Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror

Comment Re:Pay them market value (Score 1) 234 234

That depends on your viewpoint. A good friend of mine is a professor of mathematics at a pretty good private university in the US. He likes to travel and has been to conferences/workshops all over the world, all paid for by his grants. Of course, he's single, and your point certainly could be valid for someone with a family, but on the other hand a lot of this conference travel happens in off-times (winter break, the summer) so one could involve their families on some of these trips, combining it into a vacation -- and I know some profs that do. (Of course, they have to pay for the family members' travel expenses, but it's still one less person that has to be paid for...)

Comment Why not use commit date as version (Score 4, Funny) 199 199

Personally, I think it would be better to use the date as the version "number," though I'm sure that people who have thought about this issue more than I have can come up with reasons that's not a good idea.

One other idea, why not just use the git commit hash? That would really roll off the tongue and be easy to remember. I can see it now:

"Just released, Linux Kernel 634713bc047a87bf8eac9674765ae793478c50d2!"

Comment Mobile OTP (Score 1) 113 113

I'm surprised no one has mentioned Mobile-OTP (http://motp.sourceforge.net/). Perhaps it's a bit older, but it's absolutely free assuming your users have a mobile phone. (It doesn't even necessarily have to be a smart phone). We use this to secure our SSH gateways and it's not bad to set up -- it uses PAM.

Submission + - Seven IPMI Firmware Zero Days Disclosed->

msm1267 writes: HD Moore today disclosed seven zero-day vulnerabilities in IPMI firmware from vendor Super Micro. The security issues were reported to the vendor in August, however the vendor, beyond acknowledging receipt of the vulnerabilities never communicated with Metasploit regarding a fix.

A Super Micro representative told Threatpost that this was an “old story” and that the issue had been resolved. A request for further comment from a Super Micro project manager was not returned in time for publication and the availability of patches could not be confirmed.

IPMI, or intelligent platform management interface, are tiny computers that sit on a motherboard that are used by IT administrators in large data centers for remote management of servers or remote BIOS maintenance. They’re mostly present in rack-mount servers, and are cumbersome to update because they often require physical access to the hardware, and in a service provider environment, for example, there could be hundreds of these embedded devices present.

Beardsley said that a Project Sonar scan for the IPMI firmware in question, version SMT_X9_226, found 35,000 of them online. He estimates that number likely represents less than 10 percent of the total devices in use.

Link to Original Source

Comment Re:who thinks about their smoke detector? (Score 1) 177 177

Many apartments are like this. Here in the Boston area there are quite a few apartment buildings with central heat that individual units have no control over. It's especially bad with those damn steam radiators. Depending on what kind of insulation you have, part of a room will be boiling hot and the other part will be freezing. If you stand in between the two extremes and rotate, you can kind of keep yourself at a comfortable temperature, but that's a bit... awkward to do.

Comment I'm going for an S3 (Score 2, Interesting) 470 470

(Grrr, thought I was logged in.)

I've decided that my next phone (soon, I hope) is going to be the S3. I'd been holding out with my iPhone 4 for a while, waiting (like many others, I suspect) to see what Apple would wow us with for the iPhone 5. Needless to say, I wasn't that impressed, though to be honest, part of me really didn't expect to be, given that there are only so many innovations they could have come up with. What could they have done? An even bigger screen? NFC? A phone you could roll up? The first two would hardly have been groundbreaking and the latter is tech that doesn't really exist yet.

Still, at the end of the day, I'm sure I could be happy with the 5, but I'm ready to play with a new toy. I've never had an Android device before, but got a chance to play with a tablet and some phones over my vacation, and I liked what I saw.

Captcha: revenues

Comment Re:Key AND Password (Score 2) 167 167

I use Mobile OTP (http://motp.sourceforge.net/) for two-factor auth at work. Once I figured out the PAM side of things, it was quite straight-forward. I installed it on my server at home as well, but I'm a little more relaxed about it -- I allow ssh from a few "trusted" boxes via ssh-keys, otherwise it requires password+OTP token authentication. Now, I just have to worry about keeping those "trusted" boxes safe. (I do have a password on the ssh keys, but wonder if I have a long-running login session with the keys installed into ssh-agent, I might be boned anyway if someone were to break in.)

Comment Re:Pah! Antisocial network (Score 1) 396 396

What happens when they decide that people they can't find on social networks must either be lying, or must have something to hide?

Honestly, I am so fucking tired of all these facebook "hipster" posts that basically say, "I'm too cool to be on social media!" If you don't have Facebook, this doesn't affect you, so stop telling everyone you don't have Facebook. No one thinks you're cool because of it.

Please! I wasn't on FB before it was cool to not be on FB. Instead, I'm on a different social networking site. You probably haven't heard of it.

The reward of a thing well done is to have done it. -- Emerson

Working...