Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror

Comment Re:You must have the source code! (Score 1) 112 112

I suspect in this particular case, it won't be needed. the devices in question are virtual appliances, and are some sort of *nix (probably bsd) under the hood. I haven't tried this yet, but it would make sense that booting from a rescue disk would let you go mess with the ssh keys and config directly.. now, all these boxes have a remote support functionality built in. I am suspecting (also) that this uses the key to get a true ssh shell (a bash prompt, again presumably) so they can do fixes at the os level. So, if we can find these new fixed keys, we may be able to hop onto the boxes, assign a new, better keypair, and have os level access ourselves for repairs :D

Comment Not sure from the story (Score 1) 268 268

... if the drone was actually physically in the way of the fire department's approach path, or would just have been hit by a few hundred tonnes of retardant. If the latter, it seems a fairly simple decision... Go for it anyhow, and any drone in the way copes as best it can, as it shouldn't be in the airspace in the first place.

Comment Also worth noting... (Score 1) 181 181

Nothing the NYT links to says the NSA used the system to give early warning of Sony (or even after-the-fact analysis of Sony) - It simply says that the NSA had extensively penetrated NK in the late 2000's, and if that system were still in place, *could* have gained insight into the attack, either before it happened, or after the fact. However, given the FBI have raw access into the NSA's databases, its possible that this is why the FBI won't back up its claims with actual facts - it is relying on the database that the NSA have that is in breach of a LOT of laws, and use of which usually is subject to "parallel construction".

Comment Amazon Store (Score 1) 405 405

Not seeing why, if a publisher doesn't want to sell though the Amazon store, they can't as easily sell though their own website or even though traditional brick and mortar stores. For that matter, I don't see why an author can't do that themselves and cut out the other middleman, unless they are tied into an exclusive contract.
kindle books are just files - you can sell them from anywhere.

Comment Re:need to get over the "cult of macho programming (Score 1) 231 231

The reality was both more interesting and much worse than the above implies.

The OpenSSL project had one full time programmer as gatekeeper; he passed the code and added it to the tree, when in fact it missed a bounds check the RFC it implements says should be made.

As an OSS project that accepts patches from the community, the submitter could have been anyone, of any level of ability. In practice, the submitter was a student, who had written not only this patch but the RFC that describes the change, as part of his thesis project. The idea was to increase the efficiency of SSL *in UDP* for applications such as OpenVPN, by adding a "are you still there?" heartbeat exchange.

The final patch was submitted (and accepted) on the evening of Dec 31; I am at least slightly suspicious of the timing, as it smells of trying to meet some arbitrary deadline (and a student throwing in his work "under the wire") rather than the "when its as perfect as I can get it" criteria that should govern a submission to a security product.

Comment Problem with that theory is... (Score 1) 241 241

Nothing in Android prevents Microsoft just taking the existing core and putting it on as many phones as they want. There is no restriction, you can do what you want with it.
However, getting access to the play store and many of the "standard" apps requires signing an agreement with Google - that doesn't get you android, just the play store access and apps. No amount of cleanroom re-implimentation of android core will entitle MS to connect to google's play store - that's not a "feature" of android, its a contractual agreement with Google.

Comment Re:Nice, but... (Score 2) 222 222

To be fair, you can usually get away with using better targeted, more directional lighting. Not only does focussing all the light down with appropriate reflectors mean less escapes skywards, but it means you can achieve the same levels of illumination with much lower power levels, saving money too..

Comment Re:Very True (Score 1) 533 533

I have seen such high failure rates in the wild - cross batch, cross manufacturer even.
But invariably, they were proceeded by a thermal event - I have never, ever seen worse than 10% failure in a datacenter that has a clean aircon record, and would expect 5% or better unless there were power issues too.
if you are seeing that sort of failure rate, I would be giving special care and attention to any "service visits" the ups or aircon guys may have made in the two months prior to the problem starting.

Comment Re:Same old thing... (Score 1) 137 137

MariaDB is not much if any better - Ok, I can see his original point - he shared the source to MySQL so that he could get the benefits of community bugfixing, but retained the commercial rights so that he could sell commercial usage licences and still make money.

I can also see how, when offered a buttload of money by SUN, he could get up front and in one lump sum what he might make in years of normal trading - and SUN, having no db solution of its own to compete, was as good a new owner as any.

However, with MariaDB he is trying to have his cake and eat it too - he wishes to start a new "community" edition of MySQL so he can still steer the project, despite having taken his pieces of silver and ran once already. Despite (or even because of) his "experience" in running the MySQL project, I would not consider him a particularly good choice to control a fork.

Comment Re:No shit (Score 1) 385 385

You don't get to tell a search provider how they are supposed to use the content they index from you. I am ok with the idea that you should be able to tell them not to index you, if you don't want that done, but if you choose to be indexed you don't get to say "You can only do it in the way we specify, or using the terms we specify."

Actually, that plays to a second danger. If you can get a court order like this, then presumably at some point they can convince a Belgian judge that "Official Belgian newspapers" should automagically get a higher rating on news.google.be than foreign/unofficial ones... Google search results could end up ordered by lawsuit rank not pagerank :(

Comment Re:Uh, tough? (Score 1) 385 385

Google is a private, foreign, totally unaccountable organisation.

Clearly it is a private, foreign, but {within the jurisdiction of Belgian courts and accountable to said courts} organization, or this article wouldn't exist.

A Belgian judge has said "Remove all content from all your sites, but in particular, for google.com and google.be, for articles, images or graphic representations of the newspapers bringing this case"

Search engines work by indexing the content, comparing the index with the search terms, and using that to generate results. No content = no search = no result in the list. how is that hard to follow unless you are a Belgian landshark looking for cash damages not actual results (given robots.txt, as is repeatedly pointed out, can let you fine tune what google does or doesn't show)?

UNIX is many things to many people, but it's never been everything to anybody.

Working...