Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Comments

top

Secure Boot Coming To SuSE Linux Servers

sofar Re:SecureBoot has no place as implemented (135 comments)

Then they will not be windows 8 certified, and may not affix a "Windows 8" WHQL sticker, or advertise their systems together with any Microsoft Logo.

about a year ago
top

Spanish Open Source Group Files Complaint Over Microsoft Use of UEFI Secure Boot

sofar Re:Linux secure boot? (154 comments)

You remove it (or never have it to begin with if you are a hardware vendor) and put your own platform key on it. For examples on how to do so, please google James Bottomley's blog.

about a year ago
top

Spanish Open Source Group Files Complaint Over Microsoft Use of UEFI Secure Boot

sofar Re:I hope they make the right decision.... (154 comments)

misinformed much?

You do not need to disable UEFI in order to boot a different OS, but only need to disable Secure Boot.

You can disable Secure Boot and still boot multiple OS's (with UEFI, as almost all the major distros now support). You can then add a second key and re-enable Secure boot, and dual boot any OS you want with Secure Boot enabled.

about a year ago
top

Did Google Tip Off EU About Microsoft Browser Ballot?

sofar Re:Who cares? (187 comments)

And to answer my own question: All the Apple fanbois care, obviously.

about a year and a half ago
top

Did Google Tip Off EU About Microsoft Browser Ballot?

sofar Who cares? (187 comments)

Microsoft were fined for a reason. Who cares that google complained? They make a browser... this is sooooo non-news.

about a year and a half ago
top

How Verizon's 'Six Strikes' Plan Works

sofar Problem solved quickly.... (505 comments)

If everyone runs their WIFI AP's open.

about a year and a half ago
top

Dutch Gov't Offers Guidance For Responsible Disclosure Practices

sofar Re:Disclosure only with consent? (37 comments)

The problem is that enforcing public disclosure by the organization itself is equivalent to self-incrimination. Think about that for a second. Do you really want to put that in law? In the US, it would be thrown out immediately as unconstitutional.

about a year and a half ago
top

Dutch Gov't Offers Guidance For Responsible Disclosure Practices

sofar Re:Time limit (37 comments)

As I posted before, the guidelines mention explicit timelines that should be followed. 60 days for software, 6 months for hardware.

about a year and a half ago
top

Dutch Gov't Offers Guidance For Responsible Disclosure Practices

sofar Re:but... (37 comments)

Most likely scenario for Security, Dick:

1) Criminality. Failure to ensure funding from reputable companies forces these folks into blackmail or abuse of disclosure process. Eventually, they end up behind bars.

2) Corrective collective: Companies never give out freebies, but well-behaved security researchers have far more fun not being chased by police and get all the chicks. This creates a role model. You should see Bruce Schneier at rave parties.

about a year and a half ago
top

Dutch Gov't Offers Guidance For Responsible Disclosure Practices

sofar Re:There are only two things I hate (37 comments)

Two thoughts on your message:

1) you must hate yourself.

2) the Dutch will still love you. :^D

about a year and a half ago
top

Dutch Gov't Offers Guidance For Responsible Disclosure Practices

sofar Re:Sounds fairly reasonable. (37 comments)

The guidelines (dutch PDF) have a whole chapter outlining the responsibilities of the organization receiving a disclosure. They include guidelines for solving the issues (60 days for software, 6 months for hardware), reporting back progress to the discloser, allowing a discloser to report the vulnerability to a larger audience as part of the NCSC (government). Combined, these guidelines are an effective tool for security researchers to play by the rules and put pressure on companies together with others.

Researchers are encouraged to disclose to the NCSC as well, which means many security experts will be able to put pressure on companies not fixing vulnerabilities according to these rules.

about a year and a half ago
top

Dutch Gov't Offers Guidance For Responsible Disclosure Practices

sofar Re:Disclosure only with consent? (37 comments)

The documents create a neutral middle-man organization that can mediate between companies refusing to cooperate and disclosers. It effectively puts irresponsible companies directly in the line of sight of the government and thus legal action. What's not to like?

about a year and a half ago
top

Dutch Gov't Offers Guidance For Responsible Disclosure Practices

sofar Re:Been Done (37 comments)

Being a native dutch speaker, I read the entire guidelines in Dutch, and they include disclosure terms to encourage companies to rapidly fix (60 days) issues, and make agreements with the discloser about the disclosure.

This is common practice and rather well accepted practice already. So, in essence, the document encourages the public disclosure. Any company that wishes to ignore the vulnerability will have their asses handed to them anyway, so this guideline actually helps - security researchers can use it to show to companies that they are acting in good faith as long as companies play by the same rules.

So personally, I highly encourage governments to do something like this.

This Dutch variant is interesting in the sense that it creates a possible middle man that can mediate and monitor the disclosure. This protects disclosers, and puts more pressure on companies to abide by these standards. Not the other way around.

about a year and a half ago
top

After 12 years of Development, E17 Is Out

sofar Re:anti aliasing? (259 comments)

Font settings -> Advanced -> Hinting.

There's an option for everything.

about a year and a half ago
top

E17 Released

sofar So far so good... (1 comments)

It compiles, and runs. I love the new theme!

about a year and a half ago
top

East Texas Getting Compressed Air Energy Storage Plant

sofar Re:CASE or CAES? (248 comments)

Iknowrite?

For a second there, I thought they had a winner, after all, they have a large amount of compressed gas already milking idiotic patents in the region... Storing the energy from all the East Texas patent lawyers might prove a great way to harvest alternative energy sources and reduce corporate trolldom!

Sadly, I fail to see how these efforts won't be thwarted by the same patent lawyers.

more than 2 years ago
top

BSA Claims Half of PC Users Are Pirates

sofar Re:Underestimation? (585 comments)

the other half used free software...

more than 2 years ago
top

Steve Jobs' Idea For an Ad-Supported OS

sofar Re:Excuse my French. (255 comments)

Sad are the days without moderator points.

more than 2 years ago
top

Steve Jobs' Idea For an Ad-Supported OS

sofar Re:Excuse my French. (255 comments)

as other posters have said, this is just not true:

- I wasted 2+ years of my evenings playing WoW. on Linux.
- I played Skyrim, Oblivion. on Linux.

Those are/were some of the biggest titles out there, and they have always been playable.

OSX is also not more secure - it's can only be less secure since there is no way for you to assess the security, or fix the security yourself. Ultimately, more eyes means better security, period. If there is a difference in security, it's beneath the level that you as a non-security expert would be able to describe.

And yes, you can still run windows 95 on that 486. But you can't run the latest version of Windows on it. You can however run the latest version of most Linux Distributions on it (and there are even specialized versions of those latest distributions out there for those systems).

So again, you're repeating incorrect assumptions. Perpetuating the logical fallacy. Congratulations, you prefer the way of the dodo.

more than 2 years ago

Submissions

top

Diebold sells of voting machine business

sofar sofar writes  |  more than 4 years ago

sofar writes "Several news sites report Diebold has sold off its money-losing voting machine business, quote "Premier Election Solutions, Inc., the subsidiary that makes up the bulk of Diebold's voting machine business, will be sold to Election Systems & Software". One can only wonder what this means in the long turn for the voting machine business — will it topple over and be replaced widely by the pencil, or will a "new" Diebold pick up the pieces and do worse than the original one. Uncertainty will be a big problem for the government organizations using the machines."
top

Xfce 4.6 released

sofar sofar writes  |  more than 5 years ago

sofar writes "After two years of development, the my Xfce friends have managed to create yet another great Xfce release. The new release builds out to improve the desktop management. Session management is drastically improved and the window manager now detects hung applications. Internally, Xfce now sports a full-fledged configuration system. All in all this new release brings a long awaited update that brings a lot of maturity to the light-weight desktop. Go take the 4.6 tour!."
top

OLPC may ditch linux

sofar sofar writes  |  more than 5 years ago

sofar writes "The guys at The Inquirer inform us that One Laptop Per Child has said that they might dump Linux from their XO laptops in favour of the Vole's Windows XP. It seems that Negroponte "has fallen victim to invasion of the corporate body snatchers, or the Vole has told him they'll be mailing him a very big cheque". I'm sure that this will make the OLPC unsuitable for it's original intent — to reach children in development countries for a reasonable price."
top

Intel announces Open Fibre Channel over Ethernet

sofar sofar writes  |  more than 6 years ago

sofar writes "Intel has just announced and released source code for their Open-FCoE project, which creates a transport that allows native Fibre Channel frames to travel over ordinary ethernet cables to any Linux system. This is an extremely interesting development where datacenters can reduce cost and maintenance by reducing the amount of Fibre Channel equipment and cabling while still enjoying the benefits and performance of Fibre Channel equipment. The new standard for channelling fibre channel frames over ethernet is backed by Cisco, Sun, IBM, EMC, Emulex and a variety of others working in the storage field. The timing of this announce makes sense with 10 Gigabit Ethernet becoming more widespread in the datacenter."
Link to Original Source

Journals

sofar has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>