Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!



German Data Protection Expert Warns Against Using iPhone5S Fingerprint Function

Trolan Re: He is not an expert... (303 comments)

Uhm, the OS doesn't crash when the rendering engine sees that. The app, if it's using the system libraries to render it, may. App-level crash, no obvious vector to leverage the issue to do anything further. It's really more in the realm of annoyance, since apps crash for plenty of other reasons too.

Here's everything fixed up in the 10.8.5 update release last week:

1 year,1 day

Patent Suit Leads To 500,000 Annoyed Software Users

Trolan Re:Tough, Apple (180 comments)

RIR allocations to ISPs are premised on users getting entire networks versus a single address. That by itself should ensure end-users get larger than a single IPv6 address. Whether it's static or not is irrelevant for cases like this, just that it's a public IP and therefore directly accessible (barring the non-packet mangling stateful firewall).

Now, if the ISP will charge for a static IPv6 prefix, versus whatever their provisioning system hands out, who knows? For many services, they won't care, since with all the NAT we've had to deal with over the years, those services have central registries they update when they come online, or can be handled via some DDNS updates.

1 year,14 days

Patent Suit Leads To 500,000 Annoyed Software Users

Trolan Re:My give-a-darn meter is reading negative GADs (180 comments)

Same reason they don't offer unlocked phones.

Hmm, I guess that "Buying from Apple" "Unlocked iPhones" section on their store support ( was put there by hackers.

It's the carriers that want the lock. Apple couldn't care less, long as they see the revenue for the device from someone.

In any case, the problem here is in regards to the handshake, to handle NAT or other end-to-end traversal issues. Pretty much every protocol that wants to be peer-to-peer in a world with NAT has that issue, especially SIP (ergo, STUN. Nevermind how many SIP devices have no clue about IPv6, which is going to be another problem here soon). The VirnetX patent apparently covers some of how to handle that, and since their implementation apparently tripped over something in the claims, now FaceTime has to skip the direct attempts, and go via a relay.

1 year,14 days

Suspect Arrested In Spamhaus DDoS Attack

Trolan Re:Hangin's too good for him (95 comments)

Uhm... If you're in the XBL, it'll tell you which list comprising the XBL you're in. Usually that means the CBL, which has a fairly instant delist process for listings, unless the problem keeps coming back.

about a year ago

Misconfigured Open DNS Resolvers Key To Massive DDoS Attacks

Trolan Re:I'm not quite sure how you're supposed to do it (179 comments)

Actually, transit providers are one of the groups that can't reliably apply BCP38 or RPF. BCP38 and RPF is very easily applied at the edge, where you know specifically the IPs involved, since they're either connected or statically routed. Now, when you get into things over BGP, it gets dicey. You may see traffic over a BGP-managed link from an IP that isn't involved in the received prefixes, but yet still belong to the specific peer. Is this an error? No. Is dropping the bits on the floor because you're not seeing that prefix an error? Most definitely. Not announcing a prefix over a link is a common traffic engineering practice, so this isn't an uncommon scenario. Another option to work around that would be to have a prefix-list with all of that peer's possible prefixes and build an ACL off that, but that's also not always tenable when you're potentially dealing with 1,000s or 10s of 1,000s of prefixes for the larger networks. Nice thing is, at this level, usually you can bust out the sFlow/NetFlow-fu and find out where the spoof is coming in from, and then whack it at that point.

But looking at the OpenResolver project list, when broken out by ASN, it really looks like a huge amount of those open recursors are CPE gear with WAN-facing DNS services, just based on the ASNs. China Telecom (AS4134), Uninet (AS8151) and Turk Telecom (AS9121) accounted for 3.5 million (15%) of the recursors alone.

about a year and a half ago

Hard Drive Revenue About To Take a Double-Digit Dip

Trolan Re:optical disks still cost less then usb keys in (269 comments)

Same here. There's even USB drive enclosures which let you select an ISO from the disk, and then present themselves as a CD/DVD drive as though that disk image were directly inserted. Far, far easier to load up a 2.5" drive with a ton of disk images, and just carry the enclosure around for system repairs, instead of a slew of optical media.

about a year and a half ago

Historians Propose National Park To Preserve Manhattan Project Sites

Trolan Re:I think it's a good idea (150 comments)

Unfortunately when I was there, we didn't have a chance to get out to Dachau, but did go through the Documentation Center in Nuremburg. Exact same thing. No punches pulled, just straight up "Here's what happened, why it happened, and why it should never be allowed to occur again." I was kind of surprised, and very glad to see it just laid out like that. A dark period of human history, and the best way to deal with it is to let it stand on its own.

about 2 years ago

Historians Propose National Park To Preserve Manhattan Project Sites

Trolan I think it's a good idea (150 comments)

But it all depends on the execution. As with any museum/park/etc. how you structure it sets the tone.

Great example would be German museums dealing with the events surrounding their involvement in the World Wars and the Holocaust. You go into any of those, and while they talk a lot about the Nazi Party, National Socialism, Hitler and the rest, you would be hard pressed to say that anyone would think any of it is an endorsement. Everything I saw really had a tone of: "My God, we screwed the pooch BIGTIME. Let's put this all out here, so maybe people won't let it happen again"

Granted, the atomic bomb isn't quite as clear of a moral area, since while it did kill many, many people, it also ended the war much earlier than was likely without it, and therefore all the casualties that would have entailed didn't occur. Instead of glorifying a WMD, it can help foster discussion about them, and past them.

about 2 years ago

App Developer Says Stolen UDIDs Came From Them, Not FBI

Trolan Re:Now I'm so reassured (180 comments)

In iOS6 all of those requests now throw up a confirmation dialog. IMEI requires use of a private API, which would keep the app out of the store.

about 2 years ago

Google, Motorola Ordered To Provide Android Info To Apple

Trolan Re:Apple becoming a patent troll? (240 comments)

A patent troll is usually called that because they didn't produce anything using the patent in question aside from a lawsuit. Apple here is using patents they are actively using, and believe that are being infringed by Android. Considering Motorola is going for 2.5% of sale price of iPhones for use of standards patents covered by FRAND, this is at least a more reasonable figure. It's also quite possibly a means of leveraging a cross-licensing deal so neither side winds up paying the other a dime.

Ultimately, they're doing what most sane businesses would do. If you had a design you felt was innovative enough to patent and you spent a ton of R&D on, and you saw a company producing something that you believe is infringing on your ideas, would you just sit back and let them run with it? Or do you like doing free R&D for your competition?

more than 2 years ago

How To Avoid Infringing On Apple's Patents

Trolan Re:ok so... (323 comments)

Which also happen to generally be items associated with how tablets looked like prior to the iPad.

Funny enough, those also line up with a bunch of other tablets, which sell rather well, and for companies Apple isn't suing. Like: The Nook, the Kindle, the Kindle Fire, etc., etc.

more than 2 years ago

Has Apple Made Programmers Cool?

Trolan Re:That's not how iDe ices work at all (378 comments)

So write an app for that. Apps can happily download data to the device independent of the App Store, within their own filesystem space. You just can't add anything to the system media libraries. Or play it streaming from something like Plex running on a local network media computer.

more than 2 years ago

Has Apple Made Programmers Cool?

Trolan Re:That's not how iDe ices work at all (378 comments)

iOS5 detaches the computer requirement entirely. You setup/activate without iTunes and can sync with iCloud.

more than 2 years ago

Steve Jobs Wanted an iPhone-Only Wireless Network

Trolan Re:Apple's Future (263 comments)

OpenSource for other projects, but not in the development of any of their products. Not if they could help it anyway.

Let's see...
- Darwin Streaming Server
- mDNSResponder
- Calendar and Contacts Server
- libdispatch / Grand Central Dispatch
- etc. is where the more generally useful items outside of OSX wind up. FreeBSD picked up the libdispatch items and ran with it.

more than 2 years ago

Apple To Require Sandboxing For Mac App Store Apps

Trolan So now that Apple's doing it, sandboxing is evil? (584 comments)

Sandboxing applications is a common security model on Unix systems, so why is this a bad thing on desktop apps as well? The App Store apps already had restrictions on where you could put your executable. This just codifies other accesses into a model where the developer sets up the privileges the app requires instead of leaving it at the free-for-all it is now.

more than 2 years ago

Siri Gives Apple Two Year Advantage Over Android

Trolan Re:Siri was first??? (800 comments)

Google has been collecting this data for at least a year (probably longer), and also has voicemail transcription data as well, so accuracy is not an issue.

I guess you've had different Google voicemail messages than I've had. Certain spots they're dead on, but all too often they're simply hilarious. Accuracy isn't a word I would tend to associate with their transcription.

more than 2 years ago

The RMS Tour Rider

Trolan Re:Strangely inspirational (373 comments)

Alas, it's also suitable to modify his moral code when it's convenient.

Big Brother has no right to know where I travel, or where you travel, or where anyone travels. If they arbitrarily demand a name, give a name that does not belong to any person you know of. If they will check my ID before I board the bus or train, then let's look for another way for me to travel. (In the US I never use long-distance trains because of their ID policy.)

And yet he's fine with planes...

more than 2 years ago

Ron Paul Suggests Axing 5 U.S. Federal Departments (and Budgets)

Trolan Re:Which is what, exactly? (2247 comments)

I'd be surprised if North Dakota doesn't take in more federal funds than it pays out. California, I'd be surprised if it didn't pay out more than it took in. As such, odds are, the better statement would be: why should California pay for tornado warnings for North Dakota?

Seriously, however, this is a single nation. The larger, richer states help buoy up the smaller ones, which have their own contributions back, as those smaller ones also tend to be where the food is. Putting up fences between groups that are supposed to be on the same overall team is just continuing the crap Congress is doing.

more than 2 years ago


Trolan hasn't submitted any stories.


Trolan has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>