Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Comments

top

Password Security: Why the Horse Battery Staple Is Not Correct

PJ6 Re:Negative (549 comments)

The first thing I learned about storing passwords is that you use a salted hash, which is impossible to decrypt back into plaintext. Am I missing something, or is this practice not standard practically everywhere now?

Apparently you are missing something because while common practice, it's not ubiquitous. And like all common practices, it gets spoken of less and less until new developers reinvent the wheel and decide they want passwords in plain text to make password recovery 'easier' ("click on the http link in your email and you'll see your password!")

It's been many years since I've seen that done anywhere.

about two weeks ago
top

Password Security: Why the Horse Battery Staple Is Not Correct

PJ6 Re:Negative (549 comments)

DECRYPTING PASSWORDS

To decrypt the password of a user, the attacker has first to have access to the password storage. At which point the first and most critical security failure has already occurred. And the user had nothing to do with it.

When it comes to decrypting a password, the algorithm used is a more important than the complexity of the password. If the service provider has not done his home work, complex passwords offer only little protection. [...] I want to point out, that the safety of the encrypted password is not the responsibility of the user.

The first thing I learned about storing passwords is that you use a salted hash, which is impossible to decrypt back into plaintext. Am I missing something, or is this practice not standard practically everywhere now?

about two weeks ago
top

Ask Slashdot: Dealing With an Unresponsive Manufacturer Who Doesn't Fix Bugs?

PJ6 Re:Beta? (204 comments)

The users are the product, not the customer.

Not necessarily. Adblock Plus 2.6.4 (for firefox) blocks all of slashdot's ads.

Does that make you not-a-product? Something special above other users?

Nope.

about two weeks ago
top

CSS Proposed 20 Years Ago Today

PJ6 CSS should have been a product, not a standard (180 comments)

The web should have been given a low-level, machine readable standard which human-friendly formats and tools could have formed and evolved around. Sure we'd still have markup and CSS and script, but you can bet your ass applications wouldn't have been built on that crap. We are easily 10 years behind where we could have been because of a poor choice of level of abstraction.

about two weeks ago
top

AT&T To Repay $80 Million In Shady Phone Bill Charges

PJ6 Re:All well and good (61 comments)

I don't think that's a good argument that nobody can be required to take responsibility.

By law, C-level execs are required to 'sign off' on a lot of important things, which puts them on the hook for X (regardless of claims of ignorance) because it is a statement that they have checked, with due diligence, the legality of X.

It would be relatively straightforward to add to that list a little.

For best effect, there should be a rider that wrongdoing past a certain scale automatically gets all compensation paid to the exec, to date, doubly seized - seized from the exec (spent or not), and seized from the business.

about two weeks ago
top

Ask Slashdot: Dealing With an Unresponsive Manufacturer Who Doesn't Fix Bugs?

PJ6 Re:Beta? (204 comments)

Dealing With an Unresponsive Manufacturer Who Doesn't Fix Bugs?

Dunno, it's a good question. But I'm sure that someone at slashdot can answer it with the same reasoning that they' use to still be apparently trying to roll out the beta design, despite the fact that some of it's own users (customers???) have in their sig, "FUCK BETA".

The users are the product, not the customer.

about two weeks ago
top

Fixing Steam's User Rating Charts

PJ6 Re:Valve Time (93 comments)

As a matter of fact, does anyone know why Steam does not prominently feature Metacritic ratings anymore? Those really helped me choose games that I wanted...

Maybe because games are given very high ratings that completely ignore the PC, even when these ratings are supposed to be for the PC versions?

I don't know about you, but when I see a AAA PC game also has a console version, I just stop right there and don't buy it, no matter what the ratings are.

about two weeks ago
top

Rosetta Code Study Weighs In On the Programming Language Debate

PJ6 Re:Compiled Strongly-typed Languages -vs- Scripts (165 comments)

I think the test-driven advocates would say that relying on the compiler is OK for that one particular kind of error, but you really should be writing tests to catch that kind of error along with many others.

The reality is probably, as you kind of imply, sometimes you have a task that is more suited to one approach or another.

The nature of testing is that complete coverage grows combinatorially with state. What you're saying is you don't want to eliminate the possibility of an entire class of errors, but rather rest this (rather significant) burden on testing. From my point of view that's like abandoning DRI in a database and saying tests can detect foreign key constraint violations and all the other things DRI can check. While technically true, it just doesn't make any practical sense.

about a month ago
top

New "Crescent Bay" VR Headset Revealed and Demo'd At Oculus Connect

PJ6 Anyone know what the resolution is? (65 comments)

All I can find is that the resolution is "higher" than the DK2, and the screen door effect is gone, or nearly so.

Can anyone confirm that they've gone to 4K?

about a month ago
top

The Future According To Stanislaw Lem

PJ6 not really (196 comments)

Niven's view of such devices seemed pretty realistic, that the problem would take care of itself after a few generations.

Even if you were immortal, a droud would still be equivalent of death; remove the constraint of time, and limitation is measured by the boundaries of your mind's total potential state-space.

Any sufficiently intelligent being - no matter how powerful or long-lived - would avoid pleasure-death.

about a month ago
top

How the Outdated TI-84 Plus Still Holds a Monopoly On Classrooms

PJ6 Re:RPN FTW (359 comments)

Amen. I got mine back in 92, and remember everyone making fun of the kids who went with a TI because RPN scared them.

Now that I think of it, that was a good dropout predictor.

I still have mine and I love it.

about 1 month ago
top

Low-Carb Diet Trumps Low-Fat Diet In Major New Study

PJ6 study is misleading (588 comments)

What is not mentioned is that these low-carb and the low-fat diets were both done in the context of the typical, and rather terrible, Western diet. Since no distinction is made between simple and complex carbs, naturally 'low-carb' is going to win, since sugar is the worst offender for creating obesity.

I also have to roll my eyes because we already know what a healthful diet is. The most massive study of this kind in history came to a simple, unambiguous conclusion: eat a whole-foods, plant-based diet, and keep animal protein under 10% (even better, 5%) of your total calorie intake.

about 2 months ago
top

The Grumpy Programmer has Advice for Young Computer Workers (Video)

PJ6 Read his blog and lost interest (120 comments)

when I discovered that he doesn't bother to proofread or use a spell checker.

I don't care how long he's been doing it, sloppiness is a sign of a poor programmer.

about 2 months ago
top

New Nail Polish Alerts Wearers To Date Rape Drugs

PJ6 no working product exists (595 comments)

I see only stock photos. If they had anything at all working they would have released either a video demonstration, or before-and-after pictures.

What they're attempting is non-trivial - I'm going to go out on a limb here and say that they're going to fail on the chemistry.

about 2 months ago
top

New EU Rules Will Limit Vacuum Cleaners To 1600W

PJ6 Needs better metric, not a restriction on wattage. (338 comments)

Consumers want number(s) to base their decisions upon. The wattage problem could have easily been solved by putting useful measurements of vacuum effectiveness on the packaging, such as guaranteed pressure drop and flow rate over the life of the product.

And the industry could do that all by itself without any regulation.

about 2 months ago
top

"MythBusters" Drops Kari Byron, Grant Imahara, Tory Belleci

PJ6 Re:Perhaps this won't be a popular view... (364 comments)

But I think it's a good move. I always thought they were trying to do too much in one episode. And really, who can argue with focusing on two really awesome dudes who love to blow stuff up?

More isn't always better, sometimes its just more.

Too much in one episode? Are you kidding me?

There's a lot of unnecessarily repeat after commercials and switching between myths. This is particularly annoying when watching on Netflix, where there are no commercial breaks.

Most episodes could be dramatically improved by cutting their length by 30%.

about 2 months ago

Submissions

PJ6 hasn't submitted any stories.

Journals

PJ6 has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?