Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Comment Re: Thanks, *hats (Score 2) 76

Some software can be proven secure. Look at sel4. It's just that software engineers take shortcuts. If you design an aircraft wing you have to prove that it can take the load with math and physics. When we write software we assume it's good enough because we "tested it thoroughly". I guess it's time to start treating software engineering like real engineerings. Hold them accountable and teach them how to prove things secure before they are allowed to use technology. I feel like most software engineering are simply stumbling around in the dark when it comes to security.

Comment Re: Should have used APPS! (Score 3, Informative) 109

Yep. Processes have memory. Memory is divided into pages. Some pages are shared by multiple processes. Initially some pages are marked read only. If the child writes to the page you get a page fault. The fault causes the kernel to make a copy of the page and maps the copy into to the original virtual address space.

Multiple processes may share that original readonly page, so if exploit the bug and write to it then you actually are writing to a page shared by multiple processes.

Comment Re: Its not open source (Score 2) 32

Yes, but xml actually served a need. Bank controlled blockchains don't serve a need. Banks establish trust by being a fucking Bank. Bitcoin needs a proof of work function to establish trust. A blockchain with a backdoor still depends on the original trust of the bank. If you can trust a bank why do you need a blockchain. If you can't trust a bank then the backdoor they build into the blockchain isn't going to make me trust it anymore.

Comment Re:Proof that autonomous cars don't work (Score 1) 108

Level 3 autonomous cars are inherently dangerous. Jim McBride was right when he said, "We're not going to ask the driver to instantaneously intervene—that's not a fair proposition."

We should focus on the standard which level 4 autonomous cars will be judged. Pick the right one and they will be safe and pick the wrong one and we will see them crash.

Comment Re: What. The. Fuck. (Score 1) 200

It should be illegal to ship an Internet connected device that doesn't...

1. Support secure boot, so that a system won't run not unauthorized software unless a user explicitly overrides it.

2. Support an authentication method where the device keys can't be copied off the device after the device software has been modified. A modified device shouldn't be granted access to network services without explicit user consent. Can you imagine a modified echo ordering tons of crap to unsuspecting victims?

This protects consumers.

Comment Re: You would think science could help (Score 1) 275

California has had regular decade long drought. It's not an affect of global warming despite what most of my fellow Californian think. Mother nature isn't homeostatic. Also when the levees break in these coastal towns they think it's so unusual, but the water was there to begin with. If see level rise is inevitable we will fight back. This mass migration thing are bullshit. There are plenty of places under sea level and humans have built massive structures to live there. California has deverted tons of water and is bringing desalination plants back online to keep the status quo. We humans are increasingly stubborn when faced with weather change. I see no reason why we won't be successful with climate change.

Comment Re: good. (Score 2) 60

Mylar will degrade when subjected to heat, humidity and in some cases biological contamination. I wouldn't want to store launch codes on a floppy that has been stored in just any condition. I think the federal government can pay to have new ones manufacturered.

I would bet that DuPont is still making these for them.

Comment Re: but I hate to ask, (Score 1) 62

Only the creepy ones that move, but don't appear to do anything useful. I prefer my robots the have function, like actually been able to navigate some spaxe on its own. This is a toy that literally has a monthly subscription. I'm a little disappointed because an article about robots and space is really just slashvertisment.

Comment Re: Only makes sense for niches (Score 5, Interesting) 104

AOT makes sense for certain application. Also AOT doesn't mean AOT only. If you want to use it with a tracing JIT I see no reason why these technologies are incompatible.

The problem I have with Java is that with some java programs it takes less time for an equivalent C program to compile and run than an that java program to do all of its dynamic linking and finally run. You don't have to do AOT, but all those string compares during loading really slows things down. Each symbol has to be looked up and compared.

With native libraries often times shared libraries are already in memory. The libraries are simply mapped into a processes address space. In java land each time you load a library it takes up its own space and that overhead is not shared by multiple processes. It seems silly that these processes can't share their compilation efforts.

We have a ways to go with runtimes. The first step is oracle admitting they are the problem.

Comment Re:Why does anyone update? (Score 0) 172

Windows 10 Enterprise is the only edition that supports LTSB. Basically, Microsoft wants everyone to pay an additional licensing cost and throw out their original Windows 10 license for the privilege of not being part of their continuous deployment. I believe agile can work for operating systems, but Windows 10 home/pro/IoT/Mobile editions are guinea pigs while Microsoft figures out how to do it. You will get burned until Microsoft adapts to this new methodology of development, deployment and testing.

Comment Re: Why wait until now? (Score 2) 296

Let me play devils advocate for a second. The federal government will always have jurisdiction over the DNS servers in the US. If US dns servers are forced to use a new authority, there's nothing IANA can do about it. The FCC would have no problem finding the means of enforcing it. Also many other countries I think would follow our lead if the DNS system became bifurcation. Either way our government will find ways to gain regulatory power.

Slashdot Top Deals

You are always doing something marginal when the boss drops by your desk.