×

Announcing: Slashdot Deals - Explore geek apps, games, gadgets and more. (what is this?)

Thank you!

We are sorry to see you leave - Beta is different and we value the time you took to try it out. Before you decide to go, please take a look at some value-adds for Beta and learn more about it. Thank you for reading Slashdot, and for making the site better!

Comments

top

Top Five Theaters Won't Show "The Interview" Sony Cancels Release

david.emery Re:Until Sony caved, yes.... (586 comments)

Short answer: Yes.

And I've also served in the US Army.

about two weeks ago
top

Top Five Theaters Won't Show "The Interview" Sony Cancels Release

david.emery Until Sony caved, yes.... (586 comments)

I was planning to go see this, not that I'm interested in the movie, but to show that I won't kow-tow to terrorists and extortionists. But since Sony has caved by deferring its release, Sony has joined the ranks of the chicken-droppings.

Several sites have called for Sony to release this on the Internet, and that's what I think they should do. And someone needs to make "we don't negotiate with Young Weasel" stickers with Kim Jong Un's face in the background.

about two weeks ago
top

Eric Schmidt: To Avoid NSA Spying, Keep Your Data In Google's Services

david.emery Re:I feel safer with NSA than Google (281 comments)

"it is believed" - conspiracy theorists will believe anything that supports their theories.

Last time I checked, I'm not an oil&gas company.

about two weeks ago
top

Eric Schmidt: To Avoid NSA Spying, Keep Your Data In Google's Services

david.emery Re:I feel safer with NSA than Google (281 comments)

Neither will NSA. You have your Three Letter Agencies mixed up.

about two weeks ago
top

Eric Schmidt: To Avoid NSA Spying, Keep Your Data In Google's Services

david.emery I feel safer with NSA than Google (281 comments)

All things considered, I trust the NSA more with my data. At least they're not in the business of selling it.

about two weeks ago
top

Is Enterprise IT More Difficult To Manage Now Than Ever?

david.emery Re:Corporate is a Captive Audience (241 comments)

... You are measured by the budget that you consume. ....

Mod parent up insightful!

about two weeks ago
top

Computer Error Grounds Flights In the UK

david.emery Re:CNN reported it was a power problem (68 comments)

The pumps lost power after the backup systems failed (ran out of battery, and the generators were knocked out), and that's what caused the reactors to overheat and meltdown. If power had been retained to the pumps, the major problems would have been averted.

https://en.wikipedia.org/wiki/...
"The switching stations that provided power from the three backup generators located higher on the hillside failed when the building that housed them flooded.[68] Power for control systems switched over to batteries that were designed to last about eight hours.[102] Further batteries and mobile generators were dispatched to the site. They were delayed by poor road conditions and the first arrived only at 21:00 11 March,[95][103] almost six hours after the tsunami."

about two weeks ago
top

Is Enterprise IT More Difficult To Manage Now Than Ever?

david.emery CIOs are reaping what they've sowed (241 comments)

After years of insisting that the rest of the organization exists to make the CIO's job easier, it's great to see the 'revolt of the masses' moving away from the one-size-fits-all/everything-Microsoft-regardless-of-the-security-cost solution to stuff that makes the individual more productive.

The complexity of everything makes the IT job harder, but "I can't be bothered to learn new things" response to the user demand for alternatives is ultimately self-defeating.

As a side observation over the last 35 years in the business, systems that support multiple platforms/clients/etc tend to be a lot more reliable than those that support a single configuration. The unwritten and often unknown assumptions about the execution environment (client or server, etc) are latent bugs even in a monoculture. (I'm certainly old enough to remember how much software broke in the move from 32 bit to 64 bit; anyone who coded as if integers and pointers are same size/interoperable got all the problems s/he deserved!)

about two weeks ago
top

Computer Error Grounds Flights In the UK

david.emery CNN reported it was a power problem (68 comments)

And anecdotally, it seems many, if not most, of the ATC failures I remember hearing about in the US have also been power problems. These are kinda hard to test, as I wrote to a friend, "The on-duty ATC controllers get irate when you 'pull the big power plug' on their shift."

Usually failures like these are chains of events, e.g. "UPS ran out of batteries more rapidly than expected, and then we couldn't get the generators started."

Power problems are what doomed Fukushima, too, by the way.

about two weeks ago
top

Bank Security Software EULA Allows Spying On Users

david.emery Re:not in BOA online banking (135 comments)

Well, the original thread was on BOA. Sounds to me like your business needs to change its bank.

about two weeks ago
top

Bank Security Software EULA Allows Spying On Users

david.emery Re:not in BOA online banking (135 comments)

Let's be clear: This is an Opt-In "feature". It is neither mandated nor included by default.

(That doesn't make it less objectionable, but it does clarify how it could get onto your computer.)

about two weeks ago
top

Bank Security Software EULA Allows Spying On Users

david.emery not in BOA online banking (135 comments)

I just read through the Bank of America Online Banking Service Agreement, and I don't see anything like this, nor is there any mention of IBM. Reading the Wikipedia page, it seems this is software used -inside- a bank.

about two weeks ago
top

Apple, IBM Partnership Yields First Results: 10 Mobile Apps

david.emery Re:WTF (53 comments)

Mod parent up insightful. And from extensive experience booking travel, I can assure you the tools the airlines use are better (more responsive, better data) than what they give us access to.

about two weeks ago
top

Highly Advanced Backdoor Trojan Cased High-Profile Targets For Years

david.emery Re:*nix Version Not Yet Discovered. (143 comments)

It's possible there are other versions. But that's not my point. The version that has been discovered and documented runs on Windows, a fact that is probably deliberately not made clear in the articles.

about a month ago
top

Highly Advanced Backdoor Trojan Cased High-Profile Targets For Years

david.emery How far do you have to read? (143 comments)

To discover this is a Windows-only virus? That was the first thing that crossed my mind, what platform(s) are vulnerable? It sure as hell isn't clearly stated in any of the articles I read, you have to dive into the details of the Symantec white paper to notice that all the attack vectors were specific to Windows.

And how much does the tech journalism community and the security products & services industry, from Ars to The Verge, to Symantec, get paid to hide the fact this is Yet Another Windows (only) vulnerability?

about a month ago
top

Ask Slashdot: Dealing With VoIP Fraud/Phishing Scams?

david.emery Write your Congressman/Senator (159 comments)

I contacted Senator Warner's office about this, and frankly was blown off. That being said, I think we need a -law- that requires the Telcos to work out how to make Caller ID unforgeable. I've been challenged to 'show the RFCs and related standards that would support this,' but since the industry has shown no interest in solving the technical problems, I reluctantly believe that it'll take legal action (either law, regulation or legal liability) to force the issue.

On a related note, I also asked about the impact of all those CallerID violations I've filed over the years, and got no response back from that. In both cases, I was forwarded a letter from the FCC that basically quoted from their website.

about a month and a half ago
top

The Effect of Programming Language On Software Quality

david.emery Too Bad Ada wasn't included (217 comments)

This is a language that of course was designed very differently from the common C based languages in wide use today, and one for which there is a very large amount of publicly available code (but not on GitHub.) I've seen studies from large volumes of Ada code, both with respect to error rates and with respect to development and maintenance costs, that show a significant advantage for that language.

about 2 months ago
top

The Effect of Programming Language On Software Quality

david.emery Re:I have just one word for you (217 comments)

My personal mileage varies significantly. I still prefer Ada, which is a language that you'd probably characterize as having a lot of "boilerplate". An experience Ada programmer learns how to use that to his advantage in several ways:
    1. When you're on a large or long-lived project, readability of code (even your own, years later) is more important than writeability,
    2. The compiler checks consistency, and as you get better with the language you learn how to maximize what the compiler can check. (This is particularly true for strong typing, where in my experience the bugs caught by typechecking are caught on scalar types. You're a lot more likely to add 'count-of-apples' to 'count-of-oranges' than you are to actually try to add apples and oranges.) Thus as a designer, I'd concentrate on the algorithm, logic flow, etc, and let the compiler check things like parameter names/types. When the compiler and I both agreed that the program was right, it usually was correct.
    3. Syntactic error recovery. This is a big deal when first learning a language, and later when doing significant changes (e.g. refactoring). On a lot of compilers, a single syntax error made all the subsequent error messages both numerous and confusing/worthless (usually because the compiler made an incorrect assumption.) Ada compilers, particularly the hand-craft GNAT parser, got really good at providing meaningful error messages for the rest of the compilation after detecting (and recovering from) a syntax error.
    4. Better optimization. The more info the compiler can get and depend on, the better job the optimizer can do, mostly by limiting the assumptions about how data or control flow is used.

"boilerplate" can be your best friend, when you and the compilation system take advantage of it.

about 2 months ago
top

Ask Slashdot: How Useful Are DMARC and DKIM?

david.emery Outsource email companies are terrible (139 comments)

A lot of the mail I get that goes into quarantine or marked as spam comes from outsourced senders, where Domain.com uses some 3rd party to send mail on behalf of it. This can be ISPs, companies like Constantcontact.com or God-only-knows what else. Of course, the company who bought this service probably doesn't know or want to understand what the problem is, and the company that's doing the outsourcing has no real incentive to make sure their hosts (including SPF, etc) are configured properly.

about 2 months ago
top

It's Time To Revive Hypercard

david.emery Let's go back to 'requirements' (299 comments)

HyperCard combined three aspects: (1) A easy-to-assemble set of graphical/user interface components; (2) a simple (simplistic) database; (3) a quirky programming language.

Possibly VB with Access provides a similar set of functions.

We should be able to produce something that allows end users to do some development for themselves, while acknowledging this is not a production-quality tool, but no matter what, people will take prototyping systems and try to deploy them to production usage.

I've used it for several different things, including catalog/library "decks", user interface mock-up with a bit of back-end semantics (for a system configuration function, to understand user requirements and usage models), and a potential front-end controller to a very simple 'robot'.

about 2 months ago

Submissions

top

Target's internal security team warned management

david.emery david.emery writes  |  about 10 months ago

david.emery (127135) writes "According to this story, Target's own IA/computer security raised concerns months before the attack: http://www.theverge.com/2014/2... Quoting a story in the Wall Street Journal.)
But management allegedly "brushed them off."

This begs a more general question for the Slashdot community? How many have identified vulnerabilities in your company's/client's systems, only to be "brushed off?" And if the company took no action, did they ultimately suffer a breach?"
top

Samsung's comparison of Galaxy S to iPhone

david.emery david.emery writes  |  more than 2 years ago

david.emery writes "In a document from the ongoing Samsung/Apple trial, provided in both English translation and Korean original, Samsung engineers provided a detailed comparison of user interface features in their phone against the iPhone. In almost all cases, the recommendation was to adopt the iPhone's approach.

Among other observations, this shows how much work goes into defining the Apple iPhone user experience."

Link to Original Source
top

"CdrTaco" on Internet immortality

david.emery david.emery writes  |  more than 2 years ago

david.emery writes "Rob Maida, founder of Slashdot.org and now working for the Washington Post, made it to the Op/Ed page of the Post with a piece on 'reblogging,' including some comments on the Slashdot.org community."
Link to Original Source
top

Least stressful jobs: programmer, SW engineer

david.emery david.emery writes  |  more than 3 years ago

david.emery (127135) writes "Time's "NewsFeed" Blog claims that Computer Programmer and Software Engineer are among the 10 LEAST stressful jobs. Guess they've never had to debug someone else's code to meet an impossible management deadline...."
Link to Original Source
top

Amtrak: 12 hours for 'computer upgrade'?

david.emery david.emery writes  |  more than 3 years ago

david.emery writes "Amtrak is warning its customers that its reservation and status system will go down at 03:00 Sunday morning "for an upgrade" and will be up by "early afternoon."

That's an Awfully Long Time for a mission-critical reservation to be down."

Link to Original Source
top

AAPL - amateurs beat the pants off pro analysts

david.emery david.emery writes  |  more than 3 years ago

david.emery writes "Bottom Line: The pros suck at predicting Apple performance, particularly when it comes to Earnings per Share and Revenue, when compared to the amateur blogs that provide financial analysis of Apple."
Link to Original Source
top

Microsoft, Toyota to collaborate on smart cars

david.emery david.emery writes  |  more than 3 years ago

david.emery writes ""Microsoft and Toyota on Wednesday announced a $12 million partnership through which the companies will create an advanced digital information and communication system for the Japanese automaker's cars." Apparently it also includes connections to Microsoft's Cloud ("Azure") servers."
Link to Original Source
top

Another insider critique of Wikileaks

david.emery david.emery writes  |  more than 3 years ago

david.emery (127135) writes "WikiLeaks editor Julian Assange went from being "imaginative, energetic (and) brilliant" to a "paranoid, power-hungry, megalomaniac," a former colleague charges in a new book out Thursday. Further we read: Domscheit-Berg "damaged" WikiLeaks infrastructure and "stole material," WikiLeaks said Wednesday, and the website said it is taking legal action against him-- though Domscheit-Berg denied that. (I'm not clear on what it would mean to 'steal material' from something like WikiLeaks...)"
Link to Original Source
top

Assange on risks of informants

david.emery david.emery writes  |  more than 3 years ago

david.emery (127135) writes "From the story: The title said he told international reporters: 'Well, they're informants so, if they get killed, they've got it coming to them. They deserve it.' The book continues: 'There was, for a moment, silence around the table.' The allegations were made in a new book published today by the Guardian timed to coincide with another title released by the New York Times. It also reveals that Assange was so worried that he was being followed by U.S. intelligence services that he disguised himself as a woman, it has been revealed."
Link to Original Source
top

CNet Analysis on RIAA-Tenenbaum - appealbait?

david.emery david.emery writes  |  more than 4 years ago

david.emery (127135) writes "CNet's Greg Sandoval provides his analysis/spin on the Tenenbaum decision reducing statutory damages. Among other items, it claims the Tenenbaum decision will make negotiating settlements harder, and is likely to be appealed with an assertion that the judge exceeded her authority. As seems to be typical in these cases, the litigation can go on and on until one side drops out through exhaustion."
Link to Original Source
top

Affidavit for 'lost' iPhone unsealed

david.emery david.emery writes  |  more than 4 years ago

david.emery (127135) writes "Wired.com has obtained and published a copy of the search warrant for Jason Chen. This details some pretty funky behavior on the part of Brian Hogan (iPhone finder), such as tossing flash cards into the bushes, dropping off computers at churches, and some snarky emails from Brian Lam to Steve Jobs. This adds more detail to what increasingly looks like anything but 'innocent behavior' in this case. Regardless of what you think about publishing photos of the iPhone, it's really hard to view this behavior as "someone trying to return a lost item.""
Link to Original Source
top

Signatures for a zero-day webserver hack?

david.emery david.emery writes  |  more than 4 years ago

david.emery (127135) writes "I'm seeing the following in my server logs:

[Tue Feb 09 02:55:33 2010] [error] [client 96.244.84.154] Invalid method in request \x95\xba\xbc\x9f\xe3\xcd\xef\x959\xe1^@\x9fq\xa8

[Tue Feb 09 08:13:21 2010] [error] [client 24.211.249.162] Invalid method in request I\xfa\x9f\xf7FEq\xa14c\xd6\x82$\x89\x97z\xfbR<\xbb\xe0-\xb0\x7f=;z\xe3:\x0e\xc7\xd8\x92\x04\xc6C\xb9\xa5\xe0\xee\xc9\xfc\x84

Sure looks like some sort of "maliciously crafted" string to me. Anyone else seeing this? What is this targeted to?"

top

Intego issues 'Year in Mac Security' malware repor

david.emery david.emery writes  |  more than 4 years ago

david.emery (127135) writes "MacOS and iPhones that haven't been jailbroken fare pretty well (although vulnerabilities exist, there's not been a lot of exploitation). Apple does come in for criticism for 'time to fix' known vulnerabilities. Jailbroken iPhones are a mess. The biggest risk to Macs are Trojan Horses, often from pirated software."
Link to Original Source
top

Microsoft says there's a 'tax' to use Macs

david.emery david.emery writes  |  more than 6 years ago

david.emery writes "A CNet column by Matt Asay cites an interview between Microsoft's Brad Brooks and CNET's Ina Fried (http://news.cnet.com/8301-10805_3-10064580-75.htmll). Asay points to the comments by Brooks to the effect that not using Microsoft products constitutes a 'tax' for alternatives. Here's a quote

There's going to be an application tax, which is if you want choice around applications, or if you want the same type of application experience on your Mac versus Windows, you're going to be purchasing a lot of software.

and Asay's analysis/commentary:

In other words, it's cheaper to continue paying the Microsoft tax, wherein companies give up any hope of future innovation or industry competition, than to try that dreaded, costly thing called "choice."

Particularly with things like Open Office, is there really a problem with alternatives to Microsoft? How much does choice really cost?"
Link to Original Source

top

Yahoo DNS poisoned???

david.emery david.emery writes  |  more than 6 years ago

david.emery writes "Yesterday I got a strange email bounce from groups.yahoo.com, and something didn't look right in the headers about where the message was going. nslookup on groups.yahoo.com yielded the following: ; > DiG 9.4.2-P1 > groups.yahoo.com a +multiline +nocomments +nocmd +noquestion +nostats +search ;; global options: printcmd groups.yahoo.com. 43 IN CNAME groups.yahoo3.akadns.net. groups.yahoo3.akadns.net. 68 IN A 209.73.164.118 akadns.net. 37394 IN NS use3.akadns.net. akadns.net. 37394 IN NS eur1.akadns.net. akadns.net. 37394 IN NS zd.akadns.org. akadns.net. 37394 IN NS usw2.akadns.net. akadns.net. 37394 IN NS zb.akadns.org. akadns.net. 37394 IN NS use4.akadns.net. akadns.net. 37394 IN NS za.akadns.org. akadns.net. 37394 IN NS asia9.akadns.net. akadns.net. 37394 IN NS zc.akadns.org. asia9.akadns.net. 33620 IN A 220.73.220.4 zb.akadns.org. 1087 IN A 12.183.125.5 zc.akadns.org. 608 IN A 124.211.40.4 zd.akadns.org. 1270 IN A 65.114.105.4 eur1.akadns.net. 32741 IN A 195.59.44.134 use3.akadns.net. 35723 IN A 204.2.178.133 use4.akadns.net. 29133 IN A 208.44.108.137

Today I did the same, and got something that looked a lot more correct: ; > DiG 9.4.2-P1 > groups.yahoo.com cname +multiline +nocomments +nocmd +noquestion +nostats +search ;; global options: printcmd groups.yahoo.com. 142 IN CNAME groups.yahoo3.akadns.net. yahoo.com. 66848 IN NS ns8.yahoo.com. yahoo.com. 66848 IN NS ns6.yahoo.com. yahoo.com. 66848 IN NS ns1.yahoo.com. yahoo.com. 66848 IN NS ns3.yahoo.com. yahoo.com. 66848 IN NS ns2.yahoo.com. yahoo.com. 66848 IN NS ns5.yahoo.com. yahoo.com. 66848 IN NS ns4.yahoo.com. ns5.yahoo.com. 154843 IN A 119.160.247.124 ns6.yahoo.com. 150553 IN A 202.43.223.170 ns8.yahoo.com. 62351 IN A 202.165.104.22 ns1.yahoo.com. 63924 IN A 66.218.71.63 ns2.yahoo.com. 63924 IN A 68.142.255.16 ns3.yahoo.com. 63864 IN A 217.12.4.104 ns4.yahoo.com. 63781 IN A 68.142.196.63

This wasn't just me. My ISP's sysadmin did nslookup yesterday and got the same weird results (akadns.net) last night. So, is this evidence of DNS poisoning? Did someone somehow get the wrong data into the larger DNS infrastructure? Enquiring minds want to know!... dave"

Journals

david.emery has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?