Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
For the out-of-band Slashdot experience (mostly headlines), follow us on Twitter, or Facebook. ×

Comment: Re:Absence?! (Score 1) 595 595

by devman (#49854271) Attached to: How Ready Is IPv6 To Succeed IPv4?
They won't have to do it, default IPv6 security posture will be similar to the current default IPv4 security posture. No unsolicited inbound packets at the edge unless a forwarding rule is established. NAT and stateful firewalls are both built on top of connection tracking and are of similar complexity.

Comment: Re:Why do people dislike systemd so much? (Score 4, Interesting) 229 229

by devman (#49491165) Attached to: GNU Hurd 0.6 Released

The problem is when you fork your own distro you quickly discover that using systemd is the easiest way to maintain it. It isn't a coincidence that medium and small distros like Arch Linux picked it up in addition to the big boys. Unit-files save package maintainers boatloads of time they used to spend having to writing and maintaining initscripts a lot of which is copypasta boilerplate anyway but its usually distro specific copypasta.

This is the source of a lot of the strife in my opinion. The people who actually do work to maintain distros like systemd, the users not so much.

Comment: Re:Christian fundamentalists will smile knowingly (Score 1) 168 168

by devman (#49005409) Attached to: Employees In Swedish Office Complex Volunteer For RFID Implants For Access
The passage is extremely vague and can be applied to almost every type of official currency. They said paper money was the mark of the beast, they said credit cards were the mark of the beast. At the time the passage was authored it was likely referring to Nero's profile appearing on of Roman coinage.

Comment: Re:The solution is obvious (Score 1) 579 579

It doesn't matter anyway as WebView in 4.3 and earlier is part of the system that is non-upgradable with out a new system image. Fixing the problem would require OEMs to update, they may as well just take 4.4. Note that WebView equivalent in 4.4 updates when Chrome updates via Play Store, so this won't be a problem in the future. It would be a lot of work for Google to backport the patch only to have OEMs ignore it anyway.

Comment: Re:Obligatory reminder that an alternative exists (Score 3, Insightful) 97 97

by devman (#48895927) Attached to: OpenSSL 1.0.2 Released
SSL/TLS has nothing to do with what certificates the client and server trust. You can bootstrap a TLS stream using a pre-shared key if you want, or with DANE, or with explicitly selected certificates. The fact that most clients use CAs for trust anchors is not a failure of SSL/TLS.

Comment: Re: No Caching? (Score 1) 238 238

by devman (#48526107) Attached to: The Cost of the "S" In HTTPS
Well yes, in the same sense people who use hosting providers for their websites have to trust that their hosting provider doesn't mess with their files (a CDN is just a type of hosting provider after all). There is no break in the TLS trust model though, the client will authenticate both the original host and the CDN.

Comment: Re: No Caching? (Score 1) 238 238

by devman (#48524843) Attached to: The Cost of the "S" In HTTPS
CDN hosted content will be linked to by the page served to the client just like it is now. Example: you connect to https://examplebank.com/ the page served back to you links to content (images, scripts, we) hosted on https://examplecdn.com/ Both links establish properly and TLS security model isn't broken.

Comment: Re:Why signed? (Score 1) 164 164

by devman (#48522387) Attached to: Gangnam Style Surpasses YouTube's 32-bit View Counter
Though youtubes design decision probably predates this. Google's own style guide states that unsigned integers should not be used simply to indicate a number will never be negative and instead to use assertions for that. Basically it emphasizes not to use unsigned integers unless there is a really good reason to do so.

Comment: Re:Why not get rid of states as taxing entities? (Score 1) 257 257

by devman (#48372869) Attached to: Internet Sales Tax Bill Dead In Congress

The gay marraige issue isn't a States rights issue no matter how much supporters wish it was. The federal government doesn't issue or dissolve marriage licenses it is completely the domain of the States. All the Federal courts have said is that if the states wish to have a legal institution of marriage that it must be compatible with the 14th amendment, and States which do not allow gays to marry do not meet that requirement.

The federal courts are not infringing on states rights, they are protecting individual rights granted by the U.S. Constitution from infringement by the States.

Loan-department manager: "There isn't any fine print. At these interest rates, we don't need it."