Forgot your password?

Comment: Re:What is MediaGoblin? (Score 2, Interesting) 22

This will probably be a very unpopular opinion, but I'm going to post it anyway.

I run a site that could be a great fit for MediaGoblin, but I'm not going to use it because it's a Python app. This rather quickly turns it into an app that requires a dedicated server. Even with cheap cloud hosting, the name of the game for smaller sites is to run several on a single instance.

I get that developers often use the language they like, and a lot of developers like Python. The commodity hosting world is still ruled by PHP.

Best of luck with it!

Comment: Re:Web sites? End users? (Score 1) 188

by Squash (#46791283) Attached to: Heartbleed Sparks 'Responsible' Disclosure Debate

This is really the only point that matters in this whole discussion: Is it fair for someone to have this information before someone else. The answer isn't a simple as the question.

If you ask me, I would want to have full immediate disclosure. The suggestion that the person reporting the bug is the first person to have found it is absurd. Black Hat interests are actively looking for these kinds of problems, and finding them is how they make a living. Forget corporations, Governments are the ones who will pay top dollar for undisclosed exploits, and something like this (enabled by default, invisible in system logs, and in software deployed so widely!) would be worth a fortune. Improperly calculating data size is the cause of nearly all of these types of bugs, so you can really save a lot of tie just examinig the lead-up to function calls that include a size parameter (memcpy() was used in heartbleed, but is just one of a group of standard C functions that you would hotlist.). But we're drifting a bit.

Heartbleed has two classes of victims: Application Vendors (include web site owners) and Application Users (including average Joe with a web browser). Is it fair that Vendors would get advanced notice to patch their systems before Users even know a problem exists? Furthermore, is it fair that only a select group of Vendors would be given that notice? I don't really believe so.

I can see how the entity who discovered the issue would selfishly patch their own systems before releasing it. I get it. But the responsible thing to do after that has got to be disclosing to the upstream vendor. Is 11 days the length of time it took to update Google's entire infrastructure? They're a strange beast, and that would be quite impressive if so, particularly on non-linux systems where package management/creation is a little less friendly. Either way, given their size, I can't honestly fault them for 11 day disclosure to OpenSSL. I can fault them for disclosing to their friends first.

Comment: Re:No place for 'almost', 'not quite' and 'nearly' (Score 2) 423

by Squash (#46399785) Attached to: RadioShack To Close 1,100 Stores

Radio Shack used to be a pretty awesome place. Back in the 8 personal computer revolution, they were for sure a force to be reckoned with. Compared to the other guys at the time, they were the only ones who had their own retail distribution channel. They had a variety of models with different capabilities (and little cross-compatibility!), and was a great little shop to visit when you're a nerd kid in the 80s. Beyond computers, they had a "Battery Club" where you would get a free battery every month!

They also had walls of common electronics components... 555 timers, resistors in exactly the impedance you needed, prototype boards, power supplies, lcd numeric displays... Completed products were the exception, components were the rule. Not to mention educational materials and experiment kits!

Talking about how things were better "back then" can be cliche, but sometimes it's true.

Comment: Re:BitCoin has complete record of transactions. (Score 1) 115

Well, 2 notes to this.

First, Satoshi described a method for full validating nodes to purge old data, briefly described here:
This allows most nodes to operate with a reduced data set, yet still fully participate.

Second, most users don't need to keep their own copy of the full blockchain, and can use a lightweight client such as Electrum instead. Initial sync time goes from hours to about a minute.

Before you balk too much on the size of the transaction history, consider how much data Visa is storing to achieve similar goals. Do you think they have ever deleted a transaction record?

Comment: Re:Muckraking and FUD, move along, nothing to see. (Score 3, Informative) 115

Well, let's correct a few things there.

First, while there is a maximum of 21 million BTC that can be mined, each BTC is divisible to the 8th decimal place. Think of the Bitcoin as a 1 million dollar bill, and you can still break it into pennies. The "maximum number" is hardly more relevant than the amount of trees in the world that can be milled into paper currency before they "run out".

Second, the suggestion that BTC users would feel threatened by something like Amazon Coin is quite a dubious claim. The only real similarity they have is the use of the word "coin" in the name. Calling it a "competing currency" is just false equivalence.

Likewise, the "altcoins" such as litecoin and dogecoin provide many (or all) of the same features as BTC, but are more complimentary than competitive. R&D being put into one can benefit the others, and markets exist to easy convert between them. The ecosystem makes it very easy to participate, hardly what you would get from groups of people "attacking" each other. Trying different takes on the cryptocurrency process, putting theories through their paces, will ultimately make for a stronger ecosystem.

Finally, speculative value. Accept that this is a reality, and pretty much universal. Fiat currencies are based on speculative value as much as bitcoin is, the difference is that the fiat is more widespread thus the value tends to shift much more slowly. You accept a $20 with the speculative assumption that you can trade it later for something of equal value. Because it tends to have a lower volatility, this is considered a low risk assumption. Ask a Russian over 35 or so how that isn't necessarily true. Similarly, the USD has shown its own volatility, which has been overall quite negative, losing 95% of its value in the last 100 years.

Comment: Re:the cloud killed hosting providers (Score 1) 178

by Squash (#45259509) Attached to: Ask Slashdot: Where Are the Complete Hosting Providers?

If there were demand for it, there would be service offerings for it. Hosting companies (excluding the Bulk providers) tend to listen to their customers. When one customer asks for something, it's a one-off. If two do it, it's an odd coincidence. If 3 do it, it's on the list of services that you offer.

Comment: Re:the cloud killed hosting providers (Score 2) 178

by Squash (#45259281) Attached to: Ask Slashdot: Where Are the Complete Hosting Providers?

Absolutely. For business who actually have to compete (aka not your local cable provider!), you group services together that people *want* to buy together. Businesses who use hosting providers (meaning small to medium businesses who don't have the IT presence to handle it internally) by and large need the exact package of dns, web, and email. Some need an extra service here and there, and I'm happy to provide them, but almost everyone needs those three. Adding services to that would increase the cost to provide them, which would increase the cost to customers, and they don't like to pay for features they don't use.

Comment: Re:the cloud killed hosting providers (Score 5, Insightful) 178

by Squash (#45257015) Attached to: Ask Slashdot: Where Are the Complete Hosting Providers?

As the owner of a hosting company, that's the same impression that i got. He's asking for a grouping of products that don't naturally group together. When people think of hosting, they think of web, mail, and dns. They generally don't think of VoIP, VPN, or XMPP, or whatever the submitter expects to receive when he asks for "public key" service. It's nonsense.

Comment: Re:Interesting (Score 1) 139

by Squash (#44839219) Attached to: Here Come the Chromebooks, As Google and Intel Cozy-Up On Haswell

I know your comment is trying to be negative, but you've simply got it wrong.

Netbooks tried to bridge the gap between tablets and PCs - that is, more functionality than a tablet, more portable than a PC. I owned 2 of the Asus Eeepc series and they were great little boxes to run Linux on, that got twice the battery life of a "real" laptop, Durable little buggers, too, they're both still running as laptops for kids.

Chromebooks take that idea even farther. I'll specifically refer to the Samsung, as I feel that is the true flagship model. For $250, you get a device that's extremely light (half the weight of a "featherweight" laptop), quite thin, silent running without getting hot, excellent battery life (with a tiny, light battery), and a good screen. It's like carrying a tablet (actually lighter than some), but way more functional. Great SSH client, Chrome Remote Desktop lets you access Windows boxes, Chrome browser is of course very good, and will run just about any web app that isn't java. On top of that, you get OS updates in the background, you are never on an "old" version of ChromeOS. I don't know about you, but I've got enough general linux boxes around that I don't need my laptop to be one too.

In my mind, Samsung set the bar really high. These new Haswell chromebooks are coming closer, but they're really only better in cpu performance, and inferior in the other practical areas. Until they are able to run with passive cooling, I wouldn't bother. Not to mention a bigger screen with the same resolution as the smaller one, that only works if you're targeting sight impaired folks. With that said, I would easily own one instead of whatever garbage Best Buy has at the same price point.

When you don't know what to do, walk fast and look worried.