Slashdot Mirror


User: BitZtream

BitZtream's activity in the archive.

Stories
0
Comments
12,389
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 12,389

  1. Re:I wonder on Firefox Most Vulnerable Browser, Safari Close · · Score: 1

    Uhm, both plugins and extensions can and do run native code. They are the same from a security perspective, if one is exploitable the whole browser is because of it.

  2. Re:I wonder on Firefox Most Vulnerable Browser, Safari Close · · Score: 1

    IE is no closer tied to the OS than webkit is to OSX. Its not part of the 'core OS' or anything, its just a common set of code used by just about every app because MS embraced HTML and supports it in just about ever app.

    It isn't tied to the OS and never has been, contrary to popular belief. Thats like claiming WebKit is tied to Linux because its used as a HTML renderer in a lot of KDE apps.

  3. Re:I wonder on Firefox Most Vulnerable Browser, Safari Close · · Score: 1

    You would be making an very ignorant assumption. Very few bugs are going to be OS specific.

    FF running in proper setup from Win2k forward would be no more dangerous. By proper setup I mean running as a standard user without permission to modify parts of the system that aren't their own. I.E. no write permissions to various registry and fs paths outside of those that should be owned by the user.

  4. Re:I wonder on Firefox Most Vulnerable Browser, Safari Close · · Score: 1

    about every 6 months

    I think you meant 6 hours, the current average rate for slashvertisements is about 1 per 6 hours.

  5. Re:I wonder on Firefox Most Vulnerable Browser, Safari Close · · Score: 1

    Uhm, who ISN'T a Microsoft Certified Partner? Most businesses are simply because they are in business to make money and if you do just about any sort of sales you can be a MCP and get free benefits from MS including referrals for customers.

    The only companies who are MCP are basically zealots who want to brag about not selling MS products, which to most sane people these days, bragging about what you don't sell while people are not spending money is rather retarded.

    Our company is an MCP and we freaking HATE MS with a passion, but the reality of it is, we'd be cutting off the majority of our income if we didn't deal with MS software. We our proud to support several OSS projects in both financial and code contributions, we just no so stupid as to turn away money based on some silly irrational need to avoid MS.

    Why didn't you go ahead and throw in the 'Symantic makes viruses for NAV to have something to detect!?@$!@$!%@5' ignorance too?

  6. Re:With every loss there is opportunity... on Microsoft Disconnects Modded Xbox Users · · Score: 1

    Not really, the lose money on a console sale. They'd rather people by more games for the consoles already out there, which is where they make money.

    Actually, this probably isn't true any longer, but they don't make a huge profit on the consoles if any. Its all about the game attachment rate.

  7. Re:And of course... on Microsoft Disconnects Modded Xbox Users · · Score: 1

    I guess you missed the non-XBL part of his statement ... meaning for those without XBL accounts.

  8. Re:Creative and engaged users, not cheaters on Microsoft Disconnects Modded Xbox Users · · Score: 2, Insightful

    As someone who modded their xbox (not my 360 which remains unmodded). No one with a modded xbox buys game, they download them. The notation that its for backup is silly. There are 2 people out of every 10,000 that use it for backup. I'm not against it being done, I'm all for people being able to back up their games since its a pain in the ass to get replacement disks in most cases,

    Its just silly to pretend that the majority of modders buy games, they don't. I know plenty of people who specifically did not want their XBox modded because they would just download games for free.

  9. Re:Creative and engaged users, not cheaters on Microsoft Disconnects Modded Xbox Users · · Score: 1

    It costs $99 to develop for the XBox360 at a minimum. You can download the software, and run it as a Windows app, but you can't run it on your XBox360 without paying and there is no emulator or anything like that.

    Everything else you said is of course entirely correct, but developing for the XBox360 is the same as developing for the iPhone, except there is an iPhone emulator you can use to test on without paying.

  10. Re:How does it deal with replication latency? on Remus Project Brings Transparent High Availability To Xen · · Score: 2, Interesting

    No it won't.

    VMWare claims the same crap and its simply not true.

    You have a 50ms window between checkpoints that can be lost, in your example . The only way to ensure no lost is to ensure that every change, every instruction, every microcode executed in the CPU on machine A is duplicated on B before A continues to the next one. You simply can't do that without specialized hardware since you don't even have access to the microcode as its executed on standard hardware.

    50ms on my hardware/software can mean thousands of transactions lost. That can wreak havoc on certain network protocols and cause database operations to fail completely as you replay portions of transactions that the database has already seen.

    I can come up with situations all day long as to how this isn't as seamless as you make it out to be. Sure, xclock transitions to the other machine in what appears to be a perfect no loss transition, or solitaire on a windows machine, but thats not exactly useful.

    Remus has plenty of uses, but it has plenty of pitfalls and regardless of claims does require consideration when developing systems unless you're introducing latency that to me, would just be completely unacceptable and would require applications to be aware of the latency. Hell, thats 6.25MB of data that can be transmitted over a gigabit pipe between checkpoints. That can kill performance.

    I know what you're saying, I know what you mean, and I just don't think you realize how much that latency can effect certain classes of applications.

  11. Re:It's pretty fun on Remus Project Brings Transparent High Availability To Xen · · Score: 1

    I don't know about you, but my web apps don't let the web server handle session and transaction management. Thats what I have a database server for, thats capable of dealing with thoses issues in a known way, that I can recover from to some extent. My important web apps use clusters of databases that take care of each other. Theres a reason Oracle costs a fortune, and MySQL is free. I can't stand working with Oracle, but theres a reason it exists. Of course you don't have to use Oracle, thats just one example, there are plenty of alternatives from other vendors and middleware to do the job.

    Server dies in the middle of a process? Did the transaction complete? no? rollback. Yes? Good, the database is in a known good state with everyone being updated with proper information, live goes on, just a bit delayed.

    You designed your system so your game state is totally client dependent or something? So if the web server dies theres no acceptable failure mode to revert to a previous relatively recent state? Must not be that important. If it is so important, why are you not saving the state are acceptable intervals to allow the user to restart from a reasonable point? Sounds like you're doing too much on the client, which probably means some massive security issues as well. Clients are never trusted for anything.

    Nothing about a web app is new. We solved all of these issues years ago. I think the problem is that you're just learning about them and don't realize that this problems are actually rather old and there are known ways to deal with them.

    I can turn off one of my web servers or database servers, literally killing tens of thousands of connections, and the worst case is a half a second of delay or so while the cluster removes it from the loop. The most the user sees is some web pages don't load some content. Any application that uses the web servers for access to the database will retry the request, seeing a different server which will be more than happy to handle the request. If the request was completed and the client couldn't be notified in time, the client will retry the request and be notified it was already completed and move on.

    This stuff is 40 years old, not anything new and exclusive to web apps. In short, the problems you listed are because you're doing it wrong.

  12. Dear Newbs, su came before sudo on Microsoft Patents Sudo's Behavior · · Score: 5, Informative

    If you're going to claims something copies 'sudo' with 'Linux' please realize that sudo copies su which was around long before Linux.

    sudo has more features than su, yes. Everything that 'copies' sudo has more features as well.

    Although the patent in this case does not copy sudo, or gksudo or OSX. The patent covers something that detects an authorization (NOT AUTHENTICATION) failure and gives an opportunity to elevate privileges and continue rather than denying the request.

    su, sudo, gksudo and the OS X applet all require knowledge in advance that elevated privileges are required.

    Do I think the difference is worth patenting? No, its the next logical step. However, if you're going to rant and rave about what Microsoft is patenting, at least realize they aren't patenting a clone of something you've been using for years.

    You only make the rest of the OSS world look stupid to the powers that be when you rant and rave and you are completely ignorant of whats being done. We lose credibility and get written off as raving lunes when you respond like this. So please, shut the hell up.

  13. Re:bad design on The NoSQL Ecosystem · · Score: 1

    30 per process, not 3. Missed the zero in there.

    As opposed to the 40-50 thousand per thread EFNet was doing 10 years ago on several orders of magnitude less CPU power.

  14. Re:bad design on The NoSQL Ecosystem · · Score: 1

    And you have once again shown that they are likely doing it wrong.

    According to their own page, they have 300 million 'active' users, 50% log on each day, so 150 million users login each day. No where near that are going to to 'chat' each day.

    So what you are saying is they get 3 users to each chat process if EVERY user that logs in that day chats at the same time, which doesn't happen.

    Yes, they are doing it wrong.

  15. Re:Summary: it affects ignorant fools on First iPhone Worm Discovered, Rickrolls Jailbroken Phones · · Score: 1, Flamebait

    Because the people writing software packages for jailbroken phones don't actually know very much about what they are doing?

    The just quickly ported SSH and let it use the default passwords, which aren't unique. Which was fine before the phone had anything that used the password file other than UID info. Now that something is authenticating from it, its a bad thing, the fact that its for remote network access makes it a horrible thing.

    There is a reason Apple doesn't want every douche bag in the world to be able to throw apps on someones phone. And now you have an example of why they want things to go through the app store.

    Oh well, I stopped jailbreaking mine a long time ago, no real need to anymore other than 'omg apple doesn't control me!%!%@!@%'

  16. Re:Use your phone lines on Simple, Cost-Effective, Multiroom Audio? · · Score: 1

    A proper amp will clamp itself and won't really be unsafe, but the reality of it is, you still are going outside the specifications and it is unsafe. You have no idea what quality of equipment he is working with.

    Yes, you could run a combination of series and parallel, but then you still need to overdrive the speakers to get the same volume level.

    No matter what you want to say, the suggestion is wrong and was by someone who doesn't actually understand whats going on, which you, to me, seem to fall into the same category. You looked at it from a purely electrical perspective and still be wrong from an audio perspective.

    I'm not concerned with being a smartass or being friendly. I'm more concerned with people telling others how to wiring things in their home incorrectly and unsafely. As I said, wiring your audio wrong is unlikely to cause any serious problems, but its still a risk. The original author doesn't know what he's doing, which is why he is asking, the guy responding to him doesn't know either, now we have two people who don't know what they are getting into, one of which thinks he does, the other at least is bothering to ask. This is rapidly turning into a cluster fuck in someones home.

    You go be nice, I'll focus on not having some idiot talk some guy into wiring his house up to substandard equipment and die in his sleep from smoke inhalation because some cheap ass amp from China burnt up. You don't tell someone how to do something with electricity when you have no idea yourself, people die this way.

  17. Re:Obligatory audiophile post on Simple, Cost-Effective, Multiroom Audio? · · Score: 1

    Yes, and as the GP pointed out, you have inherited superior hearing. When she leaves you, and tells you 'its not you, its me', she'll be right.

  18. Re:Use your phone lines on Simple, Cost-Effective, Multiroom Audio? · · Score: 5, Informative

    No, do NOT do that.

    The result is going to be a bunch of speakers wired in parallel, reducing the load across the amp down to less than an ohm, just go ahead and short your amp output now and save yourself the time of getting it all hooked up before you burn it up.

    The reason the sound quality won't be good is because you're amp will be overdriven, carrying far more current than it expects to carry for a given output voltage. The result will be an amp that overheats and fails. You'll have to turn the volume up to 15 to hear it, really over driving the amp. If you're lucky and the amp is smart, it'll clamp itself down to an acceptable current level, resulting in it turning a nice audio signal into a clipped, distorted mess. You're more likely to just end up with a burnt out amp since obviously neither of you are aware of how this stuff works.

    This is modded interesting, but ignorant is more appropriate, dangerous would be better yet.

    Amps are designed for a specific load, generally 8 or 4 ohms per channel although you can find others, and some allow bridging of channels for different loads and output levels but you obviously have no clue.

    Please don't ever give anyone advice on wiring ever again, it is clear you don't understand the basics of electricity. While unlikely in this case, this sort of ignorance results in houses getting burned down and people dying on a regular basis.

  19. Re:The two examples don't seem anything alike ... on Paul Vixie On What DNS Is Not · · Score: 4, Insightful

    Uhm, everyone can connect to the exact same webserver cluster and THEN be redirected with no involvement what so ever from dynamic DNS.

    Akamai could use DNS with traditional cache times and still redirect to the right node via http redirects. DNS caching would still work flawlessly and the actual request could be handled over the protocol that actually has knowledge of redirection and ways to say 'this is a permeant redirection' or 'this is only temporary, next time ask me again'

    I'm not against using DNS this way, but there are certainly alternatives that would accomplish the same thing just as well.

  20. Re:Sorry we didn't stay in your box on Paul Vixie On What DNS Is Not · · Score: 0, Offtopic

    Insufficient data.

    You certainly punish the child, regardless of why the did it. If daddy puts a gun to your head and says kill this man or I kill you, you still committed a crime and have to be treated as such. The punishment does however take the parents into account in some limited cases, such as the parents still being the legal guardians of the child. When the child is no longer a child, but a consenting adult, then it really doesn't matter what the parents did. Adults are responsible for their own actions. PERIOD. Its not just about punishment, its about protecting the rest of the world as well.

    If the child never had any direct interaction with the grandparents then they are clearly off limits.

    If the parents were not involved after birth, and the grandparents were, they effectively become the parents and assume all responsibilities for that roll, they could have put the child up for adoption had they wanted to avoid those responsibilities.

    You simply didn't not provide enough information.

  21. Re:GPL Quiz on Did Microsoft Borrow GPL Code For a Windows 7 Utility? · · Score: 1

    I doubt Stallman would get 100% on that quiz. I've read the GPL several times, I even referenced it during the quiz, still not 100%.

    It would seem to me that the quiz is a great example of why not to use GPL rather than anything helping to promote it.

    Probably should define which version of GPL they are referring to as well since that changes the rules.

  22. Re:not the first time they've used gpl code on Did Microsoft Borrow GPL Code For a Windows 7 Utility? · · Score: 1

    Except the use of a hosts file was around before GPL existed. Great example though, just proves how ignorant people assume things that are utterly incorrect.

    Linux wasn't the first to use the hosts file for name resolution, sorry to disappoint, try again.

  23. Absolutely no indication of 'theft' here. on Did Microsoft Borrow GPL Code For a Windows 7 Utility? · · Score: 2, Insightful

    Look, when you take to functions that do essentially the same thing, and you compile them, to optimized code, there is a good chance, if the compiler is doing its job that the compiled byte code looks a lot a like. This code HAS to act the same, its reading the same data format. Its no surprised that when you decompile different versions that they look the a like, I would be concerned if they didn't.

    Go ahead and decompile it, so you aren't seeing the original source, you're seeing a decompilers version of the optimized code.

    I could probably write that function 100 different ways in one day and get the exact same thing out after compiling it to optimized byte code and then decompiling it. Its a rather specific process at that point for dealing with a standard. You almost HAVE to do things in that function that way in order for your code to actually work. There are a few changes that could be made, some branches could be done in different orders, but once you throw the optimizer at it, those branches are likely going to be reordered the same way to reuse registers and such rather than wasting extra ones.

    The author of the article is a newbie at best. Its fairly clear that he doesnt' actually understand what has happened in this process and has provided no evidence other than 'the end result looks the same!'. It could have went both ways, neither project was the first to write a UDF reader. My guess would be the first C# UDF code was actually a port of some C code to do it anyway.

    Finally if you read the comments section of the article, the ImageMaster credits.txt contains a link to MS source, while I haven't bothered to download the linked SDK, its a safe bet that the reason the code looks the same is because it probably is, ImageMaster PROBABLY pulled that function from an MS example. It happens ALL THE TIME.

    There is no MS conspiracy, just some douche bag blogger wanting to get posted on the front page of slashdot to increase his ad revenue.

    The proper thing to do is to remove this story from the front page to deny that traffic to him.

  24. Re:It's .NET code on Did Microsoft Borrow GPL Code For a Windows 7 Utility? · · Score: 1

    The source to the .NET framework has been open for years, not free, but open. I compiled it on FBSD in 2001 I think, maybe earlier than that.

    Its been in the *BSD ports tree for almost a decade.

  25. Re:"Obviously lifted" not so obvious on Did Microsoft Borrow GPL Code For a Windows 7 Utility? · · Score: 1

    Except ... you don't have to reverse engineer this particular part, its included in the source code provided with VisualStudio if you bother to look hard enough.