Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Back for a limited time - Get 15% off sitewide on Slashdot Deals with coupon code "BLACKFRIDAY" (some exclusions apply)". ×

Comment If your end users will run 24hours (Score 1) 114

If your end users will need to run 24 hours a day you will need to test 24 hours a day.

We have number of little (Linux of course) boxes using 3G USB modems here in Sweden, and have discovered that Telia does all sorts of maintenance at night and at weekends.

Furthermore the latency (as measured by ping) varies quite a bit depending on time of day, i.e. when the local farmers are downloading their porn.

Another thing we've come across is that the versions of the USB modems changes with great frequency! Which of course means when they break you have to be very careful who changes them.

Good luck!

Comment Re:Article needs a course in experimental design (Score 1) 96

The guy doesn't need to prove causation to give up coffee, he just needs to show strong correlation with what he want's to achieve an giving up coffee. The actual, physical cause may be interesting to find but is not what the guy is aiming for -- he just wants to concentrate better. In many cases correlation provides a very good proxy for causation.

Comment Chaos is their Plan (Score 1) 1

These confrontations were deliberately constructed to advance a military/police state agenda.

Much like the laughable "Islamic terror cells" that have been netted in the past 7 years, these groups and individuals were cultivated through informants, covert operatives and provocateurs. Look deeply into McVeigh and you find that he was steered all the way. I won't go deeply into the matter of the number of explosions, and their directions in the Murrah building. That degrades into pointless arguments - but the Ryder truck cannot be simulated to produce such destruction in any reasonable model.

Evidence of crypto/para-governmental involvement in the creation of these "radical" movements and "terror" plotters is relatively commonplace - and just as easily dismissed. Data that does not fit the determined model is discarded, or given impossible explanation to support that model view. This is usually done by the same people who will cite "Occam's Razor" as an appropriate discriminatory tool to evaluate political and economic behavior.

Look at the Nick Berg / Zacarias Moussaoui "coincidence". http://edition.cnn.com/2004/US/Northeast/05/13/berg.encounter/ The kid and his Dad were on company payroll. ZM was a paid dupe, too. There are other explanations - but none that does not torture the imagination. The deeper you look - fake Zarqawi, connection to the UK mosque with Richard Reid... There is a web of connections exposed - but not those of Islamic terror cells. This is the footprint of a big false-flag operation, involving coordinated black-ops.

You can't pull on any one of the threads, without beginning the unraveling the whole sweater. That's why Americans are kept, simultaneously, the most "informed" , "entertained" and functionally ignorant people on earth. American Idol and Tiger Woods trump all. Obama is a Liberal. Whatever.

This was done in the '60's. COINTELPRO is almost a trope, now. But GLADIO in Europe goes back to the end of WWII - that created the "Red Brigades" in Italy as a provocateur faction. They went so far as to kill a Prime Minister - to justify right-wing government and continued NATO participation.

Domestically, do you remember MOVE in Philadelphia? They were no more dangerous to any than themselves. The Abu-Jamal set-up is transparent to anyone willing to examine actual evidence, rather than Police/DA pronouncements. MOVE were smeared with propaganda, subjected to lies from informants, and finally bombed from the air - in the middle of an American city!



And that, the message reads, is how we deal with alternative community structures that break dependence from their masters.

Comment Re:Red light cameras in St. Louis, Missouri (Score 1) 976

This is essentially how it is in Athens, GA. My wife (several times, unfortunately) got tagged by one of the 4 red light cams in Athens. The letter (no video, or link to video... just a Print Page from IE, completely with a URL at the bottom) showing 2 pictures of her van. The "ticket" was for me to pay the $75 fine, as the van is in my name. She forgot to pay it, and called the courthouse to see what would happen. The person there said "nothing will happen, wont go on your record, no warrants will ever be issued... you will just keep getting letters to pay".

They dont even report to credit agencies there, as there's no clear way to tell who's driving... so they'll just send you monthly letters saying "PAY ME Or or or.. I'll tell you to pay me again!"

Comment It's the lack of markup (Score 1) 511

Paper allows markup, and so does papyrus. Clay tablets do as well, until they are dry or fired in a kiln.

Paperless "documents" can be made to support markup. Ted Nelson was talking about it in the 1960s. It's his inability to ship product (like Babbage before him) that kept his vision from being popularized.

When TBL got around to building the first web servers, and there arose a need for formatting, the term HTML got picked. The world was done a great disservice by the term HTML, which doesn't allow markup of text, let alone hypertext.

HTML has effectively banned discussion of old school markup, because for a large portion of cases, people didn't really need markup, they just wanted formatting, so they went along with the term. Anyone who wanted old school markup just had to lump it, because the programmers didn't think it necessary, and thus the code to implement it never happened.

It's the effective banning of the concept because everyone now thinks exclusively as formatting internal to original source material that makes it almost impossible to even discuss adding markup on top of existing hypertext by a second or more parties.

We need markup. The old school kind, and its this deficiency that makes paper so bloody useful even now.

Google hates linguistic forking, and actively suppresses it by it's very nature. This means HTML will never be about markup, and we'll have to invent some new way of talking about it.

So here we are, 40 years after Ted Nelson, and we still use paper when we need markup.

Comment Re:At least one byte (Score 2, Interesting) 410

You can't detect known malware that way if it virtualizes the computer, because you will only scan for the memory the malware is willing to show you.

Ah, there's where the bit about "knowing how much RAM you have" matters.

The virus has three choices:
1) Be overwritten, thus being eliminated (and showing you all of the RAM in your system.)
2) Swap part of what you're writing to disk.
3) Present less RAM than you actually have.

If you know how much RAM you have, you can detect choice 3.
If you can detect latency between secondary storage and RAM, you can dectect choid 2.
If the virus doesn't mind disappearing for the rest of the computer's runtime, you can mitigate damage via choice 1.

Now you may not know what kind of malware is on your computer, but you know that something is there.

Comment Re:Meh (Score 1) 439

I'm not sure which part of Australia you're in, but my parents out west just used the government rebate to put solar panels on their roof for under 1k. They'll pay for themselves in a couple of years. (Cue the libertarian to tell me that they paid for the rest with taxes.)

In a related topic, I just had the idea that if you could make solar panels solid enough to stand on, you could make flooring out of them, so the light that comes out of your lightbulbs but doesn't land on something you're trying to look at gets 'recycled.' Yes, I know it's probably not practical.

Comment Re:hi, let me introduce you to the year 2010 (Score 1) 321

I have a Windows server that runs a service that integrates our PBX with our applications. When we were in the design phase of setting up the system, I had a conversation with the reseller about availablity. It went like this:

Me: Can we run it on a VMware HA cluster?
Them: Nope, not supported.
Me: Really, even though this is a software-only solution?
Them: Really, nope.
Me: Can we run it on MS Cluster Server?
Them: Nope.
Me: Can we buy two of them for failover purposes?
Them: Nope, only one instance can be registered with the PBX.
Me: Can we buy a second piece of hardware and install the software on it as a cold spare?
Them: Nope, it will miss calling home and de-activate itself.
Me: Can we keep the second sever running all the time and pay for a second license?
Them: Nope, vendor will only sell one software license per PBX.
Me: What do we do when it eventually fails?
Them: Best possible plan -- back it up regularly. When it fails, restore it to a new server and give us a call. We'll be there within four hours to begin the process of reinstalling the licenses. Best possible recovery time from failure is about six hours. BTW, we are a call center and will have to shut down for a day when this happens.

PS, "Them" is one of the largest PBX vendors in the world. The software costs about $2000 a seat. This is the single most expensive and mission critcal piece of vendor software we use. It cannot be installed in a fault-tolerate manner.

Comment Re:Sure... (Score 2, Interesting) 460

While the USB memory key (in this example) could have low level software to snoop your data, how are they going to get it? Is the USB key going to open a TCP/IP or UDP connection back to their servers without tripping my firewall that a new application is trying to connect? Is my virus scanner going to get tripped that something suspicious is coming out of the key without my interaction?

Just because the cases are not obvious doesn't mean there is no potential for exploit.

Keyboards get a lot of raw sensitive data: usernames and passwords, often even accompanied with the direct URLs where the credentials apply. Now, the keyboard obviously wouldn't be able to open a TCP/IP or UDP connection to upload the data, but it could sneak time-encoded hints about pre-recorded data into your typing. While you type, the keyboard firmware could impose miniature delays that would go unnoticed by the human eye, but would in turn influence the timing of packets sent by an SSH session. Such an attack wouldn't necessitate decrypting the SSH session and it would go completely unnoticed through all your Intrusion Detection Systems and firewalls. The practicality of such an attack can be questioned, but it demonstrates non-obvious applications.

The closest equivalent I can think of for a USB memory dongle would be firmware that could recognize, say, JPEG images in FAT file systems. Any information the firmware recognizes as interesting could be steganographically watermarked into your images by the time you pull them off the dongle. In such a case, any image you upload online that came from that dongle could contain sensitive information and you'd have no idea you uploaded it.

Comment Re:We got hit by this (Score 1) 144

Sigh, yes, we do have mod_php and mod_python in the same server. Although I had a problem combining the two on another site (also a Django site, but with an osCommerce store (and, no, I didn't anything to do with that piece of crap)) and it turned out to be a problem with shared MD5 libraries (if memory serves, this was almost 3 years ago). Here I'm running it just because I like phpMyAdmin.

Now you've made me feel lazy and bad and I hope you're happy with yourself. Maybe I'll run an alternate Apache with mod_php, but only when I'm doing DB reorganization. Sigh.

I hate this shit.

How many Bavarian Illuminati does it take to screw in a lightbulb? Three: one to screw it in, and one to confuse the issue.