Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Comments

top

Tor Browser Security Under Scrutiny

Skuto Re:The report doesn't say "use Chrome" (80 comments)

It's been in Nightly for a while. I'm posting using it. The only thing that doesn't work well for me is...Gmail.

There's also full sandboxing support, but you need a compile time flag for it.

about two weeks ago
top

Tor Browser Security Under Scrutiny

Skuto Re:Why not work with Mozilla (80 comments)

You don't have to. The browser is fully open source. That's why they're actually comparing vs Chromium, not Chrome. But Chromium is missing quite a few features compared to Chrome like H264 support.

about two weeks ago
top

Tor Browser Security Under Scrutiny

Skuto Re: Not surprising... (80 comments)

Palemoon is just Firefox 24 ESR, which is coincidentally what the Tor Browser Bundle used to be based on.

about two weeks ago
top

Tor Browser Security Under Scrutiny

Skuto That's not what it says at all vs Chrome (80 comments)

"The Chrome Security team has been a source of innovation in the browser security space. Tor Browser Bundle is based on Firefox and thus inherits progress made by Mozilla automatically. While improvements in Chrome may not be appropriate for Firefox, they could be integrated in Tor Browser Bundle. In a best case scenario, members of the Chrome Security team may be allowed to work with the Tor Project on these changes."

Basically it's saying: Chrome is also doing good stuff, combine it with the stuff you get from Mozilla for a better result.

about two weeks ago
top

Tor Browser Security Under Scrutiny

Skuto Re:Why not work with Mozilla (80 comments)

As an anonymous troll that is an authority on the subject, I think the parent is full of shit.

about two weeks ago
top

Tor Browser Security Under Scrutiny

Skuto Re:The report doesn't say "use Chrome" (80 comments)

The sheep (or astroturfers, can't tell) have decided that Chrome is the cool thing and everything else must die, facts be damned.

about two weeks ago
top

Tor Browser Security Under Scrutiny

Skuto Re:"...access to private bugs..." (80 comments)

Security bugs filed against Firefox are private until a new release is out to the users. If the issue is critical (looks like it can be exploited), it will be in a x.0.1 update. If it isn't, then it will be in n+1.

Another way of stating what you said is "if Firefox engineers find a way to 0-day their own browser, they fix it before plasting the information on how to do it all over the internet".

about two weeks ago
top

Tor Browser Security Under Scrutiny

Skuto Re:The report doesn't say "use Chrome" (80 comments)

I was wondering the same thing. The only thing the report says is "implementing security features that Chromium has and work in Firefox would help Tor".

The headline is a lie.

about two weeks ago
top

Google Expands Safe Browsing To Block Unwanted Downloads

Skuto Re:Good. (106 comments)

Internet Explorer has offered this for far longer than Chrome and it's actually quite effective when you don't click away the warnings. Note that Firefox and Safari also use the same SafeBrowsing service as Chrome does, though they have to wait for the protocol documentation to be updated before offering features like this one.

about two weeks ago
top

Google Expands Safe Browsing To Block Unwanted Downloads

Skuto Re:The title is a lie (106 comments)

As the article points out, the service is used by Firefox (with a number of privacy improvements) and Safari as well.

about two weeks ago
top

Why Do Projects Continue To Support Old Python Releases?

Skuto Re:Wrong question (432 comments)

>He only said that he didn't want it to work with older versions, and that it was not a lot of work - i.e. it still took some amount of work - to make it not work with older versions

He doesn't say that at all. Really. It's not even remotely in the article. He talks about dropping support for Python 2.6. This isn't an action involving work! It means you no longer care if it doesn't work in Python 2.6.

about 8 months ago
top

Why Do Projects Continue To Support Old Python Releases?

Skuto Re:Wrong question (432 comments)

>What he appears to be complaining about is "Why do projects continue to require old Python releases?"

No, he doesn't. I re-read the article after reading your post and I have no idea where you get this.

He really is talking about dropping support, i.e. no longer caring if it doesn't work on old Python versions.

about 8 months ago
top

Opus 1.1 Released

Skuto Re:Oh lookie (62 comments)

>I.e. Apple and Microsoft shitheads

Microsoft was a major contributor to Opus through Skype, both with code and by providing their patents royalty free.

about 9 months ago
top

Opus 1.1 Released

Skuto Re:Oh lookie (62 comments)

AMR is pretty widely used as a voice codec, Ogg is used in most major AAA games, and as for Opus/SILK, you might have used Skype before...

about 9 months ago
top

Opus 1.1 Released

Skuto Re:Nice, impressive achievement (62 comments)

Depends on what mobile device? The reference code has extensive ARM optimizations, that's in fact one of the main improvements in 1.1 And yes, it can be accelerated with a programmable DSP if present, IIRC there's some support for C55x in the same reference code.

Audio decoding is fast enough on modern ARM SoC that dedicated hardware isn't strictly needed to get good battery life.

about 9 months ago
top

Google Multiplies Low-Tier Bug Bounties By Factor of Five

Skuto Based on a study? (29 comments)

This might be due to the result of study showing that the insane bounties Google promises for top end bugs (especially for Chrome) draw many people in to look for Chrome security bugs, but that actually the expected payout for looking for Chrome bugs is exactly the same as it for for (for example) Firefox, because the latter pays more for the easier to find bugs.

Microsoft already changed their bug bounty program significantly days after the study was announced.

1 year,16 days
top

Half of Tor Sites Compromised, Including TORMail

Skuto Re:Did I read that right? (583 comments)

You should had to be running Firefox 17 on windows afaik (that was the version included by the Tor Bundle).

You had be running the specific, modified Firefox version that's shipped with Tor.

Mozilla's Firefox 17 (ESR) has been patched for this vulnerability. (i.e. it's not a real 0-day)

1 year,25 days
top

Half of Tor Sites Compromised, Including TORMail

Skuto Re: Firefox 17?!? (583 comments)

Tor ships their own, modified version of Firefox. I guess that's why it's ancient. The exploit they used doesn't exist in Mozilla's version as that has been patched for it a while ago.

1 year,25 days
top

Opera Picks Up Webkit Engine

Skuto Re:And the winner is... Mozilla?!! (314 comments)

Who do you think the W3C is? It's the browser vendors. Who do you think benefits from smaller browsers not being interoperable with bigger ones? Not the smaller vendors, I tell you.

Now, do you think the vendors with the near-monopoly marketshare on Mobile care about making competition in their market easier?

about a year and a half ago

Submissions

top

Chrome hacked in 5 minutes, 60k USD prize claimed

Skuto Skuto writes  |  more than 2 years ago

Skuto (171945) writes "After offering a total prize fund of up to 1M USD for a successful Chrome hack (http://news.slashdot.org/story/12/02/28/1833229/google-offers-1-million-for-chrome-exploits), it seems Google got what it wanted (or not!). No more than 5 minutes into the Pwn2Own cracking contest team Vupen exploited 2 Chrome bugs to demonstrate a total break of Google's browser. They will win at least 60k USD out of Google's prize fund, as well as taking a strong option on winning the overall Pwn2Own prize. It also illustrates that Chrome's much lauded sandboxing (http://arstechnica.com/business/news/2011/12/chrome-sandboxing-makes-it-the-most-secure-browser-vendor-study-claims.ars) is not a silver bullet for browser security."
Link to Original Source
top

Notes on Reducing Firefox's Memory Consumption

Skuto Skuto writes  |  more than 2 years ago

Skuto (171945) writes "At yesterdays linux.conf.au Browser miniconference in Ballarat, Australia, Mozilla engineer Nicholas Nethercote gave a detailed presentation about the history of Firefox's memory consumption. The 37 slides-with-notes explain in gritty detail what caused Firefox 4's memory usage to be higher than expected, how many leaks and accidental memory use bugs were tracked down with Valgrind plugins, as well as the pitfalls of common memory allocation strategies. Current work is now focused on reducing the memory usage of popular add-ons such as AdBlock, GreaseMonkey and Firebug.
Required reading for people working on large software projects, or those who missed that Firefox is now one of the most memory-efficient browsers in heavy usage."

Link to Original Source
top

SHA-3 Finalists Known

Skuto Skuto writes  |  more than 3 years ago

Skuto (171945) writes "NIST just announced the final selection of algorithms in the SHA-3 hash competition. The algorithms that are candidates to replace SHA-2 are BLAKE, Grøstl, JH, Keccak and Skein. The selection criteria included performance in software and hardware, hardware implementation size, best known attacks and being different enough from the other candidates. Curiously, some of the faster algorithms were eliminated as they were felt to be "too fast to be true". A full report with the (non-)selection rationale for each candidate is forthcoming."

Journals

Skuto has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>