Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?
For the out-of-band Slashdot experience (mostly headlines), follow us on Twitter, or Facebook. ×

Comment: Re:And... (Score 1) 122 122

Who here trust Cisco?

That depends which definition of trust you mean.

Do I trust them to respond in a certain way under a given set of circumstances?
Yes, I believe I can predict exactly how they will abuse and eventually clusterfuck OpenDNS, and I predict it will not be pretty.

But do I trust them to have my best interests at heart?
Hell no.

Comment: Re:"IPv6 Leakage"??? Give me a break. (Score 2) 58 58

No.... That has nothing to do with IPv6, it has to do with what those VPN's support. What that statistic really means is that 11 out of fourteen VPN providers don't really support IPv6 in the first place.

Well if IPv6 packets can pass at all, clearly they support IPv6.

The problem is that they likely are accidentally supporting it with no knowledge about doing so.

Would you put your Windows box on the IPv4 Internet with no firewall what so ever?
I don't mean having a firewall and accidentally misconfiguration it, I mean having a firewall and not adding a single rule.

Well, that's exactly what these VPN providers did for the IPv6 protocol. They have zero IPv6 firewall rules.

So while inbound IPv4 packets are filtered with a default deny rule and any allow rules the customer wants, also likely filtering some outbound as well, their IPv6 rules are default allow.

Odds are if you fired up a PC with IPX or NetBEUI as the protocol, their firewall would gladly allow that traffic unfiltered as well.

For example in the Linux iptables packet filter, you can disable the IPv6 protocol completely with a single command:
iptables -I INPUT -p 41 -j DROP

If course using IPv6 properly is a bit more work, as you have to allow the ipv6 protocol in the main iptables, and use ip6tables or something like that for filter rules on the other IP stack.

Either way, allowing everything (no matter what protocol) has always been said to be unwise, and now these companies and their customers can see why.

Comment: Re:Fucking Lawyers (Score 2) 170 170

Fucking lawyers just never stop.
Google illegally copied Oracle's shit. Deal with it.

The 13 words in your post are currently under copyright protection and owned by me.
(As symbols required for interaction are now copyrightable, aka APIs, aka all words in a language)

You can paypal my $10000 per word usage licensing fee and I will refrain from opening a lawsuit against you.

As you say, pay up and deal with it.

Comment: Re:What Wu does not write: (Score 1) 131 131

Your faith in humanity is commendable, but misplaced. Your argument is that companies that abuse their users and the trust those users place into it will lose them.

For what it's worth, it was exactly that which drove me away from yahoo search and onto google search back in 98-99.

And I never did mind that yahoo search had links at the top to yahoo maps and yahoo games and such, nor do I mind google doing the same.

It was actually the 20+ ads on the main yahoo page (top, left, right, and center) that drove the last nail in. At least on that one aspect, google continues to win by a landslide to this day.

Yes it was mildly annoying when google changed their sponsored ads from having a nice different color background from the search results, but even now there is still a nice and noticeable yellow "Ad" icon next to those results that serves the same purpose.

It sounds like your opinion on where the threshold for abuse falls differs from mine, but for me personally google still hasn't crossed it.
It's just surprising and saddening that no one else seems to believe me regarding my opinion, saying I must be wrong or worse a stupid idiot for making an informed conscious choice in the matter...

Comment: Re:Backing up user data on Linux (Score 1) 512 512

Linux is great in many respects, but with most popular Linux distros, having a clean filesystem structure and code/config/data set-up are not among them. Maintaining most real world Linux-based systems is absurdly complicated as a direct result.

The only part I've found complex is finding out where and how various apps actually store their data, particularly when I don't really have much interest in the app.

Apart from that however, system restoration is pretty trivial.

For example, let's say a basic Apache webserver.
Apache stores it's master website in /var/www and personal websites under a users homedir.

So you have a pre-backup script (or just a cronjob) that runs:
dpkg --get-selections >/root/current-packages.txt

Backups should always consist of /root , /home , and /etc no matter what.
As mentioned with Apache, we need to add /var/www to that mix.

Now to do a restore, you install from the debian disc, then restore your directories from backup.
Then run:
apt-get update && dpkg --set-selections /root/current-packages.txt && apt-get install

At that point all your software and dependencies are back from the listing in /root , and services started up from your own configs in /etc , and in this case Apache is happily again serving from /var/www and homedirs.

That's it. One CD boot, one reboot into the live OS, and a few commands to restore all data/software/apps/libraries/dependencies which get started after install and run from your edited configs just as before.

Again, the only real trick is not missing any application data. Especially from a sysadmin point of view.
A user of the machine asks for WierdSQL. What do I care about learning a new SQL server? I just want to make sure I can make consistent and regular backups of its data.
I don't want to hear someone say "Oh the raw DBs are in /var/blah/blah" which are always in use and always changing.
I want to hear "Use this command to backup the data to date/time stamped .bak files where ever, then go backup that whereever dir - and here are the commands to restore .bak files into a fresh install"

For servers I setup for myself, it's pretty guaranteed I either know the software already and can answer all of the above questions, or I'm just learning it and so there is no risk or useful data to be lost and it doesn't matter.
But for servers I run for others, yes it can be a lot more work to learn those things, and is certainly not nearly as fun as the former.

Comment: Re:Mob Programming, huh? (Score 1) 124 124

(What is the average throughput of a spoken conversation, anyway? Maybe 1200 baud on a good day?)

1200 baud is actually a pretty accurate guestimation.

75 and 300 baud was way slower than my reading speed.

1200 baud was the point that certain cases (say transferring an ascii text file) was pretty much equal or just slightly faster than reading speed, only balanced out by the relatively slower ANSI "box" characters being added to the mix and/or ANSI color codes that took more bytes to send.

2400 baud was the point things were beyond reading speed by a large enough amount that most all "baud frustrations" disappeared.

Granted this was all reading speed and not verbal communication, of which the latter is possibly faster.
But even then I would still only say "1200-2400 baud" as a good range for generic spoken communication, and only faster than that when both parties know the terms and higher level ideas being conveyed ahead of time.

Comment: Re:Irony? (Score 1) 40 40

If I ran a business I would love to have refurbish an old Barn and turn it into an open office design. A tech company based in a turn of the 20th century barn. Would that have any more irony?

That reminds me of a guy I knew a little over 20 years ago back in the BBS era.

I was a wide-eyed youth at 15-16 years of age, and met another sysop from in town who prior I only knew as the guy with a massive 48 node BBS that put a lot of our setups to shame.

While I was still fighting with the phone company to have a third POTS line run to my apartment so I could finally add a Second BBS node (ofc it was really my moms apartment, and line #1 was the house phone line), many of us wondered just what sort of business this 48 node BBS guy was running to make the kind of money needed for such a setup.

Turns out he did exactly as you said, he moved into a barn to live in cheaply and spent his excess real-job money on his hobby.

Although that part did seem a bit out of the ordinary, I must admit I was at the time way more interested in learning about PRIs over POTS, Ascend Max dialup concentrators over serial based modems, and this multitasking many DOS BBS apps under OS/2 over dedicating one PC per BBS node.

Being one of the many huge technology learning experiences as a teen that lead me down the path I am on today is the core reason I remember him still.

But I forgot all about the financial side of things and him being "the sysop that lives in a barn" until now, which is also quite interesting despite me not appreciating that fact at the time.

Comment: Enterprise users (Score 1) 23 23

When the new operating system comes out, Windows Update will feed in fixes continuously, and if you're not a business customer those updates are going to be coming over the wires constantly. Enterprise users get Windows Update for Business, which allows them to choose when to patch, presumably after the plebs have beta-tested them.

I saw the entry "Windows 10 and later upgrades and service drivers" show up under the products & classifications options on our WSUS server a good 3-4 months ago.

Interesting wording I thought, since all other entries under the "Windows OS" group are named specific to a major windows version, and as far as I remember have never said "and later".

It looks like Microsoft is really serious about copying Apple versions now, with the "10" not really being part of the version string but just being there, and using the minor version section as the new major version number.

Yeay for needless confusion!

But at least it still isn't as bad as Nintendo product naming I guess.

Comment: Re:Can we go back to R/C Planes? (Score 3, Insightful) 267 267

Can we stop calling them drones. They're remote controlled (hobby) airplanes. Drones makes it sound like it's a weaponized, autonomous craft weighing hundreds of pounds.

The only problem with that request is that today a percentage of hobbyist drones ARE autonomous craft in the 100+ pound class.

Limiting our discussion to one subset of aircraft (the small RC planes) would not allow for fully addressing the actual problem at hand, in that any/all unauthorized aircraft should NOT be in no-fly zones, and most certainly should not be in obviously dangerous areas such as over a forest fire where there is no justification or excuse for not assuming it would be a no-fly zone at that point in time.

And while no they are not specifically weaponized, in the sense of adding specific payloads to drop.
But similar to controlling a 2000+ pound car in and of itself can be used as a weapon, so too can the medium to heavier drones.
The point being that even non-weaponized doesn't necessarily mean the device can't still be used in a dangerous manor.

Comment: Re:This problem needs a technical solution (Score 1) 267 267

I remember reading stories and comments on slashdot referencing the British version of the US FCC, where they utilize vans/trucks of RF tracking equipment to triangulate locations of both unlicensed transmitters as well as unlicensed receivers.

As I recall they do this due to a mandatory "TV tax" type of thing on the receiver side, but more akin to preventing interference on the transmitting side very much in line with our FCC rules already.

Perhaps such methods and technology could be used to track down the drone operators and fix the problem at the source.

Of course this wouldn't necessarily at all help against autonomous drones or a coordinated attack situation like you described, but so far as the "toy drone" operators being assholes I think it would be quite effective.

I'm less familiar with the methods used to track down a receiver (I must admit I wouldn't have thought that even possible) but if that works as implied too it may also be helpful as one additional method to locate drones already out in the area.

As someone mentioned jamming the RF bands toy drones used would work well in keeping out drones that weren't already in the no-fly zone, tracking their receivers would fill in the other side of that problem for drones already there.

Also as someone who is a "toy drone" operator that isn't an asshole, I too would rather see the assholes in question be dealt with directly without having to force the issue of regulation.
Obviously a regulation like "don't fly in the fire fighters no-fly zone" (which we already have) are fine.
But past experience implies any new regulations will be even more restrictive than is needed, and is likely to put extra and needless burden on all of us non-asshole drone operators.

This is exactly why we can't have nice things. And fuck these people for ruining things for the rest of us.

That's why tracking down the asshole operators would be the better option of the two.
A fine to cover the $10000 in damages plus enough extra to make them think twice about their asshole ways is completely justified.

It is also only a matter of time before one of these assholes ends up resulting in the loss of human life.
Of course manslaughter charges and jail time are perfectly fitting as an after-the-fact response, but it would obviously be much preferred to not have that situation in the first place.

Comment: Re: This will do WONDERS for Yahoo's image! (Score 2) 328 328

One thing I did that helped was push out a program called UnChecky (Google it, or just add dot com for their site) to our domain.

They maintain a list of installers that do the default-on bullshit options, and when one of those installers is run it uses UI automation calls to turn off all the bundled offers.

I think it is/was more targeted at end-users that hammer the OK/next buttons until things go away, but with the event of updater software silently installing bundled crap it is easy for even a seasoned vet to fall into this trap since there is little to no indication of what the installer is doing.

May be an option to look into adding to ye ole toolbox.

Comment: Re:So what? (Score 1) 528 528

By your logic, the robber politely asking you to hand over your wallet while pointing a gun at you is not using "force" unless they touch you. I disagree with your assessment of "force".

Not at all. Once you point the gun at someone, that is force.
NOT pointing a gun at someone and doing the same would be implied force, which still qualifies.

Asking the town hall to make a new law, to which the town hall says NO, and no one comes to any bodily harm nor has a gun pointed at them afterwards however - is not force.

Are you claiming these 40 new arrivals are pointing guns at people or the equivalent?
Are they even threatening violence?

I saw nothing even close to that in the article. No threats implied or otherwise were reported on. No guns were reported to be in use.
Nothing but the normal town hall processes that is democracy.

I never cheated an honest man, only rascals. They wanted something for nothing. I gave them nothing for something. -- Joseph "Yellow Kid" Weil