Slashdot Mirror


User: QuantumG

QuantumG's activity in the archive.

Stories
0
Comments
11,687
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 11,687

  1. Re:When do we get a distro with 2.4? on Slackware 7.2 [Not] Released · · Score: 1

    or build a boot floppy with 2.4.

  2. Re:"The Best Linux Distro Out There" on Slackware 7.2 [Not] Released · · Score: 3

    nah.. if it was a holy war then people would be hacking each other's web sites. Linux CyberTerrorist, news at eleven.

  3. Re:Creepy on Big Brother In New Zealand · · Score: 2

    Judges know nothing about computers so if a police officer goes to get a search warrent and the judge says "what for?", all they have to say is "computer crime" and it will be awarded. So much for unauthorized search and seizure. Why not just make computer crime another one of those things where police can enter and search if they have probable cause, like drugs and firearms? Could it possibly be because no-one gives a rats about computer crime but they bitch and moan daily about drugs and firearms?

  4. Computer crimes are pointless on Big Brother In New Zealand · · Score: 2

    Seriously, computer crimes should be eliminated. Why? Because the general public dont consider it a real crime. This is reflected in the sentences passed down by judges. Guess how many people have ever faced jail terms for computer crimes in Australia. One, and it was more about the credit cards that the guy stole and made public than the actual intrusion. Investigating computer crimes costs a fortune, takes years, invades privacy and puts an unjust burden on seemingly uninvolved members of society. I had my house raided and my computer taken off me for 8 months because a guy I had talked to on irc was being investigated for hacking. He had logs on his computer of him talking to me on irc that were not incriminating so the AFP figured if they took my computer they might find irc logs that were incriminating. During this time they tapped my phone because they had found my phone number on his computer. He had gone to a lot of trouble to get my phone number (I didn't want to give it to him) so they figured it must be important. The judge who issued the search warrant to my house could not be held accountable because the copy of the search warrant they gave me wasn't even signed by him (for his protection).

  5. Re:why? on Foreign Language Education Software For Linux? · · Score: 2

    Hey good point. And I think it is Mandarin over Cantonese that is number one.

  6. Re:Speech Recognision on Foreign Language Education Software For Linux? · · Score: 2

    Heh.. I dont know if I'm that bored. Yes.. it would be good to have that sort of feedback from the computer too. One of the methods that I have heard is most effective is you get a native speaker of the language you want to learn and do the following:

    [some sentence in their language]
    [attempt to repeat the sentence]
    [repeat what the student said]
    [repeat what the sentence is supposed to be]

    The third step is very important because you generally have no idea what you have said wrong. Hearing what you said and what you were supposed to say makes it easier to learn. Once you have done a lot of this you can start learning vocab and grammar. These steps could be done by a computer mechanically. But it is also good to have the native speaker say "yer, that's close enough, now we can move on", which is where the speech recognision would come in.

  7. Re:why? on Foreign Language Education Software For Linux? · · Score: 2

    The most popular language in the world is Chinese.
    The second most popular language in the world is Spanish. English ranks in at number three and is hardly limited to "americian english".

  8. Speech Recognision on Foreign Language Education Software For Linux? · · Score: 5

    ok. I asked this question to someone I knew who was doing research into speech recognision of Cantonese. Apparently Cantonese is very easy for a computer to recognise - much more so than english -- and see that it is the most popular language in the world, I wouldn't mind learning it. So my question to this person was: If they computer can recognise speech then couldn't I learn to speak Cantonese with a text only Cantonese -> English translator? So imagine the process goes like this: The computer plays a sample in Cantonese. I grunt at the screen and the computer tries to recognise what I am saying. Whatever the hell it gets, it translates to english and displays back to me, along with an original (manual) translation of the original sample. I listen to the sample again and repeat and repeat until the computer can understand what I am saying. So now, the real question is, if the computer can understand what I am saying, will native speakers of Cantonese understand what I am saying? or will I just find all the bugs in the speech recognision software and the Cantonese -> English translator?

  9. Changing face of security on Learn From Robert Watson Of FreeBSD And TrustedBSD · · Score: 3

    Do you think there is ever a time when you can declare a system "secure"? Assuming you dont, do you think it is even possible to objectively rate the security of a system?

  10. Re:wtf? on New "mp3PRO" From Fraunhofer, But What About LAME? · · Score: 1

    yes.. there is no justice in the moderation system.. we are all owned.

  11. Re:An ounce of marijuana costs more than an ounce on Interbase Backdoor, Secret for Six Years, Revealed in Source · · Score: 1

    See, that's not even a troll, that's just pure stupidity. The point of the sig line is that, because it is sold on the black market, pot is so damn expensive that people go out and steal stuff to get the money. And this is about the cheapest of contraband drugs. Now shut the fuck up.

  12. Re:Here's a buffer overflow on Interbase Backdoor, Secret for Six Years, Revealed in Source · · Score: 2

    $ export NIG='123456789012345678901234567890123456789012345 67890123456789012345678901234567890123456789012345 67890123456789012345678901234567890123456789012345 67890123456789012345678901234567890123456789012345 67890123456789012345678901234567890123456789012345 678901234567890123456789012345678901234567890'
    $ echo $NIG
    123456789012345678901234567890123456789012345678 90 12345678901234567890123456789012345678901234567890 12345678901234567890123456789012345678901234567890 12345678901234567890123456789012345678901234567890 12345678901234567890123456789012345678901234567890 1234567890123456789012345678901234567890

    My environment variables hold way more than 256 bytes.. where you gettin' yours?

  13. Duty of care on Class Action Lawsuit Against VA · · Score: 2

    so this has nothing to do with Slashdot's duty of care its cronically addicted posters? ok, just checking.

  14. Re:Here's a buffer overflow on Interbase Backdoor, Secret for Six Years, Revealed in Source · · Score: 2

    actually, the dude is right! I hate the halting problem.

  15. Re:Right on, dude! on Interbase Backdoor, Secret for Six Years, Revealed in Source · · Score: 2

    It's not laziness I think. I think it is a lack of knowledge about these issues. Ignorance of security causes most of these issues and it is not suprising. I have done a lot of formal education in programmer and never once have I been formally taught anything about security issues. I have read lots of books about programming, but never once have I read (in a book) about security issues. Actually I've never seen a book about security issues that wasnt jam packed full of cryptography.

  16. Re:Multiple music track encoding on New "mp3PRO" From Fraunhofer, But What About LAME? · · Score: 2

    Yer.. and the copyprotection scheme wouldn't work but that appears to be the way the wind is blowing. Perhaps if artists were willing to sell the first download and either allow people to trade it freely or just forbid them to trade it (and they do it anyway), it might be doable. But the point of having tracks seperate is not just compression, you can pull out the vocal track and record yourself singing it and then redistribute your version of it for example. I can even imagine a cool site where you get a multitracked mp3 with no vocal track or no guitar track off a forum and record the track and then post it back up. People review it and say whether it is good or not or whatever and you sort of put a song together by commitee. Now that songs both fun and someone scary.

  17. Re:Here's a buffer overflow on Interbase Backdoor, Secret for Six Years, Revealed in Source · · Score: 2

    Absolutely right. But I'm of the opinion that buffer overflows should not exist in any code, because you never know what situation this will be run in. It might be run in a shell script that is sudo'd. As for whether or not this can cause a crash or execute a shell, it can execute a shell, no doubt.

  18. Re:Right on, dude! on Interbase Backdoor, Secret for Six Years, Revealed in Source · · Score: 2

    There will be other braindead errors or even the same ones rehashed. This is not just an error of the language, this is a direct result of people trusting the incoming data. It's simple, take every function in isolation, identify every piece of data that's incoming and assume you can't trust it. Now is there anything in the function that is trusting incoming data? Yes, the function is not safe.

  19. Re:Your attitude sucks. on Interbase Backdoor, Secret for Six Years, Revealed in Source · · Score: 2

    that's right. Could should be "the simplest thing that could possibly work". That is the goal of a programmer and this aversion that people have to reading code is just scary. I can't believe they sit down and start hacking away at it without even reading it first.

  20. Re:Security patches on Interbase Backdoor, Secret for Six Years, Revealed in Source · · Score: 2

    no.. they have to say, dude, what is this lame function used for? The one that is passing in a string called user_toc_man and then goes on to copy it into a 256 byte buffer. and then the programmers says something like "oh that, that's the user's total object count for all the manual changes he has made".. uh huh.. and the user specifies this? Where? "oh.. it's in a file in his home directory" and the security guys says "can he change this?" and the programmer scratches his head and says "yer.. of course he change it" and whilst the programmer is rambling on about how stupid a question that was the security expert writes it up in his report that function calc_man_response has an exploitable buffer overflow in it because the programmer who is sitting beside him now rambling on about how brilliant he is trusted the length of a user supplied variable.

  21. Re:Here's a buffer overflow on Interbase Backdoor, Secret for Six Years, Revealed in Source · · Score: 2

    we didnt say bounds checking, we said detecting security faults in C source and I know what I'm talking about, it's equivilent to the halting problem.

  22. Re:Security patches on Interbase Backdoor, Secret for Six Years, Revealed in Source · · Score: 2

    Firstly I didn't say that you just had to read the code from cover to cover, I said that you had to read the code from cover to cover and you do. Secondly, terribly competent programmers write buffer overflows all the time and if only incompetent people write buffer overflows then this whole project was written by morons because it is full of em. Very good programmers write buffer overflows all the time because it is not in their job description to be a security expert. That's not to say that I think they shouldn't know what a buffer overflow is and how to avoid it but I hardly think it relfects on their coding skill. Frankly if I have the choice between a developer who can code to specification, on time, on budget and with efficency and yet doesn't know strcpy from strncpy and a guy who cant code for crap but can find a flaw in 10 minutes and write the sploit in 5 but cant code a damn, I'll take the good coder, cause that's who I hired. Fallability is about ignorance but I dont think ignorance of security issues makes you a bad programmer.

  23. Re:Here's a buffer overflow on Interbase Backdoor, Secret for Six Years, Revealed in Source · · Score: 2

    absolutely right. After all it's not your code, it's your companies (or whatever) and they may do things with it that ends up screwing you. If it takes longer then I guess it really isn't worth the long term safety but if it takes just as long to do buf = malloc(strlen(src)+1); strcpy(buf,src); instead of buf[1024]; strcpy(buf,src); then why not do the thing that is safe?

  24. Re:Sheepish tendencies on Glasscode Released · · Score: 2

    This is a simple facet of democracy which we're all aware doesn't work. Mainly because we're a bunch of hypocrits who say one thing yet go and do another.

  25. Re:Slashdot should be commended on Glasscode Released · · Score: 4

    You're kiding right? The only reason Slashdot posted this was to kill em off! Distributed DOS attack stylez.

    Just Kiding. Does appear to be down however ;)