Slashdot Mirror


User: tepples

tepples's activity in the archive.

Stories
0
Comments
68,260
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 68,260

  1. Likewise, GNU/Linux has kernel mode setting and the Direct Rendering Manager.* Isn't that also part of the GUI in the kernel?

    * The latter happens to share initials with something more sinister.

  2. Both Windows and GNU/Linux separate "running as root" from "running as a member of the wheel group". Even if you're a member of the wheel group (which may be called Administrators under Windows or sudo under GNU/Linux), you still need to elevate in order to do any tasks that require superuser privileges. But perhaps creating two accounts, one in wheel and the other not, and doing work other than software installation as the user not in wheel would make it harder to social-engineer users into elevating.

  3. Re:There might be light but it is not the big pict on Fasting Diet 'Regenerates Diabetic Pancreas' (bbc.com) · · Score: 1

    Even a $1.50 Banquet frozen dinner has a serving of vegetables.

  4. Re:100% of Microsoft Vulnerabilities on 94% of Microsoft Vulnerabilities Can Be Mitigated By Turning Off Admin Rights (computerworld.com) · · Score: 1

    How so? If I access my Hotmail account through Firefox on a GNU/Linux PC or through the Outlook app on an Android/Linux tablet, I'm still vulnerable to any vulnerabilities in Microsoft's servers.

  5. Re:What should convince a user to enable JS? on Severe IE 11 Bug Allows 'Persistent JavaScript' Attacks (bleepingcomputer.com) · · Score: 1

    How would, say, a web-based image editing application "degrade gracefully and remain usable when scripting is disabled"? The only way I can see to make it remotely usable without script is to make the image that the user is editing into a server-side image map, with a full page reload for each click, and requiring the user to click multiple times along a curve to draw it instead of being able to drag. How is that "gracefully"?

    Likewise for a web-based front end to a chat room. The user would have to keep clicking "check for new messages", after which the server would have to retransmit even those messages that had already been transmitted to the user's browser.

  6. Turn off Java, JS, Flash, and SL. Don't open docx on Severe IE 11 Bug Allows 'Persistent JavaScript' Attacks (bleepingcomputer.com) · · Score: 1

    Java and Javascript are not the same thing.

    I think Joe Branya would recommend turning them both off, as well as Flash and Silverlight.

  7. What should convince a user to enable JS? on Severe IE 11 Bug Allows 'Persistent JavaScript' Attacks (bleepingcomputer.com) · · Score: 1

    Running with javascript default-enabled is like letting any stranger in the world use your house for any purpose they want.

    If most people change the default to no JS, what steps should a developer of a web application take to convince prospective users that the web application is legitimate? Or should all applications instead be native and therefore specific to a single operating system?

  8. My ex was stupid enough to actually call the phone number they put up on the screen, after which some Indian guy asked her for money.

    And there are people on YouTube who mess with those scammers in India and screencap it: Lewis's Tech, Thunder Tech, Each&Everything, etc.

  9. The state could require breeders to be insured on Fasting Diet 'Regenerates Diabetic Pancreas' (bbc.com) · · Score: 1

    True, you'd have to be in VHEMT to say breeders ought not to exist. But in the same way that many U.S. states require drivers of motor vehicles to carry liability insurance, generally privately underwritten, the state could require breeders to carry unemployment insurance that covers the full cost of the child's upbringing, also probably privately underwritten.

  10. Trump doesn't plan to pursue Rx pot on Fasting Diet 'Regenerates Diabetic Pancreas' (bbc.com) · · Score: 1

    From a story in The Morning Call :

    White House Press Secretary Sean Spicer [...] may have actually done Pennsylvania's effort a small favor by simultaneously voicing the administration's intention not to interfere with medical marijuana programs.

    "There are two distinct issues here, medical marijuana and recreational marijuana," Spicer said. "Medical marijuana, I've said before, the president understands the pain and suffering many people go through who are facing especially terminal diseases and the comfort that some of these drugs, including medical marijuana can bring to them."

  11. Re:Alcohol? on Fasting Diet 'Regenerates Diabetic Pancreas' (bbc.com) · · Score: 1

    In the United States, you can choose to live in another state that does allow medical marijuana.

  12. Re:There might be light but it is not the big pict on Fasting Diet 'Regenerates Diabetic Pancreas' (bbc.com) · · Score: 1

    I'm not entirely sure what you mean. Is keeping a job to pay rent considered poor "life choices"? Or is having a family in the first place rather than being single and child-free considered poor "life choices"?

  13. Forgot it at home on With No Fair Use, It's More Difficult to Innovate, Says Google (torrentfreak.com) · · Score: 1

    Except my file server is on a dedicated network not connected to the internet.

    Hope you remember to grab all the files you might need before you leave.

  14. Re:Part of a botnet != ultimate attack target on EU Privacy Watchdogs Say Windows 10 Settings Still Raise Concerns (reuters.com) · · Score: 1

    Against a bandwidth consumption attack, patches to the machine that is the ultimate target of the attack are ineffective, but patches to the machine that would form part of the botnet are effective.

    A firewall would take care of that.

    Such a firewall would have to be installed at the ISP. Otherwise, the attack traffic sent by your unpatched, Internet-connected Windows PC would congest a subscriber's link, keeping legitimate traffic from getting even as far as the firewall. In addition, if the firewall is vulnerable to other attacks, your unpatched, Internet-connected Windows PC could be used as an amplifier to attack it.

    I know of no IoT devices or any significant number of non-PCs that run Windows.

    That's not the point. Your unpatched, Internet-connected Windows PC could be used as an amplifier to attack unpatched non-Windows non-PC devices that cannot be patched for some reason.

    That is called "blaming the victim".

    The existence of secondary liability and recklessness as a mens rea shows that at least some measure of victim blaming is the law of the land.

  15. Proprietary software makes anonymity unverifiable on Microsoft Creates Skype Lite Especially For India (cnet.com) · · Score: 2

    Data is gathered and sent encrypted and in a completely anonymous fashion

    Unless an application is downloaded from a repository that builds from public source, such as F-Droid, the end user has no way to verify this.

    at no time is personally identifiable data shared with marketing companies or sold.

    The end user has no way to verify this.

    There will always be the tin-foil hat crowd that attaches some type of nefarious motive to such product improvement efforts

    I think the fear is that a hostile government could subpoena private information in crash dumps and the like for a fishing expedition.

  16. 15 percent user share or revenue share? on iPhone Owners in US Spent $40 Each on Apps in 2016 (cnet.com) · · Score: 1

    Or you can just forget about iOS and loose only about 15% of the market

    Is iOS 15 percent of the market by user count, or is it 15 percent of the market by revenue? There's a big difference. Assume for the moment that the mean iOS user spends $40 per year on apps, while the mean Android user spends $5 per year. Then 15 percent of the market by user count represents a 15 * 40 / (15 * 40 + 85 * 5) * 100 = 59 percent of the market by revenue.

  17. Re:Not silly at all, consider context on iPhone Owners in US Spent $40 Each on Apps in 2016 (cnet.com) · · Score: 1

    In your opinion, what should replace FaceTime for desktop-to-desktop, mobile-to-mobile, and desktop-to-mobile voice and video over IP calling?

  18. Re:Would you prefer an interpreted crypto library? on PHP Becomes First Programming Language To Add 'Modern' Cryptography Library In Its Core (bleepingcomputer.com) · · Score: 1

    An add-on crypto library compiled to native code and distributed as a PHP extension

    use an add on binary library that runs at full speed but that the user can install together with their scripts through dynamic loading

    That depends on two things: whether the shared hosting provider has configured the interpreter to allow such dynamic loading, particularly from within the subscriber's home directory, and whether the shared hosting provider allows the subscriber to install a compiler and corresponding headers to compile said library. As the PHP manual states:

    The main reason for turning dynamic loading off is security. With dynamic loading, it's possible to ignore all open_basedir restrictions.

  19. Re:Let's Compare App Stores on iPhone Owners in US Spent $40 Each on Apps in 2016 (cnet.com) · · Score: 1

    How do developers of applications on F-Droid fund the food in their families' stomachs or the roof over their families' heads? Or do developers of applications on F-Droid tend strongly to be hobbyists instead of professionals?

  20. Re:Let's Compare App Stores on iPhone Owners in US Spent $40 Each on Apps in 2016 (cnet.com) · · Score: 1

    [Buying a Mac instead of another computer] Seems liike the most versatile and most economically smart decision.

    Unless you rely on sharing a computer with someone else in the household, such as a college student not living on campus. In this case, the computer you already have is $0, while the Mac is $599+.

  21. Undervalued currency on iPhone Owners in US Spent $40 Each on Apps in 2016 (cnet.com) · · Score: 1

    I understand if you're a kid or teen and jobless and your parents are on a budget, but as an adult likely earning decent money working in the tech industry

    Even if so, someone living in a developing country will still feel the effects of the country's currency being undervalued compared to the United States dollar or the euro.

  22. Re:Not silly at all, consider context on iPhone Owners in US Spent $40 Each on Apps in 2016 (cnet.com) · · Score: 1

    You can start by giving me a list of things you can do on your iPhone that I can't do on an Android.

    Buy music from a recording artist who makes his work available through iTunes but not Google Play Music or Amazon Music.

    Play Tiny Wings.

    Communicate with other people who use FaceTime on a Mac, iPhone, or iPad.

  23. Re:How muchwas spent on Android Apps? on iPhone Owners in US Spent $40 Each on Apps in 2016 (cnet.com) · · Score: 1

    The vast majority of Android phones and tablets sold in the United States come with Google Play Store and with "Unknown sources" turned off. So "How much was spent on Google Play Store for apps and IAPs per unique Google Play Store user?" becomes a valid question.

  24. Part of a botnet != ultimate attack target on EU Privacy Watchdogs Say Windows 10 Settings Still Raise Concerns (reuters.com) · · Score: 1

    For one thing, patches are ineffective against a bandwidth consumption attack.

    Then updates don't matter and shouldn't be forced.

    I was unclear. Against a bandwidth consumption attack, patches to the machine that is the ultimate target of the attack are ineffective, but patches to the machine that would form part of the botnet are effective.

    I'm told a lot of these attacks target Internet-exposed devices other than PCs, such as modem-routers and older smartphones.

    Then that has nothing to do with Windows updates and they shouldn't be forced.

    They have much to do with Windows updates if a botnet is used to "target Internet-exposed devices other than PCs", and the machines that would form part of the botnet run Windows.

    How do you think new vulnerabilities come about?

    New vulnerabilities tend to be introduced with new functionality, not with patches focused solely on security.

    The user is the only person who should get a say in what happens on their computer.

    By that reasoning, the user should be held responsible and liable for all use of the user's computer as a botnet agent. If someone adds your unpatched computer to his botnet, and someone uses your computer to DDoS someone, you should go to jail for recklessly participating in said DDoS.

  25. Re:Use the tags, Luke on Mozilla Will Deprecate XUL Add-ons Before the End of 2017 · · Score: 1

    Which Android keyboard app do you recommend for adding "a minimal level of markup" without having to spend most of the time juggling the lowercase letters, numbers and basic punctuation, and additional punctuation pages?