Slashdot is powered by your submissions, so send in your scoop


Forgot your password?
For the out-of-band Slashdot experience (mostly headlines), follow us on Twitter, or Facebook. ×

Comment: Re: Above Congress? (Score 4, Insightful) 107 107

not sure if serious ... CIA people have been in the Whitehouse since 1980, out in the open (it's debatable before then). They spy on Congress, have their own secret kangaroo courts, and carry out overseas executions all admittedly. One could suppose that there's nothing worse behind closed doors but that would be generous towards spies. Who doesn't really think they're blackmailing anybody in Congress or other high elected office?

Politics remains the entertainment arm of the military-industrial complex. After all, people would be mildly non-plussed to learn that they were secretly ruled by spooks and banksters.

Comment: Re:Refill (Score 3, Informative) 163 163

Thanks for this. My experience with the refurb vendors has been fair to terrible. I wonder if I should just replace the caps on a leaky refurb toner I got. Brother makes good machines and sells their carts for a king's ransom. I was literally contemplating $50 more for a new Brother color laser than for a set of toner carts for my existing Brother color laser. The refurbs run 25% of the cost, but I'd rather refill them myself now that I know it's possible.

As to the OP - don't spend a gallon of gasoline to bring a toner cart in for recycling - just toss in the trash if that's your only option (for a brand without a mail-back program). Economics is hard, but recycling without considering economics is stupid.

Comment: Re:ipv6 incompetence is nothing new. (Score 1) 63 63

I don't like what you're saying, but it's true. For this reason I disable ipv6 wherever I care about security (vmlinuz ipv6.disabled=1), because I can't trust the existing implementations and I'm pretty sure there will be data leakage if I don't (this story doesn't help assuage my concerns). Therefore, I'm not engaged in filing bug reports very much, because I mostly have to avoid it. Quite a Catch-22.

Also my ISP doesn't offer it and most endpoints don't offer it, so it just adds latency for Internet operations. There are clearly incentives missing or the situation would be better. The recent move to monetize IPv4 space transfers might finally be the impetus needed for network operators to move their internal nets to IPv6, but look at Android 5 not even supporting DHCPv6 (which administrators seem to want) and you can see how far we have to go - whether Google or the admins wind up backing down, there are still fundamental philosophical disagreements about how v6 should be disabled and no amount of shouting "but I'm right" will solve it. That's in 2015 with at least a lead time of five years for everybody to get on the same page, *after* there is agreement. And even if monetization of IPv4 does start to work, the BGP community has had its head in the sand for two decades and really can't handle it.

IPv6 is necessarily more complex than IPv4 since it shifts the complexity of kludges into services (the tech schools aren't even teaching it so only alpha nerds even understand the stack) and fundamentally the transition plan was "we'll make a spec and then everybody will support it for altruistic reasons") which is such a monumental failure in understanding human action that it's socially embarrassing to be associated with the spec. The IPv6 transition will be a warning to future generations about how not to advance technology in society.

Yet we still need it.

Comment: Re:yeah yeah (Score 1) 53 53

It will display a warning and let you continue

No, it won't - and that's the whole problem. It prompted me to write this piece on re-enabling SSLv3 on Firefox which is probably the most heavily-trafficked post I've done on that blog.

Most of these devices will support HTTP and HTTPS. The posture of the browser developers is to blow up HTTPS support on SSLv3 everywhere, regardless of the risk profile.

There are very few people who are going to get $1100 to replace a PDU because the current one only supports SSLv3. As it currently stands, those people have to re-enable SSLv3 for the whole Internet on their browsers to admin their local devices. Pretty soon they will have to stop updating their web browsers entirely.

There are only two possible real world outcomes:
1) people will re-enable HTTP administration and start sending their passwords cleartext on their LANs
2) the very people in companies who do security work will be running outdated browsers, on purpose, to connect to their gear.

3) a million dollars will appear overnight in a company's budget to replace gear for highly theoretical risks

simply is not an option that exists concurrent with reality.

If the browser engineers had handled the situation the same way as self-signed certs, or even made a more complex UI to specifically whitelist certain hostnames or subnets, then we could have made a reasonable transition. But that would have been hard work with real analysis required, and why do that when flipping a switch and boldly posturing is more crypto-macho?

The very same people who jeered corporate people for staying on IE6 are creating exactly the same situation in regards to SSLv3. They may understand a narrow aspect of cryptography very well, but they completely fail to understand the security of complex systems. They are hurting the security and privacy we're working so hard to achieve. Jeers indeed.

Comment: Re:Just run your own (Score 5, Interesting) 132 132

Or be a better netizen by running your own and forwarding to your ISP's.

The whole reason OpenDNS even exists is because ISP's proved they cannot be trusted to run an honest DNS. And let's not pretend that DNSSEC is universally deployed.

Most people here can setup up a 99 cent VPS with an openvpn endpoint running a recursive resolver, limited to the openvpn net. That fits in the smallest slice of RAM available in 2015 and will work fine.

Most other people cannot, though. Google's DNS is honest, if you don't care about tracking - but most people care more about free stuff than privacy.

Comment: Re:Uber this! (Score 1) 308 308

If you think their getting invaded has anything to do with the French troops and not who was invading them, you really do need to brush up on your history.

Also, the government already promised to do something about Uber, and then didn't. Hence the protests and the response. Protests such as these are common in France and especially in Paris, and have been throughout the centuries.

It sounds like you know very little about France's history, and thought to wade in and let everyone know. How considerate.

Comment: Re:Uber this! (Score 1) 308 308

That's so when people get in a taxi they know the car is insured for any accidents, and it is in good working condition, not to mention background checks and extra training (in some countries, it doesn't sound like yours). Without the medallion system this is still the case. You seem to be confusing several issues, making a blunderbuss attempt to make your point, and failing miserably. Ouch.

Comment: Re:a hollow gesture from the cloistered elite (Score 1) 275 275

I see you are confused. Yes, the climate changes. What's worrying is not that it's changing, but that it's changing so fast. Yes, coastlines rise and fall without humanity, but when the world depends on cities built on the coast, you can see that it's rather worrisome that we as a species are doing everything we can to ensure they will be flooded at some point. Humanity would not be "fine" if we had the CO2 levels of the Eocene - our staple crops rely on being grown where they currently are, and rely on the current amount of CO2. The more CO2, the less nutritious they are, requiring more of them to be grown. The warming means the viable land suitable for agriculture will shift towards the poles, often onto poor soil (thanks to glaciation and other natural processes) and without the necessary infrastructure that humanity has built up over the last 50 years, and often over international borders, creating political problems as well as humanitarian ones.

But I'm sure your half-assed, factually incorrect assumptions are true. Yeah. Definitely.

Comment: Re:Good on him (Score 1) 275 275

There has been warming, though, which should tell you that you need to get your science information from better sources, lest you look like an idiot by parroting bullshit you heard other people claim. Or not. It's actually good for others that you are so ill-informed, as those who actually want to discuss science can see you have no idea, and can easily ignore you without losing anything of value.

Much of the excitement we get out of our work is that we don't really know what we are doing. -- E. Dijkstra