×
Security

How Do YOU Establish a Secure Computing Environment? 314

Posted by Unknown Lamer from the can't-root-this dept.
sneakyimp writes "We've seen increasingly creative ways for bad guys to compromise your system like infected pen drives, computers preloaded with malware, mobile phone apps with malware, and a $300 app that can sniff out your encryption keys. On top of these obvious risks, there are lingering questions about the integrity of common operating systems and cloud computing services. Do Windows, OSX, and Linux have security holes? Does Windows supply a backdoor for the U.S. or other governments? Should you really trust your Linux multiverse repository? Do Google and Apple data mine your private mobile phone data for private information? Does Ubuntu's sharing of my data with Amazon compromise my privacy? Can the U.S. Government seize your cloud data without a warrant? Can McAfee or Kaspersky really be trusted? Naturally, the question arises of how to establish and maintain an ironclad workstation or laptop for the purpose of handling sensitive information or doing security research. DARPA has approached the problem by awarding a $21.4M contract to Invincea to create a secure version of Android. What should we do if we don't have $21.4M USD? Is it safe to buy a PC from any manufacturer? Is it even safe to buy individual computer components and assemble one's own machine? Or might the motherboard firmware be compromised? What steps can one take to ensure a truly secure computing environment? Is this even possible? Can anyone recommend a through checklist or suggest best practices?"
Android

Ask Slashdot: Android Apps For Kids Under 12 Months? 311

Posted by timothy from the what-about-a-flight-simulator dept.
An anonymous reader writes "My kid seems incredibly interested in my Android tablet, but I'm not too comfortable with letting her play with my browser. I've been hunting the app store for apps that I could let my kid play around with, but haven't found much. It seems like most apps are targeted for slightly older kids and are trying to teach them words, math or whatnot. Has anyone found any cool apps for approximately 6-month-old children? I'm mostly looking for something that makes funny noises or where you just have to e.g. track moving objects on the screen."
Books

Ask Slashdot: How Do You "Unwrap" e-Gifts? 86

Posted by samzenpus from the virtual-stockings dept.
theodp writes "With all of the content that can be delivered electronically — e-books, music, apps, movies, e-gift cards, tickets — the percentage of Christmas gift giving that's digital is growing each year. However, the e-gift unwrapping user experience on Christmas morning leaves much to be desired. In addition to providing old-school mail delivery of gift cards, Amazon offers a variety of other options, including e-mailing a gift card on a specific day with or without a suggested gift, posting it on someone's Facebook Wall, or allowing you to print one for personal delivery. Another suggestion — using USB drives — harkens back to the days of burning CDs with custom playlists for last-minute gifts, but you'll be thwarted by DRM issues for lots of content. So, until Facebook introduces The Tree to save our e-gifts under until they're 'unwrapped' on Christmas morning with the other physical gifts, how do you plan on handling e-gift giving and getting?"
IT

Ask Slashdot: Typing Advice For a Guinness World Record Attempt? 307

Posted by samzenpus from the pushing-keys dept.
An anonymous reader writes "In fifth grade, I amazed my fellow classmates when I demonstrated what 132 words per minute looked like. Recently, an acquaintance of mine saw me typing out a word document for graduate school and was impressed by my typing abilities. He suggested that I seriously contemplate attempting a Guinness World Record with such abilities. At the moment, I can manage an average of about 155-160 words per minute, with bursts around 180-185 words per minute (in the typing world, five characters defines a word, in case you were wondering). That aside, I have a few questions to pose to Slashdot readers (whom I am sure have been typing much longer than I have): What are some tips to fully maximize one's ability to type at the fastest possible rate? Do you have any specific keyboard recommendations that will improve my speed? Has anybody here ever competed in a typing event or thought about going for the world record? Is it worth learning Dvorak for the sole purpose of attempting such a record? How difficult would it be to improve my typing abilities from where they are now to where they need to be to acquire such a record?"
Data Storage

Ask Slashdot: Do You Test Your New Hard Drives? 348

Posted by timothy from the just-bite-the-corner-a-little dept.
An anonymous reader writes "Any Slashdot thread about drive failure is loaded with good advice about EOL — but what about the beginning? Do you normally test your new purchases as thoroughly as you test old, suspect drives? Has your testing followed the proverbial 'bathtub' curve of a lot of early failures, but with those that survive the first month surviving for years? And have you had any return problems with new failed drives, because you re-partitioned it, or 'ran Linux,' or used stress-test apps?"
Businesses

Ask Slashdot: How To Gently Keep Management From Wrecking a Project? 276

Posted by timothy from the flying-car-is-easier-goal dept.
New submitter miserly_content writes "I work in a large, hierarchical technology company. I have been developing technical specs for a new strategic and challenging software project, and the project is slowly gathering steam and support. This is already a career building success for me, and everyone acknowledges my technical capabilities. But the program manager is an MBA-type, and wants to bring in new multiple team leaders and consultants. This is not really a surprise, but I feel we are sliding towards a too-many-chiefs-too-few-indians scenario, especially at this early stage. How can I pitch upper management about this issue, without appearing selfish or disruptive? What positive approach can I try with the PM, with whom I have a good working relationship?"
Programming

Ask Slashdot: Do Coding Standards Make a Difference? 430

Posted by Soulskill from the everybody-do-it-wrong-the-right-way dept.
An anonymous reader writes "Every shop I've ever worked in has had a 'Coding Style' document that dictates things like camelCase vs underscored_names, placement of curly braces, tabs vs spaces, etc. As a result, I've lost hundreds of hours in code reviews because some pedant was more interested in picking nits over whitespace than actually reviewing my algorithms. Are there any documents or studies that show a net productivity gain for having these sorts of standards? If not, why do we have them? We live in the future, why don't our tools enforce these standards automagically?"
Christmas Cheer

Ask Slashdot: Gifts For a 90-Year-Old, Tech-Savvy Dad? 211

Posted by timothy from the subscription-to-vibe dept.
First time accepted submitter Bearhouse writes "My Dad amazes me with (a) his longevity & energy, and (b) his continued ability to mess around with electronics stuff. Since he already has things ranging from valve amps made from war-surplus, via an original IBM PC kit to an Android tablet, I was going to buy him a Raspberry Pi for Christmas. Turns out he's already got one. I saw nothing that really got me excited here, so your ideas would be appreciated."
Space

Ask Slashdot: How Would You Build a Microsatellite? 117

Posted by samzenpus from the your-own-personal-satellite dept.
Dishwasha writes "A fellow co-worker of mine turned me on to CubeSat; apparently there are commercial space companies that will launch CubeSat systems from their payload for a modest fee. Is anybody in the /. community involved in amateur microsatellite systems? How would I go about getting involved at an amateur level? Are there any amateur user groups and meetups I can join? I have limited background in all the prerequisites but am eager to learn even if it takes a lifetime. Any links to design and engineering of satellites would be appreciated."
Education

Ask Slashdot: 2nd Spoken/Written Language For Software Developer? 514

Posted by Soulskill from the can't-go-wrong-learning-klingon dept.
ichimunki writes "I am a mid-career software developer. I am from the Midwestern U.S. and my native language is English. I've studied a few languages over the years, both human and computer. Lately I've begun to wonder what is the best second (human) language for someone in this field to have. Or is there even any practical value in working to become fluent in a non-English language? I am not planning to travel or move/work abroad. But if I knew a second language, would I be able to participate in a larger programming community worldwide? Would I be able to work with those folks in some useful capacity? Perhaps building products for foreign markets?"
Programming

Ask Slashdot: How Does an IT Generalist Get Back Into Programming? 224

Posted by Soulskill from the one-leg-at-time dept.
CanadianSchism writes "I've been in the public sector for the past 6 years. I started off doing my work study in web design and a bit of support, eventually going through the interview process to fill in a data processing technician post, and getting the job. The first four years of my work life were spent in various schools, fixing computers, implementing new hardware, rolling out updates/ghosting labs, troubleshooting basic network and printer problems, etc. I was eventually asked to work on the administrative information systems with an analyst, which I've been doing for the past 2 years. That's consisted of program support, installing updates to the pay/financial/purchasing/tax/energy systems, taking backups on SQL servers, etc. I've never had the opportunity to take time for myself, and jump back into my first love: programming. I've picked up Powershell books (have two here at the office), but haven't gotten anything down yet, as there are always other projects that come up and whittle my attention to learning a language down to zilch. This new year will see a change in that, however. I'll be setting aside an hour every day to devote to learning a new language, in the eventual hope that I can leave this company (take a sabbatical) and hop into the private sector for a few years. My question to you all is, what language should I start with, to learn and get back into the principles of programming, that will help me build a personal portfolio, but will also lend to learning other languages? At this point, I'm not sure if I'd like to make/maintain custom applications, or if back-end web programming would be more interesting, or any of the other niches out there."
Businesses

Ask Slashdot: How To Collect Payments From a Multinational Company? 341

Posted by timothy from the greedy-europeans-all-they-want-is-money dept.
An anonymous reader writes "I run a small dev shop focused on web development, based in Europe. For the past six years we've had lots of successful projects with clients from CEE, Western Europe and the U.S. One of our main clients was based in the U.S. We started working for them in 2008, while they were a 'promising start-up' and everything went smoothly until they were bought by a multinational corp. We couldn't be happier to work for such a big player in the market, andwe even managed to get by with huge payment delays (3-4 months on a monthly contract), but now, after more than two years working for them, I have the feeling we're getting left out. We have six-month-old unpaid invoices and we're getting bounced between the E.U. and U.S. departments every time we try to talk to them. What can a small company do to fight a big corporation that's NASDAQ listed and has an army of lawyers? They've been getting a lot of bad press lately so I don't think that will scare them either."
Privacy

Ask Slashdot: What To Tell Non-Tech Savvy Family About Malware? 340

Posted by timothy from the tell-them-you-made-all-of-it dept.
First time accepted submitter veganboyjosh writes "I got an instant message from an uncle the other day, asking me what was in the link I sent him. I hadn't sent him a link so I figured that his account had been hacked and he'd received a malicious link from some bot address with my name in the 'From' box. This was confirmed when he told me the address the link had come from. When I tried explaining what the link was, that his account had been hacked, and that he should change the password to his @aol.com email account, his response was 'No, I think your account was hacked, since the email came from you.' I went over it again, with a real-life analog of someone calling him on the phone and pretending to be me, but I'm not sure if that sunk in or not. This uncle is far from tech savvy. He's in his 60s, and uses Facebook several times a week. He knows I'm online much more and kind of know my way around. After his initial response, I didn't have it in me to get into the whole 'Never click a link from an unfamiliar email address' bit; to him, this wasn't an unfamiliar email address, it was mine. How do I explain this to him, and what else should I feel responsible for telling him?"
Education

Ask Slashdot: Setting Up a Summer Camp Tech Center? 49

Posted by timothy from the wish-I-was-the-right-age dept.
First time accepted submitter michaelknauf writes "I'm running a large summer camp that's primarily concerned with performing arts: music, dance, circus, magic, theater, art, and I want to add some more tech into the program. We already do some iOS game design with Stencyl. We also have an extensive model railroad and remote control car program and a pretty big computer lab (about 100 Apple machines). Our program provides all materials as part of tuition, so I've stayed away from robotics as a matter of cost, but I'd love to buy a 3D printer and do classes with that and the Arduino is cheap enough to make some small electronics projects sensible... where do I find the sort of people who could teach such a program as a summer gig? What projects make sense without spending too much cash on a per project basis but would be cool fun for kids and would teach them?"
Math

Ask Slashdot: Replacing a TI-84 With Software On a Linux Box? 254

Posted by Soulskill from the can-we-get-a-modern-display-on-these-things dept.
yanom writes "I'm currently a high school student using my TI-84 for mathematics courses. It has all the functionality I need (except CAS), but saying that the hardware is dated is putting it nicely. Waiting 4-5 seconds for a simple function to be graphed on its 96x64 screen just makes me want to hurl it at the wall. Recently, I've begun to notice the absurdity of doing my math homework on a 70's era microchip when I have an i7 machine with Linux within arm's reach. I've begun looking for software packages that could potentially replace the graphing calculator's functionality, including Xcas and Maxima, but both lack what I consider basic calculator functionality — xcas can't create a table of values for a function, and maxima can't use degrees, only radians. So, does anyone know of a good software package to replace my graphing calculator (and maybe provide CAS to boot)?"
Businesses

Ask Slashdot: Facebook, Twitter For Business, Is It Worth the Privacy Trade-Off? 158

Posted by samzenpus from the give-and-take dept.
cayenne8 writes "I've been a staunch advocate of NOT joining Facebook or Twitter or the other social networks to protect my privacy and to not voluntarily give all my personal information away to corporate America, or even the Government. However, I'm beginning to look into making money through various means on the side, one of them being photography/videography. With these mediums, being seen is critically important. Having a business facing site on Facebook/Google+ and even using Twitter can be great for self promotion, and can open up your business to a huge audience. If you were to open your FB and other social network accounts with business ONLY information, and keep your personal information (name, image, etc) off the Facebook account...will this keep your personal privacy still from them, or are their algorithms good enough to piece together who you are from the business only sites? Is the payoff worth the potential trade-off for generating potential customers for your business and guiding them to your primary website?"
Businesses

Ask Slashdot: Interviewing Your Boss? 219

Posted by timothy from the are-you-really-as-clueless-as-you-appear? dept.
First time accepted submitter Uzuri writes "I'm soon going to have the experience of interviewing an individual to be my direct supervisor. I have in mind several things to ask already, especially since I also have the strange position of working as a technical person in a non-technical office and want to be able to be certain that the interviewee understands exactly what that means without coming off as hostile or condescending. What sort of questions would you ask/have you asked the person who was to be your boss? What sort of tells would you look for? What's out of bounds?"
Android

Ask Slashdot: Where Do You Draw the Line On GPL V2 Derived Works and Fees? 371

Posted by samzenpus from the what-do-you-think? dept.
First time accepted submitter Shifuimam writes "I downloaded a DOSBox port for Android recently to get back into all the games of my childhood. Turns out that the only free distribution available hasn't been updated in nearly two years, so I looked for alternatives. There are two on Google Play — DOSBox Turbo and "DOSBot". Both charge a fee — DOSBox Turbo is $3.99; DOSBot is $0.99. The developer of DOSBot says on his Google Play entry that he will not release the source code of his application because it's not GPL, even though it's derived from source released under GPL v2 — this is definitely a violation of the license. The developer of DOSBox Turbo is refusing to release the source for his application unless you pay the $3.99 to "buy" a license of it. The same developer explicitly states that the "small" fee (although one might argue that $3.99 is pretty expensive for an OSS Android app) is to cover the cost of development. Unless I'm misreading the text of GPL v2, a fee can only be charged to cover the cost of the distribution of a program or derived work, not the cost of development. And, of course, it doesn't cost the developer anything for someone to log in to Google Play and download their app. In fact, from what I can tell, there's a one-time $25 fee to register for Google Checkout, after which releasing apps is free. Where do you draw the line on this? What do you do in this kind of situation?"
Communications

Ask Slashdot: Current State of Linux Email Clients? 464

Posted by Soulskill from the unfavorable-selection-pressure dept.
mcloaked writes "We get all kinds of news about new developments, but one subject has been lacking for some time and that is email clients for Linux (or Windows for that matter). A number of reviews (mostly not all that recent) have pointed to the main clients as Thunderbird, Evolution, Claws-mail, and Kmail as possibilities. Up to about a year ago, Thunderbird seemed to be 'the' email client with the best mix of positives. However there are no recent reviews that I have seen. In the meantime Thunderbird has moved to monthly releases, which are more maintenance releases containing security fixes but little functional change — and little new development. Thunderbird also won't be significantly altered in the future, if one interprets the available news information. Evolution is reported to be rather prone to bugs, and Kmail even more so. Claws-mail has limitations, as does Kmail. So where is the future of Linux email clients going, absent any real innovation? We need a well maintained and capable mail client, preferably with good calendar integration (webcal/Google calendar), properly supported HTML composing, good maildir format storage for local mail, and good security support (including the capacity to deal with both GPG and S/MIME encryption and signing). It needs a modern UI and good import/export facilities, as well as good integration with its address book, including import/export of addresses. Are we likely to see this kind of package as we move into the future, or will mail clients slowly disappear? At the moment it looks like email client support is dead — Are too many users moving into web mail and the cloud instead of having a properly functional mail client on their desktops?"
Graphics

Ask Slashdot: Best Laptop With Decent Linux Graphics Support? 260

Posted by timothy from the holy-grail-for-the-holidays dept.
jcreus writes "After struggling for some years with Nvidia cards (the laptop from which I am writing this has two graphic cards, an Intel one and Nvidia one, and is a holy mess [I still haven't been able to use the Nvidia card]) and, encouraged by Torvalds' middle finger speech, I've decided to ditch Nvidia for something better. I am expecting to buy another laptop and, this time, I'd like to get it right from the start. It would be interesting if it had decent graphics support and, in general, were Linux friendly. While I know Dell has released a Ubuntu laptop, it's way off-budget. My plan is to install Ubuntu, Kubuntu (or even Debian), with dual boot unfortunately required." So: what's the state of the art for out-of-the-box support?

Slashdot Top Deals