Announcing: Slashdot Deals - Explore geek apps, games, gadgets and more. (what is this?)

Thank you!

We are sorry to see you leave - Beta is different and we value the time you took to try it out. Before you decide to go, please take a look at some value-adds for Beta and learn more about it. Thank you for reading Slashdot, and for making the site better!



Ohio Attempting To Stop Tesla From Selling Cars, Again

nehril Re:Pretty Much. (387 comments)

The history of why the car dealership system exists as it does is actually quite interesting. Back in the day, car dealerships were the good guy underdogs, and car manufacturers were pretty much the devil. The "Planet Money" podcast has a great episode on this:


Basically explains why buying a car in general sucks (consistently ranked as one of the worst consumer experiences), and why there isn't a "new car supermaket" where you can browse & buy cars from multiple manufacturers.

about a year ago

Unreleased iPhone 2.0 May Already Be Hacked

nehril Re:Pertinent word... (183 comments)

the whole iphone dev system is interesting in that it is an attempt to finally invert the usual "blacklisted software" security system that has so often been the rule. rather than the busted concept of allowing all software to run, and then chasing down 'bad' ones with antivirus programs, rootkit detectors, spyware removers etc, they're moving to a whitelist. default deny, selective approve, with revocation.

just as any sane firewall is set up. (it would be nuts to set up a firewall to default allow all ports, and then start selectively blocking them only once an exploit that uses it becomes apparent, but then you have today's software security model doing just that.) forcing devs to buy a cert means they have somewhat of a point of authentication and also a hook to revoke all of a dev's apps if they fail to toe the line by releasing a virus, trojan, phish etc. Or "something that reduces apple's revenue" ;)

I believe leopard has the (currently unused) capability to do this built in as well. looks like the iphone is going to be a bit of a testbed for the concept. this kind of thing is only possible really with a "brand new" os where you can start from day 1 with no backward compatibility problems. it's also the reason you're not allowed to run interpreters like java or javascript... else Sun would get a valid cert to load the java interpreter, which in turn could run anything on the planet bypassing the "run only whitelist code" concept.

I can't say i agree with such "mandatory*" restrictions on a computing device I purchased, but as a matter of security philosophy it really is quite interesting.

*well, mandatory if you want to run snazzy new SDK apps. they really should set up an "unsupported, you may be SORRY!!" class of signature that would let you run, at your own risk, anything from that signature.

more than 6 years ago


nehril hasn't submitted any stories.


nehril has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?