Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?

Comment: Re:Oblig ... (Score 1) 61

by Kjella (#48620493) Attached to: What Will Microsoft's "Embrace" of Open Source Actually Achieve?

"First they ignore you, then they ridicule you, then they fight you. Then you lose and kill yourself."
- Hitler (well, not really)

I never understood what that Gandhi quote is so popular, sure that's what a victory looks like out the rear view mirror but most defeats start just the same.

Comment: Re:Meaningless (Score 1) 109

by plover (#48619637) Attached to: Backblaze's 6 TB Hard Drive Face-Off

I'd love to be able to publish these statistics for our organization, (I'd estimate we have close to a quarter million drives in the field) but there is a big hurdle in the way: legal liability. If I was to say something negative about Western-Sea-Tachi drives, their lawyers might call our lawyers, and we could easily spend a million in court fees.

The thing I think would be interesting is that we have a completely arbitrary mix of drives, based on drive availability over the last 6 years or so. We also have a mix of different service companies who replace the drives in our workstations. Our contract is such that we don't control the brands, or even the sizes, as long as they meet or exceed our specs. As a service organization, they're responsible for picking the cheapest option for themselves. If our spec says "40 GB minimum", and they can't get anything smaller than 500GB, they'll buy those. If 1TB drives are cheaper than 500GB drives, they'll buy those. And if we're paying them $X/machine/year for service, they can do the reliability decisions on their own, so if they think some premium drives will last two years longer than stock drives, they might be able to avoid an extra service call on each machine if they spend $Y extra per drive. I expect these service organizations all have their preferred drives, but that's not data they're likely to share with their competitors on the service-contract circuit.

Comment: Re:Man, am I old ... (Score 1) 109

by plover (#48619391) Attached to: Backblaze's 6 TB Hard Drive Face-Off

I don't take pictures for "posterity", or for people who outlive me. I take pictures for me, and my family, for now. While I only have thousands of total pictures, (not 10,000 per month) I can still find the pictures I want on my hard drives. So when I die, if some future grandchild wants to trawl through those terabytes in the vain hopes of finding a good picture of a great-great-grandparent they never met, why should I care? What difference would that make to me, today, in how I choose to save or discard photos?

Comment: Re:Hot Glue Guns (Score 1) 164

by marcosdumay (#48618709) Attached to: 3D Printer?

I do own one...

does it have plastic jams the way we have paper jams? Clogged nozzles? Low "ink" or whatever the consumable is?

Yes, yes, and yes.

Driver problems? Compatibility problems between template any my printer?

Surprinzingly, those are incredibly rare (free software is awesome).

Of course, they only make any economical sense if either you take utility out of just owning one (hobbyst tinkerer) or if you use it to print stuff that isn't mass produced at all.

Comment: Re:black DNS? (Score 2) 255

by TheGratefulNet (#48617595) Attached to: Sony Leaks Reveal Hollywood Is Trying To Break DNS

uhm, regular old dotted quads (ip addrs) work fine and cannot be 'taken down' since they are not lookup based but topology based.

and even with ip alias and redirects, a dotted quad can be just about as good as a dns name. better, in some ways, since it cant' be faked like a name can, and does not require another fetch for the name->ipaddr lookup.

Comment: Re:Does the job still get done? (Score 2) 497

by Maxo-Texas (#48616871) Attached to: Economists Say Newest AI Technology Destroys More Jobs Than It Creates

If you can't trade your labor for food and people feel it's immoral to give you food, things will get very bad for a period of time.

Then, like the luddites (who saw they were screwed- requested training on the new machines and didn't get it), most of the losers will starve to death homeless and then 20 years later everyone will refer to them the way we refer to luddites today.

It's a fundamental challenge to capitalism.

In the short term- fewer jobs will mean capital requires even more hours of those who do have jobs and that means even higher unemployment.

Comment: Re:Yeah, sure, any day now... (Score 3, Insightful) 59

by Maxo-Texas (#48615341) Attached to: A Domain Registrar Is Starting a Fiber ISP To Compete With Comcast

I.e. if Comcast uses excess profits from everywhere else to provide ridiculously low priced service (aka walmart breaking into a new market until the competition goes out of business).. then Tucows can't win.

I think the lines need to be built by and maintained by one company or by the municipality and the service provided by competition.

There are good and bad points to excluding customers. It's ridiculous to run a 20 mile fiber to one person's house or even a group of five or six houses and charge them the same as everyone else. If they want cable- they should live with the rest of civilization.

OTH, left to their own devices providers will cut "less" profitable customers over "highly profitable" customers. Which doesn't work with something that is basically a public utility.

Comment: Re:It's required (Score 1) 148

by Kjella (#48615171) Attached to: Verizon "End-to-End" Encrypted Calling Includes Law Enforcement Backdoor

It was the 1960s. You were lucky to have a 300 baud modem, they wanted to save two bits by chopping the "19" off 1960 and encryption was regulated as munitions. Heck, even in the 1990s they wanted to restrict my browser to 40 bits so I didn't have "export grade" cryptography. I still hear cost for servers and battery life on clients as an argument for why sites don't move to HTTPS, The very idea to build the Internet with strong encryption by default was ridiculous on technical merits and I don't recall anyone even suggesting it so feel free to quote some sources.

Yes, MITM attacks are possible. But unlike wiretapping they're also detectable and I don't just mean in the theoretical sense. You could still use CAs to "boost" the credibility of an IP encryption key fingerprint (The CA signs my cert, I sign a message saying my IP uses fingerprint aa:bb:cc:dd:ee:ff), you can verify by proxy (connect to your server from friends/family/open wifi/proxy or ask a third party to what certificate fingerprint they see) or you can use in-band ad hoc verification. For example you're in a chat and it says at the top "finger print for this session is aa:bb:cc:dd:ee:ff" you might say "reverse it and you get ff:ee:dd:cc:bb:aa" or "third pair is a double c" or "last two are 255 in hex" as part of the conversation. Even better if it's voice communication, think they can MITM a buddy saying the fingerprint?

MITM only works if there's a protocol you can use to automatically block/filter any information about the key. For example imagine you take a photo, overlay the fingerprint semi-transparently and display it on your website. Now they have to create a very custom solution for your site to create an identical photo to replace it with. Transparent MITM in an interactive process - not just your cell phone checking your mail - is going to be really tough to do on a mass scale. It won't have the perfect theoretical characteristics, but it sure will work for most people most of the time.

Comment: They don't need no steenking warrants (Score 1) 148

by fyngyrz (#48614769) Attached to: Verizon "End-to-End" Encrypted Calling Includes Law Enforcement Backdoor

Hysteria, eh? Well, let's just drag a few facts out. Here we go:

o Straight-up misconduct

o Botched paramilitary police raid data

o Judge, jury and executioners in blue: The death penalty -- without a court

o Warrants "not required" data

o Seizure of property without warrants details

o $2.02 billion dollars in cash and property seizures for/in which no indictment was ever filed

o Other illegal horrors

Just a little information -- what we know -- showing our government at work, cavreader. Now, I don't know how you will characterize this information, but I know how I do: Directly and unequivocally indicative of a systemic breakdown of respect, regard, and understanding of liberty and justice that extends broadly across all areas of law enforcement.

Now, you want to talk nonsense about legal protections in a system where the vast majority of defendants are pressured into plea bargains against a completely uneven scale full of extra charges, almost certain financial ruin, threats of extended incarceration, and outright lies from the police and prosecutor, where the police don't have to defend anything in court -- and which can be, and at times have been, followed up by ex post facto laws increasing punishment after conviction -- fine. But don't expect me to take you seriously, because you obviously don't have even the slightest idea what you're talking about.

Comment: Re:Implementation not the technology. (Score 1) 151

by plover (#48614321) Attached to: In IT, Beware of Fad Versus Functional

When will it be learned that choosing the right methodology for a given project is the best way to go.

It comes to understanding the methodologies. What makes each effective? What are their weaknesses? Do you have enough good people who can execute them?

Waterfall is often appropriate, especially when it comes to physical world engineering, or for software products that cannot and will not be changed. Agile is great when you are committed to fully automated testing, have a committed stakeholder who is an active participant, and can deploy on demand for low cost.

But many clients now expect instant updates like they experience with their iPhone apps, and it's very difficult to deliver like that with waterfall. Agile is the answer, but for legacy projects that lack adequate testing, it's a big challenge to migrate to agile, and requires the business be put on hold while the developers clean up their technical debt. Most businesses can't afford such a shift.

Comment: Re:Who are you defending against? (Score 1) 148

by fyngyrz (#48614225) Attached to: Verizon "End-to-End" Encrypted Calling Includes Law Enforcement Backdoor

In this context a legitimate law enforcement reason means a warrant would indeed be needed.

Are you mad? They don't even insist on warrants when they can't meet the requirements of the 4th amendment, preferring to focus cluelessly upon the word "unreasonable" and ignoring the litany of probable cause, supported by oath or affirmation that were put there to explicitly define what "reasonable" is. They just break your door down, and shoot you -- and your pets.

And you think a law that doesn't even say a warrant is required will somehow stumble in its application on needing them?

I don't think you understand how the justice system works here. Or perhaps you're not from here.

Comment: Re:It's required (Score 2) 148

by fyngyrz (#48614183) Attached to: Verizon "End-to-End" Encrypted Calling Includes Law Enforcement Backdoor

What makes you think the government has a polynomial prime factoring algorithm?

What makes you think they don't? What makes you think they even need one? What makes you think they don't hire, and utilize, some of the most powerful math-heads out there? What makes you think that something that can't be broken today won't bring you to the vale of tears days, months, even years later, if that's what it takes? What makes you think they don't have, or won't have, some kind of quantum computing device that obviates encryption entirely? What makes you think they didn't log every keystroke you typed, thus making encryption a complete non-issue? Wait, what, your system is "pure"? You know they can tell what you're typing by the sound, right? Finally, what makes you think they won't come right to your home or place of business or your favorite club, hustle you into a dank basement somewhere, and waterboard you or pound your toes to mush with a hammer or actually, eventually, read your mind electronically and get what they want that way? Got any relatives you treasure? What about the recipient(s)? Now there are (at least) two points of human weakness.

And... you do know that "they" have access to quite a few technologies that "we" do not, right?

I would seriously bet on the idea that if you demonstrate you think you need to encrypt your stuff by simply doing so, all you've managed to accomplish is get on a list of "we'll get back to this suspicious character later."

Right now, if you've got something secret that you don't want the government to become aware of, just don't say it or otherwise communicate it. That's your very best chance of actually keeping it a secret. It may be your only chance.

If entropy is increasing, where is it coming from?