Follow Slashdot stories on Twitter


Forgot your password?

Comment: Keep your friends close and your IT closer... (Score 1) 128

by chaoskitty (#49181805) Attached to: The Mexican Drug Cartels' Involuntary IT Guy

I get it - when someone knows some of your secrets and many of your weaknesses, you "keep" that someone indefinitely.

But Geek Squad? That's the most ridiculous comparison ever - no organization would keep around a bumbling wanna-be IT person who could just barely install Windows and would be lucky to finish a new installation without also installing a Trojan. No, if this guy were like the Geek Squad for a cartel, they'd have killed him pretty quickly when they realized he was completely useless.

Comment: How about none? (Score 1) 353

by chaoskitty (#49083533) Attached to: Ask Slashdot: Most Useful Browser Extensions?

How about no extra browser extensions? Or even an extension or two which limits the other browser extensions?

Browser plugins have the WORST security surface. If you want to do something, do it outside of a browser so that you're not giving every and any site you visit the opportunity to exploit something you only run once in a great while.

Netflix no longer requires Silverlight, so we can remove that. Once Hulu moves away from the crapstorm which is Adobe Flash, it'll be more realistic to completely trash that forever (I will have a party when that happens!) Don't get me started on Adobe Acrobat and PDFs in browsers... Java - shit - what a MESS! Who the hell wants to run Java in a browser anyway? There has to be a better way. Keep around an old Windows machine if you want to feel dirty by trolling around for the latest disease and let Java die.

It'd be nice if something like ClickToPlugin were available for all the browsers (it's for Safari), but I learned from The Register how to make plugins click-to-play on Firefox and Chrome. See the bottom of this article:

Comment: Any BSD is good (Score 1) 403

by chaoskitty (#48822485) Attached to: Ask Slashdot: Migrating a Router From Linux To *BSD?

Ignore the idiots who are dismissive. Just because someone is highly technical in one area doesn't mean there's something wrong if they're not very technical in others.

I personally use NetBSD because I use different hardware in different places for NAT / IPv6 routing / DNS / all that. In homes I use a PogoPlug or Seagate Dockstar with a USB flash or SD card and a USB-ethernet and / or USB-wireless. In businesses I use amd64, sparc64 and powerpc systems. NetBSD uses the same configurations regardless of the architecture.

OpenBSD and FreeBSD are just as good, and, as I'm sure you're realizing while you learn BSD, all three BSDs are much cleaner and better organized, generally speaking, than GNU/Linux distros. The other thing that keeps me using them is that they don't try to be like Windows, so there aren't a zillion extra packages and gratuitous changes from one version to the next.

A BSD NAT router / firewall / IPv6 router / DNS / Samba / web / whatever server can be set up pretty quickly and easily, and keeping track of the configuration files and reproducing a running system is very straightforward.

Comment: Re:Prospects were grim when I check earlier this y (Score 1) 110

by chaoskitty (#48591911) Attached to: Ask Slashdot: Best Software To Revive PocketPCs With Windows Mobile 5-6?

That's not true. The sources for hpcarm (the port for ARM-based handheld PCs) compile and run just fine. Every version of NetBSD has hpcarm binaries (6.1.5, NetBSD-7_BETA, sources compiled from -current). I think you just don't understand how NetBSD works.

Comment: Simple: portability (Score 1) 641

by chaoskitty (#48556375) Attached to: How Relevant is C in 2014?

It's simple. C is self hosting and extremely portable, and the amount of extra stuff needed to run C can be none (in the case of kernels, everything can come with the binary), little (shared libraries) or lots (a whole OS). There aren't many other languages which can self-host and can create binaries which can run on bare metal.

Other supposedly portable languages like Java, Perl and PHP require an OS and environment to do anything, which makes them unsuitable for running on small embedded systems, for high performance applications, or for talking intimately to hardware.

The languages also change too much over time. You can't just take old code and run it in a new interpreter. If Java wasn't in the hands of a megacompany, it MIGHT be more portable and less bug-ridden, but right now it's write once, run only in certain places, deal with a zillion security issues. Many companies I support have to keep around a VM or an older machine to run an older JVM because new Java is not compatible with old Java.

C has changed, but not so much that K&R C is unrecognizable to someone learning C now. A program written in the 1970s can be compiled by a CS student today without much more than, perhaps, changing a few #includes. This is what makes it lasting and worth learning.

Comment: Accessing email on the server (Score 1) 635

by chaoskitty (#47788615) Attached to: Ask Slashdot: What Old Technology Can't You Give Up?

I don't cling to the old because I'm unafraid of change - I keep using it because nothing better has come along.

Shell-based email is still the quickest and easiest way to keep email in one place and have it be accessible even if I'm on a connection the speed of dialup. No matter how many times I try email clients, nothing works as quickly and as seamlessly. The same goes for ytalk instead of IM programs (luckily, many of the people with whom I want to chat have shell accounts, too).

Until someone comes up with something better, like a protocol which allows for downloading just the text of what I want to see, I'll happily ssh and do email on the server, like I've been doing for twenty years.

Comment: Anyone remember, "Write once, run anywhere"? (Score 1, Insightful) 511

by chaoskitty (#47745439) Attached to: If Java Wasn't Cool 10 Years Ago, What About Now?

Sun's slogan for Java used to be, "Write once, run anywhere." Remember that? Sun didn't make JVMs for many platforms, and didn't even have an official JVM for GNU/Linux for ages. Add to that the fact that each major version of the JVM deprecated features and introduced incompatible ways to do things previously done other ways, and it's no wonder it has become the case that we (meaning IT folks) have to keep around an older (perhaps virtual) machine which has an older and certainly insecure JVM to talk to some hardware device or application which requires older Java. Qlogic switches come to mind.

Since the JVM isn't portable, Java isn't portable. Since software written for one JVM version can't necessarily run on another version, it's not very backwards compatible. Since it has so many security issues, you either have to hope that whoever makes your JVM keeps it up to date or that you're very careful about how it's deployed.

I can't personally think of anything more precarious than trying to deploy real software using Java.

Comment: They used to call me paranoid... (Score 5, Informative) 427

by chaoskitty (#47633437) Attached to: Ask Slashdot: Life Beyond the WRT54G Series?

I have long advocated for separating everything - the cable modem / DSL modem should JUST be an interface to the upstream provider, with no NAT and DEFINITELY with no wireless. See the issues with Xfinity and other providers who are now piggybacking their "free" Wifi on customers' connections - I bet it'll be shown in the near future that the already existing NAT table size issues, which already cause many consumer devices to be problematic, are being exacerbated by trying to maintain state entries for the "free" wireless, too.

So you have a cable / DSL modem which is in bridge mode. Then you have some sort of NAT device. If you like running your own OS, a Raspberry Pi or some other tiny StrongARM device is cheap and can run whatever GNU/Linux or BSD you like. Heck, you can even still use your WRT54GL if the CPU in it isn't limiting the speed of your upstream connection.

Then, you have your wireless device. Again, I strongly recommend something that just does bridging - you have the simplest setup because you're not using the wireless device for NAT or any other "features". With all the stories about consumer devices having poor security and intentional back doors, the less exposure, the better. Personally, I pay extra for Apple because the 802.11ac Airport Extreme does wonders with existing 802.11n clients.

The great thing about this is that you can have as many segments as you want without needing a switch which does VLANs. You can plug two USB-ethernets into a Raspberry Pi, for instance, and keep your wireless and wired networks on completely different segments. Or three, and you can have your old device provide a completely separate guest network.

The best thing about this setup is that if one device fails or is shown to be insecure and the manufacturers won't fix it, you can just replace that one device.

Comment: Always plan for nefarious behavior (Score 1) 348

It's much better to assume that a server may be or is exposed to malicious traffic than it is to assume not. Even if there's only ever a direct ethernet connection between two machines, assume someone may compromise one of the machines and protect the other. Using a username and password is one thing; if you can filter based on IP address, use software firewall rules to only allow connections on certain interfaces and from certain addresses (or, better yet, localhost), et cetera, you're always better off.

Hope for the best, plan for the worst.


Aerospace Merger: ATK Joins With Orbital Sciences Corp 22

Posted by Soulskill
from the drumming-up-competition-for-spacex dept.
FullBandwidth writes: "Two Virginia aerospace players, Arlington-based Alliant Techsystems (ATK) and Dulles-based Orbital Sciences, are merging to create a $5 billion venture. The companies announced the merger in a joint announcement Tuesday. ATK is also spinning off its lucrative hunting gear segment into a separate company. 'The move is mutually beneficial, company executives said, as ATK looks to bolster its aerospace business and Orbital Sciences hopes to boost the scale of its existing operations as well as gain a foothold in the defense sector. ... Another beneficiary of the merger is NASA, a client of both companies. Last year, Orbital successfully completed a supply run to the international space station using its Antares rocket and Cygnus spacecraft. Orbital’s expansion after the merger will make it a bigger player in the commercial space sector as it competes with the likes of SpaceX, billionaire entrepreneur Elon Musk’s company, said Howard Rubel, an equity research analyst at Jefferies.'"

OpenPhoenux Neo900 Bills Itself As Successor To Nokia's N900 111

Posted by timothy
from the certainly-has-a-similar-name dept.
An anonymous reader writes "The latest device in the OpenPhoenux open hardware family is the Neo900, the first true successor to the Nokia N900. The Neo900 is a joint project of the Openmoko veteran Jörg Reisenweber and the creators of the GTA04/Letux2804 open hardware smartphone at Golden Delicious Computers. Furthermore, it is supported by the N900 Maemo5/Fremantle community, the Openmoko community and the OpenPhoenux community, who are working together to get closer to their common goal of providing an open hardware smartphone, which is able to run 100% free and open source software, while being independet of any big hardware manufacturer." So far, their Indiegogo campaign has raised more than half of the €25,000 they're seeking.

Comment: Exaggerated reports of death, blah, blah... (Score 1) 429

by chaoskitty (#43748117) Attached to: Ask Slashdot: Dealing With a Fear of Technological Change?

People have been predicting the death of Unix and the command line for ages. Most people don't care about long term because they're accustomed to a constant cycle of upgrades to make money for large corporations - it's what they're conditioned to do. If we don't want to run browsers that can get infected, email clients that render whatever they're told to render and systems that have poorly written third party software (I'm talking about you, Flash and Java), then who's the smart one?

I keep wondering if I'm doing old school things just because, but every time I try something new, I find that there aren't enough compelling reasons to modernize and at the same time there are enough good reasons to use what works well.

If it happens once, it's a bug. If it happens twice, it's a feature. If it happens more than twice, it's a design philosophy.