×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Comments

top

Bug Bounties Don't Help If Bugs Never Run Out

Daniel_Staal Re:By this logic... (186 comments)

No, we weigh the cost of prosecuting a specific crime against the cost of not prosecuting it, and let some crimes slide.

So we spend a lot more time and effort prosecuting a murder than a jaywalker. Because it's worth more to stop the murderer.

(And when this gets out of whack, we have problems. Red light cameras, GPS devices on cars, and such are reducing the cost of prosecuting some crimes, and that is causing social problems as we start to prosecute crimes that we didn't before. A lot of the complaints about the TSA is that they don't care about the cost: They just purse to the hilt. And the NSA has the problem that they only count the direct monetary cost, not the social, diplomatic, or economic costs.)

2 hours ago
top

Theo De Raadt's Small Rant On OpenSSL

Daniel_Staal Re:Why OpenSSL is so popular? (301 comments)

In this case though, general unit testing should have caught the bug: There's an option at compile time which, if used, caused the affected versions of OpenSSL to crash. (Because it disables the bug, and OpenSSL was relying on it in one location...) So, good unit testing would have helped.

Basically, unit testing should be able to tell you if you've implemented the algorithm competently. It doesn't say if the algorithm is any good, just that your version of it works to the spec.

about a week ago
top

Walmart Unveils Turbine-Powered WAVE Concept Truck

Daniel_Staal Re:That's Great, But... (242 comments)

Not a problem: Walmart is big enough to build a warehouse/distribution center near the docks or railyard, so you only have to move it a short distance in conventional trucks. They also have to unload and reload anyways: Most of their trucks are likely to have a full shipment for a particular store, not a full shipment of a single item. This truck would be for their own last-mile problem, considering they have stores just about everywhere.

So, for them, it might be a money saver. It doesn't have to work for anyone else.

about a month and a half ago
top

Scientists Study Permian Mass Extinction Event As Lesson For 21st Century

Daniel_Staal Re:3 Most destructive events in a planet's history (235 comments)

There's a fair number in the USA too - basically any attempt to teach Creationism in schools. Granted they don't get huge amounts of traction, but still get pushed and get a lot of attention, while environmental concerns get brushed aside as irrelevant or not practical.

about 2 months ago
top

Scientists Study Permian Mass Extinction Event As Lesson For 21st Century

Daniel_Staal Re:3 Most destructive events in a planet's history (235 comments)

I wasn't referring to the Permian mass extinction event - I'm referring to the Permian itself. Coverage of people denying that it (and most of the rest of the Earth's history) even happened - and laws trying to force people to teach that - gets a lot more attention than trying to protect life on this planet.

about 2 months ago
top

Scientists Study Permian Mass Extinction Event As Lesson For 21st Century

Daniel_Staal Re:3 Most destructive events in a planet's history (235 comments)

We should - it's our home, after all, and we'd be protecting ourselves.

But we seem more interested in claiming the Permian never happened, and trying to wipe out most life on the planet.

about 2 months ago
top

South Carolina Woman Jailed After Failing To Return Movie Rented Nine Years Ago

Daniel_Staal Re:Economically Inefficient (467 comments)

It could have been the debt collectors - if they can't collect the debt, they'll file charges I think.

That would be my guess at what happened - the video store went to a debt collector, who eventually went to the police. Each step is probably standard practice, and the amount or initial reason for the debt was likely irrelevant at the end; it was probably policy to send all noncollectable debts past a certain age to the police.

about 2 months ago
top

AMC Theaters Allegedly Calls FBI to Interrogate a Google Glass Wearer

Daniel_Staal Re:If this story is true.. (1034 comments)

Actually, the person themselves poked up in the comments and confirmed it. (And was talked to by the author of the story before they wrote it.) So we have better than usual chance that it's a true story, for a story on the Internet.

(It's even a blog I've read for years and trust, if that helps any.)

about 3 months ago
top

OpenBSD Moving Towards Signed Packages — Based On D. J. Bernstein Crypto

Daniel_Staal Re:Floppy disks? (232 comments)

I said semi-embedded for a reason: I'm more thinking of hobiest/custom firewalls and routers. The ones from the factory tend to run a version of Linux or PFSense - But you can get similar devices from manufacturers without an OS that you can install your own OS onto.

Not that I'm sure I disagree with you. Just trying to think of a rational reason and give them the benefit of the doubt. However hard that is.

about 3 months ago
top

OpenBSD Moving Towards Signed Packages — Based On D. J. Bernstein Crypto

Daniel_Staal Re:Floppy disks? (232 comments)

Well, I haven't followed the discussion, but I do know that one of OpenBSD's major markets is basically semi-embedded systems: Firewalls and routers. It's likely they won't have much in the way of external storage attachment, or much in the way of internal storage at all. Given that, it might make sense. I don't know.

about 3 months ago
top

India Frees Itself of Polio

Daniel_Staal Re:Not so fast ! (309 comments)

I think it's a much better argument that fundamentalists are against vaccinations... (Muslim or Christian.)

about 3 months ago
top

PC Shipments In 2013 See the Worst Yearly Decline In History

Daniel_Staal Re:Nice to See Macs are Up (564 comments)

The Apple Tax isn't as high as people think it is. Yes, you can build your own for cheaper, usually. But their prices are comparable or cheaper than other big-name brands for similar hardware. (I'll let you Google the links to prove it: There are always a slew of people checking everytime Apple releases a new machine.)

What Apple does avoid doing is selling the 'just enough' hardware: The low end, barely able to run current software. They design their machines so that the base config will work fine for the average user for several years, without upgrades. This means the super-cheap machines don't exist - you'd need to add RAM or a larger HDD in a year or two, or your graphics processor would barely be able to keep up, and Apple doesn't want people having that experience with their machines.

Now, the current discussion on whether PC's are 'good enough' is a separate point - I'd argue they are, and even several-year old Macs would be good enough. Apple did have an advantage in the statistics this article was looking at: Their latest OS release obsoleted any Mac with 32-bit anything. (Including BIOS.) Which means that part of their sales is probably people wanting to upgrade who couldn't. (Still, it supports any Mac made in the past 4 years.)

about 3 months ago
top

Carmakers Keep Data On Drivers' Locations From Navigation Systems

Daniel_Staal Re:All across America (189 comments)

Not always. ;)

about 3 months ago
top

Carmakers Keep Data On Drivers' Locations From Navigation Systems

Daniel_Staal Re:All across America (189 comments)

This type of thing being possible is one reason I've never trusted a car with OnStar. (To name the most visible.)

about 3 months ago
top

How much of your media do you store locally?

Daniel_Staal Re:Agreed (187 comments)

Tarsnap or something similar - locally encrypted before it's uploaded, and the key never leaves your system.

Of course, then you have to back up the key, but that's a much smaller problem.

about 4 months ago
top

How much of your media do you store locally?

Daniel_Staal Re:All of it - So you can loose all of it (187 comments)

Sure, but the chances it will happen both locally and in the cloud, at the same time, is very small. If one fails, you recreate from the other.

about 4 months ago
top

How much of your media do you store locally?

Daniel_Staal Re:All of it (187 comments)

Just to add to the choices others are giving, you could take a look at OwnCloud. If you are running a php-based website already you won't have to install any new server. (It does need an HTTP server, and has it's own interface.)

It exports things via WebDAV, and it has an Android client. (Or you can use other WebDAV Android clients.) So you can mount the server on you computer as a directory, and you can easily get stuff to your phone as well. The one thing is that you need to upload into it - not into whatever file system you have already. (Though you can mirror into it easily.)

Worth looking at, though it might be a bit more complexity and overhead than what you are looking for.

about 4 months ago
top

NHTSA Tells Tesla To Stop Exaggerating Model S Safety Rating

Daniel_Staal Re:False? (284 comments)

The claim is false: The NHTSA rates cars on a 5-point scale, and gave the Tesla S a 5-point rating, the highest they could get. This rating is based on several sub-ratings, where the Tesla also got 5-point ratings, in all categories.

Tesla is basically trying to claim for marketing purposes the fact that they got 5-point ratings in all of the subcategories (which isn't necessary for a 5-point overall rating, and in fact is extremely unusual, if not unique) means that they got 'better than a normal 5-point rating'. Which, ok, they did, but the rating only goes to five points. They can't create a new rating scale just for themselves.

about 5 months ago
top

Monthly net electricity use in my household:

Daniel_Staal No Clue (327 comments)

I have no clue: The electric company doesn't even bother to read my meter. They just send me a bill for whatever they think I should owe.

(And no: I’m not joking...)

about 5 months ago

Submissions

top

Most web programming languages vunerable to denial

Daniel_Staal Daniel_Staal writes  |  more than 2 years ago

Daniel_Staal writes "Ars Technica is reporting: "Researchers have shown how a flaw that is common to most popular Web programming languages can be used to launch denial-of-service attacks by exploiting hash tables. Announced publicly on Wednesday at the Chaos Communication Congress event in Germany, the flaw affects a long list of technologies, including PHP, ASP.NET, Java, Python, Ruby, Apache Tomcat, Apache Geronimo, Jetty, and Glassfish, as well as Google's open source JavaScript engine V8. The vendors and developers behind these technologies are working to close the vulnerability, with Microsoft warning of "imminent public release of exploit code" for what is known as a hash collision attack."

OCert advisory here."

Link to Original Source
top

Network Solutions stands by policy.

Daniel_Staal Daniel_Staal writes  |  more than 6 years ago

Daniel_Staal writes "Apparently Network Solutions believes nothing is wrong with it's policy on registering domains: After review, they have decided to stand by their policy, and continue to register every domain checked. Why? To save us from scammers: "We would be perfectly happy to end this process if ICANN or the registries would do something to protect small businesses or other small users." Apparently the point is to register them before the scammers have a chance to, and not to make money for Network Solutions: "We are not trying to make a bunch of money off of this.""
top

Daniel_Staal Daniel_Staal writes  |  more than 7 years ago

Daniel_Staal writes "My sister will be traveling abroad next year on a one-year study program. She has indicated to the tech guy in the family (me) that she would like something she would be less likely to mind loosing as her computer than her current iBook when she does. Any suggestions on a sub-laptop computing device?

Her requirements are fairly straighforward, but contain a couple of oddities. Basically she wants to be able to keep in contact with people, and do her homework. For that she needs email, VoIP (Skype, for preference), web browsing and MS Office or compatable. The kicker is that her homework will be in Arabic, while her email/web will be in English. (Or, at least mostly.) She wants a keyboard; she'd probably be ok with 3/4 size keys, but I'd have to convince her. VoIP is not a deal-breaker, just a strong request.

So, what small size/cost factor portables do you know that have good Arabic support and can be used for basic web access? My current thought is a HP Jornada, but I'm not sure what to compare it to. (And I'm not sure about Arabic support.)"

Journals

Daniel_Staal has no journal entries.

Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...