Feeds

* Posts by Daniel B.

2744 posts • joined 12 Oct 2007

Apple blocks Java on the Mac over security concerns

Daniel B.
Silver badge

Re: Fixable by editing XProtect.meta.plist

Indeed, yesterday had 1.7.13 come out, so I do wonder if it is more of an issue with Apple sending the minimum version update before the actual update came out.

0
0
Daniel B.
Silver badge
Boffin

Indeed

It is the browser plugin of Java. Though 1.7.13 is out, so it might actually be a matter of Apple putting the dependency *before* Oracle put out the update, not actually blocking Java intentionally.

The JRE itself isn't blocked, attested by me being able to use LdapBrowser and NetBeans. :)

0
0
Daniel B.
Silver badge

Re: Hmm.

JavaScript is a turd. Nothing even remotely related to security should be ever implemented in that. Not just for performance, but also because it can be modified by clients, so anything depending on JS to validate business rules is easily overridden.

0
0

Michael Dell to buy himself on Monday?

Daniel B.
Silver badge

Maybe, oh just maybe...

They're gobbling up Quest. Dell (company) seems to be killing a certain useful piece of software Quest has, that is very good (a VDS solution) and there's no real replacement in the market. Maybe Dell (the man) might think otherwise?

Or maybe, just maybe, pull off non-MS hardware and not have to give a flying fudge? Private companies don't need to have ever-increasing profits.

Hell, everything's possible!

0
0

Samsung mocks Apple lawsuit in SuperBowl teaser ad

Daniel B.
Silver badge

Re: face

hehe. They have to pay something like 40% to iFone in Mexico. Karma!

7
0

BlackBerry bets fans are willing to upgrade skills

Daniel B.
Silver badge
Boffin

Which version?

The Bold 9000 and 9700 came with BBOS 4.6 and 5.0 respectively, which included the infamous "piece o'crap" BB browser. The 9700 can be upgraded to BBOS6, which has the WebKit-based browser for a much better browsing experience.

More recent Bold handsets had OS6 or 7, so you got the better browser. If BB10 has anything like the PlayBook's browser, I'm guessing the web browsing is going to be very good.

1
0
Daniel B.
Silver badge
Meh

blah blah blah

... I want to know more about the Q10. Touchscreen only phones are meh.

7
2

'Silent but deadly' Java security update breaks legacy apps - dev

Daniel B.
Silver badge
Boffin

Re: Thanks Oracle, for showing us how to fix security issues

"(chorus follows trying to explain how they need Java for this and that and they cannot remove it from their browsers. Sorry folks, this is my home PC environment and enterprisey applications or banking contraptions written ten years ago don't apply)"

If the Enterprise were no longer writing stuff in Java, I'd probably be out of work. *New* stuff is being made in Java. And Mexico's SAT (the taxman, that is) uses Java for sending in stuff, as everything you send is signed with a private key you register with SAT. The whole signing/validation thing is done by ... an applet. So disable Java, and you can't send your stuff to the taxman!

Oh, that app I'm talking about? Made in 2010.

1
0
Daniel B.
Silver badge
Boffin

Re: Duh, perhaps there are too many bugs in Java 6 and it's time for an update?

I do distinctly remember having problems a couple of years ago running an app that did an RMI/IIOP connection to WebLogic Server 8.1 (which runs on J2EE 1.4) from a client running Java 6. Autoboxing breaks something server-side, as it tries to send a Boolean to a boolean. However, this can be fixed by simply doing

java -version:1.4 -jar MyClientApp.jar

which makes Java run in something akin to a compat mode. Of course, the problem referred to in this article isn't a compat issue, but more of the exe no longer being where the scripts expect them to be. I'd add that usually these out of place JRE/JDKs might have some extra libraries in lib/ext that aren't in the "updated" JRE, which might end up breaking the apps when they start using the new JRE...

1
0

I watched Excel meet 1-2-3, and beat it fair and square

Daniel B.
Silver badge

FoxPro!

Actually, I used FoxPro for anything "Windows GUI programming" for most of the 90's. It was pretty goodd for Windows 3.1, their problem was that it never really got updated after that.

1
0

Java open-source frameworks 'pose risk' to biz - report

Daniel B.
Silver badge

Spring/Hibernate is reinventing the wheel

Actually, it is a reinvention of the wheel. J2EE already existed, as a framework, and does most of the stuff Spring and Hibernate does. Some folks just got mad that Entity Beans were chosen for ORM mapping, then went on and built the "renegade" framework. The EE5 spec now uses annotations, threw away the original EntityBean and now uses something closer to Hibernate (IIRC Hibernate can be used as the persistence engine). Upshot of using EE5+JSF w/o extras is that resulting EARs can be deployed to appservers without munging with extra libs or XML config files on the appserver...

6
0

How to destroy a brand-new Samsung laptop: Boot Linux on it

Daniel B.
Silver badge

My god it's full of shills

MS astroturfing. Nice.

Now let's see, what would these shills say if a virus were to reweite the Win8 EFI loader, taking advantage of this particular bug and brick the Samsung laptops when booting Win8?

I'm old enough to remember the Chernobyl/CIH virus. Motherboard designs were changed after that, so why should Samsung dismiss this as "freetard tinkering"?

15
2

YouTube's hilarious cat videos could soon cost you $5 a month

Daniel B.
Silver badge
Headmaster

Re: @Stephen 2 If they really want to help video creators

I think you mean "Google Ad Land" ... with one d. The only add Google does, is when they add their profits from the wall o' ads. ;)

That said, IIRC YouTube was actually losing money before the Google acquisition. The dudes who sold it to Google were really happy to sell it because the model wouldn't have succeeded without ads...

1
0

Oracle 'fesses up: Java security flaws more than storm in teacup

Daniel B.
Silver badge

Re: Crapware Payload

The developer version of Java SE / JRE doesn't come with the crapware stuff. In fact, I learned about the crapware only after the ZDNet article that mentioned it.

0
0

Three years since his Sun gobble, what hath Ellison wrought?

Daniel B.
Silver badge

Garbage arch

x86 is the garbage architecture of the world. We should be running RISC based hardware by now, but Intel cranked up the clock rates to get their processors to match RISC. Notice that ARM was born sometime around the late-80s and yet manages to have a fairly good performance without running hot or drawing too much power.

Hopefully, we're closer to an ARM takeover, maybe we'll finally get R&D for non-Intel architectures...

1
1
Daniel B.
Silver badge

Re: What if the governments had refused the takeover?

Had the deal gone bad, Sun might've been able to recover if they had actually sell the stuff on their software stack. Their LDAP and IDM solutions are very good; in fact, most of the people from the Identity suite went on and forked the whole thing. Check out ForgeRock!

0
0
Daniel B.
Silver badge

Re: Other Sun purchase benefits

Oracle hasn't killed MySQL though. The roadmap for the former Sun software stack may be grim, but at least MySQL is still ticking.

0
0

So: 6,500 Win 8 laptops later, how are BT's field engineers coping?

Daniel B.
Silver badge

Re: @Chad H. Win 8 is a grower

Oh dear, MS wants to copy Apple yet again, and this time they succeeded partially.

They've created MS fanboi legions that are as defensive of their crap as the Apple fanbois are! Admit it, TIFKA Metro looks like an oversized Fabulous Fred and is fugly to use! This article at no point mentions any improvement by the Metro interface.

1
0
Daniel B.
Silver badge
Boffin

@quarky

"desktop mode" is what you're in when you're not using the "Fabulous Fred" interface mode.

That said, it seems the engineers are mostly using a front-end app, so they don't suffer from interface change pain. Also, it's a touchscreen device so it does take advantage of the extra stuff, and being a newer OS than XP, driver support must be much better.

1
0

Wii-U boat torpedoes Nintendo's '¥20bn profit' into ¥20bn loss

Daniel B.
Silver badge

Re: I really wish people would stop doing this

Agreed. People buying smartphones aren't going to buy a smartphone vs. gaming console; there will be somef who do, but those wanting mobile gaming might go for the 3DS or PSVita for that. In fact, the 3DS started selling strong when they dropped the pricetag, so I'm guessing the real limiting factor on those is actually related to pricetag, not to "smartphone defeats gaming consoles".

The Wii U, however, sucks.

0
0

Hacker faces 105 years inside after FBI 'sexploitation' arrest

Daniel B.
Silver badge

At least it does seem to be milder...

There's that other guy who asked for underage boy pix and then proceeded to blackmail them into boning 'em.

Anyway, any of these cases of blackmail is just wrong. Nabbing a couple of naked pix from someone else's computer is already unethical, but using them for blackmail purposes is just plain evil.

2
0

Is your Surface Pro a bit full? Slot in an SD card, it's not from Apple

Daniel B.
Silver badge

Re: Limited capacity

Um... Blackberries have the option to encrypt stuff stored on the SD card. The problem could be that not all OSen support this, and that when they do, it isn't interchangeable with other devices or PCs.

0
0

You thought watching cat videos was harmless fun? Think AGAIN

Daniel B.
Silver badge
Devil

Re: Film at 11

I have a pigeon infestation problem at my apartment. One of the possible solutions is exactly that: buying a cat and unleash it against the pigeons!

1
0
Daniel B.
Silver badge
Joke

Easy...

that's because All Your Base are belong to CATS

1
0

Lotus 1-2-3 rebooted: My trip back to the old (named) range

Daniel B.
Silver badge

Re: Copy protection ? Really ?

I remember a particular piece of software that had the "master disk" have a segment burned by a laser, thus causing an error that would serve as the "copy protection". An engineering dude was able to replicate it using a razor blade, but of course, while the crude thing worked, the floppy disk would get more and more damaged as time went by.

0
0
Daniel B.
Silver badge
Boffin

FoxPro!

I still have the 2.5 for Windows + Distribution Kit floppies somewhere at my mom's home. Right next to the MS DOS 6.2 and Windows 3.1 set, so I can theoretically bring up a FoxPro dev system!

I actually held to FoxPro well into the early 21st century; my 2002-01 semester project for a certain course was still made using FoxPro 2.5.

I wish I still had FoxPro 2.0 for DOS, it's the last one that could actually build standalone EXEs...

0
0

My top tip for Microsoft: Stop charging for Windows Phone 8

Daniel B.
Silver badge
Boffin

Re: "the writing is on the wall for desktop computing."

When did the ElReg comment section become MS shill central? I know ya guys don't like Eadon, but that part isn't bullshit. MS did strongarm OEMs to stick XP on netbooks, which were running Linux and doing pretty well. Real analysts even say that Palm's downfall was partly because they axed the Foleo, their own Linux-based netbook that some dumbass in management decided to kill before its release date.

The one market that didn't get killed by MS would be the smartbook one, as that was Apple's to kill with the iPad.

12
5

Star Trek saviour JJ Abrams joins the dark side: Star Wars VII

Daniel B.
Silver badge

Re: Ughhh @jai

TOS managed to do time-travelling in both the actual series and the movies (basically ST4). But a pretty big element in all time-travelling stories was that you were *not* supposed to alter the past! There's the one where they intercept a weird alien agent and try to stop him from sabotaging a US Missile Test ... only to find out that the sabotage was supposed to happen!

The ST4 one had them retrieving whales that were going to get killed anyway, so the effects of doing that in the past were negligible, while the benefits of bringin 'em to the 23rd century were on a "planet saving" scale.

1
0

Lotus 1-2-3 turns 30: Mitch Kapor on the Google before Google

Daniel B.
Silver badge

Re: Preferred @JimC

The reason Excel did a better job on implementing spreadsheets on Windows was because Excel was born on the Macintosh instead of DOS. MS decided to ditch their Multiplan spreadsheet and start from zero with Excel on the Mac. That gave 'em the GUI looks that they could then use on Windows, while the rest of the spreadsheets had to transition from DOS to Windows. A lot of programs that made this transition were usually horrible as the devs would still embrace the DOS conventions instead of taking advantage of the new GUI features. An example: remember who created the ZIP file format? PKZIP. Which program is mostly used for opening/creating such files? WinZip. They aren't made from the same company: PKZIP for Windows sucked, so the competing WinZip took over the market.

I can't quite vouch for 1-2-3, as I mostly used the DOS version but didn't migrate to Windows. But I wouldn't be surprised it if were the same case....

2
0

Fedora project may expel MySQL

Daniel B.
Silver badge
FAIL

Re: Top database tip.

I found another MS Shill! Do I win anything?

0
2
Daniel B.
Silver badge
Boffin

Re: I am so glad ..

MSSQL is awesomely secure! Last time a filesystem filled up in a former job, the whole DB was impossible to recover! Maximum security: NOBODY will ever be able to read your data! HAHAHAHAHA

Honestly, I switched back to PostgreSQL a long time ago because Monty hated transactions, and that attitude was very visible in the MySQL 3.x documentation. Other gems in that documentation was raging against Foreign Keys, and basically saying you don't need subqueries, or stored procs ... whatever. I now use PostgreSQL for FOSS stuff, and DB2/Sybase/Oracle for more commercial stuff. I try to avoid MSSQL, but given that it's basically ripoff Sybase, I can do that too...

0
1

Silly gits upload private crypto keys to public GitHub projects

Daniel B.
Silver badge
Boffin

@Frumious Bandersnatch

Yes, you're actually right on the RSA algorithm, they're reversible and in fact, signing is done that way, by encrypting with the private key. The reason swapping files doesn't work is because the private key file contains the P and Q primes, so both public and private keys can be derived from the private key file.

2
0
Daniel B.
Silver badge
Boffin

Re: but ...

Actually, you'd be right if the format for private and public key were the same, that is if the files were:

public key: N, e

private key: N, d

as with that format, one key can't be derived from the other. But actually, the private key is usually stored like:

private key: N, e, d, p, q, and other numbers that are derived from these which help for some implementations of RSA.

1
0
Daniel B.
Silver badge
FAIL

Re: More detail is needed

I'm guessing that the people stupid enough to upload their private keys are the kind of people that had their keygen process go like this:

$ ssh-keygen

Generating public/private rsa key pair.

Enter file in which to save the key (/Users/dummy/.ssh/id_rsa): <enter>

Created directory '/Users/dummy/.ssh'.

Enter passphrase (empty for no passphrase): <enter>

Enter same passphrase again: <enter>

Your identification has been saved in /Users/dummy/.ssh/id_rsa.

Your public key has been saved in /Users/dummy/.ssh/id_rsa.pub.

The key fingerprint is:

c3:bb:2a:59:a6:3f:2e:12:e3:4f:36:ca:e9:c2:75:e0 dummy@antares.local

This is one of the widespread bad practices that is sometimes encouraged by some devs. Ditto with having unpassworded MySQL access under the guise of "well, nobody from the outside will ever get access to the box".

4
1

Nokia turns a PROFIT. Sort of

Daniel B.
Silver badge

Re: As predicted last year....

I don't want Nokia to fail, I really don't. But if they're going to really return to profitability and previous grandeur, they must sack Elop and restart their OS R&D. The previous smartphone maker that went in bed with MS was Palm. We all know what happened there.

8
2

Greenland ice SIMPLY WOULD NOT MELT in baking +8°C era 120k years ago

Daniel B.
Silver badge
Happy

Re: it's 42 @NukEvil

You need to re-read your H2G2 :)

0
0

Lenovo considering RIM buyout to boost mobile biz

Daniel B.
Silver badge

I doubt it'll happen...

.... because of RIM's core biz: secure smartphones for the US & Canadian Gov. Remember when Huawei wanted to buy 3Com? The same would happen with Lenovo/RIM.

0
0

US general: Beware of Iran's Revolutionary Cyber-Guard

Daniel B.
Silver badge

Re: Who knew...

The difference is that the CSA was incredibly under-industrialized, underpowered, and had a good % of its population against them: the slaves they refused to count as citizens.

0
0

Microsoft to end Windows 8 discounts on January 31

Daniel B.
Silver badge

Re: Upgrade = Full

actually, there's a more LULZ worthy method to follow, which was what someone I know did:

1) have laptop/PC running a pirated version of Win7.

2) Get WGA to tell you "d00d you running non-original Windowz"

3) WGA will recommend buying legal Win7, or the cheap Win8 upgrade

4) Buy Win8 upgrade, download, install.

The Win8 upgrade won't care if your Win7 copy was pirated. MS is so desperate to get Win8 out there, they simply don't check if the Win7 was properly licensed or not!

1
0
Daniel B.
Silver badge
Boffin

Re: Shooting themselves in the foot? - yes, by releasing Win 8. @Flhart

"Like it or not, computers are about files and directories, devices and connections. Pretending that they are not (as per bloody Apple) is just to breed dumb users who can't fix stuff for themselves, so pester those who can."

As much as Apple loves to hide stuff on their mobile fondleslabs, the directory structure on OSX is actually the same than that used in UNIX. / filesystem, anything else goes under that. Even the user homedirs are under /Users/xxxxxx, even if this breaks with the /home/xxxxx standard or /home/group/xxxxx one, it still looks UNIXy enough to work. AND they also use /dev, so my main disk is usually /dev/disk0s2. They "hide" stuff from common users, but it is there to be seen by savvy users as well.

1
0

Microsoft's ARM blunder: 7 reasons why Windows RT was DOA

Daniel B.
Silver badge
FAIL

@RonWheeler

"For a VDI solution where users need Direct3D whizzyness (and in the real non-linux world they do) it is hard to beat"

Direct3D for work? Where do you work, id Software? If anything, *disabling* whizzyness is probably an intended course of action in enterprise PCs/clients as to avoid employees doing LAN parties on company hardware.

2
0
Daniel B.
Silver badge

Re: @Eadon - openness selling Android

Yeah, I'm pretty sure people know more about Apple's patent warfare than MS's trolling.

But on the openness selling, it is pretty possible that it does have an impact in mobile. On desktop, most people have some dependencies tying them to Windows, especially MS Office. So you can't tell Average Joe to just switch to Linux; even the most radical Linux dudes have eventually returned to the MS Borgship after a couple of years, mostly because Open/LibreOffice will b0rk the documents sent by clients, and the resulting doc looks bad. I took a third option and went OSX instead (and I'm not quite happy with Apple's philosophy either!)

On the mobile platform? Only those who have invested huge wads of $$$ on iOS apps will be tied ... and that would be to iOS, not MS. Anyone else is fair target, which is why the mobile market has been able to shift so suddenly in a 10 year span. 2005? The mobile OS du jour was PalmOS. 2007? Symbian and/or BlackberryOS. 2010? Symbian and iOS. Then Android and iOS. By now, someone might bring out a radically new mobile OS and it might take over the entire market if it is better than the current ones...

1
7

Buying a petabyte of storage for YOURSELF? First, you'll need a fridge

Daniel B.
Silver badge
Boffin

Re: Several problems that I can see

Yeah ... cloud storage ain't going to be the sole solution. Cloud outages will ensure that all of us will keep up storing stuff at home for years, not to mention avoiding the Megaupload situation, bandwidth caps & such. Even if we had infinite bandwidth and no legal issues, it would be like moving out of your house and paying rent forever. And "renting out storage" in the 'net is much more expensive than just buying a ton of HDDs, or even SSDs.

For example, you'd get a 10TB RAID0 ThunderBolt device from LaCie for $1100. On a certain "Cloud Storage" Provider, 1Gb (and REAL Gb's, the 1024-based ones and not the fake 1000-based ones HDD mfg uses) costs 10 USD cents. That would be $931.32/month. That is ... in 2 months, cloud storage ends up being *more* expensive than an equivalent storage option which is not only local, it has a stupidly high transfer rate (750Mb/s).

So I don't see the cloud taking over for everything we want anytime soon.

0
0

Nokia axes 300 IT bods, outsources 820 to Tata, HCL

Daniel B.
Silver badge
Unhappy

So the MS philosophy is infesting Nokia as well

MS, and companies living in the MS ecosystem are the ones that rely heavily in outsourcing everything to India. So it seems Elop is infesting Nokia with this mindset as well. So sad...

0
2

Hey HP: You may not rate Autonomy, EDS, but buyers do

Daniel B.
Silver badge

Bad...

"Also, PC-makers' last hope, Microsoft’s Windows 8 operating system,"

If PC makers were betting on that turd as a last hope, they deserve to die. Win8 is actually accelerating the slump!

On EDS, well, HP screwed the pooch during the acquisition. Many of the EDS dudes abandoned ship thanks to HP lowering their wages. By now EDS is mostly a shell of its former self...

0
0

Fans of dead data 'liberator' Swartz press Obama to sack prosecutor

Daniel B.
Silver badge

So...

It had to take Swartz offing himself for someone to actually propose limiting the CFAA so that something exaggerated like this doesn't happen. I hope it doesn't take, say, Jammie Thomas suiciding as well for copyright maddness to be fixed as well!

Something's wrong when distributing files earns 30 in the slammer + millions in fines, and songs cost $10k each.

3
1

Oracle patches Java 0-day, goes to Defcon 2

Daniel B.
Silver badge
FAIL

I found the MS shill!

.NET isn't more secure, it's actually on par with Java on some stuff. On others, Java is better. And .NET is stuck with Active Directory; trying to use a true LDAP for authentication/authorization means you'll have to roll out your own implementation for MembershipProvider and RoleProvider.

Yeech!

1
1

Hey, tech titans! Those smartmobe sales bans? Give it a rest. NOW

Daniel B.
Silver badge

Re: I think

But what if company A is proved to be in the wrong? Company A should be held liable for multi-million dollar losses, as unlike the racketeering done by the MPAA/RIAA, such an injunction actually hurts real sales on company B. Penalties should be incredibly steep, coupled with company A losing the patents in question if they have gone for the ITC fast-track as to discourage abuse of this.

And it should be extended to cases where the patents are done over trivial stupidities...

0
0

The 10 best … Windows Server 2012 features

Daniel B.
Silver badge

Re: Bah!

"It would help if the loudest anti-windows ranters would actually admit to the last time they had hands-on (or even eyes-on) experience of Windows [insert marketing tag]."

Last Windows experience: WinXP, WinVista, Win7, Win8.

Last Windows Server experience: Win2003, Win2008, Win2008R2.

With Win8 and now Win2012, it seems MS is going backwards.

2
2