Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!



Data Locking In a Web Application?

lord_sarpedon Re:Optimistic concurrency (283 comments)

You really have to wonder what's going on behind the scenes in some of the database-backed apps that we interact with daily. There are plenty of PHP monkeys that concat SQL to parameters. But there are plenty of others that have just never thought about locking. Or have it wrong. There are subtle concurrency bugs all over the place - the database usually handles it well enough that many developers just never catch on.

more than 4 years ago

Large-Scale Mac Deployment?

lord_sarpedon Re:Large scale Apple managed LAN? (460 comments)

Not to mention that with RDP, you can start a session locally and reconnect remotely. Anyone local will see a lock screen. If you start a remote session and unlock locally, your remote session is right there. You can't do this with X or VNC.

about 5 years ago

Feds Ask IT Execs To Throw Away Cellphones After Visiting China

lord_sarpedon Re:What about Chinese nationals? (382 comments)

Native USians have no idea how their news and movies (those that made it to other countries) portray their own country to the world.


about 5 years ago

Trust an Insurance Company's "Drive-Cam?"

lord_sarpedon Re:Private Car Cameras (480 comments)

It's exceptionally bad here, to be sure.

I live in Texas. I've never been comfortable driving, and wouldn't trust myself behind the wheel - thankfully, I never have the need to, thanks to friends and family, etc. But I have a drivers license! Who doesn't? It's assumed that you'll have a license and a license#.
When I was 16, I got a license just to have it. I'd need it for purposes of a 'de-facto national id card' anyway. In Texas, there's this interesting 'parent taught' program by which a teen can learn to drive with his or her parents, instead of taking drivers ed in school or some other approved program. Completion of the program required some number of behind the wheel hours and a number of hours of classroom "green means go" hours. Under this program, I got a learners permit in under a week (for the classroom hours theoretically completed) and a license in something like 6 months. It was purely on the honor system. Even better, when graduating to a 'real' license, I didn't even need to take a driving test. There was a checkbox for the parent to waive the test. That's good, because I couldn't have passed one. I certainly couldn't now.

Had I waited a few years, I probably would have never obtained a license. The driving test would be mandatory at 18. Ah, rules.

There's actually a nearly identical 'id card' you can get, with identical paperwork up front, just no driving test. But why? I could just get a drivers license at minor inconvenience. Just in case, or something.

So here I am today, licensed to drive. Every year my insurance rates (were I to ever need to purchase it) tick down - older and wiser apparently, despite never driving. Licenses here just double as a small tax and a national ID. No wonder so few can actually drive.

about 5 years ago

Ten Features To Love About Android 1.5

lord_sarpedon Re:and a million things to hate about it (384 comments)

Anything related to the UI sucks hard. App internals are fine. Wny didn't they adopt Qt for widgets? WHY?

more than 5 years ago

New Firefox Project Could Mean Multi-Processor Support

lord_sarpedon Re:As a Developer the Question I Have Is ... (300 comments)

It's a very strange trend to me.

Tab processes must have some way to access global data and state. A shared memory approach is quite likely. So now, instead of a tab crash directly bringing down others, you just hope that nothing scary happens to the shared memory area. You also hope that your "crash" isn't some other failure like a deadlock - suddenly everything else hangs trying to get the mutex for the global bits? What if a plugin gets exploited in just one tab? Then the exploit code can use its unsandboxed state to fuck you over just like normal?
Maybe they'll use some kind of messaging passing instead. Blazing fast I'm sure.

What do we gain here? Less crashing due to shoddy code? A huge chunk of such flaws end up being exploitable. We get more overhead and marginal security/stability benefit as a band-aid for not using a language that is at least a bit provable.

more than 5 years ago

Google Mows With Goats

lord_sarpedon Re:Excuse Me But... (466 comments)

Here, take these pills.

I'll come visit in a few weeks

more than 5 years ago

NASA Moon Launch May Be Delayed After 2020

lord_sarpedon Time (261 comments)

Look, guys. Got to face this sometime.

America just isn't as young as it used to be.

Forty years ago? Sure. We could get a rocket up, in little time at all. And though we'll certainly never forget that first time - we were ready to go again just a few short years later.

But face the facts, people. The country isn't a spry 193 anymore. Let's just have hope that NASA is trying its best, Although its worrisome that the launch date doesn't seem very firm, just keep in mind - nothing would be worse than a premature launch.

We don't intend to disappoint.

more than 5 years ago

Opting Out Increases Spam?

lord_sarpedon Why... (481 comments)

Why the fuck is this on Slashdot?

more than 5 years ago

New Mega-Botnet Discovered

lord_sarpedon Re:Can Help? (257 comments)

The fact that buffer overflows are even still possible is rather silly.

It's even sillier that a user's processes are allowed to run rampant with his or her privileges.

more than 5 years ago

The Rootkit Arsenal

lord_sarpedon Re:Windows needs a root-kit-cleaner CD (79 comments)

You can't. But then again, you can't really trust the pre-flashed chip as it came from the scary third world country either.

If you're feeling frisky, you can reflash in the hope that you've exceeded the sophistication of anything in the wild.

more than 5 years ago

Jack Thompson Spams Utah Senate, May Face Legal Action

lord_sarpedon Re:Low lifes (319 comments)

It's a little sad that you managed to interpret it that way. I'll chalk it up to some level of localized prejudice - a unique flavor, in fact. I still haven't figured it out after several searches.

more than 5 years ago

Zombie Macs Launch DoS Attack

lord_sarpedon Re:I've got your denial right here. (757 comments)

Giving an unknown piece of software admin rights is stupid. We can't fix that.

Giving an unknown piece of software user rights is still REALLY GODDAMN DANGEROUS for no legitimate reason. Modern operating systems still don't sandbox processes - we sandbox users. Instead of coming up with something _new_, we take concepts originally from giant, multiuser, sysadmin-controlled machines and put them on your mom's laptop.

more than 5 years ago

Zombie Macs Launch DoS Attack

lord_sarpedon Re:I've got your denial right here. (757 comments)

All of the major operating systems in use to day adopt the unix-y model of multiple users, isolated from one another. Who cares if a user program does something stupid and nukes a document? That's their problem, the other users are fine. Well, at some point we decided that personal computers needed Real Operating Systems(tm) too, so memory protection and multiple user support is to be expected. A vanilla OSX, Linux, or Windows install has several user accounts, a number of which are for various background services. Hey nifty idea - if you give a process like Apache its own user account, it's a bit more isolated! That's kind of nice. But Firefox has _my_ privileges. Pidgin has my privs. Hell, that windows app I'm running in Wine has my privs. A process is the user running it, huh...that doesn't make sense on the desktop.

Grandma should be able to run Conficker.exe and punch every monkey that she sees. The fact that a process can access my personal files (without going through a privileged file chooser) or intercept keystrokes, or just about anything else.

Processes aren't their users. We need to protect users from processes as much as users from each other.

It's a fucking sad state of affairs. Is our solution really to keep using virus scanners and bitch online about stupid non-expert users clicking things or plugging in a network cable? Are we going to keep hiding behind some cop-out biology analogy of an 'immune system' instead of fixing a fundamentally broken security model?

more than 5 years ago

Jack Thompson Spams Utah Senate, May Face Legal Action

lord_sarpedon Re:Low lifes (319 comments)

Seriously - what the fuck is wrong with you people?

People getting attacked on the street for wearing the wrong cap? Dying by a team that has nothing to do with you, save for being the closest? I'm sure I'll catch you all in another thread pontificating about the evils of that "us versus them" mentality so pervasive today - but only in those lesser monkey-folk. Oh, those wretched tribal instincts. Quaint even! And what are you, then, but a mass of liquored hypocrites.

I see the same shit with street gangs -- at least they thrash about in some kind of actual competition, not a vicarious chest-pounding.

more than 5 years ago

When Politicians Tax Violent Video Games

lord_sarpedon Re:but but but, it's for a good cause!! (315 comments)

Are you crazy? Do you know hard it is to get the all those pimp gibs to wash out of my jeans?

Kids these days.

more than 5 years ago

83% of Businesses Won't Bother With Windows 7

lord_sarpedon Re:Huh. (545 comments)

Hardy has been very solid for me - but I heard it was quite bad at release. It really does deserve the LTS label at this point.

Intrepid is STILL awful. I'm trying out Jaunty now, but I'm not impressed yet. Session restore seems to be almost sort of working sometimes now - that was one of the things that bugged me most about Intrepid (though the blame belonged with GNOME upstream). They're still playing games with the UI when it doesn't make sense to do so (the shutdown/quit/whatever buttons vanished from the System menu - you have to use the fast user switch applet on the far right. Gnome-panel was patched, to detect the FUSA applet specifically, and hide the quit options from the system menu. Seriously - what the fuck guys?) and a fair number of packages are stupidly broken/buggy - VLC won't embed video in the main window. It shows an external one - some issue with the Qt4 interface.

I've also considered jumping to Debian.
If not, I'm sticking to Hardy until the next LTS release is solid. For new installs as well as my desktop, and quite possibly on other people's machines as well.

more than 5 years ago

Slashdot Mentioned In Virginia Terrorism Report

lord_sarpedon Re:Could A.C. be a wheat/chaff solution? (779 comments)

I propose that an excerpt from /dev/random must be appended to every post.

Perhaps our efforts can divert a substantial amount of government time and resources towards cracking the evul Anonymous cipher. You know, so they have less time to get actual work done. Slashdot is quite good at that in the general case, but in this case, these are jobs that nobody should be doing.

I wonder if this could count towards my community service...

more than 5 years ago



More Grade-changing in Public Schools

lord_sarpedon lord_sarpedon writes  |  more than 6 years ago

lord_sarpedon writes "Rampant grade-changing has been exposed within a public Texas high-school. Collateral damage appears to be district-wide, and several students are looking at felony charges.


"Four high school students are being investigated on suspicion of breaking into the Fort Bend Independent School District's computer network and changing the grades of at least 60 students, according to court documents and school officials. Investigators estimated the financial loss to the school district at more than $190,000, making the case a possible felony."


"School district technology officials also told investigators that malicious applications had been discovered on about 80 computers at Hightower High School."

Perhaps computer security in the realm of public education doesn't quite meet industry standards? It was an inside job, of course, but would this even have been detected had it been much fewer than "60 students" affected? Many slashdotters are likely employed in school IT departments — how common are these security catastrophes and to what extent can they be attributed to lax security?"

Link to Original Source


lord_sarpedon has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>