Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Comments

top

Ask Slashdot: Best PDF Handling Library?

tajribah Re:PDF::API2 and CAM::PDF (132 comments)

PDF::API2 is nice, but unfortunately it doesn't handle newer PDFs with compressed xrefs and/or object streams yet. Also, support for writing text in anything different from ASCII and maybe Latin-1 is close to missing.

about a month and a half ago
top

A Mathematical Proof Too Long To Check

tajribah Re:SAT solving is NP-complete (189 comments)

SAT solvers usually guarantee that their result is correct. What they don't guarantee is that they finish in reasonable time for every input.

about 7 months ago
top

Microsoft Kills Stack Ranking

tajribah Re:Encountered this kind of thing ... (204 comments)

Is it more likely that:

c) One of the groups had better teachers, so they learned more.

Actually, this is a very common reason. In such cases, I don't see why should the better group get the same grades as the other one.

about 10 months ago
top

Calif. Attorney General: We Need To Crack Down On Companies That Don't Encrypt

tajribah Re:NSA (127 comments)

I think part of the rationale is that a self-signed certificate very well might be a sign that you're the victim of a man-in-the-middle attack, and it needs to be treated as a serious potential threat.

This sounds good in theory, but the reality is that self-signed certificates (or those signed by an authority your browser does not recognize) are several orders of magnitude more common than MiTM attacks.

Otherwise, I agree that a big part of the problem is unusable UI for managing certificates in almost all existing browsers.

about a year ago
top

Calif. Attorney General: We Need To Crack Down On Companies That Don't Encrypt

tajribah Re:NSA (127 comments)

I expect the browser to clearly inform the user whether the connection is safe (HTTPS with a verified certificate) or unsafe (either plain HTTP, or HTTPS with an unknown certificate). I also expect the user to check that a connection to his bank is reported as safe. If you are interested in preventing attacks against careless users, the browser might also notify the user that a site previously known to have a safe connection, no longer has one. However, I do not think this is of much help: many users just enter the domain name of their bank and rely on the bank to redirect the HTTP version to the HTTPS one, which is where a MiTM attacker can always succeed. (An interesting special case is invalid certificates: expired ones, or certificates issued for a different domain. Here, a big fat warning could be appropriate.)

about a year ago
top

Calif. Attorney General: We Need To Crack Down On Companies That Don't Encrypt

tajribah Re:NSA (127 comments)

Is "as bad as no encryption" a reason for yelling on the user and presenting it like the worst security problem ever? Even if I accept the premise that it is as bad as no encryption, the obvious conclusion is that the browser should present it the same as no encryption.

Actually, it is not as bad. It still keeps you safe from passive attacks (like your ISP collecting all data for a three-letter agency, which analyses them later).

about a year ago
top

IQ 'a Myth,' Study Says

tajribah Re:RTFA (530 comments)

Actually, people with exceptionally good problem-solving abilities seldom have exceptionally high scores in IQ tests, since they often find multiple solutions to a task, totally unexpected by the test's author.

about 2 years ago
top

Wristwatch for Geeks?

tajribah Re:Casio is still OK (4 comments)

I have just bought Casio G-Shock GD-200 and I am very happy with it. The construction is very robust and it has all features I need: stopwatch, timer, multiple alarms, and dual time.

about 2 years ago
top

Polish Researcher: Oracle Knew For Months About Java Zero-Day

tajribah Re:IBM (367 comments)

Using threads with locks and other traditional synchronization primitives is a walk across a minefield. More than 90% of multi-threaded programs I've ever seen are full of race conditions and other subtle bugs, which are not easily visible, but which make the program unstable on the long term (it is not unusual that a program suddenly deadlocks after running for several months). If you really want to write something parallel, use a language which provides a better abstraction, one of the possibilities is transactional memory.

about 2 years ago
top

GNOME: Possible Recovery Strategies

tajribah Re:Thoughts from a core GNOME 1.x and 2.x develope (432 comments)

The core of the problem is that GNOME developers have the habit of releasing as 2.0 or 3.0 something, which is of beta quality at best. It's quite possible that GNOME 3 contains some great ideas, but trying to attract users to software, which will need a year or two more to reach usability of the previous version, is not going to win anybody's sympathies. Exactly this has already happened with the release of GNOME 2.0: its usability was nowhere near that of GNOME 1.x, but still, it was presented as a replacement of 1.x. The users were rightfully complaining. One would have hoped that GNOME developers have learned something from that fiasco...

As of culture resistant to changes: For most people, the computer is a tool. And as with many complex tools, it takes time (sometimes years) to learn how to use them in the most efficient way. The learned experience is very valuable, but a part of it is necessarily lost when the tool suddenly starts behaving differently (people are not used to their screwdrivers changing shape overnight). Sure, changes are necessary for progress, but you should not ignore that changes come with a high cost to the users and radical changes of basic concepts even more so. Changing details is usually fine, removing functionality is worse, and radical changes of established products should be done only in cases, where the benefit is an order of magnitude larger than the loss. GNOME developers seem to ignore this fact of life for years.

more than 2 years ago
top

SUSE Slowly Shows UEFI Secure Boot Plan

tajribah Re:Slashdot has gone batsh*t crazy (190 comments)

UEFI Secure Boot solves a security problem which, while being real, is completely marginal in real world. The extra complexity with key management is simply not worth the gain. There is a zillion of places where you can improve real security of systems at much smaller cost.

more than 2 years ago
top

Java Apps Have the Most Flaws, Cobol the Least

tajribah Re:COBOL (435 comments)

Besides, if you have a 1000-line Java program and a 10000-line COBOL program doing the same task, which is going to have less bugs per line? :-)

more than 2 years ago
top

US Gov't Mistakenly Shuts Down 84,000 Sites

tajribah Re:Welcome to the USA (296 comments)

Technical mistake? I would call it utter incompetence of the investigators, who do not understand the difference between a domain and its subdomain.

more than 3 years ago
top

Linux May Need a Rewrite Beyond 48 Cores

tajribah Re:Original Source and Actual Paper (462 comments)

The Amdahl's law is a gross oversimplification. It assumes that every problem consists of a part that is unavoidably sequential, while the rest is parallelizable in an unlimited way with no overhead. The reality is that almost every problem is parallelizable (with a few notable exceptions like the lexicographically minimal shortest path or constructing the DFS numbering of a graph where we do not know whether an efficient parallel algorithm exist), but problems differ in overhead imposed by their parallelization.

more than 3 years ago
top

Selling Incandescent Light Bulbs As Heating Devices

tajribah Re:God, this is tiresome (557 comments)

Nonsense. The only negative externalities are those caused by producing electricity and those are much better handled by a tax on electricity, not by silly regulation of light bulbs.

more than 3 years ago
top

Selling Incandescent Light Bulbs As Heating Devices

tajribah Re:Ok, a couple things (557 comments)

The important thing is that the government should not dictate people what light sources are efficient and useful for what purpose. If CFLs are so efficient that they are less expensive to use, the people will take advantage of that sooner or later and there is no need for the government to force feed them the truth. In this case, the government has overstepped its mandate too far.

Also, there are many uses of incandescent bulbs where they cannot be easily replaced by CFLs -- e.g., if you need to regulate the light output continuously, or if they are very often turned on and off, or simply if the heat produced is desired.

more than 3 years ago
top

Spanning Tree Protocol Is Doomed?

tajribah Rubbish (1 comments)

The Juniper's "experts" talk utter rubbish:

According to Ingram, in a tree structure, 30 to 50 percent of the ports connect switches to other switches.

This would mean that the average number of ports per switch is at most 4 :-)

Every time you double the number of storage and servers in the data centre you have to quadruple the number of switch cores.

Another nonsense. The number of internal vertices of any tree (which does not contain degree 1 nodes) is linear in the number of leaves. Maybe the primary problem with the spanning tree protocol is that the network equipment manufacturers do not understand what a tree is :-)

more than 3 years ago
top

Google Researcher Issues How-To On Attacking XP

tajribah Re:Thanks Google (348 comments)

I was speaking about upgrades, not fresh installs.

more than 4 years ago
top

Google Researcher Issues How-To On Attacking XP

tajribah Re:Raging Bull (348 comments)

My point is that we're just the little people getting trampled underfoot while Godzilla and King Kong fight it out.

Agreed, but fortunately we often have the choice to avoid the Godzillas and King Kongs of this age and choose an OS which has real security support :-)

more than 4 years ago

Submissions

tajribah hasn't submitted any stories.

Journals

tajribah has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>