Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?

Comment Eating them alive (Score 1) 169 169

Well, it'll solve the problem of the system eating them alive in terms of maintenance and support. Now it'll be eating them alive in terms of development costs instead.

No, wait, they'll need to keep the legacy systems running until the new ones are running, so it'll still be eating them alive in terms of maintenance and support too.

Comment Re:wft ever dude! (Score 1) 196 196

Amusingly most home routers already support most of that. #8 isn't feasible, a router doesn't have enough of a view into the traffic to do that kind of thing in real-time. And IMO #9 is better done on the printers. My laser printer's got Ethernet and a built-in print server (actually several, for the different protocols used by different operating systems). The rest is already a standard part of the firmware most router vendors base their own on. It's just that the vendors have disabled/removed a lot of the useful bits, or at least removed any access to them in their UI. Reflash your router with stock DD-WRT and you get pretty much everything you're asking for. Even the firewall. Every device on your network may have a public IPv6 address, but that doesn't mean the firewall will let inbound traffic through to them. The stock settings on mine are to allow established/related traffic through inbound, allow DHCPv6 traffic in to the router only, allow ICMPv6 traffic, and drop everything else. The IPv6 side follows the same rules as the IPv4 side: I can connect out, but nobody else can initiate a connection in. Oh, and for #5 I wouldn't build a big switch in, you aren't going to be rate-limited by the bandwidth to the router so use one LAN port to feed a larger switch that your network hangs off of. That also removes intra-LAN traffic from the router's switch.

Supporting multiple ISPs is an intricate bit of work, but it's mostly an extension of what's done to support the current WAN port. The biggest problem is that with 2 WAN connections you need a routing daemon and it's configuration has to be coordinated with both ISPs and that's going to be a nightmare.

If you don't care about keeping power consumption to a minimum, there's a lot of fun you can have with a mini-ITX or smaller board, a managed switch and an x86_64 build of DD-WRT.

Comment Re:Slashdot crying wolf again... (Score 1) 196 196

  • fe80:: prefix, link-local address, used within the network segment for things like autoconfiguration, DHCP, DNS when the router's acting as a caching DNS server.
  • Public fixed unicast address based on the MAC address (SLAAC, except that Windows 7 and up use a random number rather than the MAC address by default) or assigned by DHCPv6.
  • One or more temporary unicast addresses, used for a limited time each for outgoing connections to help obscure your fixed address. The privacy gain here is mostly canceled out for consumers by the fact that it's one /64 per subscriber and that /64 doesn't change very often.

Comment Re:wft ever dude! (Score 1) 196 196

That was by design. Leaving 64 bits for the host address lets them use the Ethernet MAC address (the most common hardware address) as the host address, which leaves only the local network prefix needed to complete configuring the interface and that can be gotten via the Router Advertisement protocol on the known link-local network (fe80::/10). And let's see. The public unicast allocation's 2000::/3, with a few exception blocks carved out for things like 6to4 and Teredo. That's roughly 60 bits for the unique network number, or not quite 268.5 thousand 4-billion+ blocks of network addresses. 0000::/3 and e000::/3 are already in use, but that still leaves us with 5 more /3 blocks we can assign for unicast use without conflicting with anything if the 2000::/3 block runs out. So I think that even with some inefficiency that'll hold us for a good while.

Comment How? (Score 4, Insightful) 375 375

So, precisely how again do they suggest sites verify ages? It needs to at least be proof against a minor with an adult's "borrowed" credit card, and it can't require sites to violate the law. This isn't a technical problem here, it's completely independent of the technology. If these politicians want the problem solved, they need to spend some time thinking about how to solve the problem. And yes, "make someone else solve it" is a valid option but only if having the sites apply that solution by making the politicians the "someone else" is also a valid option.

Comment Re:Major change? No. (Score 1) 270 270

Yeah, I'm thinking of the change from the Win95 Start menu to the Win7 one. Program Manager, however, acted pretty much as the Start button, you opened it and then navigated folders fairly logically (you wanted an application, you opened the Applications folder and looked there). The applications you used all the time you copied to the desktop so you'd have them at your fingertips. Which, I've noticed, is still how people handle common applications, with "copy it to the taskbar" a close second and the two "pin" options vying for a distant third.

And it still remains: even secretaries had no problem grokking how to work Win3.1's desktop and programs.

Comment Major change? No. (Score 0) 270 270

The total change from the Windows 3.1 Start button to the subsequent Start buttons was making the Start menu a 2-column menu, putting the contents of the former Programs menu in the left pane and putting the rest of the Start menu items in the right pane. That's it. Oh, and making the initial view not show all the Programs items but only a subset, with an extra item at the bottom to show everything in the same form as it was under the Programs menu.

As for Win3.1 being complicated, every secretary I knew managed to get a handle on it within a few days so it couldn't have been that complicated. The only people I know of who couldn't figure out Win3.1 are the ones who to this day need repeated reminders of how to get to anything that's not directly on their desktop, so methinks the problem doesn't lie in Windows.

Comment Re:Who knows best? (Score 3, Insightful) 133 133

Counter-argument: Obviously management knew much better than the engineers how to run the Space Shuttle program, so they were entirely right to ignore the engineers' warnings about how freezing temperatures would affect the SRB sealing rings on Challenger and how ice strikes would affect the leading edges of the wings on Columbia.

Comment Re:Hobby vs. profession (Score 1) 352 352

Every other business is subject to that same degree of government regulation, ie. the laws limiting their ability to disclaim liability and those warranties and requiring things like business licenses. I don't see any reason why software publishers should be subject to any less regulation. Beyond that, tort law's sufficed in most other fields so I don't see why it shouldn't suffice here.

There are, of course, exceptions. Firmware for medical devices, aircraft control software, that sort of thing where people's lives are placed directly at risk should be subject to a higher degree of regulation and standards for software just as it is for every other aspect. And it should be handled the same way, based on the judgement of long-time practitioners in the field. In other words we don't base the rules on what marketing executives think or hot-shot web-app programmers with less than 5 years working experience, we look to the people with 40+ years in the field who've seen (and had to clean up) all the messes and know what caused them and how to prevent them. Which, yes, is probably not going to result in rules the marketing execs like, but life's like that sometimes.

Comment Hobby vs. profession (Score 1) 352 352

I think we need to also educate people on the difference between software development as a hobby and as a profession.

If I just need to build a storage shed or garden sun-shelter for my backyard, I can build it to any standard of quality, or lack thereof, that I want. It can be completely wonky, as long as it works for me. But if I want to build storage sheds for other people, the rules change. I need to build them to at least a minimum standard of quality, people will expect the trim and paint and the like to not fall off or peel, the doors can't fall off the hinges if you push them wrong, that sort of thing. And if I don't build to those minimum standards I'm going to be held legally liable for the shortcomings.

The same thing applies to software development. Just because you can slap together a to-do list app that works for you, doesn't mean it's ready to market to others. One of the problems is that you can market it without facing any liability for poor quality, and the absolute maximum liability you may face is to have to refund the purchase price. There's no other field where that's the case. Besides education, IMO we need to remove the ability for software publishers to disclaim liability for damages and the implied warranties of merchantability and fitness for purpose. Make it clear that when you move from writing quick apps for yourself or your friends to marketing your software to the public, you're moving into a realm where you're going to be required to meet certain minimum standards of quality whether you like it or not and you'd better be prepared for this.

Yes, this would hurt many software publishers. IMO they need hurt, because the quality of their work is far from what I'd call professional or even reasonable for what they advertise it as.

Comment Won't/can't work (Score 3, Insightful) 199 199

Their extension can't affect the recipient's end of things if the recipient isn't also running that extension. In that case nothing Dmail can do can prevent the recipient from saving the message, forwarding it or doing anything else with it. Dmail can play tricks with HTML e-mail by replacing the body of the e-mail with a dummy wrapper that fetches the message via HTTP from a Dmail server and they can use some Javascript tricks to try and block "Save as", but those are going to run into problems with anything that blocks remote content or disables Javascript in e-mail. Even if the recipient's using Gmail in Chrome that's going to be an issue considering how that sort of blocking's basic to blocking malware. And of course if the recipient's running a non-browser client using IMAP4, Dmail's completely out of luck.

As far as being able to restrict viewing to only the recipient, that's easy. Every standard mail client today supports it. The hard bit's getting the recipient to generate a public-key certificate and install it as a personal certificate and key in their e-mail client. Then you just encrypt the e-mail using their public key and send it as an S/MIME message, their mail client will automatically decrypt it for them. I could even make that work in web-mail with a browser extension that recognizes the message text block, grabs it and decrypts it and stuffs the results back in the text block for the user to see. The obvious advantages here are that a) you wouldn't need to use any particular service provider to send the mail and b) not even the service provider or e-mail servers would be able to see the cleartext. The hard part's the PKI, and really all that needs is an extension for the mail client to automate generation of a certificate and installation into the client like we have in browsers. Depending on the browser and OS that might be simplified by taking advantage of shared OS cryptography features.

I've kicked this idea around as a commercial possibility, but it all comes down to two basic problems:

  • If the messages are truly private it's nigh impossible to generate revenue by any means except annual subscriptions from users. Senders might pay, but recipients won't and that breaks the whole thing.
  • Controlling what happens after the message reaches the recipient's nigh-impossible. The best you can do is if you restrict recipients to a platform like mobile where they have to access messages through your app. There's still ways around the controls, but you can make it so the phone has to be rooted and then access to the secure credential storage obtained and that's not something that can be automated enough to be feasible for the average user to do. In an uncontrolled environment like a browser or a regular e-mail client? Forget it.

Comment DirectX/ActiveX not for the camera (Score 1) 134 134

Usually a requirement for DirectX or ActiveX is for the viewer software they provide, not the camera itself. Either their application uses DirectX to handle the graphics display, or the standard Web page the camera puts around the stream uses an ActiveX widget to display the stream. Usually if you can get the manual for the camera and take a look at the Web page it generates you can find the URL for the actual video stream and use that in any video software. A little more work will give you how to configure the camera for resolution and stream encoding and such to get exactly what you want.

Comment Re:wrong wrong wrong about copyleft (Score 4, Informative) 250 250

That's actually only partially right. If you pass on the source code along with the binaries, you're only obligated to give the source to people you give the binaries to. But if you make an offer to provide the source, you have to provide the source to anyone who asks. That's because of 6c (GPL v3) or 3c (GPL v2) which allow those you gave binaries to to pass along those binaries and your offer of source code to others. Those bits mean those additional people are entitled to the source through your offer so you can't refuse to give people the source just because you didn't give them binaries direcetly. No, you can't bar recipients from passing along the binaries per those bits without yourself violating your license, except by including the source in what you distribute.

Comment Re:Am I the only guy here that likes G+? (Score 2) 152 152

Much the same here. The attraction of G+ was that it was a lot easier to use for non-public streams. Where Facebook tried to make everything public for the world to see, G+ made it easy to keep things limited to specific groups so that a) conversations wouldn't be visible to people I didn't want to see them (and to people that aren't interested, my family really doesn't want to have a ringside seat for my rather heated discussions about the technical aspects of IPv6) and b) we wouldn't be inundated by trolls, spammers and general idjits. I think that's one of the problems, it's not that G+ isn't active but that the outlets saying it's dead are basing that only on public activity which isn't G+'s focus.

Comment Re:Is it just me or.... (Score 1) 305 305

Except that most of Silicon Valley can't save money outsourcing to India. Sure they could hire the same number of workers cheaper, but they can't get the same amount of work done on an ongoing basis. They make their money the way US consultants have: swoop in, hack together something that meets requirements enough to get the final payment, then disappear the morning after the release to production. When the company finds all the bugs and problems, their own people have to clean up the mess or the company has to hire a different set of consultants to try and fix things. It's a great gig for the consultants, not so great for the companies afterwards. And word never gets out because it's the higher-ups who hired the consultants and admitting that the whole thing failed would tarnish their reputation so all the problems get firmly swept under the rug (or better yet, blamed on the company employees who had nothing to do with the project but are tasked with supporting it).

Now if you're talking first-line helpdesk or somesuch, you may save money outsourcing that. Your customers will hate you, but you'll save money. But software development, network engineering, database design, system administration, none of that is first-line helpdesk-type stuff. There's a reason companies are finding it cheaper to move work from India and the like back to the US.

"Mach was the greatest intellectual fraud in the last ten years." "What about X?" "I said `intellectual'." ;login, 9/1990