Beta

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Comments

top

Comparison: Linux Text Editors

jhol13 Re: You're welcome to them. (210 comments)

The problem with Vim (and Emacs) is that they do not support anything modern, not even ctrl-z/x/c/v.

For programming Eclipse or NetBeans or Visual Studio is just miles away what of vi/emacs can do, especially out of the box. To get vi/emacs to work nearly as good as good IDE is just too big a job. For example NetBeans ctrl-b (go to declaration). Sure, you can install ctags, configure it, run it, tinker with it, tinker some more, add custom rules, search net, rinse-and-repeat and eventually you'll get something resembling ctrl-b, but not quite the same.
Or ctrl-space (complete word) - in NB this will understand the variable and give completitions according to that. It will give hints to the parameters too. In every language there is. Probably if you search-net, tinker, rinse-repeat you can get something almost similar working in one language in one platform with vi/emacs. I work in two (Linux & Windows). I do not want to waste my time to get mundane things like that to work properly. And the list is endless! Will vi color according to changes in VCS? According to syntax errors? Both at the same time, out of the box? Has it code prettifier for C, HTML, css, etc? Netbeans have plugin-repository from where you can get almost everything you'll ever need. Last time I used XEmacs it was net-search, try it, search next - maybe it works with current XEmacs, ...

Believe me, I have tried, I have used XEmacs for years, over 15. Then I just noticed that a program designed for vt100 is from the Stone Age.

36 minutes ago
top

Obama Administration Says the World's Servers Are Ours

jhol13 Re: Maybe, maybe not. (749 comments)

This is why I dislike this law. It pout one innocent american in jail indefinitely and one innocent swiss in a horrible position as the "jail door keykeeper". Not to mention travelling abroad might have put him into prison too.

about two weeks ago
top

Obama Administration Says the World's Servers Are Ours

jhol13 Re: Maybe, maybe not. (749 comments)

Suppose that the data resides in Swizerland (Swiss privacy laws prohibit moving data overseas - don't know exact details, but the idea should be obvious). Suppose the credentials to give the data is only on the hands of a swiss administrator - no american has access to the data/server/credentials in Swizerland. In this case no matter who in the company orders to give him the credentials, the administrator in Swizerland cannot give them or he would be breaking the Swiss law.

about three weeks ago
top

The Security Industry Is Failing Miserably At Fixing Underlying Dangers

jhol13 Re:How is that the security industry's fault? (205 comments)

[...] we refuse to accept old, working stuff.

To me the situation has been exactly the opposite. I had a job where I had to fight to get old crapware rewritten because "it provably works" (although it has e.g. access after "free"). I have never seen an old software that would work with the new requirements in the new environment. Quite contrary, old software slowly but surely deteriorates with #ifdefs, code nobody dares to remove, hacks that just happen to work as they change timing, you name it. Just like good-old OpenSSL.

Same with bridges btw, 20th century bridge would hardly suffice today (price, time to build, etc.).

about a month ago
top

The Security Industry Is Failing Miserably At Fixing Underlying Dangers

jhol13 Re:What's the solution? (205 comments)

But the companies exists solely to make profit to their owners. Which means "time to market", which means "security is not an option - until it is really needed".

For example, I am certain that 99% of Facebook/Twitter/... users don't give a shit how secure it is - especially as they know NSA has unlimited and unaccountable access into it.

about a month ago
top

New OpenSSL Man-in-the-Middle Flaw Affects All Clients

jhol13 Re:This is awesome (217 comments)

Wrong. Open source can provide advantages, but only if all processes etc. are followed. Most often they are not.

about 2 months ago
top

New OpenSSL Man-in-the-Middle Flaw Affects All Clients

jhol13 Re:This is awesome (217 comments)

So what you are effectively saying is "we (foss) did a great job, let's pat each other on the back! Then let's continue our marvellous path of joy and glory".

(translation: we, the cowboy coders, are totally ignoring fatal problems in processes and attitude and won't fix them 'cause we "are better". if the sarcasm was lost in translation, your bad).

about 2 months ago
top

New OpenSSL Man-in-the-Middle Flaw Affects All Clients

jhol13 Re:This is awesome (217 comments)

First, I detest the excuse "some one is worse - or at least you cannot prove it is not, therefore we are actually quite good!"
Then, I call bullshit. Closed source do get "CVE'd" and the companies can be held liable. Foss developers cannot be sued (and get as much money as from G/M/A/...).

But do continue with the same attitude. After next exploit, and 10 more later, just say "yes, someone out there is worse, especially now as we have fixed ALL known vulnerabilities". Although the new version out next month will probably introduce more new holes than what were fixed.

about 2 months ago
top

New OpenSSL Man-in-the-Middle Flaw Affects All Clients

jhol13 Re:This is awesome (217 comments)

I knew this excuse would used again and again, long before Heartbleed. I complained loudly (see my history) for your though to be fatally flawed.
The problem is, that this kind of thinking generates more holes than fixes.

But then, I think you were sarcastic and the moderators missed it.

about 2 months ago
top

New OpenSSL Man-in-the-Middle Flaw Affects All Clients

jhol13 Re:Neat (217 comments)

Speed limits are overly conservative, and it is entirely possible to drive fast and drive safely. [...]
I don't pay much attention to speed limits. [...] slowing down when there is additional risk. Additional risk includes [...]

You are a dangerous idiot. Quite ofthen the speed limit is not to protect you, but others. Quite often the (low) speed limit is due to "addition risk", a risk that might be difficult or impossible for the driver to see. Which you have decided to neglect, because you think you are a "better driver". Hint: your reaction time is most likely not significantly smaller than others.

about 2 months ago
top

Web Browsing Isn't Copyright Infringement, Rules EU Court of Justice

jhol13 Re:WTF? (79 comments)

No, that is not what they are after. They want you to pay for the information.
So that you would not get it freely from "illegal" or "gray" (hard to say whether illegal or not) sites.
So that if you do, they can send you the "600€ or face prosecution" -letter.

about 2 months ago
top

Pirate Bay Co-Founder Peter Sunde Arrested In Sweden

jhol13 Re:His 'role in the site' (221 comments)

"taxi driver is thinking"

This is exactly my point. And you missed it.

about a month ago
top

Pirate Bay Co-Founder Peter Sunde Arrested In Sweden

jhol13 Re:His 'role in the site' (221 comments)

If I have understood correctly, in (someparts of?) USA, if you drive the getaway car in a bank robbery and someone dies, you will be charged (and probably convicted) of murder. Although, in a way, what you did is nothing more than what a taxi driver does. Right?

Get real!

about 2 months ago
top

Apple Confirms Purchase of Beats For $3 Billion

jhol13 Re:Style over substance (188 comments)

I have, and never will, understand the Coke-phenomenon.
To me all colas are "too strong", they kill the taste food - so they cannot be drank with food. But still people do. For thirst - no, again, too much sugar or other sweeteners, it does not take the thirst away. But still people do.

By far the best drink is tap water, for thirst and with most foods (unless you fancy a nice beer or wine, but that is different story entirely).

Apparently there are even cola-connoisseur like you (not that there's anything wrong about it).

Don't get me wrong, I occasionally do drink a soft drink, but that is mostly to get some sugar into blood stream.

about 2 months ago
top

The US Vs. Europe: Freedom of Expression Vs. Privacy

jhol13 Re:The Problem Isn't "Free Speech vs Privacy" (278 comments)

Newspapers have editors who can be kept responsible for the content in the newspaper, search engines do not.
Then EU does have "government", "police", "judicial system" and "newspapers" as separate entities unaffectable by others (government cannot directly control police, judicial system or newspapers, neither can police control any of the other entities, and so on).

about 2 months ago
top

30-Day Status Update On LibreSSL

jhol13 Re:Its easy to be critical (164 comments)

We should not stop bashing OpenSSL, ever (although I do admit it is "product of the community").
Just to remind people that this kind of development is not acceptable, not "even" in FOSS world.

about 2 months ago
top

How To Prevent the Next Heartbleed

jhol13 Re:need to get over the "cult of macho programming (231 comments)

The allocator was never "100% necessary". It might have been advantageous in some systems, but in vast majority of systems it have never been more than a hassle. Then when they made the OpenSSL unworkable without their allocator - or rather without the undocumented behaviour their allocator happened to have, they should have removed it immediately. But no, they were macho, they thought "we know better".

about 3 months ago
top

How To Prevent the Next Heartbleed

jhol13 Re:need to get over the "cult of macho programming (231 comments)

This problem was caused by a simple missed parameter check, nothing more. Stop acting like the cultural problem is with the developers when it is with the leaches who consumer their work.

I do not believe you. If this were an isolated case, then you'd be right. But no, this kind of "oops, well now it is fixed" things happens all the time, over and over again. The culture of the programming never improves due to the error - no matter how simple, no matter that it should have been noticed earlier, no matter what.

I am willing to bet that after next hole the excuses will be same "it was simple, now it is fixed, should up" and "why don't you make better, shut up" or just "you don't understand, shut up". And still the cowboy-coding continues.

This was caused partially by unchecked parameter (this should have never happened, there is no excuse for it), partially because the idiots used their own allocator which created the covert channel and prohibited the use of malloc-debug libraries. Libraries which would have found the error - again this should not have happened.

But then, maybe I just should shut up ...

about 3 months ago
top

How To Prevent the Next Heartbleed

jhol13 Re:need to get over the "cult of macho programming (231 comments)

You forgot NIH. OpenSSL used its own allocator, the most positive thing I can say about that is "totally idiotic". AFAIK nobody is removing it ...

Furthermore, C is insufficient language for a security software (C++ when properly used barely acceptable, managed languages much better).

about 3 months ago
top

NSA Allegedly Exploited Heartbleed

jhol13 Re:It's time we own up to this one (149 comments)

"less clear"?

Less clear my ass! I'd say there is no leadership in the project, unless "FUD" (fear of it breaking something) is called "leadership". But then as you say, "nobody cares".
If the code is as you describe, the whole shebang should be rewritten from scratch using higher level managed language. Any managed language would have prevented the information leak although probably not the unchecked value.

about 4 months ago

Submissions

jhol13 hasn't submitted any stories.

Journals

jhol13 has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?
or Connect with...

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>