Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).


Comment: QR Code or Similar (Score 1) 207

by akpoff (#48575605) Attached to: In Iowa, a Phone App Could Serve As Driver's License

I'd prefer a card and electronic version with name, photo and QR Code (with human-readable number below) that an officer could scan or type in could link to the appropriate government database that has all the rest of the info. The user could choose which to present.

There's no reason to have a document with your address and phone number to permit driving or function as ID. Every cop car I see has a laptop and wireless access. Easy to look-up and verify.

We'd have to figure out how to let legitimate 3rd parties (e.g., banks, employers) access the db securely without the ability to access too much information. Still, even if we gave them full access to address and phone details it's no worse than the current situation and better in many.

Comment: Re:Replace Cisco, and Akamai and then maybe.. (Score 2) 212

by akpoff (#48413149) Attached to: Launching 2015: a New Certificate Authority To Encrypt the Entire Web

Cisco's involvement makes sense. They're pushing hard into "Internet of Things". They won't want the bad publicity or financial risk of delivering unsecured configuration UIs. Sure, they could install self-signed certificates but browser warnings about self-signed certs will generate support calls. If they can get the root cert into the other browsers (and as one poster above noted, it seems likely with this line-up), free certificates for the asking solves the problem.

Akamai, not sure what they get out of it. Perhaps just improved end-to-end security.

For the EFF, it's pretty obvious. They're pushing https everywhere. Working with heavyweights like Cisco and Akamai furthers that goal. Having the EFF involved will at least ensure the new CA is looked at by geeks and privacy folks.

I have no complaints. At least not until the details are fully known. Hopefully no complaints then either.

Comment: Re:Vampirism (Score 2) 178

by akpoff (#46918033) Attached to: Elderly Mice Perk Up With Transfused Blood

My first thought as well: Methuselah's Children. IIRC this is where we first meet Lazarus Long.

In the story Lazarus Long and others are long-lived due to breeding program that financially rewards people whose parents and grandparents are long-lived who marry. For many years they stay under the radar of popular society and government but when they're found out no one will believe it's genetic. Rather they believe the long-lived must have some secret.

The long-lived escape Earth on a stolen spaceship. While they're gone scientists discover that blood transfusions extend life. And as ffactoid noted, it only became popular and viable once artificial blood becomes generally available.

Comment: Re:Summary. (Score 1) 301

by akpoff (#46716887) Attached to: Theo De Raadt's Small Rant On OpenSSL

Read Ted Unangst's analysis. You don't have to do anything special to trigger the bug when using a normal malloc rather than OpenSSL's broken approach. OpenBSD's approach protects you more but any malloc would have surfaced the error:

This bug would have been utterly trivial to detect when introduced had the OpenSSL developers bothered testing with a normal malloc (not even a security focused malloc, just one that frees memory every now and again).

The problem is the OpenSSL code was freeing a buffer and then immediately re-allocating it to read data from. The OpenSSL team got lucky and it worked when the buffer was the right size.

Comment: Re:Summary. (Score 5, Insightful) 301

by akpoff (#46714755) Attached to: Theo De Raadt's Small Rant On OpenSSL

Theo's point isn't that OpenBSD users would have been safe. It's that had OpenSSL crashed on OpenBSD (or any OS with similar mitigation in place) it would have surfaced the bug much sooner...perhaps before a worldwide release. Once found it would have been fixed and merged upstream to benefit all users.

This is really a specific case of the larger point behind avoiding monoculture, whether OS or hardware. OpenBSD continues to support older architectures in part because it forces them to work through issues that benefit other platforms, especially the one most of us use daily: x86.

Comment: In Terms of Free Speech, Yes; Quality, Maybe Not (Score 1) 156

by akpoff (#46564879) Attached to: In the Unverified Digital World, Are Journalists and Bloggers Equal?

The question should focus specifically on quality, not freedom. That is, bloggers, journalists, pamphleteers and tinfoil-hat-wearing-street-corner-ranting loonies have the same freedom to report what they consider to be news. Governments, and especially the courts, should scrupulously avoid anointing any group as "the Press" or claiming one group or another has a more fundamental free speech right. The press are and always have been made up of the people.

Quality, however, is another matter. We might expect employed journalists to produce higher quality articles in terms of polished prose, researched quotes and balanced perspective due to a professional commitment and having full-time employment to focus on the craft. We'd be very much mistaken, though, if we naively assume all journalists are professionals and all bloggers are hacks and dilettantes. If anything, the "blogger years" have shown the commercial press has often sold out and that so-called amateurs have more of a commitment to accuracy and balance than the "professionals". What they sometimes lack in polish they make up for in commitment to telling the truth.

In this regard I see blogging as a good thing.

+ - Building Your Own BSD Router->

Submitted by Anonymous Coward
An anonymous reader writes "Friends don't let friends use consumer networking equipment. This is a saying that many sysadmins have probably heard. It's really easy to go to a store and pick up a cheap little plastic router, but they're proprietary, have security issues and offer very little flexibility. We're going to show you how to build your own, based entirely on open source software, and take back control of your network."
Link to Original Source

Comment: Re:Sounds reasonable to me. (Score 1) 573

by akpoff (#43814259) Attached to: FiOS User Finds Limit of 'Unlimited' Data Plan: 77 TB/Month

If we have a leaking hot water tap the water company notices after a full month after it started and calls us as our hotwater usage spikes and our bill is way up.

How does that work? Everywhere I've ever lived (including abroad) or visited the water company provides water at ambient temperatures and the customer heats it on site.

Once upon a time ago (in the US anyhow) apartment buildings used radiant heat based on hot water that was centrally heated and distributed. Perhaps they also delivered hot water to the residents. That's still not the water company.

I'm not saying it doesn't happen. Just curious where it happens and how they transport the hot water to you without losing the heat energy. It just doesn't seem efficient.

Comment: Who Owns the Data? (Score 5, Insightful) 128

by akpoff (#43281009) Attached to: PlanetIQ's Plan: Swap US Weather Sats For Private Ones

There are two issues to address here: 1) cost and maintenance, and 2) data ownership. The first is obvious and is the crux of the CEO's pitch to Congress. The second is the one she's skirting. Sure, she acknowledges the government would "buy" the data. But for what use and with what limits? We already see corporations trying to get laws passed making them the only distributor of government-generated data (weather companies, journal publishers). With a ploy like this they make it that much more likely the public is excluded from having and using the data.

The only way I'd encourage the government to go this route is if the law and contracts specify the data is free in every sense of the word. Otherwise this is just another government hand out to private corporations.

If PlanetIQ think there's a real market for weather data, they should finance the whole thing with private equity. My guess is no one in the right mind will give them the capital unless they can get the government give them a monopoly.

Comment: Re:Troll... (Score 5, Insightful) 361

by akpoff (#42874013) Attached to: OpenOffice: Worth $21 Million Per Day, If It Were Microsoft Office

Agreed. In my office we've standardized on OpenOffice (or LibreOffice). We write reports, produce spreadsheets and give presentations without problem. The only time I ever need access to MS Office is when somebody sends me an Office document that for whatever reason doesn't render correctly. It's not because the information isn't available. It's always a disagreement between the two programs as to how to render. OO and LO interchange nicely. The Apple iWork suite works as well. In my experience Office is the odd-man out.

At this stage of the game Office productivity is mostly a solved problem. The feature set is known. Now we're dickering over file formats and presentation.

Comment: Re:potentially worth... (Score 5, Informative) 361

by akpoff (#42873847) Attached to: OpenOffice: Worth $21 Million Per Day, If It Were Microsoft Office

The summary also notes this is savings to the end user. If I don't need all the features found in MS Office I shouldn't need to buy it. If I get what I need and pay $0 I've saved $150.

That's the whole point of the summary. Some segment of the public are getting what they need to get their "office productivity" tasks done for less cost.

Your Rights Online

+ - Swartz didn't face prison until feds took over case, report says->

Submitted by tukang
tukang (1209392) writes "According to a report in the Massachusetts Lawyers Weekly, State prosecutors had planned to let Swartz off with a warning and Swartz would not have faced any criminal proceedings or prison time had it not been for the decision of Carmen Ortiz's office to intervene and take over the case."
Link to Original Source

+ - MafIAA Surrogate vs MEGA and friends->

Submitted by storkus
storkus (179708) writes "ArsTechnica is relaying the story from TorrentFreak about StopFileLockers.com and its head Robert King, where they claim 4 out of 10 MEGA resellers on PayPal have been forced to stop processing payments through the service. They also mention that other services are also being targeted, with Hotfile being specifically mentioned.

The big question in my mind: how to we stop Robert King and friends?"

Link to Original Source

Computers can figure out all kinds of problems, except the things in the world that just don't add up.