Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).


Comment: Re:VNC over SSH tunnels, public keys, no root logi (Score 5, Interesting) 126

by Slashcrap (#39349679) Attached to: Microsoft: RDP Vulnerability Should Be Patched Immediately

Gee, I manage my cloud over SSH tunnels. Authentication is done with public/private key pairs. No SSH root user login. In the rare cases that I need a GUI, it's VNC over an SSH tunnel.

Any other ports?

It's tunnels. All the way down.

Yeah, it sure is unfortunate that you can't do exactly the same thing with RDP. And MS should definitely think of adding IPSEC support one of these days (yes, I know). Of course people are probably less likely to bother, since unless you're French, RDP is fully encrypted (standard VNC only encrypts the password) and talking of passwords it allows them to be more than 8 characters long. You can even have a username too, if you use the right version and configure PAM (joke - there is no right version for that because it's a terrible idea security wise). It has also never had a bug where the client could tell the server it didn't support any of its authentication schemes and so the server simply let it connect without authentication.

In fact this is the first time I've heard of a potential serious vulnerability in Remote Desktop, so frankly this is not the area to be smug about.

Anyway this is a bit too MS positive for my liking, so I'll just add that TurboVNC + VirtualGL + VirtualBox = one fucking awesome free VDI implementation. Add SSH, OpenVPN or IPSEC to taste if you want (although VirtualGL handles SSH itself transparently if you want). Actually for remote admin purposes you only need the 1st part (unless it's a bunch of 3D workstations you're supporting). And possibly a new hobby to use to soak up all the time you used to waste waiting for the screen to refresh. I would also mention FreeNX, but a) I think it gets outperformed by the above and b) I am fucked if I'm setting that damned thing up again just to verify.

Oh yeah, one more neat trick - Virtualbox can run in headless mode on a box with no GUI (or with one, doesn't matter). In this mode it serves up the VM display using an extended version of RDP. The great thing is this doesn't just apply to Windows VMs - it can serve any OS it can run over RDP. Watch the look on your colleague's faces as you get them to fire up MSTSC and connect straight into Ubuntu. Or OS2, OSX, Win 3.1 etc.. etc.. You can even dump them into an EFI shell or the virtual BIOS. Literally minutes of laughs to be had. Oh yeah, you may need the non-open source extension pack for that. Also they're adding VNC in the next release. I have no fucking idea why.

And no, I have no idea why you're not allowed to use RDP encryption in France. I have no idea why they're not allowed to use deoderant either, come to think of it.

Comment: Re:How can they tell its tidally locked? (Score 1) 575

by Slashcrap (#33745186) Attached to: Earth-Like Planet That Could Sustain Life Found

People are making lots of stupid posts today.

Yes, a lot of them don't seem to be able to write unambiguously. If that many people think you were saying one thing when you meant another, it's generally you that fucked up. Hope this helps. If you say someone has a lifetime of 75 years (about the average for the US) and don't mention that they're 12 years old, you probably shouldn't get angry when people ask what the fuck you're talking about.

Comment: Re:No problem... (Score 1) 470

by Slashcrap (#33684838) Attached to: China Embargos Rare Earth Exports To Japan

Similarly, I think the US should hold off on oil extraction until the other nations have started to exhaust their supplies. Once the prices start to rise, only then should we tap our reserves.

Unfortunately "once the prices start to rise" will be the very second your retarded plan is put into action, you fucking Yankee cretin.

Comment: Re:Um.. (Score 0, Troll) 195

by Slashcrap (#33597486) Attached to: Data Deduplication Comparative Review

Yeah! To fight dupes I compute CRC checksum for each file and store it (and only it) on my back up drive. That method removes dupes almost automatically and there is a side effect of a huge compression ratio too. I have been downloading the high def videos from Internet for quite a while now and with my compression method I have used less than 10 percent of 1GB flash drive! I strongly recommend this method to everyone!

You only actually need one bit. The "I'm not fucking funny and this is the 5th time I've seen the same fucking joke in the same article bit". I call it the "twat" bit.

Comment: Re:De-Dupe on Linux? (Score 1) 195

by Slashcrap (#33597478) Attached to: Data Deduplication Comparative Review

Instead of working full-bore on The Next Great FS, it would be really nice to have compression, encryption, deduplication, shadow copies, and idle optimization running in EXT4.

Maybe I'm just jaded, but I've been a Linux user for 12 years now. Sometimes it feels like the names of the technologies are changing, but nothing ever gets 'finished'. Maybe the NTFS/BSD model (good core design, long intervals with only minor changes) would be wise in Linux filesystem development.

So you're saying you'd like to see it evolve slowly like NTFS, while adding all these whiz-bang new features stat?

Comment: Re:Oversubscription (Score 1) 129

by Slashcrap (#33212962) Attached to: Extreme Memory Oversubscription For VMs

When can we just effectively get what we pay for? This would explain the sudden jump in Intel-based Camfrog servers with a higher offering of hardware.

This effectively means people can now lie about the hardware they're leasing out to you in a data center. They say you're getting 4GB, you're actually getting 1.5GB of RAM.

Our internet is oversubscribed, our processors are getting there, and now RAM?

When are the designers of this stuff going to just build the fucking hardware instead of trying to lie about it?

Sorry about your anger issues and obvious lack of understanding about what this is.

Comment: Re:100 Comments and No Cospiracy Theory yet! (Score 1) 178

by Slashcrap (#32843588) Attached to: Free Clock Democratizes Atomic Accuracy

There was a story a few years back about a Security researcher that determined the quartz units in every computer are unique and have different enough time drift to fingerprint the individual machine's traffic despite IP address changes, proxies or anything similar.

Does it work with TCP timestamps disabled? I'm guessing it doesn't. I always turn them off when deploying Linux servers. At the very least it's worth doing to confuse pen-testers, since it makes OS identification significantly harder. And as far as I'm aware it has roughly zero useful functions these days.

It's really easy to do - it's just a single sysctl setting. And it's even easier on Windows - you just put it behind a Linux router with the right sysctl settings.

Comment: Re:nice news (Score 1) 262

by Slashcrap (#32276810) Attached to: Microsoft Warns of Windows 7 Graphics Flaw

thank you for the info and explanation given http://crownrentcar.net/

Weren't they the Indian car rental company believed to have links to the Mumbai shootings?

FYI - This probably isn't a good place to try your SEO bullshit.

Crownrentcar, semtex, Al Quaeda, Crownrentcar, Bin Laden, Mumbai, Crownrentcar, AR-15, Echelon, Crownrentcar, 9/11, Omaha, Tamil Tigers, Crownrentcar. Does that help ya any?

Comment: Re:Oh geee is it. sounds like bullshit ... (Score 1) 283

by Slashcrap (#32276750) Attached to: NASA Finds Cause of Voyager 2 Glitch

'messing a game up while playing on a gaming platform' is not software programming.

This is the stupidest and most obviously wrong statement I think I've ever seen on the Internet, and I love to troll the forums where whackjobs like you hang out. So er, well done I guess. So wrong in so short a space, there should be a prize really.

Comment: Re:I love OpenBSD (Score 1) 143

by Slashcrap (#32276684) Attached to: OpenBSD 4.7 Released

Maybe the first was the really easy installation process...

The trouble with BSD people in general is that you can't tell if they're trolling (Theo), being trolled (80% of the BSD community are responding to obvious trolls at any one time which is why they advance so slowly,) or they actually believe what they're saying.

Maybe you're the same guy that said he was running the Linux Quake 3 under OpenBSD's Linux emulation and getting a higher framerate? This was on Slashdot quite a few years ago. It was soon pointed out that it really, really, wasn't possible to run the Linux version of Quake 3 on OpenBSD, and what's more it didn't have any 3d accelerated drivers (at the time anyway). He probably still believes that he did it though and I bet he's not the only one.

The less time planning, the more time programming.