Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?

Comment Re:saner summary. (Score 1) 113

The vendor needs to be taken to task. The vendor has security access to the data. Supposedly, the staff of the vendor should have been trained properly. Also, even if the public agency didn't disclose the breach. The vendor should have publicly disclosed the breach. It obviously didn't either.


Like many people on this site, I work in IT. I get requests for access to data all the time. Some are obvious that they should be granted (a new manager is hired and they ask for access to the management section of the file server). Some are obvious they shouldn't be granted (an engineer asks for access to our controlled documents, which by company policy are restricted to only 2 people [uncontrolled versions are available to larger groups]). Some are less obvious. In those cases, I typically push the request up to somebody who has the authority to authorize (or reject) the request... though not the ability to grant the access.

A request asking that all employees social security numbers and birth dates be published to the public most definitely would fall in the "obvious they shouldn't be granted" category. Seriously, who thought for one second that was a good idea. If I had a request come in to put that list together for anybody, let alone public consumption, you can bet I wouldn't rush to get it done (article says it was same day turn-around). I'd run it as high up the flag pole as I could and get a top level sign-off on it... even if the message said it had been approved by the company lawyers. Somebody should have figured out that Social Security Numbers and Public Access don't go in the same sentence.

Comment Re: The Homer! (FP?) (Score 1) 417

My thoughts exactly. And they also have minute bundles you can purchase. Really? I mean outside of prepay, does anybody even use "minutes" anymore?

There is one feature that appeals to me: the ability to do Remote Start via the app. But it's not available on my model year and definitely not worth $200/yr.

Comment Re: The Homer! (FP?) (Score 1) 417

My Fusion is a 2011 with the old 2 line display. No touch screen, so all my sources are physical buttons (well, kinda... there's an "Aux" button that has the USB, 1/8" jack, and Bluetooth Audio in it).

Do you find that Sync Services has any value? It just seems odd to me that they couldn't have found a better way to communicate with the system than using your phone as a modem, thus requiring a subscription service. I'm not really into that side of things, but couldn't they have used Bluetooth to transfer the required information?

Comment Re: The Homer! (FP?) (Score 1) 417

My other vehicle is a Ford Fusion. It has the Microsoft Sync system built in, though similar to your Mazda, it also has Sirius radio. I bought this vehicle used, but Sirius/XM was nice enough to include a 3 month free trial for me (like you said, to try to hook me... and to get my contact info). I used the 3 month trial which also happened to be football season. I actually did enjoy the talk stations from time to time and did like being able to tune in a game when I wasn't at home to watch it. But, as you said, nowhere near worth the price they want for it. I still get calls and letters from time to time offering me a "great" introductory rate. I ignore them all.

I recently took a trip to Canada. I had the thought that it would have been nice to start a trial as I was pulling out of the driveway (I wasn't ever going to be more than 50 miles from the US/Canada border ... down in the area next to Michigan ... so I'm assuming I would still be able to pick up service. I hadn't set it up, though, so I had to think of other solutions. So I just loaded up Pandora on my phone and blue-tooth streamed it until I got to the border. Then played the music that was stored on the phone. Way cheaper, and streaming Pandora avoided the stagnant music issue I would have had just playing music from my phone the whole trip (not to mention International roaming rates).

Unfortunately, my car does have a physical button for Sirius, but it's only one button in the mix of a whole slew of others, so I can ignore it.

My GM vehicle (an Acadia) does also have XM in it, but like your Mazada it's a touch screen so the vast majority of the time, the "XM" isn't even displayed anywhere... just those darned OnStar buttons.

Comment Re: The Homer! (FP?) (Score 3, Insightful) 417

And in general "concierge services" fail.

I've gotta believe that this concierge service is mostly GM's OnStar. I think the biggest surprise for me in the statistic that 43% of the people never use it is that 57% have. Though I guess just trying it out one time to see how it works would no longer qualify you for the "never used it" category.

The simple fact is that most people don't want to be hit with a $100 (lowest tier paid annually) to $420 (highest plan paid monthly) per year bill on top of their car payment*. I have a vehicle that has OnStar built into it and I would much rather rip the whole thing out (including the buttons they spread through-out the car) and replace it with a simple BlueTooth connection to the stereo.

* https://www.onstar.com/us/en/p...

Comment Re:Dictionary? (Score 1) 157

My question is, how does this apply to DenyHosts?

My guess would be that I'm still safe... try root at all, instant ban. Try an invalid account, grace one time (even I make a typo sometimes). Try a valid account more than 3 times? Banned. Unless, of course, this attack somehow bypasses the mechanism DenyHosts uses to detect those invalid logins... but I don't know that I saw enough information in the article to answer that question.

Comment Re:Learn jQuery (Score 1) 126

So what does it do?

$ is just an alias to the jQuery object (so, as I recall, $.bind() is equivalent to jQuery.bind()...) which would mean that $.bind() is not the right answer (without even using the fact that you asked the question as a hint to what the answer is).

Comment Re:Oddly enough, I support this because... (Score 1) 272

The utility generates at wholesale prices, and then they are forced to buy it back at retail prices. In a way it costs the utility twice, once in lost revenue (arguable as conservation, agreed) and twice in paying more for power than they would when generating it alone.

That is some bad math. They are turning around and selling it at the same price they paid for it. That's not a loss, that's break even.

That may sound logical, but it's not. Changing the amount of energy being generated at any given moment is a very difficult thing to do. Because of that, the utility very rarely sells everything that it generates. They make up for the lost electricity by in the difference between wholesale and retail pricing. There are a lot of other things that are also wrapped up in that cost difference (salaries for all of their employees from the CEO down to the meter reader, maintenance costs for the lines, substations, the transformer on the pole outside your house, future and/or past CAPEX projects, etc). Even if you ignore all those other costs and pretend like they don't exist, the difference between what is generated and what can be sold results in a loss when they have to buy it for the same price they're selling it.

I'm all for saying that the utility should be forced to buy excess power generated by the solar panels. But it does seem that purchasing that power at wholesale would be more fair.

And, while we are at it, have you checked the rates for commercial customers versus residential? Commercial gets a significant discount in price over residential. Fix that outright subsidy before coming after subsidies that pay for the development of cleaner forms of energy.

Have you checked the price of toilet paper at Sam's club vs the local grocery store? Any time you buy in bulk you get a discount.

Comment Re:carsickness (Score 5, Insightful) 435

People who get car sick need windows. Nuff said.

Pretty much. Did passenger cars in trains need windows? Do airplanes need windows? Do houses need windows?

Obviously the windows in today's cars need to provide a LOT of visibility so the driver can see as much as possible. But taking away a driver's need to see doesn't take a way the need for windows.

I honestly can't believe this is even a question.

Comment Re:In other words. (Score 1) 77

Couple that with this statement:

After the deal, Comcast's franchises in those areas would be transferred to GreatLand.

And it looks like Comcast is writing checks they don't even have to cash. They'll provide the "free" cable until the merger goes through, then it becomes the burdon of GreatLand Connections.

Comment Re:Meh (Score 1) 245

Wrong. Most MTAs (for a long time now) will attempt TLS if available.

Not really wrong... more like right. Heck, you even validated what he said when you qualified your statement with if available... if it's not available, it will simply send it in plain text. It won't notify you. It won't notify the next person down the line, etc. Neither you nor your recipient will have any way to know if the message was transmitted at some point in plain text. And it's a guarantee that it sat on every mail server it touched unencrypted.

Therefore, the safe option is to assume it will not be encrypted at any point unless you use some kind of end-to-end encryption (X509, PGP, etc).

Comment Re: DMCA (Defamation) (Score 1) 245

No, what it is doing (to borrow the analogy from an eralier posting) is opening every letter in an evelope, putting the contents in a see-through bag and adding a new addres label.

Except that's not what it's doing. You're handing the letter to them and asking them to put it in an envelope, preferably one of those fancy ones that make it harder to see the contents, and send it. They're pretending like they don't have any of those fancy envelopes and instead putting it in a clear plastic bag. If you want it in a fancy envelope, make sure you specify that it has to be rather than that's what you'd like it to be.

Or, better yet, mask the contents yourself at the application layer rather than relying on the transport layer. X.509 and PGP are both pains, but they do work and would make this a total non-issue.

Slashdot Top Deals

Been Transferred Lately?