Get HideMyAss! VPN, PC Mag's Top 10 VPNs of 2016 for 55% off for a Limited Time ×
Security

Ask Slashdot: How Do You Create A Highly-Secure Password? (securitymagazine.com) 637

An anonymous reader writes: A security lab at Carnegie Mellon performed a study on password security recently, and issued a warning about common user misconceptions. For example, 'ieatkale88' would require 4 billion more guesses than 'iloveyou', because 'iloveyou' is one of the most common strings in passwords. And the word 'pAsswOrd' would take 4,000 times more guesses than 'p@ssw0rd', simply because "In modern day password-cracking tools, replacing letters with numbers or symbols is predictable."

But then what passwords are secure in the face of these modern password-cracking tools? As professionals in the IT industry, what advice would you give?

Leave your answers in the comments. How do you create a highly-secure password?
Education

Slashdot Asks: How Did You Learn How To Code? 515

Last week Apple's CEO argued that computer programming should be a 'second language', and that it should be a required subject for all students starting in 4th grade. But a large number of professional programmers didn't learn how to code in a formal school program, either because they're self-taught or because they learned on the job. There's a lot of abstract discussions about the best ways to teach coding, but if there's any group that's uniquely qualified to answer that question, it's the Slashdot community.

So leave your answers in the comments. How did you learn how to code?
Television

Ask Slashdot: Why Do You Want a 'Smart TV'? 507

Reader kheldan questions the need for a Smart TV (edited for clarity): Yesterday we read about how Samsung is planning on 'upgrading' the firmware in its smart TVs so that it could inject ads into your video streams. This raises the question yet again: Why do you even need a 'smart TV' in the first place? We live in an age where media-center computers and DVRs are ubiquitous, and all your TV really needs to be is a high-def monitor to connect to these devices. Even many smartphones have HDMI connectivity, and a Raspberry Pi is inexpensive and can play 1080 content at full framerate. None of these devices are terribly expensive anymore, and the price jump from a non-smart TV to a smart TV makes it difficult to justify the expense. Also, remember previous articles posted on the subject of surveillance many of these smart TVs have been found guilty of. So I put it to you, denizens of Slashdot: Why does anyone really want a 'smart TV'?
Books

Ask Slashdot: What Books Should An Aspiring Coder Read? 178

Earlier this month Bill Gates released his summer reading list, which included Seveneves, by Neal Stephenson and mathematician Jordan Ellenberg's book How Not to be Wrong. Now an anonymous Slashdot reader asks for your book recommendations. I've been trying to learn more about coding, but I need a break sometimes from technical documentation and O'Reilly books. Are there any good books that can provide some good general context and maybe teach me about our place in the history of technology or the state of the programming profession today?
In the U.S., Memorial Day is considered the "unofficial" first weekend of summer -- so what should be on this geek's summer reading list? Cracking the Coding Interview? Godel, Escher, Bach? This year's Nebula award winners? George Takei's The Internet Strikes Back? Leave your suggestions in the comments. What books should an aspiring coder be reading?
Android

Slashdot Asks: Would You Pay For Android Updates? (theverge.com) 257

It's no secret that most Android OEMs could do better when it comes to seeding out updates for their existing devices. A report on Bloomberg earlier this week claimed that Google plans to publicly name and shame the OEMs who are too slow at updating their devices. An HTC executive who didn't want to be identified told Slashdot on Thursday that it is not the right way to approach the problem. But that's only one part of the problem. The other issue is that almost every Android OEM partner -- including Google itself -- only provides support to their devices for 18-24 months. Vlad Savov of The Verge in a column today urges Android OEMs to perhaps charge its users if that is what it takes for them to offer support to their devices for a longer period of time and in a timely manner. He writes: I've been one of the many people dissatisfied with the state of Android software updates, however I can't in good conscience direct my wrath at the people manufacturing the devices. Price and spec competition is so intense right now that there's literally no option to disengage: everyone's been sucked into the whirlpool of razor-thin profit margins, and nobody can afford the luxury of dedicating too many resources to after-sales care. The question that's been bugging me lately is, if we value Android updates as highly as we say we do, why don't we pay for them? The situation can't be fixed by manufacturers -- most of them are barely breaking even -- or by Google, which is doing its best to improve things but ultimately relies on carriers and device makers to get the job done. Carriers will most certainly not be the solution, given how they presently constitute most of the problem (just ask AT&T Galaxy S6 owners) -- so like it or not, the best chance for substantial change comes from us, the users. What I'm proposing is a simple crowdfunding operation. I'm skeptical about this, because I don't think it is in an OEM's best interest to serve its existing users for long -- how else they will convince customers to purchase their new devices? A newer software version is after all one of the ultimate selling points of a new phone. So I don't think an OEM will take up on such an offer. What do you folks think?
Books

Slashdot Asks: Should It Be Legal To Resell E-Books, Software, and Other Digital Goods? (arstechnica.co.uk) 380

There's no one stopping you from selling the CDs and DVDs that you buy, so why can't you do the same with e-books, music albums, movies, and other things you've downloaded? Ars Technica reports about a Dutch second-hand e-book platform called Tom Kabinet which has been "at a war" with Dutch Publishers Association (NUV) over this issue. This is seen as a threat to the entire book industry. German courts have suggested that the practice of reselling e-books should be stopped, whereas Dutch courts don't necessarily see it as an issue. What's your view on this?
Open Source

Ask Slashdot: Have You Migrated To Node.js? 341

A developer maintaining his company's "half-assed LAMP / WordPress stack pipeline for web and web application development" is considering something more scalable that could eventually be migrated into the cloud. Qbertino asks Slashdot: Have you moved from LAMP (PHP) to Node.js for custom product development and if so, what's your advice? What downsides of JS on the server and in Node.js have a real-world effect? Is callback hell really a thing? And what is the state of free and open-source Node products...? Is there any trend inside the Node.js camp on building a platform and CMS product that competes with the PHP camp whilst maintaining a sane architecture, or is it all just a ball of hype with a huge mess of its own growing in the background, Rails-style?
Condensing Qbertino's original submission: he wants to be able to quickly deliver "pretty, working, and half-way reliable products that make us money" -- and to build a durable pipeline. So leave your educated opinions in the comments. What did you experience moving to Node.js?
AI

Ask Slashdot: Can You Have A Smart Home That's Not 'In The Cloud'? 183

With the announcement of Google Home on Wednesday, one anonymous Slashdot reader asks a timely question about cloud-based "remote control" services that feed information on your activities into someone else's advertising system: In principle, this should not be the case, but it is in practice. So how hard is it, really, to do 'home automation' without sending all your data to Google, Samsung, or whoever -- just keep it to yourself and share only what you want to share?

How hard would it be, for instance, to hack a Nest thermostat so it talks to a home server rather than Google? Or is there something already out there that would do the same thing as a Nest but without 'the cloud' as part of the requirement? Yes, a standard programmable thermostat does 90% of what a Nest does, but there are certain things that it won't do like respond to your comings and goings at odd hours, or be remotely switchable to a different mode (VPN to your own server from your phone and deal with it locally, perhaps?) Fundamentally, is there a way to get the convenience and not expose my entire life and home to unknown actors who by definition (read the terms of service) do not have my best interest in mind?

Yesterday one tech company asked its readers, "What company do you trust most to always be listening inside your home?" The winner was "nobody", with 63% of the votes -- followed by Google with 16%, and Apple with 13%. (Microsoft scored just 3%, while Amazon scored 2%.) So share your alternatives in the comments. What's the best way to set up home automation without sending data into the cloud?
First Person Shooters (Games)

Slashdot Asks: What's Your Favorite Doom Story? 351

I remember loading Doom for the first time from a 3.5-inch disk back in 1994. In 1997 the source code for Doom's Linux version was released just before Christmas. A hidden Doom level appeared in Microsoft Excel, and a Doom video was also used to promote Windows 95. By 2004 a drummer from Nine Inch Nails was recording the theme song for Doom 3...

There was that weird movie with The Rock and Karl Urban. Last year Doom was inducted into the World Video Game Hall of Fame. This January John Romero created a new level, and this weekend's release of a new Doom also featured a mod with one of the the original Doom II levels from 1994.

After a storied history, millions of frags, and thousands of hours of in-world gameplay, Doom holds a unique place in both the history of gaming and geeks. So share your favorite stories in the comments. What's your personal best-loved story about Doom?
Communications

Ask Slashdot: What Was The Greatest Era Of Innovation? (nytimes.com) 177

speedplane writes: The New York Times is running a story on innovation over the past 150 years. [The story starts at the end of the American Civil War with the newly completed transcontinental railway in the 1870s. Then it highlights the profoundly different lifestyle of the 1920s, the end of 'The Great War' and the beginning of the Great Depression. By the 1970s, many of the transportation and communication changes from the 20s became fundamental parts of daily life. The story ends in 2016, an era in which human life has changed the most in the last 46 years.]

We're in the golden age of innovation, an era in which digital technology is transforming the underpinnings of human existence. Or so a techno-optimist might argue. We're in a depressing era in which innovation has slowed and living standards are barely rising. That's what some skeptical economists believe. The truth is, this isn't a debate that can be settled objectively.

What do slashdotters think is the greatest era of innovation?


Transportation

Slashdot Asks: How Long Before Self-Driving Cars Become Mainstream? 381

Here's the thing, regardless of one's stand on self-driving cars, they are no longer a futuristic idea. Major car companies such as Tesla, BMW, and Mercedes have already released an autonomous vehicle or plan to release one soon. Sergio Marchionne, an Italian-Canadian executive who is currently the CEO of Fiat Chrysler Automobiles, recently said: It isn't pie in the sky. People are talking about 20 years. I think we will have it in five years. ZDNet has published its interview of Jim McBride, technical leader in Ford's autonomous vehicles team, who thinks self-driving cars are five years away from changing the world. At the same time, we must acknowledge the talks about these smart vehicles killing many jobs, and the security vulnerabilities we read every once in a while. What's your take on this?
Advertising

Ask Slashdot: Should I Expect Tracking When Subscribing To News Sites? 206

Long-time Slashdot reader robot5x writes: I'm a fan of online privacy and, where possible, don't automatically permit cookies and tend to set Ghostery to block all trackers in my browser. This rarely causes a problem -- I have lots of subscriptions to various sites which require me to login and have only rarely encountered minor issues. Recently I had a present of a Slate Plus membership. I really like their content and was keen on supporting it financially. Activating it from the email they sent required me to first register as a user. I clicked on the icon, and nothing happened. Ghostery picked up 7 trackers which I had blocked.

Assuming that one of these was the cause, I activated each in turn and reloaded. None of them made any difference, except a single tracker from JanRain. Accepting this tracker let everything work perfectly. Reading more about JanRain though -- and particularly its interaction with Adobe analytics (which it also tries to load) -- I discovered that they wanted to "create a holistic view of your business by collecting, analyzing and reporting all customer interactions. To derive the most actionable insights, you must link your customers' actions with who they are and what their interests are. Janrain bridges the gap by connecting demographic and psychographic data, collected through traditional and social login, with Adobe's behavioral data, so you understand the whole customer journey".

I do not want them to do any of this, and don't think I should have to. Interactions with Slate's 'support' were excruciating and -- while they at least didn't ask me to restart my computer -- they actually ended up saying that allowing these trackers is tied to their login process and I have to either accept or get a refund.

Robot 5x asks: Is it unacceptable to have to accept being tracked as a paying customer for new sites? "Or am I just being a big baby?"
Your Rights Online

Ask Slashdot: Should This Photographer Sue A Hotel For $2M? (google.com) 254

Unhappy Windows User writes: An Austrian photographer was contracted by the luxury [hotel] Sofitel in Vienna to photograph the bar with an amazing view over the skyline. He was paid for his time (4200 euros) and arranged a three-year internal usage contract for the photos. After the contract expired, he still found his photos being used -- on external sites too. He is now suing for 2 million euros, based on each individual usage.

My question is: Is this the real market value of his work...? It seems like the largest economic contribution to the work was from Sofitel, who allowed access to the property and closed it to customers. I don't have any issue in a photographer wanting to be paid fairly for his work, and asking for perhaps double or treble the original price for the breach of contract to match what an unlimited license would have cost. [But] with this money they could have employed a professional for a month and automatically obtained full rights to the work...it seems like this guy is trying to take advantage of an oversight by a large corporation, never to have to work again.

Here's the original article in German and an English translation, and it's one of those rare cases where the copyright belongs to an individual instead of a massive entertainment conglomeration. But do you think the photographer should be suing for 2 million euros over this copyright beach?
Data Storage

Slashdot Asks: What's Your View On Benchmark Apps? 50

There's no doubt that benchmark apps help you evaluate different aspects of a product, but do they paint a complete picture? Should we utterly rely on benchmark apps to assess the performance and quality of a product or service? Vlad Savov of The Verge makes an interesting point. He notes that DxOMark (a hugely popular benchmark app for testing a camera) rating of HTC 10's camera sensor is equal to that of Samsung's Galaxy S7, however, in real life shooting, the Galaxy S7's shooter offers a far superior result. "I've used both extensively and I can tell you that's simply not the case -- the S7 is outstanding whereas the 10 is merely good." He offers another example: If a laptop or a phone does well in a web-browsing battery benchmark, that only gives an indication that it would probably fare decently when handling bigger workloads too. But not always. My good friend Anand Shimpi, formerly of AnandTech, once articulated this very well by pointing out how the MacBook Pro had better battery life than the MacBook Air -- which was hailed as the endurance champ -- when the use changed to consistently heavy workloads. The Pro was more efficient in that scenario, but most battery tests aren't sophisticated or dynamic enough to account for that nuance. It takes a person running multiple tests, analyzing the data, and adding context and understanding to achieve the highest degree of certainty. The problem is -- more often than not -- gadget reviewers treat these values as the most important signal when judging a product, which in turn, also influences several readers' opinion. What's your take on this?
Programming

Slashdot Asks: Have You Experienced Ageism? (observer.com) 561

Friday the Huffington Post wrote that "Ageism runs rampant through Silicon Valley, where older workers are frequently overlooked for jobs." They ran tips from the man who recruited Tim Cook for Apple, who pointed out that it's difficult and expensive to recruit new talent, urging businesses to "stop seeing workforce diversity as a good deed; it's good business." And earlier this month The Observer ran an article by Dan Lyons, a writer for HBO's "Silicon Valley," who shared his perspective on ageism from his time at HubSpot. Their CEO actively cultivated an age imbalance, bragging that he was "trying to build a culture specifically to attract and retain Gen Y'ers," because, "in the tech world, gray hair and experience are really overrated."

Meanwhile, Slashdot reader OffTheLip writes: Information technology is a young business in comparison to many other industries but one of the few where older workers are not valued for their institutional knowledge... As a recently retired techie I experienced this firsthand, both as an older worker, and earlier in my career [as] one who didn't see the value in older workers. As Lyons states, older workers are good business.
What are your thoughts? And have you experienced ageism?

Slashdot Top Deals