RAM.

  8. Re:AnonOps part of the problem, not the solution on Spamhaus Under DDoS Over Wikileaks.info · · Score: 1

    That may explain how I have moved to US from there, and times around me are still interesting.

  9. Re:bullllllshit on Spamhaus Under DDoS Over Wikileaks.info · · Score: 1

    1. One server may have multiple IP addresses.

    2. Even if it doesn't, one site may still use SSL with matching name in the certificate (others will get a mismatch error if user tried to access them with https).

  10. Re:Great idea despite the naysayers on Intel's Sandy Bridge Processor Has a Kill Switch · · Score: 1

    We encrypt our drives. While once in a while a crack comes out for this, it gets patched pretty quick.

    Encryption does not work that way.

  11. Re:English language needs an equivalent of "dolboy on Air Force Blocks NY Times, WaPo, Other Media · · Score: 1

    "Dumbfuck" is a very poor translation -- it reflects etymology but not semantics.

  12. Re:English language needs an equivalent of "dolboy on Air Force Blocks NY Times, WaPo, Other Media · · Score: 1

    It doesn't cover "being a massive asshole about it" part. Not only those people followed the rule that clearly could not be applied in any sane way (as documents are now everywhere on Earth, so "keeping them away" serves no purpose), they on their own initiative instituted a blocking policy that was not anywhere close to their job responsibilities.

  13. English language needs an equivalent of "dolboyob" on Air Force Blocks NY Times, WaPo, Other Media · · Score: 4, Informative

    This is one of the things that would be properly identified and probably even avoided if English language had an equivalent of the Russian word "dolboyob".

    It's a word that describes this very combination of stupidity, blind adherence to the rules in situations when it causes nothing but harm, and being a massive asshole about it.

  14. Re:he's a douche, that's all that matters on Julian Assange's Online Dating Profile Leaked · · Score: 1

    Those are a big deal in any media outlet where depth has meaning.

    Have you found such a thing? Please tell, I may consider reading it.

  15. what on FBI Alleged To Have Backdoored OpenBSD's IPSEC Stack · · Score: 1

    for the express
    purpose of monitoring the site to site VPN encryption system
    implemented by EOUSA, the parent organization to the FBI.

    what

  16. T1 is not "broadband" then on 68% of US Broadband Connections Aren't Broadband · · Score: 1

    While I agree that oversubscribed consumer DSL and cable should be judged by different standards, by this definition T1 (1.54Mbps up and down) is not "broadband".

  17. Re:How could they not progress against a known thr on Has Progress Been Made In Fighting DDoS Attacks? · · Score: 1

    What is bullshit because if species were capable of depleting resources enough to "compete for resources" with other species, they would still deplete those resources after taking other species' place, and then will be extinct.

    Species compete in ability to survive and reproduce, not in ability to leave scorched earth behind them.

  18. Re:Not getting into pointless wars saves lives, to on High-Tech War Games Help Save Lives · · Score: 1

    But Saddam Hussein murdered many times more people in the decade prior to the US invasion than the entire Iraq cost, including Iraqi-on-Iraqi violence.

    Really? Did he also develop nuclear weapons, and do other things Bush attributed to him? Do you even know how many people were killed in US invasion?

  19. DO IT FAGGOT!!! on Microsoft Seeks 1-Click(er) Patent · · Score: 1

    (Calm down, this is what I refer to) :-D :-D :-D

    Automated and multiple choice "tests" are bane and cancer of education process. If schools will be prevented from using them, students would have to actually solve problems, and teachers will have to ask meaningful questions instead of inventing plausible but wrong answers to trick students into revealing how little they understand.

  20. Re:Damned if you do. Damned if you do not. on Ex-Goldman Sachs Programmer Found Guilty · · Score: 1

    Why do they want to get rich in the first place? They don't stop sucking money out of everything after getting more money can in any way affect their physical comfort. This means, they need money for something other than obtaining comfort, and observation shows that the only other thing they do is exercising power over other people in various destructive ways.

    The only possible explanation is, they derive pleasure from suffering of others -- and not just a small number of people but enormous masses of people they can and do hurt, including all of us. They are sadists on truly monstrous scale, and money are merely their means for achieving this.

  21. Re:I always laugh when I see this on Facebook's Zuckerberg To Give Away Half His Cash · · Score: 1

    I don't "earn" my salary by hurting other people or stealing from them. My work is to make things better and easier for others, and advance the progress in technology, as I am an embedded systems developer. I also do not collect "savings" with the goal to control other people's work.

    In other news, you are a moron.

  22. Re:Huh... on Facebook's Zuckerberg To Give Away Half His Cash · · Score: 1

    Thing is that mindset is propagated throughout the pay grades. The extremely poor cleaner that makes very little thinks the exact same thing about office workers making twice their salary and not doing anything all day.

    And he is right, too -- if even a small percentage of "office workers" (lawyers, middle managers, etc.) people did not get their inflated salaries, he would get better education to do something productive, and his "work" would be done by robots.

    However since money are squandered, it's easier to stop progress in technology, sabotage education, and hire desperate poor people to do jobs that can be easily replaced by machines if only there were enough educated engineers to make those machines.

  23. Re:strcpy and strncpy on Programming Mistakes To Avoid · · Score: 1

    This captures the essence of our disagreement.

    No, it does not.

    Altering data by inadvertently truncating a string is bad, and buggy -- absolutely -- you gotta do the work to validate your data beforehand to that doesn't happen. Absolutely.

    You can validate something "you" received from someone or something else -- in other words, across an interface. On the other side of this interface there can be something written with a wrong assumption of your code's parameters such as size of the buffer (or plenty of other equally important properties of your code that may be equally important for security). It may be someone else's code or your code, but if you have an interface with any nontrivial restriction on data, such as size, you can assume that whatever is on the other end may be wrong and should be checked -- this is a part of well-known rule about producing strictly defined output and being able to process loosely defined input.

    On the other hand, you can absolutely not validate something you have just done yourself -- if you are wrong in one place (when you generated a string and presumably allocated a buffer or checked that result of your operation can fit in buffer you have) you can just as well be wrong in another place (when you given a number of strncpy() that you believe is the size available for copying). Strings don't get copied between buffers allocated just for them -- that's stupid, and this is what either passing a pointers (so nothing has to be allocated or copied) or strdup() (so allocation is guaranteed to be right) is for.

    Strings are copied to produce strings, packets, binary file pieces, etc. from chunks of other strings -- in other words, as a part of text manipulation that can be simple or complex. This means, you still have to somehow determine how much space is available in your destination buffer when you copy this particular string, as your destination is likely the end of some other string or data structure. If you have to produce this number to stuff into your strncpy() function argument, you can be right, but just as well you can be wrong. Doing it multiple times just gives you more opportunities to be wrong.

    On the other hand, calculating the size of the buffer when it is being allocated, or some when large, possibly complex, but predictable operation is started -- so it will not be possible for you to be wrong again -- is one calculation. Once you have passed this hurdle, you can be safe that your subsequent parts of this operation will not be able to overrun this buffer. Trying to "verify" that fact again will just fill your program with meaningless numbers -- constant or calculated. They will not make you safe. They will be multiple places that you will have to check and modify when you make any changes to your code. It is completely useless, and only hurts your security by making your code fragile. This is how secure and insecure design works. Not by calling "secure" functions or second-guessing calculations you have already done.

    I don't believe, I have to explain those things to someone who supposedly understands what strcpy() is. No wonder, there is shit code everywhere.

  24. Re:A real donation on Facebook's Zuckerberg To Give Away Half His Cash · · Score: 1

    ...and you probably would be paid much higher salary there.

  25. Re:in reality... on Facebook's Zuckerberg To Give Away Half His Cash · · Score: 1

    It should not be dangled in front of other people to control them -- this is what it was obtained for in the first place.