Slashdot is powered by your submissions, so send in your scoop


Forgot your password?

Comment: Re:Periodic Re-copying, because format rot bit rot (Score 1) 234

by billstewart (#48920677) Attached to: Ask Slashdot: Best Medium For Personal Archive?

It took my friends months to find working 8" floppy drives they could take to Guatemala to decode the files the police and army had created during the dirty wars there. I don't want to have to buy a 9-track tape drive to read the one 9-track tape I have (if I find it again, and if it's still even readable.) (I gave away the Sun cartridge drive along with the Sun-2.)

Much more reliable to copy the data every couple of years to some current medium, knowing that Moore's Law means that it's not going to cost much and the only problems will be data formats, not media formats.

Comment: And here's the patch (Score 1) 165

by billstewart (#48918997) Attached to: Serious Network Function Vulnerability Found In Glibc

void *strcpy() { printf("Don't use strcpy, idiot! We told you that years ago!\n"}; exit(-37); }

void *strcmp() { printf("Don't use strcmp either, idiot! We told you that years ago too!\n"}; exit(-37); }

Also, according to the articles I've read about this, the somewhat more official patch came out in 2013, but wasn't marked as a "security" patch so it only made it into the newer OS versions, but wasn't retrofitted into the older ones. So it'd be fixed in Ubuntu 14.04, but not in the 12.04 LTS version.

Comment: Periodic Re-copying, because format rot bit rot (Score 2) 234

by billstewart (#48918163) Attached to: Ask Slashdot: Best Medium For Personal Archive?

Moore's Law is only partly your friend here - storage keeps getting cheaper rapidly, but that also means that not only do devices become obsolete, but the interface specs and data formats also become obsolete. You probably don't have an 8" floppy drive anywhere, or a working 5.25", or the right kind of cable to plug the 5.25" drive into, or a Bernoulli drive, or a 9-track tape drive (800, 1600, or 6250dpi), or the Sun cartridge drive, or anything to plug those MFM drives into, or SCSI-1, or probably SCSI-2. You might have something that can handle IDE / PATA, or an old laptop with PCMCIA, but even those are getting scarcer. If you can connect to that old disk disk drive, you can probably load a virtual machine running NetBSD that'll have drivers for the file system format, but maybe not; you certainly don't want to risk having Windows "update" the format. You might think that FAT 8.3 format will stick around for a long time (and maybe it will for reading, but it's rapidly getting replaced with FAT16, FAT32, ExFAT, NTFS, etc.

Leave aside the question of whether you can read a 20-year-old version of WordStar or WordPerfect format file (unlike my late-70s nroff files, which would be readable if they weren't on a 9-track tape I've probably lost.) You can probably read that 4-year-old TurboTax file, but if you need to get tax data back from when you bought your house, you'd better have everything on paper.

Just for physical format alone, you need to copy stuff every couple of years.

Comment: Re:Best Medium? (Score 1) 234

by billstewart (#48918005) Attached to: Ask Slashdot: Best Medium For Personal Archive?

Acid-free paper, otherwise you and your friends will just keep eating bits of your archives.

More seriously, paper's only good for some things, and only if you protect it well enough. Some years ago, my work hard drive crashed, and when I was driving to work a day or two later, my coffee cup bounced off the holder into my briefcase, taking out both the Palm Pilot and the dead-tree copies of my data. There were backups of some of my PC data, but my current calendar was gone.

GNU is Not Unix

Serious Network Function Vulnerability Found In Glibc 165

Posted by Soulskill
from the audits-finding-gold dept.
An anonymous reader writes: A very serious security problem has been found and patched in the GNU C Library (Glibc). A heap-based buffer overflow was found in __nss_hostname_digits_dots() function, which is used by the gethostbyname() and gethostbyname2() function calls. A remote attacker able to make an application call to either of these functions could use this flaw to execute arbitrary code with the permissions of the user running the program. The vulnerability is easy to trigger as gethostbyname() can be called remotely for applications that do any kind of DNS resolving within the code. Qualys, who discovered the vulnerability (nicknamed "Ghost") during a code audit, wrote a mailing list entry with more details, including in-depth analysis and exploit vectors.

Ask Slashdot: Best Medium For Personal Archive? 234

Posted by timothy
from the but-with-8-tracks-you-can-still-lose-7 dept.
An anonymous reader writes What would be the best media to store a backup of important files in a lockbox? Like a lot of people we have a lot of important information on our computers, and have a lot of files that we don't want backed up in the cloud, but want to preserve. Everything from our personally ripped media, family pictures, important documents, etc.. We are considering BluRay, HDD, and SSD but wanted to ask the Slashdot community what they would do. So, in 2015, what technology (or technologies!) would you employ to best ensure your data's long-term survival? Where would you put that lockbox?

Comment: Re:Farscape (Score 1) 458

by billstewart (#48890771) Attached to: Best 1990s Sci-fi show?

My local cable company didn't carry The Sci-Fi Channel until just about when Farscape went off the air (idiots! This is Silicon Valley, what did they *think* we wanted to watch? ESPN?) so I never saw enough episodes to really catch on, but it was kind of fun. And ST:TNG happened during the years I didn't have TV, so the few times I saw it were always the same annoying episode with Q in it for some reason.

Comment: X-Files vs. Bab-5 - ouch! (Score 1) 458

by billstewart (#48889595) Attached to: Best 1990s Sci-fi show?

Babylon 5 vs. Star Trek ver N+1? Easy choice, Bab5 wins hands down.

But X-Files was why I had a TV in the first place. We'd had an old Amiga monitor and VCR to watch movies, which eventually got replaced by a TV/VCR combo, but my wife saw X-Files when she was staying at a hotel for a conference, came home and rented all the available videos at the video store (remember video stores?), and then one day I came home and there was a coax stretched down the stairs from the cable jack, and I was told that if I didn't like it I could move the cabinet that was in front of the living-room cable jack.


Data Encryption On the Rise In the Cloud and Mobile 83

Posted by Soulskill
from the setting-a-standard dept.
dkatana writes: Overall, demand for encryption is growing. Cloud encryption services provider CipherCloud recently received a $50 million investment by Deutsche Telekom, which the company said positions it for "explosive growth" this year. The services are designed to allow corporations to benefit from the cost savings and elasticity of cloud-based data storage, while ensuring that sensitive information is protected.

Now, both Apple and Google are providing full encryption as a default option on their mobile operating systems with an encryption scheme they are not able to break themselves, since they don't hold the necessary keys.

Some corporations have gone as far as turning to "zero-knowledge" services, usually located in countries such as Switzerland. These services pledge that they have no means to unlock the information once the customer has entered the unique encryption keys. This zero-knowledge approach is welcomed by users, who are reassured that their information is impossible to retrieve — at least theoretically — without their knowledge and the keys.

Comment: Abandoned calls - heh (Score 1) 240

by billstewart (#48882643) Attached to: Dish Network Violated Do-Not-Call 57 Million Times

95-99% of the calls to my home phone are from robots. Some are friendly robots ("Your prescription is ready at CVS"), most are spammer robots. I finally got fed up and put the number on the Do Not Call List, and the main change has been that more robots call me and either don't play a recording at all, or else play a recording but if I press "1" to talk to their human, never connect me to a human. (And I almost always tell them I want to; usually I'll put the phone down, sometimes I'll chew them out, often I'll put the phone down and if somebody answers, I'll say "hello" and then put the phone down.)

Back when I used to design call center equipment, in the 80s, phone calls cost more per minute than operators. These days that's totally changed, so it doesn't cost them much to make calls and abandon them if they don't have a spare operator within a few seconds; it's not like they're worried about losing repeat business.

Comment: Can't prosecute them if you can't catch them (Score 1) 240

by billstewart (#48882615) Attached to: Dish Network Violated Do-Not-Call 57 Million Times

My assumption, since the entire country has been annoyed at Rachel and her ilk for years, and since the FBI could easily get warrants to search for her even if the NSA didn't pwn the phone companies, is that either

  • - It's really a Russian scam, out of their jurisdiction, or
  • - They're a distributed scam, run by lots and lots of people who can buy a "Rachel from Cardholder Services" audio recording kit, hire work-at-home telemarketers, and run their own cottage industry, so if they do get caught, the scam keeps going, or (like old-fashioned spammers in trailer parks) maybe they don't make as much money as the folks selling the kit promised them, so they go out of business and other scammers take up the slack.

Long computations which yield zero are probably all for naught.