×

Announcing: Slashdot Deals - Explore geek apps, games, gadgets and more. (what is this?)

Thank you!

We are sorry to see you leave - Beta is different and we value the time you took to try it out. Before you decide to go, please take a look at some value-adds for Beta and learn more about it. Thank you for reading Slashdot, and for making the site better!

Comments

top

Two Google Engineers Say Renewables Can't Cure Climate Change

peppepz Re:Deliberate (616 comments)

The cost of building *everything* in China is at least 1/3, with well-known results, such as extreme pollution.

That the trade union of nuclear professionals advocates for nuclear power is unsurprising, grant me this consideration.

The wikipedia link that you pointed me to says that China has intentions to bring nuclear power usage to 6% in 2020 up from its current 2% whereas the regulated US were at 19% last year, and the hyper-regulated France was at 75%.

Conclusion: nuclear blossoms in social-democratic countries with a strong central government that invests large amounts of taxpayers' money as subsidies to the industry (or owns it directly).

And thorium reactors are nice, except that they have problems too, the biggest one being of course that they currently do not exist in a profitable form, while nuclear power fundamentalists regularly mention them as the obvious, current solution for every woe of nuclear power.

Don't get me wrong, I'm a nuclear power proponent myself, especially after I've seen the damages done by supposedly green energy sources and their governmental subsidy policies. I just don't like echo chambers.

yesterday
top

Two Google Engineers Say Renewables Can't Cure Climate Change

peppepz Re:Deliberate (616 comments)

The high costs of nuclear are driven by non technical issues.

If that were true, we'd be seeing nuclear power plants flowering under authoritarian regimes, whose leaders need not worry about public opinion. Or, we'd see them abund in turbo-capitalist countries, where rich people, or associations thereof, can buy legislation and will do so on every occasion when there's money to be made.

If the effective cost of nuclear power isn't limited to the bill of materials of the power plant and the cost of the finished, ready to employ fuel, it's because of reality, not because of tree-huggers.

yesterday
top

Ars Dissects Android's Problems With Big Screens -- Including In Lollipop

peppepz Re:Timely (103 comments)

True, but what about mid-complexity applications, such as office productivity or file management? I'm not convinced that modern (and Modern) UIs really make the "getting to know how to use it" part any faster for them. Why, when I use Office, I often find myself asking the web search engine from a Microsoft competitor about where the designers have hidden some function. For instance, in Access 2007 they hid document-relative actions amid the program-relative options inside what old-schoolers would call a "menu hierarchy" which was visually attached to a pulsating globe in a corner of the screen. In Windows 8, they went a step further and hid fundamental actions, such as "turn off the pc", or "put away everything that I'm working on and switch to the last Modern-style application that I have used", behind esoteric mouse gestures that give the user no visual clue about how to trigger them before he has actually performed them, and very little clue about what's going on aftern he's performed them (possibly by mistake).

Of course, it's also possible that I'm getting old.

about two weeks ago
top

GNOME Project Seeks Donations For Trademark Battle With Groupon

peppepz Re:If this were ten years ago, I would have (268 comments)

No,

No? From the message:

at this point in time I'd advocate against Mozilla, Libreoffice, XFCE or LXDE to switch to GTK 3. They value their independence from GNOME too much.

My comment didn't contain any statement of value about GTK3 or GNOME, so I can't understand the rest of your message about being dickish, lazy, Enlightenment looking bad, me forcing other people to solve my problems, and so on. Perhaps you're talking in general about the attitude you perceive here on slashdot towards GNOME 3, but then if you do that in reply to a message of mine, you make it look like I said any of the stuff you're talking about. Which is not the case.

about two weeks ago
top

GNOME Project Seeks Donations For Trademark Battle With Groupon

peppepz Re:If this were ten years ago, I would have (268 comments)

Which is why at this point in time I'd advocate against Mozilla, Libreoffice, XFCE or LXDE to switch to GTK 3. They value their independence from GNOME too much.

What's the difference between "I advocate against projects that value their independence from GNOME to use GTK 3" and "I don't want you to use GTK 3 outside of GNOME"?

about two weeks ago
top

Russia Takes Down Steve Jobs Memorial After Apple's Tim Cook Comes Out

peppepz Times change (430 comments)

In Soviet Russia, trampling workers' rights gets you a monument, having a gay friend (?) gets it to be demolished.

about three weeks ago
top

Dangerous Vulnerability Fixed In Wget

peppepz Re:super user (58 comments)

It's not enough to download some files: in order to be susceptible to the attack, those devices should download stuff as root in recursive mode from a compromised ftp server. I honestly can't see that happening in reality.

(But then again I wouldn't believe that home routers could be sold with an internet-facing backdoor open by default in their stock firmware, until that happened.)

about a month ago
top

Building All the Major Open-Source Web Browsers

peppepz Re:Building should not be complex. (106 comments)

(cmake is probably the best, since it's more portable than autoconf).

As a user of autoconfed packages, I find autoconf superior to cmake. Packages built with autoconf have standardized mechanisms for uninstallation (a cmake package may generate an install-manifest file, an uninstall target, or none of the two), to specify where to put documentation, for cross-compilation, and to fine-tune the build and the installation. With cmake, I can't even tell the package where to install libraries (most packages will allow you to do it, but each package has a different standard about the way to be told); with autoconf, I can even specify a sed to be run on the name of the installed binaries (useful if different packages provide different implementations of the same binary) and still have the installed package work. Also, with cmake packages building both static and dynamic libraries at the same time is usually impossible.

Moreover, modern autoconf scripts are (relatively) easy to debug and patch when they don't work; cmake scripts are more scattered and they're written in an obscure mainframish language.

That said, I imagine that using autoconf on non-posix systems might be less funny.

about 1 month ago
top

Assange: Google Is Not What It Seems

peppepz Re:In short.... (289 comments)

make money != be the Government

about a month ago
top

Apple Doesn't Design For Yesterday

peppepz Apple Don't Design for Yestserday, but for Fanboys (370 comments)

This has to be the biggest piece of Apple adulation that I've ever seen. A practice of flattery over everything Apple do is always superabundant in most of the output of the American tech press: we're used, for instance, to the reviewers' pirouettes when they first dismiss some bad choice by Apple as irrelevant, and then they have to praise the reversal of that choice as the best thing after sliced bread in some later version of an Apple product.

But in this case, well, Apple does something wrong (not even remotely comparable to the trainwreck that Microsoft did with Metro, I'll concede) that devalues the largest part of its already expensive product line, with the exception of the most expensive products, and without adding any value to those either, but Apple fan are happy nonetheless because... it's good to be shown how Apple does not care about who doesn't spend the most?

What is this, an exercise of asceticism in the path of the true Apple worship?

about a month ago
top

ChromeOS Will No Longer Support Ext2/3/4 On External Drives/SD Cards

peppepz Re:Open Source? (345 comments)

From reading the linked discussion (before people started having shitfits), a dev suggested removing extFS support as "an unnecessary feature"

A dev announced that extFS support had been removed in beta. To people protesting, they replied that the feature was going away full stop. They even modified the ChromeOS feature page stating that ChromeOS had ext support.

because of theoretical security issues

Because of FUD. Stating that supporting the ext file system poses a security issue is FUD: it is FUD by definition, and it is FUD in particular because ext is massively used in security-critical contexts including Google's servers and Google's Android operating system. Why, ext4's key developer is a Google employee IIRC!

and because it interfered with implementing file system renaming (which looks to be surprisingly tricky to do right).

Because they didn't want to implement the few lines of code supposed to invoke the already existing facilities that set the file system label. A thing that, for tricky that it may be, was done right by the Commodore 64's 1541 floppy drive OS, by MS-DOS, by all versions of Windows, by all Linux-based desktops, by AmigaDOS, by OSX, and probably most existing operating system.

In no time at all, objections were posted, some of them rather aggressive in tone.

One of the last comments before disallowing further comments was that they were looking into keeping extFS support, but throwing an error message if you try to rename an extFS volume, and possibly implementing extFS support in userspace for security reasons.

After the slashdot story was published, after my comment was written, when more and more people started stating, most of them politely, that removing ext support would make ChromeOS unsuitable for their work, and that they were upset because there was no credible explanation for the removal of the feature, only after that developers stopped ignoring their discontent and decided to leave ext support in for the time being, but still without writing the code required to alter the filesystem label.

All of this seems quite reasonable when considering what ChromeOS is and its usual usecase.

And when did I say otherwise? I even said the same thing in another comment.

about a month and a half ago
top

ChromeOS Will No Longer Support Ext2/3/4 On External Drives/SD Cards

peppepz Re:Open Source? (345 comments)

Open Source != GPLv3. People can write all the code that they like but unless Google want to, their chances of actually seeing that code running on Chromebooks is zero. In this case, Google have already decided that the feature (which is already there) has to go, because simplicity.

about a month and a half ago
top

ChromeOS Will No Longer Support Ext2/3/4 On External Drives/SD Cards

peppepz Google's laptop, Google's rules (345 comments)

Buy a real laptop if you want to do whatever you want with it. If you buy (?) a locked-down device, which is controlled by a remote commercial entity and not by you, then don't act surprised when they don't support some use case of yours which doesn't help them make money.

about a month and a half ago
top

Eric Schmidt: Anxiety Over US Spying Will "Break the Internet"

peppepz Do you know what else will break the internet? (179 comments)

DRM in HTML will “break the internet” too, and you pushed for it. Surveillance sucks whether the data is gathered by a hostile government or by a friendly commercial entity.

about a month and a half ago
top

First Shellshock Botnet Attacking Akamai, US DoD Networks

peppepz Re: Only the beginning (236 comments)

In terms of the ratio of Linux distributions which use Bash as the default shell versus those that do not, the vast majority still use Bash.

Even if this is true, and no I haven't checked it, it has no relevance over the reality of how many people are effectively using Bash together with the Linux kernel, which is a matter of which distributions people effectively use. I do aknowledge that RedHat-derived distributions are probably more common on servers, but I'm just guessing that out of prejudice.

Debian-based distributions use dash as the default system shell, but Bash remains the default interactive shell,

If you really had a server of any kind which spawned a *real user login shell* as a result of a remote client request of any kind, then you would already have a huge security problem. Moreover, I expect lots of people will use Bash as their persoanl shell even on BSDs as it's so much better than Tcsh.

and many scripts specify #!/bin/bash in their shebang line.

Then they are as broken on FreeBSD (or any other OS) as well as they are on Linux distributions that haven't Bash as the system shell.

That last bit is important, because we're living in times where an increasing number of developers are releasing code for network daemons which are designed to be easily run under unprivileged user accounts by those same users. Regardless of how secure the daemons themselves may be, the simple fact that they're executed with Bash as their parent process means they're vectors for system compromise from bugs like Shellshock.

How so? The bug is triggered when you start a buggy Bash shell having a malicious environment variable set up by the parent. Having Bash itself as a parent isn't a problem, because the bug is triggered when the environment is parsed at Bash's startup time (the shell might even crash afterwards).

The karma bonus posting option is enabled by default for a reason. When people who have an established track record of saying meaningful things (as determined by the up-modded metric) post comments, those comments are automatically ranked higher. Likewise, the moderation system provides for down-modding of any given comment, which has the side effect of karma reduction for the "offending" poster. The fact that you don't like what someone has to say is really of little consequence unless you have mod points; this is by design.

The karma bonus is there as a measure to let *you* moderate your own comments. If you consider 2,000 characters of condescendension as something that is worth promoting, good for you, but don't expect other readers to share your conviction.

about 2 months ago
top

First Shellshock Botnet Attacking Akamai, US DoD Networks

peppepz Re: Only the beginning (236 comments)

Now you just have to find some server package which allows an unnprivileged remote client to trigger the execution of a Zimbra init script.

The funny thing is that, should you find it, such package would be vulnerable on FreeBSD in the exactly same way as it were on Linux, nullifying the argument that you are trying to make, about the Bash bug being a "Linux bug" that FreeBSD users shouldn't worry about.

about 2 months ago
top

First Shellshock Botnet Attacking Akamai, US DoD Networks

peppepz Re: Only the beginning (236 comments)

I have never seen this even by the BSD folks. I think you are delusional.

Look at the comments of every slashdot story about some BSD, when the topic of market share comes out.

I won't post links to individual comments here, because I would find it both rude and pedantic.

For most users OSX will have no exposure even though it has the vulnerable Bash.

It depends on wether /bin/sh points to bash on OSX.

It does not use dhclient nor does it use a shell for processing DHCP, instead it uses the ipconfig agent.

Not to mention the fact that if people are connecting their machines to rogue DHCP servers, they're compromised anyway.

Sharing is disabled by default and this includes SSH. Only folks that explicitly run remote services or use the Server product will be exposed.

It's not that the typical Linux distribution opens telnet to the world by default, either.

about 2 months ago

Submissions

top

Unicode 6.0.0 is out

peppepz peppepz writes  |  more than 4 years ago

peppepz (1311345) writes "Although there's no official announcement on the front page yet, the new revision of the Unicode standard, 6.0, has officially appeared on the unicode.org site.

This release includes 2,088 new characters; among them, hundreds of “Emoji”, whose inclusion in Unicode has been pushed by Apple and Google for interoperability with Japanese mobile phone operators. They're icons expressing a wide range of emotions for both human and cat faces, but also include the most unexpected glyphs such as the PILE OF POO encoded at position U+1F4A9.

On a more serious side, there's support for three new scripts, there are new properties for better automatic classification of text and spoof detection, and the newly-designed symbol for the Indian Rupee has been encoded."

Link to Original Source

Journals

peppepz has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?