×

Announcing: Slashdot Deals - Explore geek apps, games, gadgets and more. (what is this?)

Thank you!

We are sorry to see you leave - Beta is different and we value the time you took to try it out. Before you decide to go, please take a look at some value-adds for Beta and learn more about it. Thank you for reading Slashdot, and for making the site better!

Comments

top

Twitter Moves To Curb Instagram Links

BronsCon Re:Social Networking is a mess (77 comments)

Especially static content, and especially when the content of the article is a series of sentences punctuated by big squares that, rather than loading images, contain t.co redirects to the images that some doofus tweeted.

And this is where your understanding of the problem fails.

Again, this is a middle-management and bean counter problem, not a developer problem. The developers don't sit there and ask "How can we add more Twitter to our pages?" On the contrary, the bean counters say "We can save on bandwidth by letting Twitter and Instagram host our images, while at the same time monetizing our users through forced interaction" and the managers relay that as "Give us the ability to easily link to Twitter and Instagram images or go find another job".

And, of course, the developers do it. Why? And why shouldn't you fault them for it? Because they know damn well that if they go work somewhere else, it's just more of the same, from the same kind of shitty bean counters and managers who don't understand that this shit kills their user base, in turn killing their income. If they don't do it for their current employer, they'll be asked to do it for their next, and the one after that, and after that, and so on, and so forth, until they are unemployable. Even McDonalds won't hire them after they're on their 6th job in a year. Then they starve.

7 hours ago
top

Twitter Moves To Curb Instagram Links

BronsCon Re:Social Networking is a mess (77 comments)

Jerky scrolling sounds more like they've got you using underpowered machines. There's no excuse, on modern hardware, for the process of loading and rendering an image to bog the machine down to the point that the UI is affected. I say this having used, and developed on, a single-core Atom based netbook, exclusively, from 2007-2010, without issue; but then, I tend to develop as though resources are limited, since that was actually the case for me for the first 28 years of my life.

I can totally see other developers, who haven't been conditioned to realize that system resources are finite and not everyone has the latest and greatest CPU and GPU with oodles of RAM and gigabit internet (I wish... 150mbps is the best I can get and it's not worth the expense), assuming, since their code only lags slightly on their maching (which they blame, of course, on the browser dev tools), that it will, at worst, only lag a little on the user's machine which, typically, is much *much* less powerful.

I struggled for over 4 years to get my former boss to see this as a problem. Former boss. For a reason. We started losing clients as more and more javascript was added to the sites we were hosting and page render times went through the roof, but optimizing client-side code was forbidden; it didn't run on our servers, so it wasn't our problem and, besides, it ran fine for us, so there must not actually have been a problem. Or so he said. Of course, I knew better, and I still do, but that knowledge failed to transfer and the bloat continues in my absence, getting worse by the week.

So, I really don't blame the developers implementing the shit code, even; it all comes back to the idiot telling them not to fix what's broken, because they don't see how or why it's broken in the first place.

I worked for myself for 7 years before taking that job and I watched the quality of my code steadily decline while I was there. I've only been working for myself again for a little less than 2 months and I'm already seeing the quality of my output shooting back up to where it was 4 years ago, and still climbing, as I've learned much over the past 4 years, on top of simply having better tools now than I did then.

Without that perspective, though, I see how easy it is to blame developers for everything, but the reality is much, much different in most cases and developers don't get to choose to write good code; they only get to choose between writing shit code for their current employer or for their next. Sometimes that's because the employer sucks and sometimes it's because they suck; I've talked about both here.

7 hours ago
top

Twitter Moves To Curb Instagram Links

BronsCon Re:Social Networking is a mess (77 comments)

Bingo. Well, almost. What you're complaining about can be done effectively and correctly, as well. Assuming it's done intelligently, with properly-sized placeholders so loading the images won't move other content around and ensuring that images less than one full-screen-scroll away are loaded, it's a decent way to save bandwidth without annoying users. That said, it also requires estimating the user's connection speed based on load times for the images that have loaded thus far, so you can disable it and just load the remaining images (in order of appearance) if the user is on a connection slow enough that they might miss images while scrolling because they haven't loaded by the time the user scrolls past.

Don't get me started on sites that don't even start loading the images until they're scrolled into view and don't use placeholders, so the images, when they finally do load push down the content you were reading. If I understand correctly, that's what you're talking about and yes, as a web developer, it annoys me to no end when some code monkey pulls that shit and sullies my good name, and that of the other competent developers I know.

8 hours ago
top

Twitter Moves To Curb Instagram Links

BronsCon Re:Social Networking is a mess (77 comments)

That is most definitely "not used properly". I may have misspoke when I said no image tags, actually, as my preferred implementation is to use a 1px transparent PNG as the default SRC for the image tags, so they can still be inline on the page, with width and height specified (via CSS, of course). Done correctly, as I was saying, no images or scripts load until the text content of the page has loaded and rendered and you are able to start reading the article.

It's not even that hard to do, but most devs don't take the time to think about it, usually because they're not allowed to spend their time on such things. Again, blame shit-tire middle management and bean counters for that.

9 hours ago
top

Twitter Moves To Curb Instagram Links

BronsCon Re:Social Networking is a mess (77 comments)

Actually, genius, "Javashit", as you call it, when used properly, is leaps and bounds better than iFrames. Imagine the article loading in its entirety, so you can start reading it, before there's even a single image tag on the page; then, well-written javascript popping the images in as you read. The content loads and renders faster and you have an over-all better experience, especialy if you happen to be on a mobile device or slow connection.

But that's cool, just go on blaming web developers and technology, keep shielding the bean counters and middle managers who refuse to consider the end users and force us to either create complete shite or move on to the next job, where we'll be forced to make the same decision again... and again... and again.

9 hours ago
top

Obama: Gov't Shouldn't Be Hampered By Encrypted Communications

BronsCon Re: Yeah (554 comments)

I'm sick and tired of people not being able to detect the slightest hint of ironic sarcasm, even when the words they're reading are drenched in it. The +0 post you replied to should actually be marked +5, Insightful; I'm sure it would be if it ended in </sarcasm>.

about a week ago
top

The 'Radio Network of Things' Can Cut Electric Bills (Video)

BronsCon Re:1984 (172 comments)

You certainly know your English curses; you must have missed the rest of the class, though, if that's the best reply you can come up with. I certainly hope you don't speak like that around your children; I'm sure you do, though, so thank you for proving my point.

about a week ago
top

Linus On Diversity and Niceness In Open Source

BronsCon Re:I agree with Linus (358 comments)

Open your eyes... Reddit is all around us. It's everywhere. And underneath? Just more Reddit. It's Reddit all the way down.

about a week ago
top

Linus On Diversity and Niceness In Open Source

BronsCon Re:Where's this desire for "nice" coming from? (358 comments)

Or to be more culture neutral - "STELM" (with L for Language)?

How about SMELT, since it allows us to extract metal (in the form of productive results) from ore (in the form of people)?

about a week ago
top

Linus On Diversity and Niceness In Open Source

BronsCon Re: Stupid Americans (358 comments)

No such thing as what? The antichrist?

about a week ago
top

To Avoid Detection, Terrorists Made Messages Seem Like Spam

BronsCon Re:Uh... (110 comments)

This is correct; the NSA suspects we're all terrorists.

about a week ago
top

The 'Radio Network of Things' Can Cut Electric Bills (Video)

BronsCon Re:1984 (172 comments)

Well, if you can't figure out how to spell "fridge", perhaps your frig *should* be turned off, so you don't procreate.

about a week ago
top

SystemD Gains New Networking Features

BronsCon Re: Fuck Me (552 comments)

First of all, parsing error... after reading your response a few times, I think I've deciphered it, though, so here goes...

You do realize that Ubuntu does, in fact, already have a systemd unit for NSS, right? I'm not the only one having this issue and both Debian and Ubuntu maintainers don't seem to know what to do to fix it, but go on ahead and assume it's my failing; deity-forbid you take 2 seconds to google the issue.

Dumbass.

about two weeks ago
top

SystemD Gains New Networking Features

BronsCon Re:Fuck Me (552 comments)

I never had the problem you describe

Good for you? Is your NSS configured to require LDAP (other than the fact that the only local user account with a shell is root)? Otherwise, if NSS will fall back to "files" if LDAP fails, it sounds like your configuration and my workaround are one and the same.

This is BS, I can't even believe Debian and Ubuntu maintainers are so bad, where's the bug report ?

Right here.

So this must actually be a bug tied to sysv compatibility, as you're talking about these broken ifup/ifdown scripts.

No. Read what I wrote.

The current "recommended" workaround is a pair of ifup/down scripts...

In other words, the scripts aren't broken, they don't exist; the workaround is to create them. It's actually the sysv compatibility layer that allows the fix.

about two weeks ago
top

SystemD Gains New Networking Features

BronsCon Re:Fuck Me (552 comments)

At least I know I went in the right direction with this. Thanks for the confirmation.

about two weeks ago
top

SystemD Gains New Networking Features

BronsCon Re:Fuck Me (552 comments)

Even worse, try requiring LDAP (not just making it an option when an account isn't found locally, actually requiring it) for logins on a system booting via SystemD. Have your recovery media handy, you'll have to boot from it in order to remove the LDAP requirement when SystemD can't su because the network isn't up yet (or, if the LDAP server is localhost, slapd hasn't started because, guess what, it needs to su to its configured user during its init process).

Major issue affecting Ubuntu and, as far as I know, all Debian-based systems. The workaround should be simple: allow local account logins right up until TTYs actually become available, regardless of configuration. But, apparently, LDAP isn't considered important, so this has been an issue for as long as Debian has used SystemD and will likely remain so until Debian moves on to something else.

The current "recommended" workaround is a pair of ifup/down scripts that requires LDAP when the interface is up and makes it optional when it interface is down, which is great until your system crashes or you lose power and the "optional" config doesn't get applied. Then, it's time to whip out the recovery media so you can manually change the config and have a bootable system again. Needless to say, I refuse to implement that hack of a fix.

Instead, I ended up leaving LDAP optional, with a single user able to sign in, locally only, who can only su, and a local admin account that can only sudo and su, but can't log in. At least that minimizes the risk of not being able to unilaterally change either user's password across multiple systems in a timely manner; an attacker knowing the password for the user who can log in locally would have to be at the machine, and they still couldn't do anything without also knowing the username and password of the user who can sudo+su. In the end, I guess I get the benefit of being able to log in to said machines even when the LDAP server is unavailable, but it still shouldn't be necessary to implement such workarounds.

about two weeks ago
top

Wireless Keylogger Masquerades as USB Phone Charger

BronsCon Re: And this is good why? (150 comments)

The key is derived from the passcode, if I recall correctly.

about two weeks ago
top

Wireless Keylogger Masquerades as USB Phone Charger

BronsCon Re:Dewhat? (150 comments)

Or, you put a USB port on the keyboard and design it so that, when the receiver dongle is plugged into the keyboard, the two exchange keys. Allow only one receiver pairing per device and only one device pairing per receiver, per type of device.

Even better, disable the radio when the receiver dongle is plugged into the keyboard for pairing, no data is transmitted wirelessly, require a password for the key exchange, require that the password be changed with every exchange, generate the key from a passphrase typed by the user, salted with the password (such that the same passphrase will generate a different key if reused), and optionally allow the key itself to be encrypted with a passphrase in the keyboard's storage.

The key exchange process would go something like this:
1) Plug dongle into keyboard; "Ready" light illuminates
2) Type current password and press ENTER; password is encrypted with current private key and sent to dongle, dongle decrypts password and replies with the password plaintext re-encrypted with public key, keyboard decrypts reply with private key and compares result with known plaintext (just typed); on success (e.g. plaintexts match), "Password" light illuminates
3) Type new password and press ENTER; password is stored temporarily in keyboard's RAM; on success "Exchange" light illuminates
4) Type passphrase to be used for new key (suggest random keystrokes) and press ENTER; all lights illuminate, "Exchange" light blinks
5) Keyboard begins generating an RSA keypair; and sends the public key, encrypted with the current private key, to the dongle, which then decrypts the key and replies with the plaintext key; on success, all lights illuminate, "Ready" light blinks
6) Keyboard encrypts the new public key with the new private key and sends to dongle, dongle decrypts using the new public key and compares the result; on success (e.g. both keys match) it discards the old key and records the new key before encrypting the plaintext password from step 2 and sending the result to the keyboard for verification; dongle then discards plaintext password
7) Keyboard decrypts password and compares with original plaintext; on success (e.g. passwords match), keyboard discards old key and password, encrypts new password with private key, then stores the result, all lights illuminate, "Password" light blinks
8) Type key passphrase and press ENTER, or simply press ENTER; if passphrase is entered, generate a hash of the passphrase, having the same length as the private key, and XOR the key against the result; if no passphrase is entered, key remains plaintext; on success, keyboard records the resulting key, all lights blink
9) Remove dongle from keyboard
10) Insert dongle into computer

If a the private key is encrypted with a passphrase, require the passphrase every time the keyboard is powered on; generate a key-length hash (which will be identical to the hash used in step 8 if the passphrase is correct) and XOR the stored key against that hash; this is the key the keyboard encrypts its transmissions with.

This whole post is long enough without going into detail about why certain steps are necessary; perhaps I'll do a full writeup sometime. If I do, I'll reply to this post with a link. Of course, this solution is also imperfect, as an attacker could disassemble the dongle and read the public key directly from the dongle's flash; it would have to be designed in such a way that the dongle could not be opened to that degree without damaging the flash beyond readability. Layering several different kinds of epoxy over it should do the trick in most circumstances.

about two weeks ago

Submissions

top

Should John Seek Overtime Pay or Insist on Maintaining His Current Arrangement?

BronsCon BronsCon writes  |  about a year ago

BronsCon (927697) writes "A friend of mine recently came to me for advice regarding how to handle a situation with his employer. I advised him to contact an attorney, because any advice I could provide would likely be poor. But, his situation has made me curious; so I'd like to describe it here and pose the same question to the Slashdot community.

My friend, we'll call him John, has been working for a California-based company for several years in a position covered by IWC Article 4 (PDF warning, sorry) under the assumption that he was exempt from sections 3-12 (which includes the section relating to overtime pay); he recently decided to read over the law, as well as the exemption that could possibly apply to him, the Professional Exemption and the Employee in the Computer Software Field exemption, and discovered that given the current terms of his employment, he is in fact not exempt from any provision of Article 4. He also believes that his employer sincerely mistook his position as exempt and does not wish to punish them for what he believes to be an honest mistake.

For the duration of his employ, John has more or less been allowed to come and go as he pleases and has received frequent commendation for the level of work he puts out, so it would appear that his loose schedule has been beneficial for all involved, up to now. What prompted him to review the IWC documents was a sudden insistence from his boss that he was not working reasonable hours because "every other salaried position requires 50-60hr workweeks".

Here's the rub; he does not want to pursue the unpaid overtime, because this would bankrupt the company and put him out of a job, and he is worried that suing his employer may well make him unemployable. He simply either wants things to continue on as they have been, foregoing overtime pay in exchange for a high degree of freedom in his working schedule (which typically equates to coming in between 8:00 and 8:20 rather than at 8:00 sharp, taking 20-30min breaks rather than 10min, taking an occasional long lunch, and typically staying 30-90min later than most of his coworkers to make up for all of it, as well as working weekends to get things done that didn't get done during the week), or adjusting the working relationship into full compliance with IWC Article 4.

John's development work is largely done solo, he is always present for meetings, which are not held regularly, and his work is frequently completed ahead of schedule and under budget. There are no team members twiddling their thumbs while John is out getting coffee or walking off a heavy lunch before returning to the office.

I'm curious to see how Slashdot's advice will align with John's lawyer's advice, as well as what John will actually do in his situation. So, Slashdot, what would you do?"
top

55.000+ Twitter usernames and passwords leaked

BronsCon BronsCon writes  |  more than 2 years ago

BronsCon writes "Today anonymous hackers leaked more than 55.000 hacked twitter accounts username and password through Pastebin. It was very shocking to see such a massive number of Twitter accounts are hacked. Also celebrity accounts are hacked. Links to all 5 pastebin pages of credentials are included in the article, so you can search for yours."
Link to Original Source
top

Steve Jobs Dead at 55

BronsCon BronsCon writes  |  more than 3 years ago

BronsCon writes "Jobs, 55, has been instrumental in turning Apple into the dominant producer of portable music players, a leader in the smart phone business and, with the iPad, the inventor of a new category of modern tablet computers. Today, Apple announced that he has passed away, shortly after resigning as CEO of the company and the day following the announcment of the iPhone 4s"
Link to Original Source
top

One Free Website For Every City

BronsCon BronsCon writes  |  more than 4 years ago

BronsCon writes "San Francisco Bay Area based web design/development firm Gutensite is giving away one Free Pro website to one person or organization in every city, world-wide. By creating a regular Free Lite site with the promo code "MYCITY" you will be eligible to win the prize, a free upgrade to the Webmaster package for one year, a $420 value.

The first sites have a higher chance of winning (see rules for details). But even if you don't win the Grand Prize, everyone will still get to keep their free site, or get 25% off the first full 3 months if they eventually decide to upgrade to a Pro site."

Link to Original Source
top

BronsCon BronsCon writes  |  more than 7 years ago

BronsCon writes "Who/What is your favorite...


US President
Game Console
CPU
OS
Joke
Slashdot Editor


If you don't get the gag, please don't vote. Thank you."

Journals

top

Talk about it

BronsCon BronsCon writes  |  more than 6 years ago

Recently, I was flamed for making a "joke" of HIV (see below).

Said by an AC: I recommend a guerrilla trademark war: we simply need to decide what STD now gets the street name of "scrabble".

Said by me: HIV. It's about as active as scrabble and gets just about as much attention from the general populace. A ton of people have it but nobody really talks about it anymore.

Said by another AC: Why don't you grow a FUCKING brain cell. You are a fucking moron for taking something as serious as HIV and turning into the latest joke on slashdot. There are people who are FUCKING DYING because of HIV and I'm sure that none of them find you funny. I'm also sure you would stop laughing if you had an HIV test come back positive.

Said by me: Should I fax it to you, or is a simple scan and email enough?
I was actually going for insightful, rather than funny. A ton of people have HIV but nobody really talks about it. Just like Scrabble.
P.S. -- Who's the moron now?

-----

In all fairness, he's right, I don't have HIV. Dumb luck on his part.

Lord knows I've had some close calls; an ex fiancé who contracted it from a guy she cheated on me with and a girl I dated for a while who called me a few months after we broke up, insisting that I get tested. Dumb luck on my part.

Assigning the nickname 'Scrabble' to HIV might be the best thing to happen to it. If it gets people talking about it, if it raises awareness, beyond using it as an insult, it's a good thing.

If it raises awareness among corporations that, when they take something dear to us, we will take something dear to them in exchange ("Let's hang out with Kevin, he has Scrabble!" becomes "Don't sleep with Kevin, he has Scrabble!"), it is a good thing. But only if it's true.

I have a "FUCKING brain cell". In fact, I have many of them. Enough to realize that anything that gets people talking about an important issue is a good thing. Enough to realize that only a complete moron would flame someone for pointing out a problem such as people not talking about such an issue.

I stand proudly by the positions I take. I feel that, if something is not worth saying, it's not worth taking the time to say; if it is worth saying, it's worth taking credit for having said it.

Let it be known that I truly feel compassion for anyone who has Scrabble; the board game, or the illness.

top

Our problem.

BronsCon BronsCon writes  |  more than 6 years ago

I recently posted this in a discussion here on /. and decided it beneficial to all that I make it more accessible by placing it here, in my journal, as well.

-----

Here's the (general US population's) problem, as I see it.

Copyright was created to ensure that artists (I do consider coding to be an art-form) had an opportunity to earn income from their work before it could be freely copied or any derivatives could be made of it.

This led to fewer creative works being created in a given time frame than before, as most works are derivative of existing works. The best stories are those which expand on what we already know, right?

The government and pseudo-fascist corporations have begun to realize three things. First, that we, view copyright, in its current state, as a problem. Second, that they make a ton of money by exploiting the current state of the copyright system. Third, that by allowing us access to any creative means, they are allowing us the resources to overcome the current copyright system.

Thus, the ever-increasing system of restricting creativity, until it is illegal to express any thought contrary to their view of being paid for every peak and valley of every sound and light wave that we receive, which could have possibly originated from one of their exploited works.

Look through my post history. I don't typically post this kind of conspiracy-theorist drivel. I feel strongly enough about this issue in particular, however, that I will not sit idly and watch what little remaining freedom we have in this once great country be stolen from us, just as our once great wealth has been.

Now is the time to act. Not tomorrow. Not next week. Not next month. Not when Bush is replaced by the next pseudo-democratic-republican leader and you realize they're lying, too.

Now.

Before we lose the ability to create.

The terrorists don't have to fight anymore. We're doing it to ourselves.

We vote our freedom away by electing officials who have a proven track record of deception. We spend our freedom away by buying from companies who restrict how we can use our (or their, depending who you ask) products. We give our freedom away by continuing to do business with corporations who ship jobs and, with those jobs, our economic strength, to other countries, while many on our own soil can not find employment.

We routinely sell our freedom to the highest bidder and can do nothing but cry in disappointment when they never pay out.

Right now. This is the only time we have. Act.

Slashdot Login

Need an Account?

Forgot your password?