Please create an account to participate in the Slashdot moderation system

 


Forgot your password?
Close
typodupeerror
×
The Internet

ARIN Is Down To the Last /8 of IPv4 Addresses 306

Posted by Unknown Lamer from the end-times dept.
An anonymous reader writes "On 3 February 2011, the Internet Assigned Numbers Authority (IANA) issued the remaining five /8 address blocks, each containing 16.7 million addresses, in the global free pool equally to the five RIRs, and as such ARIN is no longer able to receive additional IPv4 resources from the IANA. After yesterday's large allocation (104.64.0.0/10) to Akamai, the address pool remaining to be assigned by ARIN is now down to the last /8. This triggers stricter allocation rules and marks the end of general availability of new IPv4 addresses in North America. ARIN thus follows the RIRs of Asia, Europe and South America into the final phase of IPv4 depletion."

Submission + - OpenSSL: The New Face Of Technology Monoculture (securityledger.com)

Submitted by chicksdaddy
chicksdaddy writes: In a now-famous 2003 essay, “Cyberinsecurity: The Cost of Monopoly” (http://cryptome.org/cyberinsecurity.htm) Dr. Dan Geer (http://en.wikipedia.org/wiki/Dan_Geer) argued, persuasively, that Microsoft’s operating system monopoly constituted a grave risk to the security of the United States and international security, as well. It was in the interest of the U.S. government and others to break Redmond’s monopoly, or at least to lessen Microsoft’s ability to ‘lock in’ customers and limit choice. “The prevalence of security flaw (sp) in Microsoft’s products is an effect of monopoly power; it must not be allowed to become a reinforcer,” Geer wrote.

The essay cost Geer his job at the security consulting firm AtStake, which then counted Microsoft as a major customer.(http://cryptome.org/cyberinsecurity.htm#Fired) (AtStake was later acquired by Symantec.)

These days Geer is the Chief Security Officer at In-Q-Tel, the CIA’s venture capital arm. But he’s no less vigilant of the dangers of software monocultures. Security Ledger notes that, in a post today for the blog Lawfare (http://www.lawfareblog.com/2014/04/heartbleed-as-metaphor/), Geer is again warning about the dangers that come from an over-reliance on common platforms and code. His concern this time isn’t proprietary software managed by Redmond, however, it’s common, oft-reused hardware and software packages like the OpenSSL software at the heart (pun intended) of Heartbleed.(https://securityledger.com/2014/04/the-heartbleed-openssl-flaw-what-you-need-to-know/)

“The critical infrastructure’s monoculture question was once centered on Microsoft Windows,” he writes. “No more. The critical infrastructure’s monoculture problem, and hence its exposure to common mode risk, is now small devices and the chips which run them," Geer writes.

What happens when a critical and vulnerable component becomes ubiquitous — far more ubiquitous than OpenSSL? Geer wonders if the stability of the Internet itself is at stake.

“The Internet, per se, was designed for resistance to random faults; it was not designed for resistance to targeted faults,” Geer warns. “As the monocultures build, they do so in ever more pervasive, ever smaller packages, in ever less noticeable roles. The avenues to common mode failure proliferate.”

Submission + - Parents' Privacy Concerns Kill Bill Gates' $100M inBloom Initiative

Submitted by theodp
theodp writes: As things turn out, All Your Child's Data Are Not Belong To inBloom, the Bill Gates-bankrolled and News Corp. subsidiary-implemented data initiative that sought to personalize learning. GeekWire's Tricia Duryee reports that inBloom, which was backed by $100 million from The Bill and Melinda Gates Foundation and others, is closing up shop after parents worried that its database technology was violating their children's privacy. According to NY Times coverage (reg.), the inBloom database tracked 400 different data fields about students — including family relationships ("foster parent" or "father's significant other”") and reasons for enrollment changes ("withdrawn due to illness" or "leaving school as a victim of a serious violent incident") — that parents objected to, prompting some schools to recoil from the venture. In a statement, inBloom CEO Iwan Streichenberger said that personalized learning was still an emerging concept, and complained that the venture had been "the subject of mischaracterizations and a lightning rod for misdirected criticism." He added, "It is a shame that the progress of this important innovation has been stalled because of generalized public concerns about data misuse, even though inBloom has world-class security and privacy protections that have raised the bar for school districts and the industry as a whole [although it was still apparently vulnerable to Heartbleed]." As far as Gates goes, the world's richest man has a couple of irons left in the data-driven personalized learning fire via his ties to Code.org, which seeks 7 years of participating K-12 students' data, and Khan Academy, which recently attracted scrutiny over its data-privacy policies. Khan Academy — which counted the managing partner of Gates' bgC3 think-tank and Google CEO Eric Schmidt as Board members in a recent tax filing — just struck an exclusive partnership with CollegeBoard to prepare students for the redesigned SAT.

Comment Musicians travel with their instruments (Score 1) 894

Virtuoso musicians don't check their instruments as luggage. Even if their instruments are big, like a cello, they get a seat for the instrument.

...Razgui, who was not present when his bag was opened. 'I fly with them in and out all the time and this is the first time there has been a problem. This is my life.' When his baggage arrived in Boston, the instruments were gone.

If his instruments were his life and he is a virtuoso musician, he would have kept his flutes with him on the airplane.

Comment Re:Who gives a...? (Score 1) 115

by Ellie K (#45868725) Attached to: Rap Genius Returns To Google Search Rankings
"Rap Genius" is a misleading and silly name for what, transcription software like DragonWriter? Actually, it might not even be that good (all I read about lately are Internet piecework/ sweatshops that are supposedly "social" and "democratizing"...except they aren't).

I know that Mark Andreessen funded it, but he isn't right about everything.

Comment Re:Rap "Genius"? (Score 1) 115

by Ellie K (#45868689) Attached to: Rap Genius Returns To Google Search Rankings

And if you want bad lyrics, listen to opera.

OK, I'll bite. Treat yourself to a little "Gilbert and Sullivan"...

I really like Eminem and Kid Rock. They are sarcastic and very funny. Will they still have the same appeal after 100 years? I doubt it. Gilbert and Sullivan has endured.

I don't especially like G&S (I prefer what someone else called "traditional arias" e.g. full chorus "Ode to Joy"), yet I can completely relate to, understand why you are fond of G&S. A live G&S performance is music and art.

Comment Re:Rap "Genius"? (Score 1) 115

by Ellie K (#45868643) Attached to: Rap Genius Returns To Google Search Rankings

...It takes a skilled linguist to write good rap as it does to write good poetry and there are good and bad examples of both.

Linguist! The professors of linguistics that write University of Pennsylvania's Language Log are skilled linguists. I don't think that has anything to do with their ability to write poetry. Or rap, although it would be fun to ask!

Rap is words, music and visuals with attitude, and usually post-production effects. Poetry is written words on a page. They aren't comparable.

Submission + - NSA does not deny spying on Congress 7

Submitted by MacDork
MacDork writes: In a statement released in response to Sen Bernie Sanders the NSA did not deny spying on Congress. It would appear that the Obama administration has been peeking at the playbook of the opposing party. Or does the NSA expect us to believe that members of Congress are targeted for investigation into terrorism? This comes just days after Snowden documents revealed the NSA is automatically deploying exploits and malware against visitors to blacklisted websites. Such terrorist havens include websites like yahoo.com and cnn.com.

Comment More detail than I expected (Score 1) 1

by Ellie K (#45868501) Attached to: The Math of Gamification
The submission emphasized how FourSquare uses honeypots to validate good users, and prevent "bad actors" from corrupting the data. The actual post is much more readable than the excerpt, no offense intended to a harried (or lazy :o) Anonymous Coward. At least he took the time to submit it! Anyway, it lays out some of the math that FourSquare uses, mostly logistic regression, and then itemizes problems and workarounds. For example, FourSquare users like integers. Don't we all! FourSquare describes how they try to deal with that, without loss of accuracy due to repeatedly rounding. So, the details are cool to read about. I don't recall seeing anything as detailed and specific written up elsewhere e.g. by Yelp or MyWOT.

Yet FourSquare is based on these premises, set forth in the very beginning of the post, about how FourSquare maintains its database of places, both geographic accuracy and being up to date:

changes are voted upon by our loyal Superusers (SUs) who vigilantly maintain a watchful eye over our data for their city or neighborhood...we assign users points or votes based on their tenure, reputation, and the actions they take. Superusers like points and gamification. It rewards diligent, hard-working SUs...

Ignoring any resemblance to Slashdot (coincidental or otherwise ;o) the phrase, diligent, hard-working SUs caught my attention. What is the motivation for Superusers to vigilantly maintain a watchful eye over FourSquare's data? Gamification for its own sake isn't going to be enough, not for long. The novelty will wear off. The honeypots are a nice idea, especially done programmatically. But it all rests on human effort, doing tedious piecework without any reward other than a badge that non-users esteem about as highly as spam. There are other things like this online, a phpBB or forum, however, the motivations are different than with FourSquare. Also, the most active participants have ownership and control of the website or forum, unlike FourSquare.

Submission + - Headhunters can't tell anything from Facebook profiles (forbes.com)

Submitted by sfcat
sfcat writes: Companies, headhunters and recruiters increasingly are using social media sites like Facebook to evaluate potential employees. Most of this is due to a 2012 paper from Northern Illinois Univ. that claimed that employee performance could be effectively evaluated from their social media profiles. Now a series of papers from other institutions reveal exactly the opposite result. “Recruiter ratings of Facebook profiles correlate essentially zero with job performance,” write the researchers, led by Chad H. Van Iddekinge of FSU. Not only did the research show the ineffectiveness of using social media in evaluating potential employees, it also showed a measurable biases of the recruiters against minorities (African-American and Latino) and against men in general.

Submission + - Ecuadorian Navy Rescues Bezos After Kidney Stone Attack 1

Submitted by theodp
theodp writes: Hopefully, Amazon CEO Jeff Bezos splurged on a Platinum Marketplace Health Insurance Plan for 2014 or he could be looking at some serious out-of-pocket costs. While vacationing aboard a cruise ship in the Galapagos Islands, where the State Department warns the quality of medical facilities and services are 'generally well below U.S. standards', Gawker reports that Bezos was rescued by the Ecuadorian Navy so he could receive treatment for a kidney stone attack on New Year's Day. The Ecuadorian Navy confirmed Bezos' rescue, which involved taking Bezos by Navy helicopter from Academy Bay in Santa Cruz Island to his private jet stationed on Baltra Island. Hey, it should make for a great Affordable Health Care Act ad!

Slashdot Top Deals

After a number of decimal places, nobody gives a damn.

Close