Catch up on stories from the past week (and beyond) at the Slashdot story archive

 


Forgot your password?
Close
typodupeerror
×

Comment Re: Just goes to show you UNIX SUX (Score 1) 68

by dgatwood (#50230359) Attached to: Critical BIND Denial-of-Service Flaw Could Take Down DNS Servers

So if you are an ISP providing a secondary DNS service, you're happy to create accounts with ssh/rsync access for 10 000 customers who all have more lax security than you do?

Sure. You give them all a shell account with access to their own zone files, and you require them to provide a public key for authentication (no passwords to attack). Then, you have a separate process that watches for changes and updates the official zone files that the daemon reads. Clearly, a daemon that has write access to all of the zone files is inherently less safe than a series of ssh accounts, each with access to only a single user's files, coupled with a daemon that has only read-only access to copies of the original zone files.

Comment Re: Just goes to show you UNIX SUX (Score 1) 68

by dgatwood (#50227845) Attached to: Critical BIND Denial-of-Service Flaw Could Take Down DNS Servers

Actually, it's not that simple. The DNS compression scheme is horrendous, although that can be easily isolated. Most of the complexity of DNS servers come from the 1) caching, recursive logic for client-side servers, 2) automating zone transfers, 2) various schemes for avoiding DoS attacks. Dedicated servers like NSD and unbound, which either server a zone _or_ implement recursive lookups for clients, can be a little simpler.

I've never understood why DNS servers bother with zone transfers. These days, it would take an average admin three minutes to toss together something involving a cron job, rsync, and ssh that would do the same job without adding all that extra code and the extra attack surface that comes along with it. Heck, with access to platform-specific file system event APIs, you could probably come up with something that worked a lot better, up to and including near-instantaneous updates. That entire feature just seems like pure bloat, and that's coming from somebody who actually uses zone transfers....
ISS

Video Urthecast Brings You Earth Images and Videos from the ISS (Video) 16

Posted by Roblimo from the sometimes-you-look-at-the-sky-and-sometimes-the-sky-looks-at-you dept.
Most of us probably won't ever visit the International Space Station (ISS) and look down at the Earth (motto: "The only planet we know has beer, so let's not ruin it"). Looking at pictures and videos made by cameras mounted on the ISS is about as close as we're going to get. There's already an ISS HD Earth Viewing Experiment on Ustream, but Urthecast is putting out higher-definition images than what you see on Ustream, and has plans to put out even clearer images and video before long. While Urthecast is likely to accumulate plenty of "oohs" and "aahhs" as it rolls along, according to CEO Scott Larson their real objective is to sell imagery -- and not necessarily just from the visible light band of the overall spectrum -- to industrial and government users. People like us are still invited to look at (and marvel at) lovely images of our planetary home.

NOTE: Today's video is about 4:30 long. If you want to watch and listen to more of Mr. Larson, we have a second "bonus" (Flash) video for you. Or you can read the transcript, which covers both videos.
Intel

Why Micron/Intel's New Cross Point Memory Could Virtually Last Forever 179

Posted by samzenpus from the built-to-last dept.
Lucas123 writes: As they announced their new 3D XPoint memory this week, Micron and Intel talked a lot about its performance being 1,000X that of NAND flash, but what they talked less about was how it also has the potential to have 1,000X the endurance of today's most popular non-volatile memories. NAND flash typically can sustain from 3,000 to 10,000 erase-write cycles — more with wear-leveling and ECC. If Micron and Intel's numbers are to be believed, 3D XPoint could exceed one million write cycles. The reason for that endurance involves the material used to create the XPoint architecture, which neither company will disclose. Unlike NAND flash, cross point resistive memory does not use charge trap technology that wears silicon oxide over time or a typical resistive memory filamentary architecture, which creates a statistical variation in how the filaments form each time you program them; that can slow ReRAM's performance and make it harder to scale. Russ Meyer, Micron's director of process integration, said 3D XPoint's architecture doesn't store electrons or use filaments. "The memory element itself is simply moving between two different resistance states," which means there's virtually no wear.
Earth

Google Straps Aclima Sensors To Street View Cars To Map Air Pollution 73

Posted by samzenpus from the air-map dept.
Eloking writes: Google and a San Francisco-based Aclima have equipped Google's Street View cars with environmental sensors in order to map urban air quality. The project aims to create high resolution maps of air quality across cities by measuring carbon dioxide, carbon monoxide, particulate matter, Volatile Organic Compounds, and other pollutants. “We have a profound opportunity to understand how cities live and breathe in an entirely new way by integrating Aclima’s mobile sensing platform with Google Maps and Street View cars,” said Davida Herzl, co-founder and CEO of Aclima. “With more than half of the world’s population now living in cities, environmental health is becoming increasingly important to quality of life. Today we’re announcing the success of our integration test with Google, which lays the foundation for generating high resolution maps of air quality in cities.”
United Kingdom

Cameron Tells Pornography Websites To Block Access By Children Or Face Closure 381

Posted by samzenpus from the won't-somebody-please-think-of-the-children? dept.
An anonymous reader writes: Prime Minister David Cameron says that if online pornographers don't voluntarily install effective age-restricted controls on their websites he'll introduce legislation that will close them down altogether. A recent Childline poll found nearly 10% of 12-13-year-olds were worried they were addicted to pornography and 18% had seen shocking or upsetting images. The minister for internet safety and security, Joanna Shields, said: “As a result of our work with industry, more than 90% of UK consumers are offered the choice to easily configure their internet service through family-friendly filters – something we take great pride in having achieved. It’s a gold standard that surpasses those of other countries. “Whilst great progress has been made, we remain acutely aware of the risks and dangers that young people face online. This is why we are committed to taking action to protect children from harmful content. Companies delivering adult content in the UK must take steps to make sure these sites are behind age verification controls.”
United States

Germany Won't Prosecute NSA, But Bloggers 111

Posted by samzenpus from the who's-to-blame dept.
tmk writes: Despite plenty of evidence that the U.S. spied on German top government officials, German Federal Prosecutor General Harald Range has declined to investigate any wrongdoings of the secret services of allied nations like the NSA or the British GCHQ. But after plans of the German secret service "Bundesamt für Verfassungsschutz" to gain some cyper spy capabilities like the NSA were revealed by the blog netzpolitik.org, Hange started an official investigation against the bloggers and their sources. They are now being probed for possible treason charges.
Japan

Japanese Scientists Fire the Most Powerful Laser On the Planet 117

Posted by samzenpus from the amazing-laser dept.
Sepa Blackforesta writes: Scientist from University of Osaka claim have fired the world's most powerful laser. The beam was intact for 2-petawatt, pulse lasted just one picosecond. While it produced a huge amount of power, the energy required for the beam itself is equivalent to that needed to power a microwave for two seconds. An associate professor of electrical engineering at Osaka University Junji Kawanaka says “With heated competition in the world to improve the performance of lasers, our goal now is to increase our output to 10 petawatts.”
Television

Top Gear's Jeremy Clarkson, Richard Hammond and James May Making Show For Amazon 207

Posted by samzenpus from the back-in-the-drivers-seat dept.
mrspoonsi writes: Amazon has announced that former Top Gear hosts Jeremy Clarkson, Richard Hammond and James May will be reuniting to create “an all-new car show” that will be exclusively on Amazon Prime. The first season will be made available worldwide in 2016 and will be produced executive producer Andy Wilman. The BBC reports: "The move follows their departure from the hit BBC Two show earlier this year. Clarkson's contract was not renewed following an 'unprovoked physical attack' on a Top Gear producer. His co-hosts then followed him in leaving the show. They will now make the unnamed new programme with former Top Gear executive producer Andy Wilman, who also quit the BBC following the 'fracas.' In a statement from Amazon, Clarkson said: 'I feel like I've climbed out of a biplane and into a spaceship.'"

Comment Sure, that could happen (Score 1) 904

by roc97007 (#50219907) Attached to: Are We Reaching the Electric Car Tipping Point?

...but I think the "tipping point" assumes breakthroughs in technology that aren't quite here yet. And to this degree, it's still speculation. Moreover, the electricity needs to come from somewhere, and I'm not sure that solar by itself scales up sufficiently. Hydrogen fusion for electricity generation might *really* provide the tipping point, but it's been "just a few years from now" for decades.

Moreover, huge new usages for electricity make me a little nervous, considering our aging electricity infrastructure.

Heck, I'd like a fast, silent car that I could refuel at home. But I don't see a personal use case for it yet.

Google's Project Loon Balloons May Cover Sri Lanka With Internet Access 35

Posted by samzenpus from the cloud-net dept.
Zothecula writes: Sri Lanka is set to become the first country with universal Internet access after signing a memorandum of understanding with Google to use the company's Project Loon balloons. Officials say there is not a timetable for when the balloons will be covering the 25,000 square mile nation, but this is a crucial first step. The Foreign minister noted that "from this event onwards advertisements or headlines saying “Matara covered” or “Jaffna covered” will become a part of history." And concluded his speech saying that he was "proud to declare that we are at the cusp of a reclaiming our heritage of being connected to each other and connected to the world. In a few months we will truly be able to say: Sri Lanka, Covered."

Slashdot Top Deals

For God's sake, stop researching for a while and begin to think!

Close