Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?

Comment: Missing the point. (Score 3, Interesting) 180

by B5_geek (#48878281) Attached to: Silk Road Journal Found On Ulbricht's Laptop: "Everyone Knows Too Much"

While a lot of people are jumping on the " wasn't encrypted.." "..FBI grabbed it while he was logged in.."
You are missing the point.
Step 1) NEVER carry incriminating evidence with you. Encrypted or not.
2) use a VPN/SSH Tunnel/etc (and/or both) to connect to the server where your data is. (make sure that server is located in a non-extraditing country, and filtered from you by a few shell companies)
3) keep an absurdly low 'idle-timeout' on your ssh sessions
4) use a dead-mans switch on that servers encrypted data
(i.e. run command "" every 15minutes.) {be more vague then this*}
5) ALWAYS assume that your local system is compromised. (boot/run from a read-only media)
6) don't brag about it! If more then 1 person knows; then your secret is not safe.

Comment: OpenBSD & PF are your only sane choice (Score 2) 403

by B5_geek (#48823791) Attached to: Ask Slashdot: Migrating a Router From Linux To *BSD?

I have learned this the hard way so please take heed;

NB! most of the guides online have the syntax (order of wording) wrong for pf.conf included the beloved OBSD FAQ.
This is accurate and works on OBSD v5.6
99% of the online howto & guides will get your firewall almost working.

Use this as an example from my working pf.conf

pass in log on egress inet proto { tcp, udp } to $pub_ip port { ssh } rdr-to $workstation

You can spot the variables. Use 'LOG' for all of your entries and keep a "tcpdump -nettti em0 host 192.168.0.x" running while testing your setup.

Comment: Attention SciFi fans! (Score 2) 52

by B5_geek (#48556037) Attached to: Material Possiblities: A Flying Drone Built From Fungus

This is a start!
It's this kind of thinking that will bring us closer to Vorlon tech, LEXX, or even Moya! =)
(did I miss any?)

Seriously, as others have pointed out, the most expensive valuable parts are not the airframe, but the motors/camera/radio/battery so stop the hippy-dippy crap and don't worry about making it out of biodegradable material.

But seriously, keep working/thinking in this direction.

Comment: Re:Bitcoin. (Score 1) 353

by B5_geek (#48311207) Attached to: Online Payment Firm Stripe Boots 3D Gun Designer Cody Wilson's Companies

I'm not sure if you are intentionally be obtuse or not seeing the forest for the trees.

Bitcoin allows the seller to directly receive payment from the purchaser. Whenever a seller depends on a 3rd party intermediary to pass money through then that seller becomes dependant on the whims of that third party.

In some cases that 3rd party has enough clout to enforce change that is beneficial to society. But that power can be abused easily.

Lets take an imaginary scenario:
Payment processor "Money Buddy" discovers that website "" is forcing children to work 23hrs a day for a nickle. "Money Buddy" tells them to stop being assholes or they will stop processing their payments.

Nobody can really argue that this forced-change is a bad thing. Now lets change the scenario to something more ambigious.

"Money Buddy" discovers that "" forces that any female employees wear a hijab. The "Money Buddy" CEO is a feminist and thinks that this is an oppressive rule. But "" is located in a country that enforces that law, and the president of the company proudly wears her Hijab during the press conference proclaiming that "Money-Buddy" is actively trying to oppress her religion and national law.

Bitcoin bypasses that middleman. If you want to support child-labour and buy your sneakers for $2 less then the competitor offers then you can. If you want to make sure your money goes directly to the people you want you can. Why allow these fat-cats to continue getting their cut when they offer no added value for their services?

Bitcoin can be an incredibly powerful tool for change in society.

Comment: A few options. (Score 1) 294

by B5_geek (#48105017) Attached to: Ask Slashdot: An Accurate Broadband Speed Test?

If you have a system that you can test against (i.e. a server at your work with a fatter-pipe then you have at home, or a hosted server/VPS/etc.)


run "iperf -s" on the server and "iperf -c server.ip.address" on the client.
Read the man pages for more options.

If you don't have a 'known better then you' to test against try this to test your maximum download bandwidth.
Simple test: download a large file from Microsoft (i.e. a 'network install' service pack, or similar) or other big-host

More complicated:
run several (4-20) 'wget' concurrently. If you use Linux .iso's as your target download, make sure you grab the files from *.edu sites. Schools should have a lot more bandwidth then the average .com that is hosting files.

Your ISP might have several things in place from preventing DDOS attacks from there customer machines. So each 'download' might be throttled by your ISP. If you open several download threads to different locations, downloading different things you can maximize your usage.

Also, don't download the same thing twice from the same source. Caching can/will interfere with accurate measurements.

Comment: Re:Test string here: (Score 5, Informative) 399

by B5_geek (#47985837) Attached to: Remote Exploit Vulnerability Found In Bash

SSH into your host.
from the bash prompt just paste the above string.

user@host $env x='() { :;}; echo vulnerable' bash -c "echo this is a test"

If you see:
this is a test
Then you are vulnerable and need to update your system.

If all you see is:
this is a test

Then you are ok.

A list is only as strong as its weakest link. -- Don Knuth