Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Comments

top

Bash To Require Further Patching, As More Shellshock Holes Found

JDG1980 The downside of the Unix Way (316 comments)

I know I'll get flamed for saying this, but it seems to me that the Shellshock bug represents a weakness in the Unix philosophy. On Windows, if a similar issue happened with cmd.exe or PowerShell, it would have only a limited effect, because the Windows shell is basically just an administration tool, and no one in their right mind would use it to pass untrusted input of any sort. In contrast, "the Unix way" encourages piping of shell commands to other shell commands, and the use of shelling out as a substitute for proper APIs. To me as a Windows power user, the idea that a basic feature like DHCP is using a shell script behind the scenes seems crazy. The better way to write re-usable code is to do the C/C++ API first, then build both the command line and GUI tools on top of that API. "The Unix way" is a clumsy hack in comparison – and it leaves the shell as a security-critical single point of failure.

Another way to think of it is that Linux is now dealing with an issue that Windows has been struggling with for over a decade: how to fix inherently insecure design decisions without breaking compatibility with a million different legacy applications in the process. Maybe they'll need to implement the equivalent of "UAC" whenever a program tries to shell out?

yesterday
top

Google To Require As Many As 20 of Its Apps Preinstalled On Android Devices

JDG1980 Re:Google has 20 apps? (343 comments)

I actually find myself liking google keep. I wanted a simple thing to make quick on-the-fly lists/notes.. and it delivers.

Google Keep is nice. Sucks that there's no public API, though.

yesterday
top

Does Learning To Code Outweigh a Degree In Computer Science?

JDG1980 Re:Is Coding Computer Science? Of Course! (546 comments)

Obviously, people doing low-level systems programming do need to have the background to understand this stuff. But that doesn't really matter – there are a hundred application programmers for every systems programmer. It's like saying all programmers need to be able to write in assembly and count cycles, just because some embedded work still requires that sort of stuff.

about a month ago
top

Does Learning To Code Outweigh a Degree In Computer Science?

JDG1980 Re:False premise (546 comments)

Most coders don't actually program. They just write some lines of code that connect libraries together. They wouldn't know where to even begin if asked to write the libraries themselves, or write the networking protocols, or the operating system, or the compilers, or the GUI frameworks, or the browser, or even a simple scripting language.

Converting business requirements into executable processes that a computer can understand is programming, regardless of what language or API is used. There's nothing noble about re-inventing the wheel just to prove you can do it; it's just stupid and inefficient.

More to the point, organizations don't care about hiring well-rounded Renaissance Men. They want people who can get a specific job done. Whether that job satisfies non-customers in some far-off ivory tower is completely irrelevant.

about a month ago
top

Does Learning To Code Outweigh a Degree In Computer Science?

JDG1980 Re:Is Coding Computer Science? Of Course! (546 comments)

But someone who can code AND knows the theory is better than some stupid code-only monkey anyday.

It's true that "pure" coding is becoming less valuable, but that doesn't mean that Comp Sci skills are your only way (or even the best way) out of that niche. Being able to understand business requirements and translate them into functional products is a lot more important than understanding five different sort algorithms that you'll never use (since the API handles all that crap for you).

about a month ago
top

Ask Slashdot: Linux-Friendly Desktop x86 Motherboard Manufacturers?

JDG1980 Plenty of blame to go around (294 comments)

There's plenty of blame to go around on both sides here.

The motherboard manufacturers – pretty much all of them – are to blame for developing and shipping really crappy firmware. (Unfortunately, this is pretty much par for the course – 95% of all firmware is crap, no matter what it's for. Modern hardware companies, with a few obvious exceptions like Apple, just don't do software very well at all.)

The Linux kernel devs are to blame for being stubborn about "standards-compliance" versus the real world. From what I can tell in clicking through a few links, the ACPM feature was working in the past, but the kernel devs then deliberately broke it by changing it to only work if the BIOS advertises it properly. Yes, the standard says that's what is supposed to happen. But we know from experience that manufacturers often don't follow standards. Linux needs to deal with the world as it is, not as the devs wish it would be.

about a month ago
top

Oregon Sues Oracle For "Abysmal" Healthcare Website

JDG1980 Re:absurd (212 comments)

Nope. A website that has to hook into a bunch of poorly maintained, poorly documented databases. That's the hard part.

This kind of crap is par for the course. I've had to figure out poorly designed databases without documentation, and it didn't cost millions of dollars to do that. Admittedly, insurance company big iron is probably much hairier to deal with than what I'm used to... but $240 million worth? Sorry, I just don't see how this adds up.

about a month ago
top

New EU Rules Will Limit Vacuum Cleaners To 1600W

JDG1980 Re:Waaah. (338 comments)

The real problem here is that Europe hasn't given the vacuum cleaners enough R&D time to make more efficient vacuums; should have been a ban for 2018+ not 2014.

Why not just use the same designs that are currently sold in the United States? As others have noted, we're pretty much limited to 1600W already, because of the maximum capacity of standard household circuits (120V/15A).

about a month ago
top

Hackers Steal Data Of 4.5 Million US Hospital Patients

JDG1980 Re:VPNs don't solve this on their own (111 comments)

You need properly trained and aware users

In other words, we're doomed.

about a month and a half ago
top

Ask Slashdot: How Dead Is Antivirus, Exactly?

JDG1980 The real problems go deeper (331 comments)

One major problem with security is that the permission model on both Windows and Unix doesn't really give you the tools you need to keep yourself safe. We're still stuck in the 1970s university mentality where the user is assumed to have written or at least compiled the program themselves, and is supposed to have a good understanding of what it does. The program is assumed to be operating as an agent of the user, so it inherits all the user's permissions. On modern systems, with semi-trusted and untrusted code downloaded from the Internet, this assumption is absurd and dangerous.

Rather than the program inheriting the user's permissions by default, a decent modern security model would instead restrict it to a sandbox unless it was explicitly given permission to get out – and even then the user should be given veto power over specific sandbox breaches. (Android used to work like this, but Google dumbed it down for reasons that are not clear.)

By default, a program should only be able to do the following:

  • * Get input from the keyboard and mouse (only when the application has focus)
  • * Get input from game controllers (even if the application doesn't have focus)
  • * Output video and sound using the normal system APIs
  • * Read/write temporary files to a scratch directory
  • * Open and save files only through standard system dialog boxes that are under the OS's control

Anything else – Internet access, ability to freely read and write to files/folders, ability to get keyboard input when not in focus – should require explicit user permission. And the user should have the option of unchecking any or all of these authorizations and continuing to run the app without it being able to do those things. These permissions should be as fine-grained as possible, so an application could have permission to only read certain specific folders, or could be allowed to access the Internet only through a particular API (say, for handling registration or online high scores) and only for certain domains.

about a month and a half ago
top

Microsoft Considered Renaming Internet Explorer To Escape Its Reputation

JDG1980 Re:Renaming never worked to improve reputation (426 comments)

It was tied to the operating system, unnecessarily. The browser has exactly zilch to do with the operating system. ActiveX controls, tying versions of the browser with versions of the OS, varying behaviour of same browser version on different OS versions etc. If IE is renamed, it should be delinked from the OS like other browsers.

I agree that tying versions of IE to specific versions of Windows was a really bad idea. Many web developers are still stuck with supporting IE8 because it is the latest version that runs on XP, and many users (and even companies) still haven't upgraded. This has clearly retarded the adoption of modern technologies like canvas and SVG support, which is a serious problem.

But at this point you really can't fully remove IE from Windows without breaking stuff. Sure, you can use the uninstall option to remove iexplore.exe (and newer versions of Windows let you do that), but if the back-end components like mshtml.dll were also removed, then a non-negligible amount of existing software would break. Since backward compatibility is really Microsoft's strongest selling point, this is a non-starter. Don't forget that Microsoft Help files also use HTML, so the Trident rendering engine is needed to view them. You could argue that this is unnecessary tying, but I'm not sure a custom proprietary format would really have been a better choice than HTML for help files – it seems a fairly sensible choice.

about a month and a half ago
top

Microsoft Black Tuesday Patches Bring Blue Screens of Death

JDG1980 Re:Kernel-mode drivers (179 comments)

I never understood why drivers had to be on the kernel ring anyway. Every single peripheral (GPU, sound card, etc.) driver I've ever encountered has had a history of stability problems. You'd think the largest point of failure on the computer could be moved to userland and restarted when necessary.

Audio drivers were moved to user mode starting with Windows Vista. (That's why DirectSound 3D is no longer supported.) Video drivers, however, pretty much have to be in the kernel for performance reasons.

about a month and a half ago
top

Avast Buys 20 Used Phones, Recovers 40,000 Deleted Photos

JDG1980 Isn't this illegal? (231 comments)

How is this not a violation of the Computer Fraud and Abuse Act (CFAA)? They bypassed security measures (deletion) to access someone else's personal information without authorization. Given how broadly this has been interpreted in the past (Andrew Auernheimer was prosecuted for visiting public URLs on the Internet), Avast's act clearly should be considered a violation. Or is this a case of "if a corporation does it, it is not illegal"?

about 3 months ago
top

Windows 9 To Win Over Windows 7 Users, Disables Start Screen For Desktop

JDG1980 Start menu is only part of the answer (681 comments)

Bringing back an actual Start menu is an important part of what needs to be fixed, but it's not the only thing. Windows 8, with its solid color design, looks flat and ugly compared to Windows 7 with Aero. Even if they plan to stick with the more spartan look, they should at least bring back frame translucency. (There is an add-on for Windows 8 that can do this, but it's still in beta and requires installation by hacking AppInit_DLL.) And the centered window titles are even more annoying. From Windows 95 onward, the title has always been left-justified. That's where my eyes are used to looking for it, and have been for nearly 20 years. Windows 8 moved it to the center because some graphics designer thought it looks cool, but this completely breaks my eye-tracking, wasting a few seconds here and there while I go hunting for the title that's not where my muscle memory says it should be. I don't care if they expose this in the UI, but there should at least be a registry key to fix that.

about 2 months ago
top

In 2012, Facebook Altered Content To Tweak Readers' Emotions

JDG1980 Re:consent (130 comments)

There are laws governing obtaining informed consent from humans before performing psychological experiments on them.

That only applies to federally funded research (which means almost all colleges and universities). Attempting to apply this to the private sector would raise serious First Amendment questions. What one person calls "psychological experiments", another might call "protected free speech".

about 3 months ago
top

Cracking Atlanta Subway's Poorly-Encrypted RFID Smart Cards Is a Breeze, Part II

JDG1980 Re:The REAL value of the transit system (170 comments)

And that is a major issue in mass transit. Most mass transit systems do NOT break even after collecting all the tickets and passes. Nearly all of them must subsidize their costs with taxes. And some of them even take money from federal and state programs because the systems are not actually affordable even using city taxes without adding money from the federal and state governments.

We generally don't expect roads to pay for themselves, so why should we expect that of mass transit?

about 3 months ago
top

4K Displays Ready For Prime Time

JDG1980 Re:Resolution or Definition (207 comments)

There are studies out there that claim an average user with 20/20 vision sitting 9 feet away from a 72 inch screen can't tell the difference between 720 dpi and 1080 dpi.

Do you regularly sit 9 feet away from your computer monitor?

I agree that for TV viewing, 4K is overkill, but it makes a big difference on PCs. Until text is sharp and clear without the renderer having to use hacks like hinting and subpixel AA, we still need higher DPI.

about 4 months ago
top

4K Displays Ready For Prime Time

JDG1980 Re:Lest we forget... (207 comments)

... that IBM had a '4K' (I abhor this term as much as 'HD') monitor in production from 2001-2005. https://en.wikipedia.org/wiki/... ... 3840x2400 in a ~22 inch panel. Good luck finding a "4K" monitor of that resolution (~204 ppi) any time soon.

The Dell UP2414Q comes close – it's a 24" 4K monitor, and therefore has a DPI of over 180.

about 4 months ago
top

Professors: US "In Denial" Over Poor Maths Standards

JDG1980 Bad conclusion (688 comments)

From the article: '"There is a denial phenomenon," says Prof Peterson. He said the tendency to make internal comparisons between different groups within the US had shielded the country from recognising how much they are being overtaken by international rivals. "The American public has been trained to think about white versus minority, urban versus suburban, rich versus poor," he said.'"

But let's take a closer look at the information in the article and see if this way of thinking about it makes sense.

Southern states Mississippi, Alabama and Louisiana are among the weakest performers, with results similar to developing countries such as Kazakhstan and Thailand. [...] If Massachusetts had been considered as a separate entity it would have been the seventh best at maths in the world. Minnesota, Vermont, New Jersey and Montana are all high performers.

There are some clear patterns here. The low-performing states like Mississippi, Alabama, and Louisiana are poor, rural, and have large minority populations. Conversely, Minnesota, New Jersey, and Massachusetts are wealthy, urbanized states with relatively low minority populations. So maybe thinking about scholastic achievement issues in terms of "white versus minority, urban versus suburban, rich versus poor" makes quite a bit of sense after all.

about 4 months ago
top

Google Foresees Ads On Your Refrigerator, Thermostat, and Glasses

JDG1980 Re:Nope. (355 comments)

How else will it tell you "PC LOAD LETTER"?

A dirt-cheap character-based LCD display (2 lines of 28 characters) works fine for that. You can buy these ready-to-go for a couple bucks on Sparkfun or eBay, so they must cost virtually nothing when integrated into a mass-produced device made in China.

about 4 months ago

Submissions

top

Microsoft Finally Relents: Start Menu Returning in Windows 9

JDG1980 JDG1980 writes  |  about 6 months ago

JDG1980 (2438906) writes "Microsoft's announcements at today's Build conference indicates that the change of leadership just might be having some effects on the company's flagship product. It looks like Windows 9 will bring back the Start Menu that so many users missed in Windows 8. It won't be exactly the same as the Windows 7 menu (there's a live tile section off to the right), but it will be a lot closer, and won't hog the whole screen.

Another common complaint about Windows 8 is that the full-screen paradigm for Metro apps – while it may work OK with a tablet or phone – doesn't fit well on a multi-tasking desktop with a large screen. To fix this, Microsoft will allow Metro apps to run within a window on Windows 9 – similar to what can currently be done with Stardock's ModernMix."
top

Krita 2.8 Released

JDG1980 JDG1980 writes  |  about 7 months ago

JDG1980 (2438906) writes "Krita, an open-source graphics editor, has been around since 2005, but no stable version existed for Windows users — until today. With the release of Krita 2.8, full and stable support for Windows users is finally a reality, thanks to input from KO GmbH and Intel. Krita brings some things to the table that GIMP does not: 16 bit per channel color support, adjustment layers, and a name that won't set off red flags at HR, just to list a few. You can download the Windows version here. Might be worth looking into, if you're tired of the lack of progress on GIMP and don't want to pay monthly "cloud" fees to Adobe."
top

Google Buys Nest

JDG1980 JDG1980 writes  |  about 9 months ago

JDG1980 (2438906) writes "Google just announced that they will be purchasing Nest, a company best known for their "smart" thermostats and smoke detectors, for $3.2 billion in cash. What will this mean for Nest devices going forward – greater integration with Android, perhaps?"
top

SSD Manufacturer OCZ Preparing for Bankruptcy

JDG1980 JDG1980 writes  |  about 10 months ago

JDG1980 (2438906) writes "OCZ, a manufacturer of solid-state drives, has filed for bankruptcy. This move was forced by Hercules Technology Growth Capital, which had lent $30 million to OCZ under terms that were later breached. The most likely outcome of this bankruptcy is that OCZ's assets (including the Indilinx controller IP) will be purchased by Toshiba. If this deal falls through, the company will be liquidated. No word yet on what a Toshiba purchase would mean in terms of warranty support for OCZ's notoriously unreliable drives."
top

Adobe Creative Suite Going Subscription-Only

JDG1980 JDG1980 writes  |  about a year ago

JDG1980 (2438906) writes "According to CNET and various other sources, CS6 will be the last version of Adobe's Creative Suite that will be sold in the traditional manner. All future versions will be available by subscription only, through Adobe's so-called "Creative Cloud" service. This means that before too long, anyone who wants an up-to-date version of Photoshop won't be able to buy it – they will have to pay $50 per month (minimum subscription term: one year). Can Adobe complete the switch to subscription-only, or will the backlash be too great? Will this finally spur the creation of a real competitor to Photoshop?"

Journals

JDG1980 has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?