Forgot your password?
typodupeerror

Comment: Re:Root CA is Only for Your School's Apps (Score 1) 417

by dandaman32 (#46440005) Attached to: School Tricks Pupils Into Installing a Root CA

There are multiple enterprise firewalling devices on the market, as well as open source projects, that will act as transparent HTTPS proxies, and generate and sign certificates on the fly for newly visited websites.

A root CA can sign a certificate for any website. The only real exception is in Google Chrome, which uses certificate pinning to Google's CA so it will give you the Big Fat Warning(TM) if a Google site presents a cert that was not signed by Google.

Comment: Re:An alternate suggestion, much cheaper to implem (Score 1) 152

by dandaman32 (#46318297) Attached to: ICE License-Plate Tracking Plan Withdrawn Amid Outcry About Privacy

You have a good point, but all too often, the guys hanging out in front of Home Depot aren't doing any damage. ICE has a greatly reduced incentive to pick up those guys when they could instead be focusing on those who commit (non-victimless) crimes.

Getting across the border illicitly is expensive; a coyote runs in the range of $1-3k depending on experience, reputation, and location. Most people who spend that kind of money aren't dumb kids looking for a new place to commit crimes. They are generally hard-working men who have been down on their luck in Mexico and want a chance to raise the funds necessary to earn a better life for their families. Day laboring is often the first step for these individuals. The fact that we pay them shit is a moral issue for another day, but the fact that they're willing to work for very little money has, at times, had large effects on the economy.

If we kicked out every illegal immigrant, our economy would be damaged, millions would be robbed of their chances at a good life, and there would be (imho) little effect on crime. Instead, we should focus on the ones who are persistent offenders.

Ultimately, your country of citizenship should not matter. Whether you're from the US, Mexico or Timbuktu you're a person, and should have the ability to pursue a life where you want it.

(I realize that this is an incredibly idealist way of looking at things, and that the immigration and integration processes are considerably more complicated than presented here, however I end here for the sake of brevity.)

Comment: Beware hidden effects (Score 5, Interesting) 409

by dandaman32 (#45462339) Attached to: Boston Cops Outraged Over Plans to Watch Their Movements Using GPS

There's a reason this ended up on the ACLU's website.

If you read TFA, Boston uses automatic license plate readers (ALPRs). Since each readout is logged and timestamped, this log data correlated with location history for cruisers could be used to build a massive location history database with very good coverage.

Barring that, as a public servant, a police officer is not entitled to privacy while on the job. As they are granted powers most people are not, they must also expect to be held accountable for their actions.

When off the clock, an officer is entitled to privacy like every other citizen. Keep in mind, the GPSes are installed in the cruisers. They're not ankle bracelets for crying out loud. If they're on foot patrol (do cops still do that?) the red dot on the dispatcher's map will show their car's location. The question mostly remains, then, do Boston cops typically drive their cruisers home, or leave them at the station and drive their personal cars home?

Since the goal of this tracking is to make 911 dispatching more efficient, the simplest solution is just to not record historic location data - show it in real time, and that's it. This mitigates tthe data mining and privacy issues while still giving 911 the tools they need.

Comment: Simple answer: don't. (Score 2) 405

by dandaman32 (#40945685) Attached to: Ask Slashdot: Simple Way To Backup 24TB of Data Onto USB HDDs ?

I work for a data backup company as a dev monkey/admin/jack-of-all-trades.

Do you ever want to restore these backups? If the answer is "yes" (and it should be, otherwise why are you backing up in the first place...?), then you need to be guarded against failure of an individual disk. That means you need some sort of RAID solution.

For reference, Datto's 3U nodes store 20TB across 14 2TB drives, and the next larger size of node we have is somewhere around 55TB in 4U. No, I'm not trying to sell you our hardware (we only sell to resellers anyway) but hear me out. You really are going to save yourself some headache if you build a NAS device.

USB 2.0 is SLOW AS BALLS. I see our USB seed drives (HDDs we mail out to customers to get their initial datasets up into the ether) max out at 20-30MB/sec on a good day. By comparison, Gigabit Ethernet will give you 112MB/sec after NFS/TCP/Ethernet overhead -- much better. For this reason, and because it's just so impractical to handle large collections of failure-prone USB drives, our largest round trip drive that is shipped as USB is 4TB. After that, we actually ship our customers NAS devices (usually a returned/development box with a different OS image on it).

Go with NAS. You need the resilience against disk failure, you need the additional speed, and while yes, it's a greater investment, the alternative is utter agony when one of your 12 2TB disks takes a dump.

Comment: Legal precedents put the school in hot water here. (Score 1) 349

by dandaman32 (#39513281) Attached to: Student Expelled From Indiana High School For Tweeting Profanity

There was a Supreme Court case, Layshock v. Hermitage, which was very similar to this one: high school senior posts offensive content outside of school, punished with banishment to an "alternative" school (where they send the special naughty kids). Layshock sued the school district and won, on the following grounds:

  • - His action was performed completely outside of the school, and was protected speech under the First Amendment.
  • - The content he created (a satirical page about his principal) did not significantly disrupt school activities (See also: Tinker v. Des Moines)

The only potential liability is the fact that his school laptop VPNed through the school, but because the tweet was in no way illegal (not even questionable... it's a diatribe on the word "fuck" for those who did not RTFA) there is NO CHANCE of legal liability by the school, barring some obscure law that requires schools to censor all outgoing bad words or something.

This student needs to sue his district. What they did to him is not right, and very similar cases have resulted in rulings in favour of students.

Comment: Re:Reverse-Engineering for Interoperability (Score 2) 231

by dandaman32 (#36324268) Attached to: Skype Protocol Has Been Reverse Engineered

That refers to copyright law (or at least the US's convoluted idea of it). The reverse engineer is within the DMCA, but that doesn't matter if he's violating patents -- if, in fact, he's in a country that has software patents (i.e., the US). As some redditors pointed out, his lack of fluency in English seems to suggest otherwise.

If he is in the US, he can still be sued for violating the patents Microsoft owns on the protocol, although I think Microsoft is less likely to be evil about it than the other former candidate buyers.

Comment: Actually... (Score 3, Interesting) 178

by dandaman32 (#35307990) Attached to: Drupal Competes As a Framework, Unofficially

(This post contains shameless self promotion)

I think GUI elements are an essential part of a web development framework nowadays. I maintain a small open source CMS called Enano. It's very basic, but during the course of its development I've written a ton of GUI building-blocks, among other frameworkey things, and documented the APIs for them so that plugins can use the same features. Regarding the GUI elements, I think consistent interfaces are an important part of any web application. Thus, what better way is there than to use a good, solid framework that, among its other jobs, takes care of some of the GUI design ugliness for you? Stuff like a standard way to present and validate forms, show message boxes, log in users, provide visual feedback for a process, etc.

In my opinion, a framework should do more than just provide a bunch of random pick-and-choose APIs that you can use. It should take care of the boring details you don't want to have to rewrite for a web app, like user account management, sessions, user data, database abstraction, that kind of thing. That's why people are writing applications using software like Drupal and Enano: they want to write a web app that does what it needs to do without having to reinvent the wheel. I'm currently using Enano as the foundation for an e-commerce site (contracted project). Yeah, eating my own dog food, but shows that it can be easy to take something like Enano/Drupal/Wordpress and use its existing, established core features to write a whole new application that uses those features.

Yes, I've used a more traditional framework before (CodeIgniter). It's great, and I love its design for basic applications, but you still have to write your own user management and a lot of other prerequisites to create something like an e-commerce site. In contrast, I've developed the entire e-commerce plugin with about 50-60 hours of work, including a couple of very minor modifications to the core.

Comment: Scripts + cron job (Score 1) 359

by dandaman32 (#33705794) Attached to: US Banks That Offer Transaction History?

Like the "department" tag says... write a script that fetches and parses it automatically. Preferably stored on an encrypted medium on a reasonably secured box, so that your bank password isn't stored in plaintext and the chances of it getting out are minimal.

See if you can create a second user that has access to the same account, preferably with read only access - for example, up here at RIT the student financial website ("eServices") lets you create accounts for use by the benefactors of your education. I took advantage of this feature and wrote a simple two line bash script that logs in with a sub-account I made that only has enough access to read the balance of my food debit account. The purpose I plan to use it for is a little different (screenlets widget) but the methodology is the same: peek at the login form HTML (to figure out what form fields are required), play with curl until you get a proper response, and grep around for the information you need.

Comment: This leaves NVIDIA in some pretty hot water... (Score 2, Informative) 245

by dandaman32 (#33328378) Attached to: Open-Source 2D, 3D Drivers For ATI Radeon HD 5000 Series

If NVIDIA doesn't get off their ass they've got some dark times ahead. They decided to get butthurt over XFX releasing cards with ATI chipsets on them, yet gamers are still sticking with XFX because their cards are such great quality. So they're losing parts of the gamer market, and now they have the chance to lose Linux users due to an open source driver being out there for ATI cards vs. only a closed source (albeit, admittedly, fairly high quality) one for NVIDIA cards.

Currently an owner of an XFX GTX 260 card running on NVIDIA's closed source driver and Fedora 13. If I upgrade it's probably not going to end up in NVIDIA's favor, between XFX making good, high quality ATI based cards and AMD's open source drivers.

Software

WordPress 3.0 Released 79

Posted by timothy
from the now-even-wordier dept.
An anonymous reader writes "WordPress 3.0, the thirteenth major release of WordPress and the culmination of half a year of work by 218 contributors, is now available for download and comes with 1,217 bug fixes and feature enhancements. Major new features in this release include a new default theme called Twenty Ten. Theme developers have new APIs that allow them easily to implement custom backgrounds, headers, shortlinks, menus (no more file editing), post types, and taxonomies."

+ - Spanish Judges Liken File Sharing to Lending Books->

Submitted by
Dan Fuhry
Dan Fuhry writes "A judicial panel in the Provincial Court of Madrid has closed a case that has been running since 2005, ruling that the accused are not guilty of any copyright infringement on the grounds that their BitTorrent tracker did not distribute any copyrighted material, and they did not generate any profit from their site. The article notes, "[t]he judges noted that all this takes places between many users all at once without any of them receiving any financial reward." This implies that the judges are sympathetic to file sharers. The ruling essentially says that file sharing is the digital equivalent of lending, selling or sharing books or other media. Maybe it's time for all of them rowdy pirates to move to Spain?"
Link to Original Source

+ - US Federal Judge Rules NSA Wiretapping Illegal->

Submitted by
Dan Fuhry
Dan Fuhry writes ""A federal judge ruled Wednesday that the National Security Agency’s program of surveillance without warrants was illegal, rejecting the Obama administration’s effort to keep shrouded in secrecy one of the most disputed counterterrorism policies of former President George W. Bush. In a 45-page opinion, Judge Vaughn R. Walker ruled that the government had violated a 1978 federal statute requiring court approval for domestic surveillance when it intercepted phone calls of Al Haramain, a now-defunct Islamic charity in Oregon."

This is a considerable step in the right direction for the privacy of United States citizens. Now if only they would decide the same about warrantless laptop confiscation and searching at the border."

Link to Original Source

Comment: Re:Tips for Enano (Score 1) 244

by dandaman32 (#30945316) Attached to: How To Spread Word About My FOSS Project?

Make the link to the "demo" front and center. Forget about "screenshots" -- it's a web application, who wants to see screenshots when you can click a link and see the web app in action!

You're right. Changed this.

Let people using Enano send in a link (or edit a wiki page of links) linking to their homepage. This will give end-users with tiny sites an incentive to try your package, because it will drive traffic to them. Long ago, I used a CMS called Serendipity that had exactly this marketing tactic, and it worked well.

How would you recommend we get this off the ground? I feel like the list has to have at least 20-ish sites, or people will just go "this is a joke."

Uh.. you really need themes available. Think of myspace, etc. People like to customize their sites.

I'm trying to think of a better way to promote the Enanium backgrounds plugin. Basically you drop in a .jpg file and a 16x16 .png icon and Enanium (the new shiny default theme I designed at some point along the 1.1.x beta series) does all the dirty work of applying it as a background for your site. That's the most common form of customization I've seen people using.

Offtopic: The other reason I stayed anonymous because I haven't been "dandaman32" in about 3 years. It's one of those juvenile nicknames you can never seem to get rid of. That, and this account's got karma on /. and I can thus get my daily news fix without staring at flash ads.

ASHes to ASHes, DOS to DOS.

Working...