Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Comments

top

How Your Compiler Can Compromise Application Security

Spikeles Re:TFA does a poor job of defining what's happenin (470 comments)

The TFA links to the actual paper. Maybe you should read that.

Towards Optimization-Safe Systems:Analyzing the Impact of Undefined Behavior

struct tun_struct *tun = ...;
struct sock *sk = tun->sk;
if (!tun)
return POLLERR; /* write to address based on tun */

For example, when gcc first sees the dereference tun->sk, it concludes that the pointer tun must be non-null, because the C standard states that dereferencing a null pointer is undefined [24:6.5.3]. Since tun is non-null, gcc further determines that the null pointer check is unnecessary and eliminates the check, making a privilege escalation exploit possible that would not otherwise be.

about 10 months ago
top

Microsoft Cuts Surface Pro Price By $100

Spikeles Re:Pity it doesn't work as a peripheral... (341 comments)

It's a pity that the Surface can't act as a monitor/input device (optionally, while charging at your desk, for example, it could go from a waste of space to an extra monitor) for more powerful computers.

With the right kind of software and a little help from Reddit, anything is possible.

1 year,16 days
top

In Australian Town, Public CCTV Off Over Privacy Concerns

Spikeles Re:Turned off, not removed (160 comments)

The Australian Privacy act defines personal information as: personal information means information or an opinion (including information or an opinion forming part of a database), whether true or not, and whether recorded in a material form or not, about an individual whose identity is apparent, or can reasonably be ascertained, from the information or opinion.

about a year ago
top

Botched Security Update Cripples Thousands of Computers

Spikeles Re:One major reason why AV is a dead-end (274 comments)

There is no way to prevent these things from happening

Sure there is. Kaspersky Anti-Virus Security Center has a Update Verification module built in, that allows a sysadmin to install the update to a known-clean test group and then run a virus scan BEFORE the update is applied to the rest of the machines. If the scan fails(ie, finds anything), the update is aborted and an email is sent to the admin. If Malwarebytes had that kind of thing(or if it did and the sysadmins actually used it), this wouldn't even be an issue.

about a year ago
top

Fantastic js1k Submissions

Spikeles Re:Hmm... (70 comments)

Not JS, but if you are impressed by large results in small code you'll probably love this and maybe this

about a year ago
top

Ask Slashdot: How To Convince a Company Their Subscriber List Is Compromised?

Spikeles Happened with Star Trek Online (247 comments)

Star Trek Online had this happen. I had an email address specific to that site and it got spammed. Heaps of other people with similar site only email addresses mentioned the same thing on the forums. Don't know if they ever publicly admitted it.

about a year and a half ago
top

How EVE Online Dealt With a 3,000-Player Battle

Spikeles Re:$3600 ship (398 comments)

Real Money($) can be converted into in game money (ISK) through the use of PLEX so it's pretty simple to calculate the amount of ISK lost and convert the value back into dollars to get an approximate real money value. The current lowest sell of a 30 day PLEX is about 530,000,000.00 ISK and it looks like 30 Days PLEX costs $20. So some division (*depending on if billion means thousand or million million) and some multiplication gives you a rough Real Money cost.

about a year and a half ago
top

Australians Urged To Spoof IP Addresses For Better Prices

Spikeles Productivity Commission Report (206 comments)

There was a report last year from the Productivity Commission which is "the Australian Government's principal review and advisory body on microeconomic policy and regulation. It is an independent statutory authority in the Treasury Portfolio and responds to references from the Treasurer. "

This specific report is for the Retail industry, but there is a very good chapter on online and price differences, which includes some parts talking about things like Apple's Price Discrimination. For those interested, the report can be found here Economic Structure and Performance of the Australian Retail Industry. The price differences part is Chapter 6.

I'll quote some relevant parts:

Box 6.4 - Apple’s international price discrimination
Costs associated with the distribution of Australian specific content and marketing could mean that higher fixed costs apply to the Australian subsidiary. But given the costs associated with the distribution of music and other media are only likely to be a relatively small share of total costs, this does not fully explain or justify the price differential.

The Commission considers that Australian consumers will buy goods where they feel they get the best deal regardless of retail format and that retailers that do not, or are unable to, respond effectively to competitive pressures will face serious challenges.

about 2 years ago
top

Copyrights To Reach Deep Space

Spikeles Re:The ISS seems to be in a area of lax copyright (247 comments)

Just because a movie is still in theaters doesn't mean it can't be shown anywhere else if the person/organization (eg, NASA) has permission from the copyright owner(s). That permission may even include being able to stream it from a central file server.

more than 2 years ago
top

Paul Vixie: 100,000 DSL Modems May Lose Their DNS On July 9

Spikeles Re:8.8.8.8 (193 comments)

You're right, I'm in Australia. Google does have a presence here and I get a ping of about 64ms to 8.8.8.8.
8 google-public-dns-a.google.com (8.8.8.8) 82.579 ms 64.420 ms 65.664 ms
I've tried the 8.8.8.8 resolver a couple of times, and in all cases iTunes will give slow downloads, simply due to not optimal resolution of the CDN host. Switch it to another DNS resolver, and everything is fine again. Querying the DNS of our ISP (Internode):

#nslookup a1.phobos.apple.com 192.231.203.132
Server: 192.231.203.132
Address: 192.231.203.132#53

Non-authoritative answer:
a1.phobos.apple.com canonical name = a1.phobos.apple.com.edgesuite.net. a1.phobos.apple.com.edgesuite.net canonical name = a1.da1.akamai.net.
Name: a1.da1.akamai.net
Address: 203.206.129.11
Name: a1.da1.akamai.net
Address: 203.206.129.16

#traceroute 203.206.129.16
[snip]
8 203-206-129-16.deploy.akamaitechnologies.net (203.206.129.16) 81.438 ms 67.101 ms 67.139 ms


This kind of issue isn't exactly Unknown.

In addition, in Australia we have quotas for most of our internet plans. If you were on an ISP such as iiNet, then you could end up using up your quota since iiNet provides "unmetered" downloads from iTunes, on the condition that it comes from their mirror. iiNet mirrors Apple servers, and uses their DNS to redirect to those own mirrors. If you were to use 8.8.8.8 for someone on iiNet, you'd end up with them being charged extra since it probably wouldn't resolve to their mirror.

more than 2 years ago
top

Paul Vixie: 100,000 DSL Modems May Lose Their DNS On July 9

Spikeles Re:8.8.8.8 (193 comments)

Read the first couple of paragraphs here.

more than 2 years ago
top

Paul Vixie: 100,000 DSL Modems May Lose Their DNS On July 9

Spikeles Re:8.8.8.8 (193 comments)

Maybe someone should let Google know that it doesn't work.
nslookup a1.phobos.apple.com 8.8.8.8
Name: a1.da1.akamai.net
Address: 203.106.85.64

tracert 203.106.85.64
7 pos0-3-0.bdr2.nrt1.internode.on.net (203.16.211.6) 180.163 ms 180.985 ms 182.178 ms
8 as4788.ix.jpix.ad.jp (210.171.224.194) 229.548 ms 213.651 ms 214.562 ms
9 * * *
10 203.106.85.64 (203.106.85.64) 230.374 ms 228.848 ms 229.060 ms

nslookup a1.phobos.apple.com
Name: a1.da1.akamai.net
Address: 203.206.129.16
7 te1-4.syd-ult-bdr1.iinet.net.au (203.215.20.31) 77.949 ms 79.208 ms 80.695 ms
8 203-206-129-16.deploy.akamaitechnologies.net (203.206.129.16) 82.029 ms 66.178 ms 66.436 ms

more than 2 years ago
top

Ask Slashdot: Experience Handling DDoS Attacks On a Mid-Tier Site?

Spikeles Re:Lived Through This (197 comments)

Unless the third party proxy were the extortionists DDOSing you.

more than 2 years ago
top

Ask Slashdot: What Is the Best Note-Taking Device For Conferences?

Spikeles Re:Livescribe (300 comments)

Depending on the pen, you can however use it to play a piano

more than 2 years ago
top

Software Bug Caused Qantas Airbus A330 To Nose-Dive

Spikeles What? (603 comments)

"I can't help wondering just how could a piece of code, which presumable didn't test its' input data for validity before acting on it, become part of a modern jet's onboard software suit?"" - pdcull

What are you? some kind of person that doesn't read the actual articles or documents? Oh wait.. this is slashdot. Here let me copy paste some text for you

If any of the three values deviated from the median by more than a predetermined threshold for more than 1 second, then the FCPC rejected the relevant ADR for the remainder of the flight.

The FCPC compared the three ADIRUs’ values of each parameter for consistency. If any of the values differed from the median (middle) value by more than a threshold amount for longer than a set period of time, then the FCPC rejected the relevant part of the associated ADIRU (that is, ADR or IR) for the remainder of the flight.

So there you go, there actually really was validity checking performed. Multiple times per second in fact, by three separate, redundant systems. Unfortunately all 3 systems had the bug. Here is the concise summary for you:

The FCPC’s AOA algorithm could not effectively manage a scenario where there were multiple spikes such that one triggered a memorisation period and another was present 1.2 seconds later. The problem was that, if a 1.2-second memorisation period was triggered, the FCPCs accepted the next values of AOA 1 and AOA 2 after the end of the memorisation period as valid. In other words, the algorithm did not effectively handle the transition from the end of a memorisation period back to the normal operating mode when a second data spike was present.

more than 2 years ago
top

Australian ISP's To Crack Down On Piracy

Spikeles Re:this is not reasonable (108 comments)

Wrong. Please read full proposal. Note specifically this section:

3.6 Discovery Notice from ISP to Account Holder

In the event that an Account Holder is sent one Education Notice and [three] Warning Notices, the ISP will match the IP address from its scheme database and then send a Discovery Notice to the Account Holder.

The Discovery Notice will inform the Account Holder that:

  • the Rights Holder may then seek to apply for access to the Account Holders details by way of a preliminary discovery or subpoena application, for the sole purpose of the Rights Holder taking direct copyright infringement action against the Account Holder
  • the ISP will notify the Rights Holder that the Account Holder has apparently failed to address the matters set out in the Notices
  • should the ISP be served with a valid preliminary discovery order (or subpoena) the ISP will be required to comply with the order, which may require the ISP to disclose the Account Holders details to the Rights Holder.

So, in effect, the customer will get 4 warnings, then the ISP will respond to the rights holder, saying this ID number accessed files 4 times. Only then, may the rights holder start a court process to get the name and details of the account holder. Until the time that the court says so, the ISP will not divulge any of their customer details.

more than 2 years ago

Submissions

top

Spikeles Spikeles writes  |  more than 7 years ago

Spikeles writes "Recently i downloaded The Virgin Digital player from their website and played around with it. Before i had even installed it though, i had to agree with the license agreement. Now i've read some of these in my time, but that one was the hands down the funniest i've ever read. Here's a snippet:

NOTICE This software is licensed to you only for the reproduction of music and/or video that you own or have the expressed right to use as the software allows. Any attempt to reproduce copyrighted material that you are not expressly permitted to use is not legal, not good for the economy, and not nice. Furthermore, it is not cool, it is not kosher, nor is it the kind of thing that your parents would be proud of. Put the kibosh on it. Hey, are you reading this thing? I didn't think so. Nobody ever really does, do they? Except the lawyers who write it. Think about it — you're a lawyer, making god-knows-how-much and hour, and this is the best you can come up with? Lame.
Now, after reading this, it put me in the mind of Google, with their Google Copernicus Center is hiring article, and their general humour in their apps like the cheese at maximum zoom in the moon maps.

So my question is, what does the Slashdot community think of these types of things? Unprofessional? Good marketing sense? And what other companies do you know of that don't take themselves too seriously?"
top

Spikeles Spikeles writes  |  more than 7 years ago

Spikeles (972972) writes "I'm not even American, but when i read things like this, i get afraid... very afraid..

"Buried amongst the untold affronts to the Bill of Rights, the Constitution and the very spirit of America, the torture bill contains a definition of "wrongfully aiding the enemy" which labels all American citizens who breach their "allegiance" to President Bush and the actions of his government as terrorists subject to possible arrest, torture and conviction in front of a military tribunal." http://www.informationliberation.com/index.php?id= 16337"
top

Spikeles Spikeles writes  |  about 8 years ago

Spikeles writes "I came across The OFF System at http://offsystem.sourceforge.net/wordpress/ and looks like it could be the next big thing in P2P.

Blurb from their website — "The Owner-Free Filing system has often been described as the first brightnet; A distributed system where no one breaks the law, so no one need hide in the dark. OFF is a highly connected peer-to-peer distributed file system. The unique feature of this system is that it stores all of its internal data in a multi-use randomized block format. In other words there is not a one to one mapping between a stored block and its use in a retrieved file. Each stored block is simultaneously used as a part of many different files. Individually, however, each block is nothing but arbitrary digital white noise. Owner-Free refers both to the fact that nobody owns the system as a whole and nobody can own any of the data blocks stored in the system.""

Journals

Spikeles has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>