×

Announcing: Slashdot Deals - Explore geek apps, games, gadgets and more. (what is this?)

Thank you!

We are sorry to see you leave - Beta is different and we value the time you took to try it out. Before you decide to go, please take a look at some value-adds for Beta and learn more about it. Thank you for reading Slashdot, and for making the site better!

Comments

top

Rob "CmdrTaco" Malda Resigns From Slashdot

parkrrrr Re:Oh no! (1521 comments)

Sad, isn't it?

more than 3 years ago
top

A Solar-Powered 3D Printer Prints Glass From Sand

parkrrrr Re:Fonts (139 comments)

No, it only does suns serif.

more than 3 years ago
top

Of 1.2 Billion Twitter Posts, 71% Are Ignored

parkrrrr Re:Dumb title (192 comments)

Relatedly, just because somebody replies to the tweet doesn't mean people are reading it.

more than 4 years ago
top

Senate Votes To Turn Down Volume On TV Commercials

parkrrrr Re:It's almost as if (625 comments)

You write about my humorous post as if you'd read someone else's post, or are replying to the voices in your head. Get some help, or at least some perspective.

more than 4 years ago
top

Senate Votes To Turn Down Volume On TV Commercials

parkrrrr Re:It's almost as if (625 comments)

You mean "Also, the Republicans will...." Fish gotta swim, Republicans gotta screw us, Democrats gotta screw up.

more than 4 years ago
top

40 Windows Apps Said To Contain Critical Bug

parkrrrr Re:Shared Objects / Dynamically Linked Libraries (158 comments)

Wow, in one post you managed to present both the common sense notion that MS shouldn't care if they break insecure applications, and the most common objection to that notion - that people will blame MS even if it's the other guy's bad application at fault.

more than 3 years ago
top

40 Windows Apps Said To Contain Critical Bug

parkrrrr Re:how do we check for all remotely loaded DLL loa (158 comments)

People do run applications from network shares. But if you want to keep people on your machine from running executables from remote locations, I think you can set up a software restriction policy with an appropriate path rule and with the global settings set to check DLLs too.

I would guess that the problem isn't that reading a data file causes a DLL to be automatically "sucked in" from that location, but that the application sets the current working directory to that location, causing subsequent DLL loads to potentially happen from that location.

XP SP2, Vista, and above have a somewhat safer search path by default, checking system directories before the working directory. Earlier versions checked the working directory second, after the application directory. Windows 2000 SP4 and XP prior to SP2 can also be set to use the safer search path. But if the application attempts to load a DLL that doesn't exist elsewhere, or one that only exists somewhere else in the user's PATH, it can still be tricked into loading one from the working directory.

Applications that change the current working directory based on user input should be calling SetDllDirectory, on Windows versions that support it, to remove the current working directory from the search path. I'm not surprised that there are many applications that do not.

more than 3 years ago
top

40 Windows Apps Said To Contain Critical Bug

parkrrrr Re:So little detail... (158 comments)

Verizon doesn't block SMB on residential connections anyway? I know Comcast does. As far as disabling WebDAV, the article links to a Microsoft security bulletin that - among other things - contains instructions for doing that.

The sad truth is that most people won't even know the security problems exist, even after there are fixes available for them. People who actually care about these things are already a rarefied group among Windows users.

more than 3 years ago
top

40 Windows Apps Said To Contain Critical Bug

parkrrrr Re:So little detail... (158 comments)

Slight self-correction: blocking SMB at the router and disabling the WebDAV client on all Windows machines. Still, there's a mitigation that should work for most people.

more than 4 years ago
top

40 Windows Apps Said To Contain Critical Bug

parkrrrr Re:So little detail... (158 comments)

The article does mention that blocking WebDAV and SMB at your perimeter router will at least prevent the exploit coming from outside your network, though I agree that in general it seems long on FUD and self-congratulation and short on useful content.

more than 4 years ago
top

Symbian Completes Transition To Open Source

parkrrrr Re:AT&T's other phones (189 comments)

Where were you when I was trying to decide between the 6350 and 6650 a week ago?

Seriously, most people in the US have never heard of Symbian or even Android. The only words they know are "iPhone", "Droid", and "Blackberry."

And, honestly, it's not like you're going to find the information that S40 and S60 aren't actually related anywhere obvious on Nokia's website. Even finding out which are S40 and which are S60 is a matter of clicking several links, even on Nokia's site. AT&T doesn't generally put that information in their "technical" specs.

Still, the original poster's point holds: AT&T has at least one other Symbian phone, the 6650. (The Mural is another S40 phone.)

more than 4 years ago
top

Symbian Completes Transition To Open Source

parkrrrr Re:AT&T's other phones (189 comments)

And another data point: T-Mobile has the 5130, another S40 phone. So even the "only AT&T has any Symbian phones" part is wrong.

more than 4 years ago
top

Symbian Completes Transition To Open Source

parkrrrr Re:AT&T's other phones (189 comments)

And the 6350 (S40) and the 6650 (S60, same as the e71x.)

more than 4 years ago
top

The 87 Lamest Moments In Tech, 2000-2009

parkrrrr Re:obligatory (328 comments)

I sure haven't noticed that, as I first heard it floated as a potentially usable term back in 1999 or so.

more than 4 years ago
top

Go, Google's New Open Source Programming Language

parkrrrr Re:Maybe C really is "it" for now... (831 comments)

That'd be Fortran. Code generally had to start in column 7. But that had nothing to do with loops or conditional structure. Fortran code isn't generally indented to show structure. After all, it was hard to write; it should be hard to read. (More reasonably, since code is limited to columns 7-72, there's not much space to be wasted on frills like indentation.)

more than 5 years ago
top

Database Records and "In Plain Sight" Searches

parkrrrr Re:Seems like there's another problem here... (154 comments)

Again, the warrant should only give MLB an out on the promise of confidentiality. "Anonymous and confidential" means anonymous AND confidential. They're two different things; you can't say "this is anonymous because we'll just never tell anyone whose name is attached to it." That's just confidentiality. The only way it's anonymous is if nobody - not just "nobody but a privileged few" - can determine whose it is.

That's the whole point of "anonymous and confidential": if the confidentiality is breached, either legally (as in this case) or not, the anonymity is supposed to be the backup.

more than 5 years ago
top

Database Records and "In Plain Sight" Searches

parkrrrr Re:Why player's union isn't suing? (154 comments)

They're suing over the loss of confidentiality. As near as I can tell, the fact that the loss of confidentiality was able to have any effect on them at all is because there never was any of the promised anonymity. The government is not the only party who did something wrong here.

more than 5 years ago
top

Database Records and "In Plain Sight" Searches

parkrrrr Re:Seems like there's another problem here... (154 comments)

A promise that information will remain anonymous is not a promise to destroy all information relating to identity.

Well, yeah, actually, it kinda is. That's what anonymous means.

There are protocols that could allow for retesting without the testing or collecting parties needing to know anything about the identity of the party being tested. The simplest one I can think of off the top of my head: randomly issue a sheet of identically numbered labels to each participating player, without tracking which player gets which labels, and have each player apply one of their labels to each test sample. Obviously, there might need to be additional protocols in place to prevent correlation of labels with players after the fact, but the point is that it's a solved problem, and one that the medical testing community has dealt with before.

I'm not saying the players should sue for the breach of confidentiality; there's really nothing that can be done about that. But there was never any serious attempt made at anonymity, despite promises that the data would be both anonymous AND confidential, and that should be a concern.

more than 5 years ago

Submissions

parkrrrr hasn't submitted any stories.

Journals

parkrrrr has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?