Follow Slashdot blog updates by subscribing to our blog RSS feed


Forgot your password?

Comment: File versioning and backup flags (Score 5, Informative) 445 445

VMS supports very elegant file versioning, which I found a very useful feature. By default, every time you open a file for write (and you modify the file) you get a new version of the file (kind of like copy on write at the file level). When you list the files in a directory, you can see all the versions of the file with the version number being an actual part of the file name(file.text;1, file.text;2). On a per file basis you can set how many versions you want to keep around and the file system will automatically purge the old versions as new ones are created. When opening a file you can specify any version you want, or if you don't specify a version you just get the latest.

The file system also supports specific backup related attributes that integrate with the backup system. This lets you specify that a file should be excluded from backup and if I recall, tracks if the file has been modified since the last backup.

Comment: Re:VMS queue manager and VMS breakin evasion (Score 4, Informative) 445 445

DCL (the VMS CLI) could also do with a major rework and enhancements.

True, but there are elements of DCL that are worth bringing forward as well - particularly the ability to define the command syntax at operating system (shell) level and bind it to programs. For those who who haven't developed under VMS, there is operating system (shell) defined syntax with which you declare what parameters, switches, options, etc. that your program desires. The syntax is robust enough to specify which options are optional, required, mutually exclusive, etc. When you build your program, you "compile" in your command syntax and at run time DCL handles syntax checking for you. Coding work for processing command line parameters is greatly reduced. You also get bonus stuff like integration to the help system and automatic shortening of non ambiguous switches.

Comment: Re:This is a GODDAMN DISASTER! (Score 4, Insightful) 178 178

How the fuck can anyone trust Bitcoin after this and the other incidents that have happened? How?

You can trust Bitcoin by learning how it works and following the proper procedures that you would if you playing with real money.

The Bitcoin system is highly resistant to "rouge" or bad actors in the system. Someone running mining software that does not follow the agreed upon rules for the system is an example of a rouge actor. When this happens the rest of the system votes down the decisions made by the rouge actors. In this case some miners were not following the system wide agreed upon protocol, generated bad data, and the rest of the system (correctly) rejected that bad data thus maintaining the integrity of the overall system as designed.

What was lost were some rewards that would normally have been paid out for operating correctly. Since the rouge actors were not operating correctly, they were not rewarded (for their invalid work). If you were hired to paint a house white and you painted it orange, would you expect to be paid? The miners did not do the work they were being paid to do. True, many miners mine within a pool and depend on the pool operator to do the right thing, but if the pool operator is not doing the right thing, it is not a flaw in Bitcoin. Lke the painting analogy, if you work for a painting company and the painting company gives you the wrong color of paint, you wouldn't expect the homeowner to pay you, if you want to get paid for your labor, your beef would be with your boss, the the homeowner.

On the transactional (non mining) side, if you are running an incomplete Bitcoin client, it is now taking longer to achieve a level of confidence that your transaction is officially as "approved" by the network. As always it is the responsibility of those making the transactions to wait an appropriate time to ensure that their transactions have been approved. This has always been the case with Bitcoin and has not changed.

Comment: How else are you going to do it? (Score 1) 244 244

If you assume that the only communication channel the company has with you is email (which is generally a pretty good assumption as multiple channels or channels that include humans are expensive), there isn't really any other choice but to send the credentials (password) in plain text.

This is not a new problem. For the entire history of secure information transmission (cryptography), one of the hardest issues to solve is the issue of initial secret (key) exchange. This problem has been around a lot longer than computers have.

To actually be secure over email you would need the end user to provide a public key when they request the password and then have the company encrypt that password with the public key. The user would then decrypt the password with their private key. This can all be done with S/MIME, but would be a pretty tall order to expect that a random user would be able to figure out how to obtain and use a personal email certificate.

You could split the password into multiple parts and send each part in a separate email or separate the account and password into different emails. These are decent options but don't really provide true security against a targeted attack (someone sniffing the network or directly accessing the email server). These do provide a reminder to the end user that security is important. I would suspect that targeted attacks are not that common.

You could try and obscure the password by making it really long garbage string or embedding it in a URL, but it still ends up being a password in plain text. These don't add any security and may instill a false sense of security.

If a second channel is not cost or support prohibitive, then a one time use text message (SMS) or automated phone message is a pretty good option.

Comment: Re:I hate and despise - but they should still be s (Score 2) 818 818

People are still able to sell or purchase a Confederate flag. It is not illegal and I have not heard any reports of the federal or state governments suggesting that is should be illegal. What we are hearing is that major retail (and online) outlets are opting not to sell it. Opting not to sell something is a similar level of "right" as is opting to sell something (that is legal to sell).

You could argue that with the consolidation of sellers (Walmart, Amazon, etc.) there are fewer purchasing choices and that the consolidated sellers have increased influence as to what is in the marketplace, but that issue goes beyond the Confederate flag and other specific goods.

Comment: Re:"Other types of electromagnetic radiation" (Score 2) 529 529

There seem to be two types of such humans: security guards for the building, who are very underpaid and unlikely to take sick days, their companies can replace them quickly. And cheeful pretty women with curves, who are still effective first contacts for making people feel welcome.


My father taught me "make friends with these people", and I *always* make friends with them and the cleaning staff. They work there, they're often treated like furniture, and they know material that the board and HR keep behind very poorly managed masks of confidentiality.

These people also typically have unbelievable levels of security accesse. They can be powerful allies.

Comment: Privacy again (Score 5, Interesting) 172 172

Well your honor, not only did the defendant purchase "How to murder your spouse", he read the page on poison techniques 37 times and only read the rest of the book twice. Since the autopsy indicates death by poison as described by the page in question, I rest my case.

Comment: Re:trim (Score 3, Interesting) 182 182

While poorly written, I think the author was suggesting that any model of SSD for which the Linux kernel has specific special handling logic should be avoided. In my opinion, it is not an unreasonable statement.

It probably is an unreasonable statement. If Linux has special logic to handle the drive, then someone else probably already had the problem and now there's a fix in so it probably won't happen to you.

Perhaps. But if the drive was broken and someone had to write special software to fix it, how can you be sure that it was fixed correctly and completely? Can you also be sure that the "fix" works for all versions of firmware on the drive? While you might be confident of these things, I would suggest that it would be better to use a drive that follows the standards and doesn't require special code to make it work right. Granted that as always, your mileage may vary -- and it could vary in either direction.

Comment: Re:trim (Score 2) 182 182

"we don't recommend anyone to use any SSD that is anyhow mentioned in a bad way by the Linux kernel"


While poorly written, I think the author was suggesting that any model of SSD for which the Linux kernel has specific special handling logic should be avoided. In my opinion, it is not an unreasonable statement.

Comment: Re:Why does this need GPS? (Score 1) 837 837

Wouldn't a simple wheel odometer work just fine for this? All you're tracking is miles traveled.

No, because that's not all you're tracking. You're tracking the miles traveled *in Oregon*. Oregon can't tax anything outside Oregon, that violates the US Constitution. So they have to prove to a reasonable standard that all the mileage they're taxing was driven in Oregon.

To add, for those who haven't looked at a map, the Portland metropolitan area, which is where the bulk of population in Oregon lives, is right on the border with Washington state. A large number of people commute and and regularly travel between Oregon and Washington. Any state level taxing solution needs to account for this.

All the simple programs have been written.