Forgot your password?

Comment: Re:Militia, then vs now (Score 1) 1117

by guruevi (#46768931) Attached to: Retired SCOTUS Justice Wants To 'Fix' the Second Amendment

The wording is pretty clear. Back then they were starting to get some 'machine guns' and they've had cannons and explosives for a while, any futurist was talking about such weaponry and machines that fought wars. They knew governments and other rich entities were going to have the first and most access to new weaponry and were going to use it to suppress any uprisings. They also knew any government, even their own, was going to become corrupt and heavy handed and eventually degrade into something akin to their monarchy with heavy taxation without representation (it only took 200 years for their own government to do that).

The right for the people to have a "well regulated militia" is pretty clear to me, it's a militia (which doesn't have to be controlled by any particular government) that is well-regulated (they have a purpose to exist and are under a command) shall not be infringed upon.

The right of the people to keep and bear arms shall not be infringed either. There is no statement there that clarifies what type of weaponry or when someone can bear arms because then an oppressive government could rule out eg. all automatic weapons or anyone who's not a leftie.

And does that mean that anyone can have a shotgun: yes, an ak-47: yes, an atomic or biological weapon: yes. The old government has it, why wouldn't a new government need it? And if an individual becomes a problem, the 'well regulated militia' can take care of it. If a group of individuals becomes a problem, we're talking about throwing over the old government, that was it's intended purpose.

Comment: Just because you can doesn't mean you should (Score 5, Insightful) 203

by putaro (#46763475) Attached to: How 'DevOps' Is Killing the Developer

There's definitely truth to what he's saying but it cuts the other direction as well. Having your lead guru developer swapping disk drives on a machine isn't the best use of his time. However, I've also seen environments where the developers can't/won't/aren't allow to do the system admin tasks and wind up waiting around or being frustrated when their development systems have a problem. Likewise, with QA - I've seen developers that will just toss any old crap over the wall and expect QA to catch all of their bugs. And, developing tests is often software engineering, often complex software engineering that needs an experienced developer to establish at least the outline of how everything works.

Personally, I expect any developers I'm working with to have at least basic sys admin abilities and know how to setup/fix any other part of the stack they might touch. Those skills should be used when working with the dev systems and in establishing the base line for production. I would then expect that someone who is more specialized in those other roles to actually setup and run production and also be available when the developers get in over their heads on system admin, hardware troubleshooting, etc. In the same way I would expect a systems admin to at least be able to write a script to automate something and not go running to the developers for everything.

For test development, I always like to set groups against each other and develop the test suite for each other's code. Most people are a lot more comfortable and eager to break someone else's code than they are their own.

Comment: Focusing on the wrong hand (Score 2) 143

by putaro (#46757607) Attached to: How Amazon Keeps Cutting AWS Prices: Cheapskate Culture

The article focused on how Amazon cuts hardware costs. The first step there is a big one - once you let go of buying name brand hardware, especially for storage, the price drop dramatically. So dramatically, in fact, that hosting (largely electricity, cooling and network connectivity) becomes the major cost in the equation. Amazon is pushing for extremely high density, however, that has a ripple effect throughout your whole datacenter design. If you're not in a high cost area, you might ask why focus on density because floor space is relatively cheap.

Comment: Re:Nuclear is obvious, an energy surplus is desire (Score 2) 423

by guruevi (#46743625) Attached to: UN: Renewables, Nuclear Must Triple To Save Climate

Nuclear reactors aren't nuclear bombs. You need to refine the fission material very well in said reactors and then re-refine it in more specialized reactors to get a material that has the potential of wiping a large area. Even then, the offensive material degrades very quickly to manageable levels, Hiroshima or even the Nevada desert is far from uninhabitable, Chernobyl even continued generating electricity in it's other reactors for 20 years after the disaster. Even Three Mile Island, which was in a relatively densely populated area of the world is only expected to maybe cause ~300 cancers, far less than the average coal plant in it's life time.

Comment: Playing into Microsoft's playbook (Score 1) 322

by guruevi (#46740677) Attached to: IRS Misses XP Deadline, Pays Microsoft Millions For Patches

For years, Microsoft has been attempting to rent out their software instead of selling it outright. Having a yearly cost for an OS or Office suite is what they've been attempting to do for years.

It started with their Enterprise licensing where they started charging "Software Update Assurance", basically for a yearly cost per computer you 'rent' any version of their software (usually a Windows/Office/CAL combo). Then they went to Office365 where you paid for both storage, server and the desktop software on a yearly basis outright, no more buying the Office suite, no more buying Exchange and also, you're locked in because you can't get your data out anymore. Now they've come full circle where you rent their OS suite. Since they've tested the waters over the last 2 decades and know that large companies rather remain locked in because it's a cheaper solution for the next quarter, they can now keep raising their prices as they're doing with Software Update Assurance (it went up 30% last year), Office365 and now Windows ($200/year). Expect the next Windows to cost a pretty penny on a yearly basis as well.

Comment: Re:"It's Not a Tumor" - Oh Wait, It Is (Score 1) 301

by putaro (#46733277) Attached to: Theo De Raadt's Small Rant On OpenSSL

How about this

I haven't tried setting up a large PKI infrastructure so I'm curious if you know more. Technically it's possible but I could see why a CA wouldn't do it. The info for this GlobalSign "Trusted Root" seems to imply that you get to sign keys with your own existing root CA but that GlobalSign will sign it as well so you don't need to distribute your own root cert. Am I reading it wrong?

Comment: Re:"It's Not a Tumor" - Oh Wait, It Is (Score 1) 301

by putaro (#46721123) Attached to: Theo De Raadt's Small Rant On OpenSSL

It depends on where you are in the chain.

If you're a CA, then yes, the intermediate key would be used for automated signing. It STILL shouldn't be on hosts that are directly connected to the Internet.

If you're a company that is not a CA, then the intermediate key signed by the CA is pretty much your root key. It shouldn't be on your web servers, you should keep it offline if possible and you should be generating another layer of keys that are used to sign actual server certificates.

Comment: Re:It's really annoying (Score 1) 303

by putaro (#46691333) Attached to: OpenSSL Bug Allows Attackers To Read Memory In 64k Chunks

Yah, like all that oh-so-secure code that used to float around back in the 70's and 80's? I remember when systems used to get hacked by dial-up modem on a regular basis. There were and have been security holes in things forever. It just used to be harder to exploit most of them remotely and there were fewer people trying to exploit them.

Comment: IPTables FTW (Score 1) 186

by guruevi (#46673135) Attached to: Ask Slashdot: User-Friendly Firewall For a Brand-New Linux User?

Most distros will have the rules in a single script, they are really easy to read, modify and understand. I don't understand what good a GUI would do for something as simple and important as a rule-based firewall, GUIs only hides things.

Of the top of my head:
iptables -A INPUT -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A INPUT -p 22 -j ACCEPT
iptables -P INPUT -j DROP
iptables -P OUTPUT -j ACCEPT
iptables -P FORWARD -j DROP

To get a detailed overview of the rules:
iptables -nLv

If you need any simpler, just go with the defaults your distro has to offer, they'll be secure.

Comment: Re:This is the problem with all aging infrastructu (Score 2) 152

by guruevi (#46673103) Attached to: Under Revised Quake Estimates, Dozens of Nuclear Reactors Face Problems

Fukushima is not a hot spot. There is a lot of media surrounding it and sure, there may be some "bad things" there but there isn't life threatening Chernobyl-level activity (and even Chernobyl wasn't all that bad). I also wouldn't be concerned about Buchanan, NY getting hit by a tsunami, Long Island and NYC are among a few of the things that have to be passed by (and those would dissipate most/all of the energy). And if a tsunami hit there, well, then, we'd have more serious things to be concerned about like your survival among the remaining 10% of the species on earth.

When someone says "I want a programming language in which I need only say what I wish done," give him a lollipop.