Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?

Comment More than Debian and Fedora/Red Hat (Score 1) 110

Debian is definitely a popular root but I'd dispute I'd argue that it isn't Fedora that's a major root, rather it's Red Hat/RHEL. Even then, there are large numbers of popular distros not derived from those sources. From the GNU/Linux Distribution Timeline:
  1. Slackware has spawned lots of distros (including SUSE)
  2. Enoch spawned the Gentoo line of distros (and Gentoo is the current base of ChromeOS).
  3. The Arch family started independently
  4. The on-the-rise Alpine Linux was independently started

So by lineage alone I'd argue there are more than two major categories.

Comment Re:I'm not seeing the problem here (Score 2) 315

Even worse, where is the judicial oversight? Shouldn't searching the family laptop require some kind of check, especially when it is based on such incredibly flimsy evidence?

For police to examine a laptop by force, they would require a search warrant. But in this case they probably asked the family to hand it over voluntarily, which the family agreed to do to make the police go away and stop hassling them.

Comment Forced to click through (Score 4, Informative) 47

My experience of these changes is that you'll be forced to click through a warning in your browser even if you installed the certificate (or the root CA signing the certificate). The Microsoft page about no longer trusting SHA1 certs is confusing in this respect because it includes information about signing Windows binaries but it does say

Windows [...] will no longer trust any code that is signed with a SHA-1 code signing certificate and that contains a timestamp value greater than January 1, 2016

That document also says it only applies to certs that are in the Microsoft Root Certificate Program so ones you've manually installed might not be affected.

This is slightly different to the Mozilla's SHA-1 deprecation information:

After January 1, 2017, we plan to show the “Untrusted Connection” error whenever a SHA-1 certificate is encountered in Firefox.

Perhaps this isn't the override you were thinking of but it doesn't sound like a total block.

Comment Re:Not a problem (Score 1) 161

I'm tempted to say this isn't a particularly big deal in Europe - if an ISP trys to pull this kind of stunt then the content provider will announce what's happening and folks will just switch ISP. Compare to the US where this *is* a problem because the end users generally don't have a choice of ISP - if the ISP decides to hold Netflix to ransom then Netflix can't just tell their customers to switch ISP.

Comment Re:Will the technique work with other devices (Score 1) 162

The password is never supposed to be sent over the air - it is used to generate a cryptographic challenge (from which the password can't be recovered). The problem with this idiotic device is that it allows anyone to telnet into it using a trivially guessable password and it will divulge the wifi password over the telnet connection. So an attacker just needs to convince the kettle to connect to their wifi network instead of the owner's network, eliminating any security the owner's firewall would usually provide.

Comment Re:MTU (Score 1) 72

If people would just accept a decent MTU none of this would matter.
The max is 64 K but we're stuck with 1500 (including overhead) because you can't be sure that every hop will support your MTU.
Internally you can enable jumbo frames and shit will work, but once you need to go out over the internet all bets are off, so you limit your shit to 1500 and your performance goes to all hell.

We're basically delivering UHD movies via telegram.

Packet size is a tradeoff - for high throughput you want big packets, for low latency you want small packets. So fine, just tailor the packet size to your application - well no, when you're sharing a network, the packet sizes used by other applications have a significant impact.

So lets say you're doing something that requires a low latency, such as VoIP. And lets say you've got QoS set up to ensure the small VoIP packets are always inserted in front of any big packets, since that's a sensible thing to do. Look at 2 scenarios:

Scenario 1:
Transmit queue is empty, VoIP packet goes straight to the network card.

Scenario 2:
Transmit queue has a bunch of packets already in it. The VoIP packet goes straight to the head of the queue, but the ethernet card has already started transmitting another packet, so we have to let that finish before the VoIP packet can actually go out onto the network.

On a busy system, scenario 2 would be the norm, so the latency of the VoIP traffic will vary and the receiving end has to even out this latency with a jitter buffer. Lets assume an MTU of 1500 - the transmitting side has only just started transmitting a 1500 byte packet when the VoIP packet enters the queue, on a 2Mbps connection it would take 7.5ms to send this packet before the VoIP packet can start to be transmitted, so you're looking at a 7.5ms jitter on your VoIP session. If the MTU was 64K, the jitter would be a whopping 328ms, which is verging on unusable for VoIP.

Now, you may say that 2Mbps is a slow internet connection, and you'd be right, but it is also a very common speed of internet connection, so doing stuff that breaks it would be bad. Don't forget that you get latency introduced for each hop you do through though - on a 100Mbps connection with a 64K MTU you add up to 6.6ms of latency per hop, so if your traffic goes through 10 100Mbps hops, you're looking at potentially 66ms of latency.

Ideally you'd set the MTU of each interconnect independently of the rest of the network and base it on the jitter level you'd like to achieve (therefore it would be based on that link speed). And indeed this can be done - clients can do path MTU discovery to figure out the minimum MTU on the route between hosts, irrespective of the local MTU. Unfortunately, too many idiot sysadmins set up firewalls to block ICMP packets and that breaks PMTU discovery. Which means that if you're using a "nonstandard" MTU (i.e. not 1500) you _will_ have connectivity problems because your traffic will sometimes traverse firewalls that are set up by said idiots.

Comment Corporate deployments? (Score 1) 182

I think it could be possible for Chromebooks to be successful without having a significant home market share. If business with all their software online start finding them acceptable the fact they don't run all possible software locally could be seen as advantage (corporates are in a position to make things like Chrome's remote desktoping work). I could see Chromebooks working well for telesales or even places like libraries which are typical homes for existing thin clients...

Comment Re:Consumers reject advertising (Score 1) 318

Another problem is that good tracking doesn't help if the advertiser is stupid. If I've just bought a car, it's probably a waste of time showing me a bunch of ads for the very car I just bought. Even if I like pig butts (to use the other guy's example), I don't want them shoved at me every time I get online!

Yep, my wife doesn't use an ad blocker and her facebook ads are usually showing her stuff she has already bought. This has also caused problems because apparently facebook tailors adverts to your computer, not just your login, and on a couple of occasions I have borrowed her computer and facebook has shown me what she just bought me for christmas, even though I was logged in to FB as myself.

Comment Re:Consumers reject advertising (Score 1) 318

Well, then they damn well better fix that eh?

I hate eating Pork bungs (The pig's asshole)

Now some advertiser really really wants me to eat pork bungs (the pig's asshole)

I don't give a flying fuck if an advertizer will die if I don't eat pork bungs.

This simply means you aren't the target audience for the advert - if you liked pork bungs then an advert might increase the chance that the next pork bungs you buy will be that particular brand, or someone who likes pork bungs might say "you know what, I feel like having one now".

Now, showing adverts to someone who isn't the target audience is a problem for both you and the advertiser - it annoys you, because your time is being wasted seeing adverts for things you're not interested in, and it costs the advertiser to show you an advert that won't increase their sales. So advertisers then start tracking users to better target their ads - better targetted ads are good for both the advertiser and the end user. Unfortunately, tracking users is a massive can of worms with its own set of problems - now users are being asked to trade privacy for better targeted ads, and that's a trade that a lot of people aren't happy to make.

Comment Re:Consumers reject advertising (Score 1) 318

Google is an advertising firm not a technology firm. Their technology efforts are centered around increasing the number of users to feed advertisements to.

I think that's a very simplistic view. Google is _both_ a technology firm and an advertising firm. They are symbiotic sides to the same company - neither side can survive without the other (or at least, a replacement for the other).

If you're going to say "Google is an advertising firm, not a technology firm" just because they derive their income from advertising, you may as well say "Lego isn't a toy company, they are a sales company" because they derive their income from sales.

Comment Re:Consumers reject advertising (Score 1) 318

What this is really about (and what a lot of people are finding hard to accept) is that for the most part, people don't want to see or consume ads.

I don't think that's it at all. I think people don't want to see *obnoxious* ads and that most people simply don't care whether or not they see other types of ad.

Examples of obnoxious ads:
- Things that pop up when you're in the middle of reading an article, which you then have to dismiss.
- Things that play music without you asking for it.
- Things that you have seen a million times before - i.e. you're watching a series of 2 minute youtube videos and you have to sit through *the same* preroll ad before each video.
- Things that take a disproportionate amount of your time for no benefit - i.e. the aforementioned youtube ads where the time spent watching advertising is 25% of the length of the content you're actually trying to watch. Or TV ad-breaks, which take a significant amount of your time.
- Ads which show your significant other exactly what you bought them for Christmas (on several occasions I've found out what my wife bought for me through Facebook ads that are displayed when logged in as me, just because I happened to be using her computer).

Examples of ads that I find acceptable:
- Discrete, relevant, text adverts.
- Amusing TV ads (although these fall into the "obnoxious" category if they are shown too frequently, and there's often a fine line between "amusing" and "annoying"). You can almost forgive TV for showing the same advert to you many times, I can forgive youtube less since they *know* they already showed that same advert to you 5 times in the past 10 minutes.

The problem is that there's so much obnoxious stuff that it eventually becomes easier to say "oh sod it" and just block all advertising, which is probably counterproductive for everyone in the long run.

Comment Re:No thanks (Score 3, Interesting) 318

Adverts are a category of content I want to block for my "user needs". They are distracting and annoying, waste my bandwidth and I never interact with them anyway. They almost all violate my privacy with tracking, and are a security risk. They reduce performance at no benefit to me.

Ok, so your "user needs" are:
- Avoid annoyance and distraction
- Avoid bandwidth waste
- Protect privacy and security
- Maintain performance

These cover a wider scope than just adverts, and may not cover *all* adverts.

Personally, I have no problem with advertising so long as they don't break the above criteria. That means an unobtrusive text advert is fine (and who knows, I might even click on it is it's useful to me), a pop-up flash ad that plays music and has to be manually dismissed will be blocked.

FWIW, in recent times I've seen an increase in the number of pop-up ads which are getting through adblock plus. These generally take the form of "subscribe to the website you're currently looking at" rather than third party ads, but they are equally as annoying (and usually result in me hitting the "Back" button rather than reading and sharing the content on the site).

Comment Re:Three years after Europe ran out? (Score 1) 435

Specifically, RIPE's policy is that each LIR can get one /22 from the final /8, and that's it. The idea is to make sure that new LIRs can at least get some v4 space to run NAT64/CGNAT on.

ARIN didn't think that would be useful, for whatever reason.

ARIN's policy is that each LIR can get one network (/28 - /24) from the final /10 every 6 months for exactly the same purposes.

Slashdot Top Deals

The bigger the theory the better.