Forgot your password?
typodupeerror

Comment: SSL speed used to matter a lot, still does (Score 1) 330

by billstewart (#46803215) Attached to: OpenSSL Cleanup: Hundreds of Commits In a Week

SSL has two parts that take a lot of time - key exchange using public-key technology, which just depends on the number of connections, and data encryption, which takes time proportional to the amount of data encrypted. Until the last few years, the key exchange time dominated, because public-key operations are slow and most use of SSL was for encrypting passwords, credit card numbers, or other very small chunks of data. It was pulling teeth to get a lot of sites to use SSL at all (though the whole Certificate Authority system is a lot to blame for that), and it was pulling teeth to get a lot of sites to encrypt more than just your login and credit card data (such as the whole page that asks for your login.)

Do you think speed doesn't matter any more, now that lots of sites are running with the CPU relatively idle? How many SSL connections do you use where the server has bothered to turn on PFS, the Perfect Forward Secrecy stuff that does a one-time Diffie-Hellman exchange? (Appallingly few.) How many sites do you connect to that are using 2048-bit public-key or longer? (Some, but hardly most.) It's still about performance.

Comment: Notepad (Score 1) 120

by billstewart (#46803143) Attached to: Ask Slashdot: Professional Journaling/Notes Software?

Back when I had a Psion 3A organizer, it was a great tool for taking notes on, though eventually the hardware died.

After that I used a series of Palm Pilot versions, which weren't as good - graffiti was slower than typing, and the text file editor could only handle notes up to 4KB, so I had to start new ones roughly monthly (though at least they did sync with Outlook pretty well.)

For the last decade or so I've been doing most of my work on Windows, so I just keep a Notepad text file open on my laptop all the time, and update the filename quarterly to keep an archive (though I haven't actually truncated the old part of the file in a few years, since Win7's Notepad can handle decently large files.) I back it up to various other media, and I suppose I could also back it up to my phone.

Comment: Upgrading Lots of Machines from a Cache? (Score 1) 173

by billstewart (#46792443) Attached to: Ubuntu Linux 14.04 LTS Trusty Tahr Released

So is there any way to cache Ubuntu upgrades, which would let my large collection of virtual and physical lab machines all fetch them from the LAN instead of the each one having to drag them across its WAN? Might as well fetch the official copy just once, and have everything else update at gigabit speeds.

Comment: What's the closest JEOS equivalent? (Score 1) 173

by billstewart (#46785827) Attached to: Ubuntu Linux 14.04 LTS Trusty Tahr Released

JEOS (Just Enough Operating System) used to be a sub-version of Ubuntu, with a minimal server edition; anything else you wanted was an apt-get install away. But there hasn't been a real JEOS version since about 8.04 or so, and with virtual machines these days I have a need for a lot of small-disk-footprint VMs. Is there something that's relatively similar, with basic networking and maybe a LAMP stack?

It would be nice to have a basic X windows environment, but I don't need big piles of Gnome or KDE, and I definitely don't need OpenOffice or lots of the other fun tools. Thanks!

Comment: Yeah, what AC said about Open Source docs (Score 1) 53

by billstewart (#46769663) Attached to: All Packages Needed For FreedomBox Now In Debian

In this case I know it's some kind of privacy software, but typically "FooBatz Release 5.4c is out!!!" is some gaming application or whatever. A half-sentence or more in the Slashdot summary would help, and so would a FAQ that starts with a section of "What is FooBatz?" rather than with "Why won't Ver 5.4b build on Slackware?"

Space

Astronomers Solve Puzzle of the Mountains That Fell From Space 51

Posted by Unknown Lamer
from the just-a-crashed-ring-station dept.
KentuckyFC (1144503) writes "Iapetus, Saturn's third largest moon, was first photographed by the Cassini spacecraft on 31 December 2004. The images created something of a stir. Clearly visible was a narrow, steep ridge of mountains that stretch almost halfway around the moon's equator. The question that has since puzzled astronomers is how this mountain range got there. Now evidence is mounting that this mountain range is not the result of tectonic or volcanic activity, like mountain ranges on other planets. Instead, astronomers are increasingly convinced that this mountain range fell from space. The latest evidence is a study of the shape of the mountains using 3-D images generated from Cassini data. They show that the angle of the mountainsides is close to the angle of repose, that's the greatest angle that a granular material can form before it landslides. That's not proof but it certainly consistent with this exotic formation theory. So how might this have happened?

Astronomers think that early in its life, Iapetus must have been hit by another moon, sending huge volumes of ejecta into orbit. Some of this condensed into a new moon that escaped into space. However, the rest formed an unstable ring that gradually spiraled in towards the moon, eventually depositing the material in a narrow ridge around the equator. Cassini's next encounter with Iapetus will be in 2015 which should give astronomers another chance to study the strangest mountain range in the Solar System."

Comment: TurboTax on Windows, Paper Returns (Score 1) 385

by billstewart (#46757551) Attached to: Slashdot Asks: How Do You Pay Your Taxes?

Am I trusting my tax data to online services? Fat chance. Too many people have my data already.

More precisely, my wife runs TurboTax, I run errands and fetch papers and caffeine.
Back in the 80s, we went to H&R Block because of the complexity of moving expenses from my first post-college job, and my wife said "that looks easy", took the H&R Block tax prep course and did a year of working there, then a couple years at another tax/accounting company, then started her own tax business, using TurboTax and a laptop. It was a bit difficult to keep everything working, because TurboTax assumed you had a desktop PC with a real disk drive instead of floppies, but after a couple years of using RAMdoubler and disk compression, she was able to upgrade to a laptop that resembled what TurboTax needed. Eventually she went back to doing computer businesses and was able to get rid of most of her tax clients (and eventually all of them), but she's been doing the taxes in the years since then.

I think we're finally using the personal version of TurboTax by now; we used the tax-preparer version for many years because there were things the personal one just couldn't do or didn't do well (including importing previous years' data from the tax-preparer version, which kept us on that for a couple years after we would have switched.)

Windows

IRS Misses XP Deadline, Pays Microsoft Millions For Patches 322

Posted by Soulskill
from the your-tax-dollars-at-work dept.
An anonymous reader writes "When Microsoft terminated official support for Windows XP on April 8th, many organizations had taken the six years of warnings to heart and migrated to another operating system. But not the U.S. Internal Revenue Service. Only 52,000 of their 110,000 Windows-powered computers have been upgraded to Windows 7. They'll now be forced to pay Microsoft for Custom Support. How much? Using Microsoft's standard rate of $200 per PC, it'll be $11.6 million for one year. That leaves $18.4 million of their $30 million budget to finish the upgrades themselves, which works out to $317 per computer."

Comment: Download new OpenSSL, not just recompile (Score 1) 239

by billstewart (#46720753) Attached to: Heartbleed OpenSSL Vulnerability: A Technical Remediation

No, you actually have to fix the code to add bounds checking, or download a new version of OpenSSL (which probably gets you other fixes as well, unless you were already running the latest version.)

Recompiling OpenSSL with the proper flag isn't enough to do the job - there are people who've done that and had problems keeping OpenSSL stable on their platforms, and more importantly, that still doesn't stop the Heartbleed attack from causing trouble. You need to get the code not to try to fetch memory beyond the appropriate object's array bounds, though OpenSSL should also default to using malloc()/free() instead of rolling its own badly.

Thus mathematics may be defined as the subject in which we never know what we are talking about, nor whether what we are saying is true. -- Bertrand Russell

Working...