Announcing: Slashdot Deals - Explore geek apps, games, gadgets and more. (what is this?)

Thank you!

We are sorry to see you leave - Beta is different and we value the time you took to try it out. Before you decide to go, please take a look at some value-adds for Beta and learn more about it. Thank you for reading Slashdot, and for making the site better!



Mozilla Updates Firefox With Forget Button, DuckDuckGo Search, and Ads

dejanc Re:Bastards ... (327 comments)

It looks optional. I just updated and on directory tiles you get options: "Enhanced", "Classic" and "Blank". I don't see a difference between Enhanced and Classic but I am going to guess that Classic is ad free.

Anyway, why be so negative about this? People at Mozilla provide a great browser and if that means you get to see some ads (that you can disable) every once in a while, what's the big deal? If they were injecting ads into pages you load, I would object, but seeing them on an otherwise empty page is as intrusive as default search engines they give you. Both things are perfectly fine.

about 2 months ago

BBC: ISPs Should Assume VPN Users Are Pirates

dejanc Re:Contacting BBC, via VPN (363 comments)

This is the problematic part from TFA: the BBC Worldwide indicates that ISPs should be obliged to monitor their customers' activities.

If anything, ISP's should be regulated never to monitor their customers activities - I really think ISP looking into what I am transferring should be illegal. Just like a phone company should never listen to my conversations, ISP should never look into my data.

about 5 months ago

Gmail Recognizes Addresses Containing Non-Latin Characters

dejanc Re:Next wave of phishing? (149 comments)

What software (or library) is programmed to recognize that two chars look the same and therefore allows them based on the appearance rather than their encoding?

I am not aware of any. My "solution" to this problem is to allow only unambiguous characters to be used. I really mostly have to deal with only about 60 characters in total which I allow people use for unique fields, so it's manageable.

about 6 months ago

Gmail Recognizes Addresses Containing Non-Latin Characters

dejanc Re:Next wave of phishing? (149 comments)

That kind of phishing already exists, even more sophisticated: a bug that a lot of software contains is not distinguishing between same looking characters in different alphabets. E.g. you can sign up on many forum/bbs platforms as Administrator if your leading A is cyrillic A instead of latin A. Both look the same but have different html entity codes and are different unicode chracatres, which is true for most vowels and many consonants (e.g. cyrillic B and latin B, C and C, E and E...). Or, for more fun, look at this (single) character which looks exactly as "lj".

Those of us with customers who use two alphabets constantly have known about this problem for a long time and we've seen phishing on all different kinds of platforms using this strategy.

IDN (internationalized domain names) solves this problem in domain names with policy: you can't register a domain which looks exactly like some other domain except for that change in character. Still though, you can register both casino.it and casinò.it and that's where the real phishing potential is. I think, at least most native English speakers, would probably be fooled easier by a domain such as paypal-customer-division.com than paypàl.com.

about 6 months ago

Ikea Sends IkeaHackers Blog a C&D Order

dejanc When will this stop being news? (207 comments)

The owner of trademark has to "protect" it or they will lose the exclusive right to use it. It's described here. Lawyers have to send C&D letters and sue for infringement because that's what the law says they have to do in order to keep the right to use their trademark.

IkeaHackers does use IKEA's logo and it really can be mistaken for IKEA's trademark, so the lawyers had to act. It was routine, and it wasn't some evil corporate guy who just wanted to make that blogger's life miserable.

about 7 months ago

Gaining On the US: Most Europeans To Be Overweight By 2030

dejanc Re:"Down with fat-shaming!" (329 comments)

When I was visiting my parents once, after getting out of shower all wet and with a towel on, I got an epic line from my father: "Go back to the bathroom, put on some clothes, and lose 10 kilos, before you enter the living room".

In many parts of Europe (I can speak for the Balkans for sure), it's perfectly normal to comment on weight and friends and family. It's not said out of malice, it's with best intentions. And if anything, when everybody you know starts commenting on how fat you are getting, you start and think if it's time to go on a diet. It also usually means that you can get some support from family and friends if you need to change your lifestyle to lose weight, so it can work out good.

It's different with children though - they can be rough and tease/bully you for being fat. For some kids that can be an incentive to take up a sport, for some it will be nothing but trauma.

about 8 months ago

Hulu Blocks VPN Users

dejanc Use your own VPS instead (259 comments)

1. Rent a cheap VPS
2. Tunnel connection through it (e.g. via a SOCKS proxy) or set up your own VPN
3. Keep the IP to yourself so you don't get flagged

That's how I get to watch BBC's premiers at the same time people in London do, and if I care about something in the US, I just switch to another VPS.

about 9 months ago

Band Releases Album As Linux Kernel Module

dejanc Re:Lol wut (128 comments)

point being, nobody would have heard of this without this gimmick, so bravo for them for the gimmick. but let me ask you this, will you seek this song a year from now?

Honestly, it's not my cup of tea and alternative music generally takes some acquiring of taste before it can be enjoyed.

Still, I'm sure they'll find the audience, and they certainly get +100 geek points for this release.

about 9 months ago

Band Releases Album As Linux Kernel Module

dejanc Re:Lol wut (128 comments)

De gustibus non est disputandum. I just heard about this band for the first time and I would categorize them as an "alternative electronic" band. I was first introduced to that kind of music during the mid nineties, just before the Internet came to my country, as it was swapped by artists on a BBS I frequented. I think it appealed to artistic geeks because they could create it with a heavy use of their favorite toy in their bedroom.

We even have a show dedicated to this kind of music on a national radio station, so it has its audience...

about 9 months ago

In a Hole, Golf Courses Experiment With 15-inch Holes

dejanc Re:...news for nerds.. (405 comments)

Most every other sport has human interaction as a core element: US football/rugby has people crashing in to each other as a core element, baseball has a pitcher throwing a ball to a batter and the pitcher can directly affect the batters performance, in basketball you could be the best 3 point shooter on an empty court but you've got to get the ball past the defensive players trying to block it.

Except, of course, for track & field, swimming, skiing, ski jumps, kayaking, rowing, running, synchronized swimming, gymnastics, weightlifting, luge, skeleton, boblseigh, and pretty much any other sport which doesn't involve a ball or direct combat. Some you do regardless of other contestants, like weightlifting, some you do alongside others, like running a marathon, but no interaction is allowed. So, whatever you do in practice you should be allowed to repeat in competition.

Sports like football (real or American) and basketball may be good television, but they hardly constitute "most sports".

about 9 months ago

Apache OpenOffice Reaches 100 Million Downloads. Now What?

dejanc Re:I wonder how much damage... (285 comments)

For most users that I've known who were willing to try OpenOffice, Calc worked fine for them.

When they ask about why it looks different, I just tell them "oh, this is the newer version.", and they're fine.

You are describing my experience with home users, e.g. people who use Word to type out a school assignment or a project report and then print it.

People who do "serious" work with Office have real problems migrating. Excel formulas will not always successfully transfer to Calc, which means old spreadsheets can't be used and they can't be shared with people still using MS products.

Write and Word do have incompatibilities. E.g. one bug lingers around for years: when a header is saved in OpenOffice format and then saved as a Word document, it will appear on all pages and not only on the first page.

I never tried to open a MS Access database in OpenOffice Base, but Base does have stability and bug issues, at least on Mac (just yesterday I had problems with it crashing).

I won't even go into macros, templates, etc.

Switching from MS Office to OpenOffice / LibreOffice is not easy at all for power users. To put into geek terms: imagine switching from Apache to Lighttpd. For most things, it will be great. But, if you have some serious .htaccess magic going on or are relying on mods which exist only for Apache - well, you are out of luck and you are probably not going anywhere.

Fresh start with OO/LO, on the other hand, is a breeze :)

about 9 months ago

Ask Slashdot: Moving From Tech Support To Development?

dejanc Find a small company without HR department (133 comments)

I am in a South-Eastern European country and I don't have a degree in a related field, but I didn't have a hard time finding my first programming jobs.

Keep several things in mind:

1. Good developers are in demand. If Eastern Europe is anything like the Balkans in that regard, people are looking for competent programmers. At any particular job interview for a programmer most of the people who apply don't know anything about programming, have never used a relational database, etc. Use that to your advantage.
2. Small companies don't have HR departments to veto you just because you don't have a degree or enough years of work experience.
3. You have 6 months to beef up your resume. You can always invent free-lance work, as long as you have knowledge to back it up.
4. You can always find for-peanuts work on various "hire a freelancer" website. You will not earn good money there, nor will you get any enterprise application experience, but you will have an "Aha!" moment if you never programmed for money before. When you are developing as a hobby, you tend to adjust requirements to your knowledge and spare time, but when somebody else gives you requirements, you will quickly discover how to learn quickly and do things efficiently. That's what employers want from their programmers.
5. When negotiating a salary, keep in mind that the price you suggest will tell a lot to your employer about what you are worth. I know this may be a mistake, but when I was interviewing people for jobs, I took more seriously people who expected higher-than-indurstry-average salary than people who wanted to work for peanuts. If you come to me and ask for a salary that's half, or a third, of what I know most company in my city pay their developers, I will assume that you don't have much experience.

about 10 months ago

Why Buy Microsoft Milk When the Google Cow Is Free?

dejanc Re:Similarly... (409 comments)

Fair enough. I don't think I have a problem with particular practices as much as I do with general philosophy. I try to be security aware whatever I do and I am put off by any sort of thinking where security breach is something that happens to others.

When you host your own stuff and use your own services, you can be proactive about safety and devise and enforce good policies. While you can develop good practices when using "cloud" technology, it always will be next in line to convenience and your policies have to fall in line with your cloud provider.

about 10 months ago

Why Buy Microsoft Milk When the Google Cow Is Free?

dejanc Re:Similarly... (409 comments)

I am lucky enough to work for an organization where using LibreOffice came from the top down: if the boss sends you an OpenOffice/LibreOffice document, you tend to install it and aren't too lazy to share work by email or shared directories.

Another organization I worked for used Google Apps.I tried to point out flaws of it (security problems, what happens when you are offline, etc.) to them, but I got: "Google is not evil, we trust them". This worked OK until one guy managed to incidentally invite a completely unrelated person to edit a document in which they stored a bunch of sensitive passwords and information ("so it's all in one place").

Even with that wonderful experience, that same organization still uses Google Apps ("it won't happen again"), and even though I relay this experience to other orgs I work for, "it's just too convenient, Google is not using our data in an evil way and you can incidentally email passwords to anyone anyway".

about 10 months ago

Hungarian Law Says Photogs Must Ask Permission To Take Pictures

dejanc Re:Out of step with reality (149 comments)

I don't think you would go to jail for taking a picture of e.g. St. Stephen's Basilica (which would be impossible to take without anyone in the shot) or the Parliament building in Budapest. Firstly, I doubt the punishment would be anything other than a fine. Secondly, I strongly suspect this law has little to do with privacy and tourism and much more to do with e.g. making sure nobody can take pictures of anti-government protests.

TFA is kind of lacking details and I don't follow Hungarian politics that closely, but my first instinct has to do with Viktor Orban's government - he's known for some controversial laws curbing media freedom and changes to their constitution which got the entire EU worried.

The main confusion is that consent can be given in many different ways: implicit consent is still a consent and the article mentions one of their government ministers saying you are fine as long as nobody is explicitly asking you not to take a picture.

Unfortunately, Hungarian is so hard to understand that even with Google Translate I can't follow their newspapers and columns, so we are at the mercy of second-hand journalism and skimpy stuff such as TFA, but indeed this looks like one of the laws enected to be used selectively against well defined targets.

Meanwhile, don't cancel your Hungarian vacation just yet - it's a lovely country with things to see and do, even without taking a camera :)

P.S. Personally, I welcome this law. When traveling through Hungary, I can stop paying Hungarian vignette (road tax) and when I drive under highway cameras, I'll just wave my arms in explicit objection to having my picture taken :)

about 10 months ago

Daylight Saving Time ...

dejanc Re:I like DST but... (310 comments)

So you're saying that midday should occur at 1pm instead of noon. Why? Did our ancestors get the definition wrong?

So we get more daylight when we leave work. Regardless, two people at two opposite boundaries of the same time zone will get midday at different times anyway, so why should we care about it?

about a year ago

The New PHP

dejanc Re:real_foo_bar() and somesuch_improved() (254 comments)

mysql_real_escape_string is a wrapper of a C function. Does that make C the laughing stock for you as well?

I keep saying this on Slashdot: PHP has it's weaknesses, but inconsistent naming conventions isn't a major problem. What made PHP the laughing stock is looking at incompetent coders' code and thinking that's how you do things in PHP.

PHP is a good language for web development. It has an easy learning curve and gives you power to shoot yourself in the foot. Combine those two and you get a bunch of atrocious code floating around the web from the hands of incompetent. But you also get rapid development with very readable code where new programmers can easily jump in in the hands of competent.

P.S. mysql_real_escape_string is now deprecated. PHP has come a long way since its atrocious beginnings and TFA talks about that (clue is in the title).

about a year ago

Why We Need To Teach Hacking In High School

dejanc Teach them how to walk first (124 comments)

While both hacking and cracking should be available to gifted students, most of them need to learn a simple skill that will take them far in life: how to file a bug report.

More companies nowadays depend on their software and good feedback from users is very hard to find. In such environment, those who can file a proper bug report, or write up an understandable feature request, can genuinely prosper.

Those who can properly ask for e.g. a data report from IT, or explain what's wrong with company's intranet website's feature that they use, usually get what they want and their productivity increases.

Any IT education should start there. Those who get hooked will learn how to "hack" (or crack...) regardless of their high school curriculum.

about a year ago

Hackers Sweep Up FTP Credentials For the New York Times, UNICEF and 7,000 Others

dejanc Re:FTP still? (51 comments)

While I don't know what's NY Times' excuse, Cpanel, which powers a lot of servers on the internet still relies heavily on FTP. And Cpanel, while primarily designed to manage shared hosting, is not limited to shared hosts only, many people choose to have it installed on their VPS or dedicated server.

For many web developers, process of deployment is still uploading via FTP, which is both insecure and inconvenient, but I see it very often.

about a year ago

Yep, People Are Still Using '123456' and 'Password' As Passwords In 2014

dejanc Re:Maybe people don't care (276 comments)


So many sites nowadays require you to register so I use throwaway emails in combination with throwaway passwords. E.g. if I want to try out Trove (that was mentioned in a previous article), I really don't want to put in more than a few seconds thought into it, so my email will be trove@domain-which-i-use-to-collect-spam.com and password probably something along the lines of asdf1234. If I find the service useful, Firefox will remember my email and password for login and/or I'll be able to recover the password using their system. If, more likely, I forget about them, I don't care if my credentials get compromised.

1 year,3 days



Serbian Anonymous Hacktivist Arrested

dejanc dejanc writes  |  more than 2 years ago

dejanc (1528235) writes "Serbian public prosecutor for high tech crime claims that the Anonymous "hacker cell" was revelead in Serbia. At least one person alleged to have tried to break into websites under Anonymous cloak has been arrested. He will be charged with an act of sabotage."
Link to Original Source


dejanc has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?