Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?

Comment Re:Banks should still roll a joint for you (Score 1) 427

Since when are banks that issue payment cards no longer willing to let a cardmember add a joint account holder?

Why would I want to become an authorized user and have her card show up on my credit report? The current system works very well.

Then perhaps that bank needs to Discover some cardmembers that aren't you.

LOL...with as much money as I've made off them? Not a chance. They've done many things to annoy me, but I've made about $2500 off them in the last 6 months alone. I can deal with separate accounts.

Very convoluted trail you are leading me down to avoid cookies.

Comment Re:Separate authentication from authorization (Score 1) 427

For simple browser tabs, I have no interest in multiple windows logins. And besides...that doesn't even address the 1 example I gave. I need to login to the same website with multiple credentials while keeping the tab open. I don't want to have to "switch user" every time I go back and forth. And I have no idea where you are going with the authorize-to-make-payments thing. To make the payments, I have to log into the bank's website with the appropriate credentials. And there's no way most banks are going to let me pay her card from my account. Hell...Discover, for example, won't even let me manage my own two cards from the same account...I need a separate online account for each card.

What does contributing browser extensions or patches accomplish? The specification itself needs to be fixed. And how do you suggest I "contrbute browser patches" to something like IE/Edge? And extensions serves no purpose, as only a minority of people install them. Even something as widespread as adblocking is only installed for something like 10% of users last time I checked.

Sorry, its just broken. Cookies, on the other hand, work perfectly fine for 99% of users. Good enough for me.

Comment Re: Basic auth or TLS client certificate (Score 1) 427

A user who is ending his or her browser session so that another user can begin a session will be closing all tabs anyway.

What? Says who? My wife and I login on the same browser all the time without closing tabs. In fact, I do this all the time when paying bills. Have one tab open with my online banking account, another tab open with my bills spreadsheet, open a 3rd tab to login to my credit card. I setup a payment to my card and log it in the spreadsheet. Logout on the 3rd tab, login to my wife's card account at the same bank, setup a payment on her card, log it in my spreadsheet. Then finally I use the online banking again to shift the necessary money between checking and saving.That's just one of many examples where we do that.

Beside that, there's just the matter of security. I'm not closing my browser because I need to keep pages open, but I want to logout of websites so that I'm no longer using. I shouldn't have to close all my tabs to do that

You're trying very hard to contrive some arrangement that makes basic authentication look like it's not utterly broken, but's utterly broken. Why do you think almost nobody uses it? Do you think nobody knows about it?

Comment Re:Density is nice, but what about longevity? (Score 1) 185

If you're buffering 30(minutes)*60(seconds per minute)*250(MBps video, which is HD-quality)=450GB...That's about 6 weeks

WTF? Where do you get that figure from? Cable TV and OTA HD broadcasts are about 8 GB per hour. Even Bluray disks at their max bitrate of 40Mbps equates to only 18GB per hour. At 450GB/30 minutes, you are talking about uncompressed HD video. Almost nobody works with that, and of those that do, I doubt very many are using it to record uncompressed HD 24/7 for 6 weeks straight. If for some reason you are doing so, I can't imagine what you'd be doing (hollywood movie studio post production or something), but I'd bet that it would probably be churning enough cash for you so that it'd be no big deal to replace your SSD every 6 weeks and just bill it to the project.

Comment Re:Density is nice, but what about longevity? (Score 1) 185

OK, so at 100TB you'd start losing total drive capacity, right? I'll assume for the moment that the drives' controller would detect dead blocks/cells during a write operation and would perform the relocation/remapping seamlessly and not lose any data. But when it suddenly 'failed' would there be any chance of recovering anything from it? Or is it just bricked at that point?

Depends on the failure mode and the drive design. Some of the Intel drives, for example, are designed so that once they reach their rated write limit, they switch themselves into read only mode (even if they haven't yet encountered their first error) until powered down, at which point they brick themselves. Pretty stupid design IMHO (why not just leave it permanently read-only to give you an extended chance to copy off the data).

Comment Re:Density is nice, but what about longevity? (Score 4, Informative) 185

The largest recording I've ever seen off of cable TV is about 8GB/hr. I know OTA broadcasts can be slightly bigger, so lets say 10GB/hr. To record that 24/7 requires about 87 TB/year.

There was a long term test of SSDs done here:

Many of the drives ended up getting close to 1 PB of writes, and the best even got over 2PB. Thats enough for you to run 2 tuners 24/7 for a decade. And note, their tests were with 250GB drives. As you increase SSD capacity, longevity increases almost linearly. If you were building a DVR, you'd probably want something like a 1TB drive.

As far as the original question of whether the SSD can outlive HDD in the most extreme application....probably at the most extreme, no. But for the vast majority of cases, including a DVR, most likely yes.

Comment Re:Basic auth or TLS client certificate (Score 1) 427

In short, I've never seen a good, clean, reliable way to link a user to a session that doesn't involve cookies. If you've got the magic solution to that, please...I'm all ears.

Have the user create a username and password and use RFC 7617 basic authentication. Or have the user create a TLS client certificate.

teach me how to logout (note: "close your browser" is not an acceptable answer) and I might stop despising basic authentication.

TLS client certificate? lol...ok, I'm sure all my users will love that. I'll get on that right away.

Apparently you didn't see where I said "good, clean"

Comment Re:Deny ALL Cookies (Score 3, Insightful) 427

Session variables. If people would use those and not just cookies. It'd be better.

And how exactly do you think session variables work? How do you link a browser to the session? Cookies!!!

Yes, I know you can put a god damn session id in the URL query string, but that's annoying, unreliable, and insecure. IF someone navigates your website for a bit, puts some stuff in the shopping cart, then just goes back to your homepage by stripping everything but the domain name off the URL...TADA!!! You've lost their session!!! Or if they jump to a different part of your website via a bookmark from a previous session...TADA!!!! You've lost their session. Or if they copy their URL and pass it to someone else/post it on a forum...TADA!!!! Someone else is now using their session (yes, you can "solve" that issue by linking the session by a secondary authentication variable like IP, but then you run the risk of having your website broken for anyone that moves between IP addresses).

In short, I've never seen a good, clean, reliable way to link a user to a session that doesn't involve cookies. If you've got the magic solution to that, please...I'm all ears.

Now if you mean websites should only use session cookies instead of persistent cookies, and the "deny all cookies" option only denied persistent cookies (does it do that already? I have no idea), then yes...that is a workable solution for most cases. Off the top of my head, I think the only thing you lose there is the ability to persist your login between browser sessions. But then again, if someone doesn't mind session cookie but dislikes persistent cookies, they could already set their browser to clear all cookies on exit or use a private browsing mode, and then all current websites would work perfectly fine.

Comment Re:Possible problems? (Score 3, Interesting) 167

2. If it's software-based, it'll be cracked and pirated within a month of release.

You would think so, wouldn't you. However, Windows Media Center is software based, and yet (as far as I know) nobody has managed to crack it to enable open source software to mimic WMC and trick the cable card devices into giving full access to the Copy Once and Copy Never content.

Comment Don't be too quick to choose a side (Score 4, Insightful) 167

Reading through the FCC's summary, I can't tell whether this is a good or a bad thing. In principle it sounds good, but certainly there's going to be some sort of certifications involved somewhere, and I doubt open source stuff like mythtv is going to be able to pass the requirements to get certified. Cable card may be less than ideal in implementation as far as open source is concerned, but at least there, if you've got a cooperating cable provider, you can access much of that content in it's digital form, which is better than the previous options of analog capture.

So the question we need to ask is whether, from an open source perspective, this is actually going to improve things for us (I'm definitely skeptical on that), keep it about the same, or make it worse.

Slashdot Top Deals

This is now. Later is later.