Forgot your password?
typodupeerror

Comment: Re:OATH (Score 1) 113

by DavidRawling (#47563669) Attached to: Ask Slashdot: Open Hardware/Software-Based Security Token?
Actually, combine the Yubikey with AuthLite, and you have 2FA for Windows AD environments. I just implemented for a customer; they use the OTP for the username and the normal password for the password. This has two benefits: first, you don't hit the arbitrary 48 character password length limit for things like VPNs (yeah - you can have a 128 character UTF16 password, just don't try to connect remotely) and secondly, there's no customisation of apps required. It Just Works.

Comment: Re:WTF?? (Score 1) 798

I've seen comments like this a couple of times now and I have an easy way to demonstrate that bullying was (and is) illegal. I believe Aus and US law are not too far apart on this - either the bully hits the bullied, or does not. If he does, he can be found guilty of battery. If not, he can be found guilty of assault, (if the bullied person feels his safety is at risk that's technically enough).

Comment: Re:IPv6 should have been entrenched before TLD pro (Score 1) 164

by DavidRawling (#46364407) Attached to: ICANN Considers Using '127.0.53.53' To Tackle DNS Namespace Collisions

Sure they do - all the major web servers and hosting platforms can use and define vhosts (it's just that the mechanism for creating them differs on each platform). IIS for example, if you create a new site, using "All IP Addresses" port 80, will require that you designate a host header so that the HTTP engine can route the request to the right Web Site (and corresponding content). All IP Addresses port 80 with an empty Host Header acts as a "catch-all" and is assigned to the Default Web Site. Which you generally disable, and create your own config for, if you know what you're doing. Apache, on the other hand, configures those vhosts in text files (nowadays under sites-enabled, as I recall). But the functionality is all there on pretty much all major platforms.

Now if you're arguing that the administrators of IIS servers are exponentially less likely to have a clue about host headers, when compared to their Apache/nginx counterparts - well then from my experience you're absolutely right (my history is MS consulting, and the number of IIS admins who want 20 IP addresses for 20 sites because they don't get how to do host headers, DNS resolution etc, cannot be counted - the reverse can be counted on both hands over 20 years of doing this stuff).

Comment: Shades of grey, not black and white (Score 1) 298

by DavidRawling (#46168399) Attached to: Is Verizon Already Slowing Netflix Down?

No, it means anecdotal evidence is to be taken as better than no evidence whatsoever. Not everything is black and white, one side of the fence or t'other.

Consider this as a scale - Peer reviewed, multiple-source reproducible trumps anecdotal evidence, but anecdotal evidence is still better than the absence of any evidence on either side.

Comment: Re:They will use the data in court (Score 1) 599

Cop 1: "He looked like he was hiding something, yer onner". When we stopped him he kept looking around and acting strangely."

Cop 2: "Yeah, yeah, wot he said."

You: "I did no such thing, your honour."

Judge: Both cops say you did, 2 trusted public officials with no reason to lie against 1 obvious reprobate, probable cause, case dismissed with prejudice.

Comment: Re:If I ever own a Ford.... (Score 1) 599

Do you really think the telcos would be able to charge full monthly fees for each car despite it sending a few dozen kB a month? Most likely something like the kindle model - where I'm guessing Amazon pay the telcos 20c a month or something, because while the total data amount is huge, the amount of data per device is so small and only the aggregate so large. Same with FROD. 50M extra data streams, once a day spread country-wide? Noise to the telco's existing data streams. Frod and all the others will negotiate the rates down to SFA, they get the data, the telcos get more revenue/profit and the only loser is you, the consumer.

Comment: Re:crashed my machine (Score 1) 214

Except the fuckers crashed my machine when they pushed out the update.

Citation needed, since I recall no such major outcry. Your machine is probably one of the ones with 25 browser toolbars, or ten download accelerators, or fifty outdated browser plugins, or a couple of undetected rookits etc., which is usually the reason behind a security patch "crashing your machine".

And if Windows closed the app with unsaved work, you'd be here whinging that Microsoft destroyed your work. And if you really gave a crap, you'd go in and change the Windows Update setting from "Automatically install" to "Ask me first".

Microsoft has done some seriously stupid stuff. And some bad stuff. But if you want to abuse them, at least abuse them for the stupid stuff not the sane stuff.

Comment: Re:No viable upgrade path for Business Users. (Score 1) 829

by DavidRawling (#45764527) Attached to: Microsoft's Ticking Time Bomb Is Windows XP
So what you're saying is that it's Microsoft's fault your business held out for post-Win7, despite the knowledge that the end date was 2014 (and heck, that's been moved out by 2 years from the original date!). And it's also Microsoft's fault for not planning your app upgrades (what, you thought Win8 would be more compatible than Win7 for your XP apps)? Sounds to me like you think your lack of planning should constitute an emergency on my part. Bzzzzzt. Wrong. You made your bed, now you get to lie in it.

Comment: Re:So upgrade already (Score 1) 829

by DavidRawling (#45762743) Attached to: Microsoft's Ticking Time Bomb Is Windows XP
That comment in no way changes what was said in the GP post (though for clarity, while you could still buy WinXP about 4-5 years ago you are still not a current customer). The other point to consider though is the customer (company) who has 20x WinXP machines, 100x Win7 machines and 50x Win8.1 machines. They still are a customer, obviously, but IT moves so much faster than most older industries - it's like complaining your 1955 Studebaker isn't getting new parts made any more because it's 2013, and the original moulds/specs have been lost. The only difference is that you can't even retro-fit a cloned part.

Comment: Re:Predictable (Score 1) 174

by DavidRawling (#45625803) Attached to: FSF Responds To Microsoft's Privacy and Encryption Announcement

Actually - that their software is open is irrelevant to the problem. Are they running their own servers with openssl/openvpn/??? or using third party appliances? Did THEY create and build the hardware from the ground up or purchase it from a third party? The balance of probabilities may say their inter-DC encryption is done on a secure, up-to-date and built-and-operated-to-best-practices RH server, but it's not a guarantee.

And just like this scenario with Microsoft, how is anyone going to audit the deployment? RH will most certainly not allow twenty million users to tour their datacentres and audit each and every device. So just like Microsoft's environment, and despite RH's code potentially being open, there is absolutely no way to vet the environment. You have to trust the organisation (and each and every person involved in the decision tree). I really don't see a significant and meaningful difference - the open code has no bearing whatsoever on what's actually running (both code-wise and configuration-wise).

Comment: Re:I'm shocked (Score 2) 199

by DavidRawling (#45468797) Attached to: Warner Bros. Admits To Issuing Bogus Takedowns

I'd guess the potential killers have higher moral standards than the execs, and don't want to inflict the mental pain / sorrow on the not-guilty family members. Sadly this means the morally bankrupt studio execs can't be expunged from the gene pool.

That and there's a huge line of contenders to replace the execs anyway, all with moral compasses permanently set to "screw everyone except me".

Comment: Re:Really? .. and a concious choice not to use it (Score 1) 258

by DavidRawling (#45194657) Attached to: Facebook Isn't Accepting New Posts, Likes, Comments...

Think of it more like a reminder and a chance to begin the education of those who were suckered in by their friends/colleagues (and who aren't/weren't privacy-conscious to start with).

I don't have a Facebook account now because of privacy concerns. But I didn't get one originally (04-05 I guess?) because frankly I'm a bit of a loner and I couldn't think of a group of people I'd rather avoid than those with whom I went to school. Yes, I've missed out on staying connected to people with whom I'd want to continue to associate (Uni friends), but I'm not sacrificing my privacy for it now. I'd rather be detached and a little boring. It's a choice - but I hope an informed one.

Comment: Re:That would be great - drive by malware protecti (Score 1) 282

by DavidRawling (#44965919) Attached to: Will New Red-Text Warnings Kill Casual Use of Java?

True also for Dell, Intel and HP. And the KVM switch vendors (e.g. Avocent). Problem is that while they'll pay for certs for the newer stuff, they're not going to release any new firmware for the older "not supported anymore" stuff. So all those console switches in your datacentre? Worthless, unless you stick with old Java. Same for managed PDUs hosting a little Java applet. Possibly even some rather large web-managed UPS. Same for thousands upon thousands of other supporting appliances of God-knows how many types. Heck, there are companies still rocking servers that are 4, 5 years old; those aren't getting updates to sign the Java applet either, let alone the 10 year old stuff that still hosts the NT4 app that no-one knows how to replace or migrate.

So basically this is going to force companies to replace perfectly good infrastructure or deal with losing remote access to things, as well as screw with hobbyists who have older stuff in their basement/garage/closet/bedroom.

I tell them to turn to the study of mathematics, for it is only there that they might escape the lusts of the flesh. -- Thomas Mann, "The Magic Mountain"

Working...