Dreamhost FTP/Shell Password Database Breached
Very valid comment, this deserves to be modded up. Since FTP authenticates in cleartext, anyone capable of sniffing the transaction gets the authentication credentials in full.
That's why it's never, ever safe to attach FTP credentials to anything else.
I believe Dreamhost handles this by issuing a separate password for FTP.
Firefox Extension Makes Social-Network ID Spoofing Trivial
I can see two semi-valid to valid excuses:
1. The additional server load, and cost associated (electricity, maintenance, less clients per 'unit' served and so on)
2. Impossible sniffing & tracing to debug live systems.
Sniffing the data in-house troubleshoot is a great tool. Without it, you have to rely to server-side logging to capture your issues. If these are occasional, hard to reproduce, unclear problems, then you're in for some serious log digging, not to mention considerable work to request from all your services to write a lot of logging details. And then rotate those logs and so on.
When all the data is unencrypted end-to-end, all you have to do is put a few network capture and analysis tools where you think the problem is, write some possible triggers for them to launch capture and synchronize together, and then voilà, you've got yourself "the bug" in the net, and now you can begin fixing.
Xmarks May Not Be Dead After All
None of the alternatives work across several browsers on multiple platforms. I have xmarks on chrome, firefox, safari on 2 windows pc and one mac, plus the iphone. All through xmarks.
There are no alternatives at the moment.
Google URL Shortener Opened To the Public
I know it was mostly for the humor (and it was funny), but Wave is a project that never left "alpha", must less ever came close to "beta". Goo.gl, on the other hand, is official, live, and supported. When they say it'll stay, I'm pretty sure they mean it.
Why Wave Failed
I completely agree with you. Yes Wave had issues (speed, invites, wrong marketing, etc) but the real reason it failed is because of all the morons who couldn't think outside of their limited mindset.
People are resistant change, it's widely known. Try to change people's crappy software for fun. Try to show your office coworkers how to use OpenOffice.org instead of Microsoft Office. They'll probably all hate it, but for the wrong reasons.
Wave solved a metric ton of problems, yet half the comments here and blog posts about Wave's failure mostly consists of "A solution looking for a problem."
Since october of last year, I have been using Wave extensively, every single day, with a group of people. Some are friends, some are colleagues. We have waves for casual chatting, where we just talk and share stuff together, and we have work waves were we discuss projects, and plan work, share files, have meetings, etc.
It's much more effective than threaded/replied/forwarded emails to get any kind of discussion going with a group of people. Emails get impossible to track really fast when several people are all replying to other people's messages. It gets messy. In wave, it's all neat, organized, threaded, and can be moderated. Delete a few messages that were not on the subject, move stuff around.
I can't wait for a stand alone server so I can host it for me, my friends and colleagues.
Microsoft Kills Support For XP SP2
SP3 causes a rotation issue with a whole lot of ATI video card drivers (for video cards 2-3 years old, at most), making it impossible to have a rotated screen on SP3.
The very same graphic cards are unsupported in Windows 7 because ATI hates their customers.
Treasury Goes High-Tech With Redesigned $100 Bills
Hi. IAVMD (I'm A Vending Machine Designer.)
1. Different size doesn't screw up anything. Modern bill accceptor units realign the bill as it is fed in, center it or push it on one side, and stack them all up nicely and straight.
2. The raised/embossed parts doesn't mess with anything, and the machines don't crunch them more than your wallet already does. We have braille on all our canadian bills, and they're fine.
3. Older machines always need to be updated to new currencies. You might think the last batch of bills was similar to this batch, but it still required extensive updating on the market. It's okay, because vending operators welcome new security changes, as their machines are also the target of counterfeit bills (but not the same time of counterfeiting.)
4. The 1$ bill is a problem not for high value items, but for low value ones. Unless your machines vend exactly 1$ items, the 1$ bill gives you change headaches. Machines must continuously be replenished with rolls of coins to give back to you because you inserted a 5$ for a 1.25$ item. A 1$ coin solves this because it's automatically replenishes by customers on their purchases, and can be used as change for large bills (1.25$ purchase on 5$ bill = 3x 1$ coins, 3x 25c coins. Six coins in total, a good average for change payback.)
5. You guys have a 2$ bill that you don't use. Why? People genuinely enjoy and cherish their stack of 1$ bill. It will never change unless the government force it, and they don't. You will have your 1$ bill in twenty years even when you can't even buy a pack of gum with it. In canada, we had the 2$ bill to use when the 1$ bill was removed, so the transition was easy. And then we removed the 2$ bill as well! Still worked because the next bill was close (5$).
This Is Apple's Next iPhone
I don't think that's what he meant by that.
I think he meant it's relatively complex to take a new phone, and attempt to camouflage it into looking like the previous phone, while it would be extremely easy to grab whatever cheap general-fitting iphone case on the market, and put your new prototype in it.
In fact, it would almost be a better camouflage to use a 2$ case than go to the trouble of building a "fake-3GS-shell" case around your iPhone HD.
Zeus Botnet Dealt a Blow As ISPs Troyak, Group 3 Knocked Out
Which makes it the best. +5 insightful
"Mythical Man-Month" Supposedly Busted By MIT Startup
Not as old as you (in terms of Slashdot readership), but I've been here quite some time as well.
I think that, as readers left this site, editors slashed into the content quality and try the quantity approach. I used to be able to read the site daily and have time to post replies here and there. Now, I have it set in an RSS reader because the volume is much larger to the point that if I miss a day, 20 to 30 stories fly by.
It's not that there are more things to report now than 10 years ago, it's all these crappy filler stories, blog posts about nothing interesting, jokes and whatnot that make this site less and less relevant.
Additionally, while Slashdot used to be where the breaking news was happening, I can now find interesting and important stories up to THREE days later on this site than on digg, for example.
Me and some other people have submitted, days ago, important stories (in our opinion) about a FOSS company that is suing the Quebec government for the right to bid on contracts that went directly to Microsoft. This is being heard by the supreme court right now. The supreme court! And it's not even making slashdot!
It's not too late, but the editors really have to try and voluntarily lose a few percent point of page views in order to bring back quality and, more importantly, fellowship of readers.
Former TSA Analyst Charged With Computer Tampering
It's about time that a TSA agent steps over the line enough for the justice system to finally react and hit back. So far the TSA has been running their own show and making up their own laws so much that I became genuinely scared of passing through the USA on my next trip.
FOSS company sues Govt. for giving 722k$ to MS
The Twitter account is in french. An english version of the realtime posts is available here: http://identi.ca/sflrrq
Some Newegg Customers Received Fake Intel Core i7s
Did you see a few posts above you? Someone spotted what he believed to be about 3 million $ worth of fake processors on a shipping pallet.
That's en extremely likely scenario. You have this up-to-no-good set of suppliers exchanging large quantities of expensive electronics. This particular part (a processor) can't be easily tested or checked because of all the intricate packaging involved. So they came up with a plan to swap one pallet in a warehouse somewhere while it's being loaded/unloaded from a truck. No one will bother to open a skid, then open a box, and then make sure these are *Still* actual processors. They were processors when they were packaged into skipping pallets, so why bother at this point? Even the retail buyer won't open these boxes if they're convincing enough.
So they made these fake packages with fake instruction manual, fake processor, fake fan, etc. If you were to just grab a box, and open the side of the package without pulling the content out, you'd see what mostly looks like a full set of processor, fan, manual and whatnot. That's why they built this fake fan assembly, and that's why there's a stack of paper. Looks just like the real deal when you spend 5 seconds looking at it from the side of the box.
Throttle Shared Users With OS X — Is It Possible?
As I've just finished reading the whole thread at threshold 4, you're the first poster that actually gets it. They're not using local storage because they're idiots with computars, they use local storage because nothing else does the job.
The solution is, unfortunately, not possible for this guy.
Apple Removes Wi-Fi Finders From App Store
Can you honestly say that with a straight face while browsing the hundreds of fart apps and stupid slideshows of 5 pictures or less? The App store is indeed cluttered by tens of thousands of utterly useless and worthless apps, but the Wi-Fi finding category is certainly not contributing by much.
Scalpers Earned $25M Gaming Online Ticket Sellers
So while just about everyone on this thread is actively debating the legality of mass-buying and reselling tickets, as a Slashdot member, I'm interesting in how they broke the system.
It seems to me that, while reCAPTCHA created a very interesting system, they exposed themselves to a ridiculously simple attack: the reuse of previous catpchas and the reuse of their identification numbers.
Fixing this would be very easy. I'm thinking of this method:
1. Every graphic image of captcha in the system is assigned a unique ID along with the response, just like it is right now.
2. When an external website requests a challenge, the system picks a captcha ID at random in the database.
3. Take this captcha ID and write it in a database, along with a random number.
4. From now on, the random number (ie "public random ID") is used for the website that is using it.
5. As soon as the challenge is solved (website proceeds with the rest of the user authentication), the public random ID database item for this number is marked "Wasted", and will never be used again.
Officers Lose 243 Homeland Security Guns
They're fucking GUNS!
Losing 250 toobelts or phones or pants or metal detector wands, fine whatever. But they're losing guns here! You know, those metal things you point at people and they die? Like, forever?
Details Emerge On EU-Only "Browser Choice" Screen For Windows
It's really something to witness. I was next to a coworker that was telling me about the damn window that popped up everytime he launched IE8 and didn't know what to do about it. I tell him "Read it?" he goes "okay fine", he reads it skipping every other word, then goes "Well? I don't want anything so waht do I click?"
As an IT administrator, I would like to tape iPads in front of user's screens. This is going to be so simple they can't do it wrong.
Outlook 2010 Bug Creates Monster Email Files
That's not all. To this day, we still occasionally receive an email consisting of nothing more than an attachment "winmail.dat"
i eventually gave up on trying to tell mail administrators to set outlook clients properly or to set Exchange rules for outbound formating. I've installed "Lookout" plugin on all users' Thunderbirds.
It's really as if Microsoft deliberately tried to break email interoperability so they can attempt to monopolize it. Hmm.....
Robotic Audi To Brave Pikes Peak Without a Driver
Actually, you are just as likely to be hit. A miscalculated oversteer turn (drift) could make the car plunge right on the inside of the track. I would observe a robotic car driving from far away...