Become a fan of Slashdot on Facebook


Forgot your password?

Comment A mini ice age? Really? (Score 2, Insightful) 185

This is why no-one trusts the media. I doubt even the most fervent anti-CC campaigner believes this to be true. And while I don't think climate change itself is a hoax, I'm far less convinced that it's a death sentence (e.g. as far as I know we've had higher levels of CO2 in the atmosphere in the past without all life dying).

Comment Re:Hardware VPN device (Score 1) 173

Is this like the other Meraki stuff where you have to pay Cisco licensing each year to be able to continue to use and manage the hardware (without paying the license it's a brick)? If so it may not be the best solution (also consider - to manage the device you have to have it connected to the cloud, so if that connection goes away or gets flakey, you're SOL).

Plus you have the delightful experience of buying new hardware rather than continuing to use existing stuff if you don't want to pay the danegeld any more.

For those reasons I can't recommend Meraki kit (unless I'm wrong and it's changed) - try the Ubiquiti or Microtik kit instead, or Sophos Home Edition, or frankly anything else that doesn't have continuing payment requirements.

Comment Re:Will Power Shell become useful? (Score 1) 285

Because this is a direct outcome of configuring secure-by-default. It's there to stop people shooting themselves in the foot the first time they try. Don't like it? Try one of the FIFTEEN WAYS you can run a powershell script without requiring a policy change.

I personally prefer #9 but YMMV.

Comment Re:Clean room implementation? (Score 1) 223

And why should developers and other companies "benefit from Java API's good design with $0 license payment"? That's exactly why Oracle are introducing their Licensed Java Developer program. For only $10,000 per annum, you can be certified to write code that uses the Java API. If you're writing for a company, that company will need to be part of the Licensed Java Application program too, at $25,000 per annum. Extra programs can be brought under the same company umbrella for just $5,000 each. Please note that this program only covers internal applications used by staff, and interested organisations should ensure they comply with the Licensed Java User and Licensed Java Non-Staff User agreements. Applications and code delivered over the Internet will require the organisation owning the code to comply with the terms of the Licensed Java Internet Application agreement, and pay the annual $100,000 fee to Oracle.

You might need a few <sarcasm> tags there, but I do wonder how far Oracle will try to push this.

The next problem though is this. If the Java API is copyrighted, then _any_ API must also be copyrighted. Thus the following are also all copyrighted works which you can't use without the owner's permission:

  • * int main (int argc, char**argv)
  • * int swap (int a, int b)
  • * Any C/C++ header file
  • * Any object hierarchy, containing at least one class, method or property

You.can't specify a level of complexity (it will be gamed) so you cannot avoid even the simplest "API"s from being copyrighted. It's not quite "the end of the world" but it's a pretty good attempt.

Comment Re:"Need more info" (Score 1) 486

No, unless it is or can be economically comparable to costs at the time it is commercially available, it's next to useless. You seem to have forgotten inflation, price gouging, increases in demand from consumers etc.

You're suggesting that if it's commercially available in (say) 10 years, and approximately a 1:1 direct replacement for fossil diesel, it has to sell for about $2.80 a gallon (at today's prices from some presumably US site called "Daily Fuel Gauge Report"), even if fossil diesel is selling for $6.00 a gallon. That's illogical.

Comment Re:Help me out here a little... (Score 1) 533

Imagine you have a power supply with a 0V ground, a +5V supply and a +12V supply.

Now connect a resistive load with the input lead on +12V and the ground lead on +5V. You now have a +7V delta and are treating the +5V supply line as if it were ground.

Often done in building PCs to be quieter (as the fans move less air, but are significantly quieter).

Comment Re:It's quite simple really... (Score 1) 158

Yes, OK, somehow it's Microsoft's fault that the web developers completely failed to produce a site that works in real IE. So by that logic, it is also Mozilla's fault that Firefox doesn't work, and Google's fault that Chrome doesn't? Of course not. You just wanted an excuse to play in the big boy pool didn't you? "See, I'm just like you popular kids and I fit in because I'm copying your behaviour, two seconds after you do it".

Where's your browser, AC? Which browser deployed across millions of PCs did you write? And why won't you take responsibility for it failing to work with this site? And why do you and Google and Mozilla and Microsoft keep disagreeing on the way the box model works, and where the lines go, and what spacing is what? Oh, because the spec is ambiguous you say? Still must be your fault then!

I'm all for bashing Microsoft when they do stupid stuff. But if you want to be effective, wait until it's actually their fault.

Comment Re:How many minutes until this is mandatory? (Score 1) 287

Meanwhile here in AU, it's quite common to see dual-sided speed signs. The "front" has the normal road speed (which might be 110km/h - around 70mph). The "back" has a roadworks speed limit of 40km/h (25mph). Watch for shenanigans as the Ford sees the wrong sign on the wrong side of the road (not uncommon either) and suddenly decides the road is 1/3 of the normal speed.

Comment Re: Positive pressure? (Score 1) 378

No, they actually usually mean LPG. I think it's only the US that conflates these terms (IME most other countries call the liquid fuels for vehicles "petrol" and "diesel"). In a gas attack, the criminals generally bring along a compressed cylinder of LPG - open the valve and the pressure causes the flammable and explosive gas to be expelled, into the air vents of the ATM. Add sparks and boom.

Comment Re:Ways to protect vs DDoS (Score 5, Interesting) 336

None of these protect against a volume-oriented DDoS. Many are DoS only (single / few sources) and do not apply when every IP on the Internet appears to be sending thousands of requests, or more likely, responses. Further, you've completely ignored spoofing of addresses combined with amplification attacks (send out a 64 byte DNS request pretending to be the DDoS target, get 4kB sent to the target). Finally, regardless of the 50-100Gbps pipes MS, Sony and Amazon no doubt have, they're useless when there's 1Tbps of amplified crap directed down the pipes. With the example above, you'd only need about 4Gbps of bandwidth total (40 cheap VPS on "100Mbps" connections) to generate 256Gbps of DDoS.

When 256Gbps of rubbish arrives at your servers or firewalls ... registry settings and kernel tweaks do jack (note that CloudFlare was hit 11 months ago with more than 400Gbps of DDoS, so this is not implausible!)

And since it seems it was apk I'm replying to ... I'm actually half surprised you didn't try to claim that a HOSTS file would magically help.

Comment Re:Bad for small business owners (Score 1) 396

Buddy, you can get a certificate for less than FIVE US dollars per year. Is that too much for you?

Actually yes, frankly it is. Because according to Google's overpaid, brain-dead Chrome developers, I need one for the KVM, one for each of the management cards in the servers, one for each of the appliances I have (from DVRs to firewalls etc), one for each little device with a web server (assuming it even supports writing a certificate to storage, and config for HTTPS), one for each workstation or server with an app or config UI. Quick count for my house alone ... 47 certs excluding the devices that quite literally have NO way to store and use a cert. I simplified too by assuming the devices supporting certs can handle SHA256 (thanks Google for THAT little recent shitfight). And the certs don't support SANs nor do CAs allow local names, so I have to use the correct FQDN all the time now (no more http://dvr/ or typing the IP - now it's And what have I gained? I've had to spend $230+ and several hours of work to avoid irrelevant anti-sec warnings, on devices no-one can get to except me. It's bulldust.

Slashdot Top Deals

Any sufficiently advanced bug is indistinguishable from a feature. -- Rich Kulawiec