Forgot your password?

Comment: Re:Summary. (Score 1) 301

by akpoff (#46716887) Attached to: Theo De Raadt's Small Rant On OpenSSL

Read Ted Unangst's analysis. You don't have to do anything special to trigger the bug when using a normal malloc rather than OpenSSL's broken approach. OpenBSD's approach protects you more but any malloc would have surfaced the error:

This bug would have been utterly trivial to detect when introduced had the OpenSSL developers bothered testing with a normal malloc (not even a security focused malloc, just one that frees memory every now and again).

The problem is the OpenSSL code was freeing a buffer and then immediately re-allocating it to read data from. The OpenSSL team got lucky and it worked when the buffer was the right size.

Comment: Re:Summary. (Score 5, Insightful) 301

by akpoff (#46714755) Attached to: Theo De Raadt's Small Rant On OpenSSL

Theo's point isn't that OpenBSD users would have been safe. It's that had OpenSSL crashed on OpenBSD (or any OS with similar mitigation in place) it would have surfaced the bug much sooner...perhaps before a worldwide release. Once found it would have been fixed and merged upstream to benefit all users.

This is really a specific case of the larger point behind avoiding monoculture, whether OS or hardware. OpenBSD continues to support older architectures in part because it forces them to work through issues that benefit other platforms, especially the one most of us use daily: x86.

Comment: In Terms of Free Speech, Yes; Quality, Maybe Not (Score 1) 156

by akpoff (#46564879) Attached to: In the Unverified Digital World, Are Journalists and Bloggers Equal?

The question should focus specifically on quality, not freedom. That is, bloggers, journalists, pamphleteers and tinfoil-hat-wearing-street-corner-ranting loonies have the same freedom to report what they consider to be news. Governments, and especially the courts, should scrupulously avoid anointing any group as "the Press" or claiming one group or another has a more fundamental free speech right. The press are and always have been made up of the people.

Quality, however, is another matter. We might expect employed journalists to produce higher quality articles in terms of polished prose, researched quotes and balanced perspective due to a professional commitment and having full-time employment to focus on the craft. We'd be very much mistaken, though, if we naively assume all journalists are professionals and all bloggers are hacks and dilettantes. If anything, the "blogger years" have shown the commercial press has often sold out and that so-called amateurs have more of a commitment to accuracy and balance than the "professionals". What they sometimes lack in polish they make up for in commitment to telling the truth.

In this regard I see blogging as a good thing.

+ - Building Your Own BSD Router->

Submitted by Anonymous Coward
An anonymous reader writes "Friends don't let friends use consumer networking equipment. This is a saying that many sysadmins have probably heard. It's really easy to go to a store and pick up a cheap little plastic router, but they're proprietary, have security issues and offer very little flexibility. We're going to show you how to build your own, based entirely on open source software, and take back control of your network."
Link to Original Source

Comment: Re:Sounds reasonable to me. (Score 1) 573

by akpoff (#43814259) Attached to: FiOS User Finds Limit of 'Unlimited' Data Plan: 77 TB/Month

If we have a leaking hot water tap the water company notices after a full month after it started and calls us as our hotwater usage spikes and our bill is way up.

How does that work? Everywhere I've ever lived (including abroad) or visited the water company provides water at ambient temperatures and the customer heats it on site.

Once upon a time ago (in the US anyhow) apartment buildings used radiant heat based on hot water that was centrally heated and distributed. Perhaps they also delivered hot water to the residents. That's still not the water company.

I'm not saying it doesn't happen. Just curious where it happens and how they transport the hot water to you without losing the heat energy. It just doesn't seem efficient.

Comment: Who Owns the Data? (Score 5, Insightful) 128

by akpoff (#43281009) Attached to: PlanetIQ's Plan: Swap US Weather Sats For Private Ones

There are two issues to address here: 1) cost and maintenance, and 2) data ownership. The first is obvious and is the crux of the CEO's pitch to Congress. The second is the one she's skirting. Sure, she acknowledges the government would "buy" the data. But for what use and with what limits? We already see corporations trying to get laws passed making them the only distributor of government-generated data (weather companies, journal publishers). With a ploy like this they make it that much more likely the public is excluded from having and using the data.

The only way I'd encourage the government to go this route is if the law and contracts specify the data is free in every sense of the word. Otherwise this is just another government hand out to private corporations.

If PlanetIQ think there's a real market for weather data, they should finance the whole thing with private equity. My guess is no one in the right mind will give them the capital unless they can get the government give them a monopoly.

Comment: Re:Troll... (Score 5, Insightful) 361

by akpoff (#42874013) Attached to: OpenOffice: Worth $21 Million Per Day, If It Were Microsoft Office

Agreed. In my office we've standardized on OpenOffice (or LibreOffice). We write reports, produce spreadsheets and give presentations without problem. The only time I ever need access to MS Office is when somebody sends me an Office document that for whatever reason doesn't render correctly. It's not because the information isn't available. It's always a disagreement between the two programs as to how to render. OO and LO interchange nicely. The Apple iWork suite works as well. In my experience Office is the odd-man out.

At this stage of the game Office productivity is mostly a solved problem. The feature set is known. Now we're dickering over file formats and presentation.

Comment: Re:potentially worth... (Score 5, Informative) 361

by akpoff (#42873847) Attached to: OpenOffice: Worth $21 Million Per Day, If It Were Microsoft Office

The summary also notes this is savings to the end user. If I don't need all the features found in MS Office I shouldn't need to buy it. If I get what I need and pay $0 I've saved $150.

That's the whole point of the summary. Some segment of the public are getting what they need to get their "office productivity" tasks done for less cost.

Your Rights Online

+ - Swartz didn't face prison until feds took over case, report says->

Submitted by tukang
tukang (1209392) writes "According to a report in the Massachusetts Lawyers Weekly, State prosecutors had planned to let Swartz off with a warning and Swartz would not have faced any criminal proceedings or prison time had it not been for the decision of Carmen Ortiz's office to intervene and take over the case."
Link to Original Source

+ - MafIAA Surrogate vs MEGA and friends->

Submitted by storkus
storkus (179708) writes "ArsTechnica is relaying the story from TorrentFreak about and its head Robert King, where they claim 4 out of 10 MEGA resellers on PayPal have been forced to stop processing payments through the service. They also mention that other services are also being targeted, with Hotfile being specifically mentioned.

The big question in my mind: how to we stop Robert King and friends?"

Link to Original Source

Comment: Re:It would be fair... (Score 1) 475

by akpoff (#42692419) Attached to: Unlocking New Mobile Phones Becomes Illegal In the US Tomorrow

Lots of people are noting that we sign these contracts willingly and that the phone is discounted because of the two-year contracts we sign. Many are overlooking two key facts:

1) There's a huge cancellation fee that makes up for the discount on the phone. ATT is up to $350 for cancelling a smartphone contract.

2) Wireless markets are constrained by government-granted monopolies. Monopolist have huge amounts of leverage on their side. Yes, you can buy the phone without a contract...and pay a huge margin on it. You're ostensibly free to go elsewhere...and find the same deal. The numbers are little different (T-Mobile charge $200 for cancelling early). But the structure of the deal is largely the same.

We congratulate ourselves on our free and open markets and put huge political pressure on other countries to do the same, but when you look under the hood we create vertically-integrated monopolies. Who in their right mind would give the same company control of: a) the means of delivery (airwaves or wires), b) equipment to access the service, and c) sale of content to use the service? We broke up Ma-Bell specifically for just this reason. We very nearly broke-up IBM and Microsoft for the same. But for some reason communication services (cellular and internet) are handed over on a silver platter to corporations.

And then we write criminal laws to protect their monopoly.

Is it fair in any meaningful sense of the word? I don't think so.

Comment: Re:Up-front costs? (Score 1) 238

by akpoff (#42634139) Attached to: Former FCC Boss: Data Caps Not About Network Congestion

It's more than that. States and the Federal government have given the telcos and cable companies money multiple times over the past ~15 years to build out infrastructure[1]. In many cases cable companies have received exclusive rights to deliver phone service, cable TV or both.

Despite public largess, these companies come back to the trough over and over poor mouthing how expensive infrastructure build out has been. In Houston we can get up to 100 Mbps downloads but the price is nearly $300/month. To stay under $100/month you have to "settle" for 12 Mbps. That's not bad but when you consider how much money we've spent publicly the ROI isn't great. And let's not forget the gouging the public takes over wireless data.

I'm firmly in favor of for-profit businesses and letting free market work...but when as a society we've decided to hand over full and partial monopolies to for-profit corporations we have every right to participate in setting pricing and profits.

At this point I'm in favor of treating the last mile for internet connectivity the same way we treat the last mile for electricity. Have a poles-and-wires company and separate service providers who deliver content and services. There's too much incentive to drive users to in-house offerings and service when the ISP is also a content company. In other words, if we're going to make the last mile a monopoly then we need net neutrality.

[1] "$7.2 billion for complete broadband and wireless Internet access" See American Recovery and Reinvestment Act of 2009 as one example.

Comment: Re:Perpetual license (Score 1) 103

by akpoff (#42599817) Attached to: Judge Rules Twitter Images Cannot Be Used Commercially

The plaintiff will almost certainly seek (and receive) an injunction against further infringement of the work by the defendant. I imagine it would also raise the plaintiff's next complaint against the same defendant to willful infringement with its painful $150,000 per-infringing-work penalty.

Being found guilty and paying a fine is not a blessing to do it again.

Thus mathematics may be defined as the subject in which we never know what we are talking about, nor whether what we are saying is true. -- Bertrand Russell