Please create an account to participate in the Slashdot moderation system


Forgot your password?

Comment: Assumptions (Score 1) 324

by bmo (#48648547) Attached to: Ask Slashdot: Is an Open Source<nobr> <wbr></nobr>.NET Up To the Job?

So, assuming Microsoft is sincere

That's a pretty fuckin' big assumption there, guy.

>BMO goes back to read the Halloween documents

The Easter Bunny, Santa Claus, A Sincere Microsoft Board Member, and a Rabbi (a Rabbi is required in every joke) come to a 4-way stop/intersection at the same time.

Who goes first?

The Rabbi, because the others don't fuckin' exist.


Comment: Re:Network Level (Score 1) 96

by bmo (#48642979) Attached to: Staples: Breach May Have Affected 1.16 Million Customers' Cards

Otherwise it's potentially just a matter of inserting a tiny reprogramable USB stick when there are few cashiers on and the cashier who is on isn't looking for a few seconds (ie two people walking into a Staples store can pull this off really easily).

Indeed, so much this.

I've seen open USB ports on all sorts of POS terminals and it just boggles my mind, especially because I've been in industrial environments in small companies where hot-gluing USB ports shut is a matter of course.

You can buy a USB flash drive that sits almost flush and if you take a little bit of elbow-grease and sandpaper, you can get it to sit flush easily.

So I don't see how big companies like Staples, who have the actual budget to look at security this way, don't even bother to do the basics like this. It's time we start fining/class action lawsuit-ing firms that don't even do the least bit of security, with amounts of money that actually hurt and not take "5 minutes of profits" to pay.


Comment: Re:Some people better be out of a job... (Score 1) 110

by bmo (#48626349) Attached to: Hackers Compromise ICANN, Access Zone File Data System

Peer Name Resolution.

The problem is that it's patent encumbered, by Mickeysoft, so it's useless.

There is also something called Hierarchical DHT-based name resolution.


Information-centric network (ICN) architectures are an increasingly important approach for the future Internet. Several ICN approaches are based on a flat object ID namespace and require some kind of global name resolution service to translate object IDs into network addresses. Building a world-wide NRS for a flat namespace with 10^1^6 expected IDs is challenging because of requirements such as scalability, low latency, efficient network utilization, and anycast routing that selects the most suitable copies. In this paper, we present a general hierarchical NRS framework for flat ID namespaces. The framework meets those requirements by the following properties: The registration and request forwarding matches the underlying network topology, exploits request locality, supports domain-specific copies of binding entries, can offer constant hop resolution (depending on the chosen underlying forwarding scheme), and provides scoping of publications. Our general NRS framework is flexible and supports different instantiations. These instantiations offer an important trade-off between resolution-domain (i.e. subsystem) autonomy (simplifying deployment) and reduced latency, maintenance overhead, and memory requirements. To evaluate this trade-off and explore the design space, we have designed two specific instantiations of our general NRS framework: MDHT and HSkip. We have performed a theoretical analysis and a simulation-based evaluation of both systems. In addition, we have published an implementation of the MDHT system as open source. Results indicate that an average request latency of (well) below 100ms is achievable in both systems for a global system with 12 million NRS nodes while meeting our other specific requirements. These results imply that a flat namespace can be adopted on a global scale, opening up several design alternatives for information-centric network architectures.


Comment: Re:undocumented immigrant (Score 3, Insightful) 440

by bmo (#48610919) Attached to: Federal Court Nixes Weeks of Warrantless Video Surveillance

Oh look at the poor persecuted "christian" that is so bent out of shape because his publicly funded school or courthouse doesn't have a monument to the 10 commandments. Paying 5 or 6 figures for a monument, as has happened in the past, is an endorsement.

Look, numbnuts, it's not "your" school or courthouse, it's our school and our courthouse, and "us" includes atheists, hindi, buddhists, jews, etc., as well as christians, or so-called "christians" that have completely forgotten the Sermon on the Mount.


Comment: Re:Does GPLv2 Grant a Patent license (Score 1) 173

by bmo (#48607067) Attached to: The GPLv2 Goes To Court

There was one direct attack at the GPL that might've had teeth had it not occurred in the fetid imagination of a certain Daniel Wallace.

Dan Wallace tried to get the GPL considered invalid because it amounted to price fixing and a Sherman Act violation. He claimed the harm was that the Free and free properties of Linux operating systems locked him out of the market, even though he didn't actually have a product to market.

He was duly struck down hard by a de novo appellate court decision.

That was probably the only "legitimate" attack on the GPL. Any others are, like you said, shooting the plaintiff in his own foot.


Comment: Re:FTFA (Score 1) 594

by bmo (#48605299) Attached to: Waze Causing Anger Among LA Residents

It /is/ walkable.

4 miles is 1 hr 20 minutes at normal walking speed.

2 hours by car? No, just no. That kind of time spent in a car going nowhere is just maddening.

Fer crissakes, it's 1 hr 20 minutes from here to Boston's South Station, and I'm in Concord NH and even during rush hour, it's not two hours. And once you're in Boston or Cambridge, you honestly don't need a car.


Comment: Re:PRIVATE encryption of everything just became... (Score 1) 379

by bmo (#48579089) Attached to: Congress Passes Bill Allowing Warrantless Forfeiture of Private Communications

This needs to be modded up.

Encryption doesn't need to be "perfect"

It just has to be convenient and ubiquitous enough to make the government do actual work to get your stuff, forcing agencies to spend money from their budgets. It's assymetrical enough to drain those budgets given enough strength.


Comment: Re:Not sure who to cheer for (Score 5, Insightful) 190

by bmo (#48567719) Attached to: Fraud Bots Cost Advertisers $6 Billion

>If you don't like advertising on you favorite site. Then you better find them a business model where they can keep running (as it isn't free for them) and feed their family's.
>Otherwise just suck it up as the cost of having free access to their data.

Oh hay look, the old "if you don't like ads and block them you're stealing from the mouths of the children" argument.

It would be fine if I could trust the ad networks to not serve up malware, but even my own favorite sites have hosted malware from their ad networks from time to time.

Blocking ads is a much more of a security issue more than a convenience issue.


"If truth is beauty, how come no one has their hair done in the library?" -- Lily Tomlin