Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×

Comment: Re:Redmine is good (Score 2) 144

by PetiePooo (#49243021) Attached to: Ask Slashdot: Issue Tracker For Non-Engineers?
Agreed.

While Redmine definitely has plenty of plugins and features for "agilism," it's easy to bypass or ignore them. It also allows SSO for Windows users with fallback to user+password, sends change and assignment notices by email, and has a Wiki built in. You can auto-create recurring issues if that's needed (think assigned weekly/monthly tasks), and there's a knowledge-base plugin that we've also found useful. It is project centered, where you can assign subsets of users to projects when they're created, and archive cancelled or completed projects to remove clutter.

Comment: Re:Why Force Your Children to Live in the Past? (Score 1) 734

by PetiePooo (#49197097) Attached to: Ask Slashdot: Should I Let My Kids Become American Citizens?
Obligatory The Newsroom opening sequence

I think every U.S. politician should watch this at least once a week, both during session and during their fundraising runs.

Returning to the topic, it sounds like you have until they turn 18 to make that decision. By then, they can consider all the pros and cons and make their own decision, right?

Comment: Re:Polycom (Score 1) 95

by PetiePooo (#49176149) Attached to: Ask Slashdot: Wireless Microphone For Stand-up Meetings?
The Jabra Speak 410 is also an excellent USB speakerphone with feedback suppression. Works well with Lync on Windows or Mac, in my personal experience. This would require someone bringing their laptop into the conference room just to run the VoIP app of your choice, though, but is likely to be a cheaper solution than any Polycom phone.

Comment: Re: file transfer (Score 1) 466

by PetiePooo (#49146579) Attached to: Ask Slashdot: Old PC File Transfer Problem

I'd be surprised if the drive even spins though. Most of the time when I go to try ancient hardware, the drives don't spin, or spin enough, even though the owner remembers that it was working when they shut it off.

I've heard the fix for that is to spin the entire drive while applying power; kind of nudge it along the platter's axis to get the bearings unstuck. It involves "open-case surgery," where you have the drive out of the case and free to move while you first apply power. Once it starts spinning, you'll want to power down and reinstall into the case so you don't knock it around while it's operating and damage it further.

Comment: Re:What are the actual risks to your network? (Score 1) 114

by PetiePooo (#49090337) Attached to: Duplicate SSH Keys Put Tens of Thousands of Home Routers At Risk

OK, this is clearly a bad thing, but I don't think it means that your private LAN is immediately accessible to people all over the world does it? Multiple routers using the same keys means you could be tricked into logging in to someone else's router without knowing, but that would still require some way of directing your traffic to the impostor's device to begin with, such as DNS hijacking.

Finally, a breath of sanity... Thank you, nuckfuts! A shame this is the bottom thread in the post.. at least when I got here.

There is a huge difference between a host key and a user key. These consumer devices all share the same host key, which is only used by the client to verify that the host you're connecting to is the host you think you're connecting to. This is the key in /etc/ssh/ssh_host_rsa_key for those with access to a Linux shell, and is never encrypted or password protected. How do I know this? Because there's no way to determine what user keys are in a host's authorized_keys file with just an unauthenticated connection. However, when a client connects, the server always sends the host's public key along with a challenge signed by the host's private key.

The host key is only ever used for authentication, never for authorization, which is to say it identifies the server you're connecting to, but in no way grants any privilege to access it. The only risk here that I can think of is a MITM attack. Since the host key is well known, someone could fiddle with your DNS or local ARP tables and make a victim connect to their evil server without the scary "MAY HAVE BEEN COMPROMISED!!!" warning you get when the destination host key doesn't match what's in the known_hosts file.

If someone can paint a more frightening scenario (based on known host keys, not user keys), I'd like to hear it. If you don't understand the difference, don't bother trying.

Comment: That sounds cheap (Score 2) 38

I'm sure it's commercially viable, easy and cheap to do. We'll see this in real world applications in about 2 years if all goes well.

NOT!

But good luck with it. This is the kind of breakthrough that may one day lead to viable quantum computers, teleportation, and other things that are relegated to the SyFy channel for now.

Comment: Re: Verifying a message vs. its contents (Score 1) 480

by PetiePooo (#48857327) Attached to: How Bitcoin Could Be Key To Online Voting
So the boss came to you with the offer, and you, being the weasel that you are, accepted. Conversely, he didn't go to the guy in the next cubicle, so he knows nothing about this, right? That's a messed up place to work. The guy in the next cubicle should find a place that's not full of weasels and let you and your boss dig your own holes.
Not to mention that it's a good opportunity to strengthen whistleblower protections so that you can roll on your weasel boss without fear of retribution and loss of job/position...

Comment: Re:Verifying a message vs. its contents (Score 2) 480

by PetiePooo (#48796217) Attached to: How Bitcoin Could Be Key To Online Voting

As your employer, I'm still going to need to see that full ID. Remember, you are an At Will Employee.

As your federal government, I'm investigating claims that you are asking for your employee's voting IDs. Remember, you are subject to the laws of the federal government, and the fine for this particular infraction will surely put you out of business.

Comment: Re:Ok but that's electricity, not energy (Score 1) 488

by PetiePooo (#48369685) Attached to: Denmark Faces a Tricky Transition To 100 Percent Renewable Energy

A good AC can easily move 3-5 watts of heat for each watt of energy it requires to operate. No such luck with heating systems, they at best get you 1 watt of heat for each watt they take.

You really need to qualify that statement. You get 1 watt of heat for each watt you use... for resistive heating. Many places that need both cooling and heating don't run an A/C and an electric heater, they run a heat pump, which pumps heat either into or out of the house. Because of the heat differential, one direction may be more efficient than the other, but it is still much better than a resistive heating element

In one minute of research, comparing a 2.5 ton 13 SEER A/C to an equivalent heat pump, the ability to both heat and cool adds a little less than %20 to the price at Home Depot. Installation costs are likely identical, as they both consist of the same components. With that cost differential, an A/C + resistive heat solution is only smart for a place that only needs heat a few nights per year.

Comment: Re:Just like "free" housing solved poverty! (Score 1) 262

by PetiePooo (#48268207) Attached to: Power and Free Broadband To the People
That's what I was thinking. Comcast would no doubt complain about what a burden it is, but would ultimately agree because their lawyers found a loophole. They would then roll out a free public service that technically complies with their requirements, but is useless in actual application.

Been there before; got the t-shirt.

Comment: Re:This actally makes it an intersting product. (Score 1) 173

by PetiePooo (#47211367) Attached to: Alienware Swaps SteamOS For Windows
OP:

... when configured to boot straight into Steam Big Picture mode, the influence of the underlying OS is visible only in the larger game library.

... and the considerable additional maintenance requirements that go along with a full fledged operating system. Considering that Windows has required more frequent patches for security issues than Linux for the past few years, that's not a trivial distinction.

PP:

With Windows on it, this little machine can fulfill most of my needs for the living room / home and offers me a platform that i am already familiar with to play my games, (Steam supported or not), get some work done (Office etc) and watch movies.

While this is a valid point, it is a realization of this change in paradigm. With Windows 8.1, it is a regular desktop computer, not a gaming console. While that gives you the ability to do office work and more, it takes it out of the single-purpose, dedicated function, "appliance" category that consoles usually fall in.

With Linux running as essentially an embedded OS, it's likely that updates would be less frequent, smaller, and less crucial to it's overall suitability if skipped. As an example, how long has it been since you've updated your smart TV or DVR as opposed to your desktop or laptop?

Comment: Re:Wrong paradigm here (Score 1) 187

by PetiePooo (#46671873) Attached to: Ask Slashdot: User-Friendly Firewall For a Brand-New Linux User?

Ok, seems like you're trying to do things the windows way, i.e. blocking outbound connections based which application is running. Things are not done that way on Linux. Outbound connections are open and most of us are fine with it.

The Window Firewall, the original BlackIce for Windows, and AVG as well, I believe, all fall in the category of Application Firewalls, as they base their actions with knowledge of the application holding the IP connection endpoint. IPtables is a Stateful Firewall, so named because it relies solely on the connection's state, without regard to the application at the sending or receiving end of the connection.

The Application Firewall link above actually does have some suggestions about how such things can be handled on Linux using utilities others have described. Mandatory Access Control tools such as SELinux and grsecurity can allow or deny access to resources (such as the network interface) to applications, but I don't believe they have fine-grained controls for conditional access based on IPs or ports.

None of these are as easy to use as AVG for Windows is.. (This could be the new definition of "understatement!") In fact, I would like to think I know Linux quite well, have used it as a desktop and server platform for years, have written patches for kernel modules, and can configure a solid IPtables firewall ruleset from scratch, but AppArmor and SELinux still scare me...

There's a link here describing how to mark packets based on an application's uid (user). This might be a basis for controlling permissions per app, but you're talking about a very complex IPtables ruleset. Definitely not for someone only two days into their Linux journey.

Behind every great computer sits a skinny little geek.

Working...