Slashdot is powered by your submissions, so send in your scoop


Forgot your password?
For the out-of-band Slashdot experience (mostly headlines), follow us on Twitter, or Facebook. ×

Comment: Re:Unlikely (Score 1) 276 276

You can NAT ip6, if you want to, and use private IP6 addresses internally. The advantage with IP6 is that you have a MUCH larger pool of non-routable addresses to choose from which means that It'll be that much harder for an attacker to guess at your internal network layout and machine addresses.

The original reason for IP4 NAT was necessity, not security. It was (and is) quite common for a house or business to get a single IP4 address for however-many machines. IP6, on the other hand, defaults to giving a normal end-user an address pool bigger than what IP4 provides to the whole planet. This means that it's WAY harder for an external hacker to guess at the address of a random machine. I got a /64 prefix for my home network. That means that I have trillions of potential address for dozens of machines. Even with thousands of machines, if I pick a set of random addresses for my machines (which is what auto-config does), it should take a well-provisioned attacker a couple of centuries to get his first hit.

If you add NAT on top of all that, then you've got a pretty good security regime.

However -- all of that being said, the main excuse given for NAT being 'secure' is that people can't get to a NATed machine from the outside world. However, between machines getting 48bit (or more) randomized addresses that change from day to day, and a simple stateful firewall, you would have the same security and then some if you moved to ipv6. -- before you even throw NAT into the configuration.,

Comment: using quints (Score 1) 276 276

The reason why the dotted quad format was used is that it translated into 32 bits -- which fit quite nicely into normal (long) INTs back in the '80s.

The IETF knew that this was to small for the longer term, but the efficiency argument won out. (this was back at a time when a 1Mz mainfraim with 16Megabytes of ram could be timeshared to over 100 users). They figured that by the time the 32 bit address space was saturated, that the replacement protocol with a REAL address space (IP6) would be easier on the computers of the day and there would be lots of time to get it up and running (turns out to have been over 30 years).

What they didn't plan for was that the 'Net would be effectively in the control of business majors and bean counters and that IP6 adoption would be at the whim of financial considerations and a 'you first' attitude. Now IP6 adoption is waiting for a 'killer app' that is on an IP6-only server ... or for Google to announce that they'll give preferential listing to sites that are IP6 capable.

+ - XKEYSCORE: NSA'S Google for the World's Private Communications->

Advocatus Diaboli writes: "The NSA’s ability to piggyback off of private companies’ tracking of their own users is a vital instrument that allows the agency to trace the data it collects to individual users. It makes no difference if visitors switch to public Wi-Fi networks or connect to VPNs to change their IP addresses: the tracking cookie will follow them around as long as they are using the same web browser and fail to clear their cookies. Apps that run on tablets and smartphones also use analytics services that uniquely track users. Almost every time a user sees an advertisement (in an app or in a web browser), the ad network is tracking users in the same way. A secret GCHQ and CSE program called BADASS, which is similar to XKEYSCORE but with a much narrower scope, mines as much valuable information from leaky smartphone apps as possible, including unique tracking identifiers that app developers use to track their own users."


"Other information gained via XKEYSCORE facilitates the remote exploitation of target computers. By extracting browser fingerprint and operating system versions from Internet traffic, the system allows analysts to quickly assess the exploitability of a target. Brossard, the security researcher, said that “NSA has built an impressively complete set of automated hacking tools for their analysts to use.” Given the breadth of information collected by XKEYSCORE, accessing and exploiting a target’s online activity is a matter of a few mouse clicks. Brossard explains: “The amount of work an analyst has to perform to actually break into remote computers over the Internet seems ridiculously reduced — we are talking minutes, if not seconds. Simple. As easy as typing a few words in Google.”

Link to Original Source

Comment: Re:turn about is fair play? (Score 1) 163 163

Not flooding the markets with counterfeit goods, but with goods that have a known superior quality.

I'm all those folks collecting baseball cards, comic books and antique collectibles would have something to say about this attitude. Also, wasn't this similar to the rationale used to suppress labeling requirements for irradiated strawberries and GM foods (e.g., they were superior to their counterparts and otherwise nutritionally the same)?

Sometimes people just want what they want and feel deceived if they get something else (even if it is "superior" in some way).

Comment: turn about is fair play? (Score 1) 163 163

So after all this complaining about how counterfeit food and medicine from china is morally repugnant, we decide to turn the tables...

At least we are attempting to save the rhinos, I guess, but seems to me that it's a slippery slope to agree that flooding a market with counterfeit goods is actually a good idea...

Comment: less depressed or more insane? (Score 5, Interesting) 66 66

The tail suspension test (TST) was developed as a rodent screening test for potential (human) antidepressant drugs. It is based on the assumption that an animal will actively try to escape an aversive (stressful) stimulus. If escape is impossible, the animal will eventually stop trying ("give up"). In the TST a mouse is suspended by the tail so that its body dangles in the air, facing downward. The test lasts for six or more minutes and may be repeated multiple times. Mice initially struggle to face upward and climb to a solid surface. When the animal stops struggling and hangs immobile it is considered to have “given up”. Longer periods of immobility are characteristic of a depressive-like state. The validity of this test stems from the finding that treatment with an antidepressant drug will decrease the time the animal spends immobile.

I imagine if the drug made the mouse more insane (i.e., struggling more against the impossible). Conversely, I imagine if the drug made the mouse smart enough to know it was impossible, it would appear depressed.

Reminds me of a scene in the Bruce Lee film Enter The Dragon where he realizes he finds himself in a trap and just sits down and waits to make his move.

Comment: Re:Depends on your perspective and tastes (Score 1) 410 410

France's history of welcoming immigrants and its egalitarian nature...

I assume you mean just in the last few years.

The previous administrations headed by Chirac and Sarkozy weren't really known for being "welcoming" to immigrants... According to OECD statistics, during that time, France recorded one of the lowest rates of immigration among top European countries, and the number of naturalizations fell precipitously (~50%) due to more stringent language skills and culture testing requirements. I believe the average time for naturalization is still hovering about 15 years in France (which no doubt is biased by the fact if you are born in France, you can apply for naturalization at 18). In most other countries, time for naturalization (if allowed by visa) is generally around 5-10 years...

Of course once you become a citizen, it may indeed have an egalitarian nature, but I've heard that prior to naturalization status, it isn't quite as egalitarian as one might expect...

Comment: Re:How are you going to use them? (Score 1) 272 272

Oh yeah and sadly I *did* listen to it quite a bit. When the Darkside of the moon album dropped from Billboard's list of top albums back in 1988, the person in the dorm room next to me played a 24 hour/day, 7 day/week vigil on his stereo system until the housing department finally had him shut it down for keeping people up at night (esp time and money)...

Although I still have the album myself, I haven't listened to it since '88 because of this incident (and I freely admit to destroying several cassette tapes of Darkside during that 7 day/week vigil/torture)...

Comment: Re:How are you going to use them? (Score 1) 272 272

FTFY. Don't make the pink floyd mistake...

Maybe you weren't listening hard enough:

"There is no dark side of the moon, really. Matter of fact it's all dark."

AFAIK, that comes from a set of interviews recorded by Roger Waters to create background voice ambiance for the album (and was enshrined in the final mastering) was actually made by Jerry Driscoll.

The full quote was apparently, "There is no dark side in the moon, really. Matter of fact, it's all dark. The only thing that makes it look light is the sun." I'm guessing Jerry made that statement to illustrate the mistake that Pink Floyd made, but I could be wrong...


An Extra-Large Nanocage Molecule For Quantum Computing 22 22

JMarshall writes: Researchers have built a molecular nanocage 8 nm across that represents a step toward quantum computing. It is difficult to make uniform nanoparticles more than 4 nm across, but new work solves this problem. Researchers made eight-membered metal rings from chromium and nickel that can act like a qubits in quantum computing. More connected rings means greater quantum computing capacity, so the team worked to combine many rings into one molecule. They managed to pull 24 rings together into an 8-nm sphere, secured by palladium ions at the core. The molecule had a surprisingly good phase memory, an indication of the molecule's quantum computing potential. The researchers say building a molecule with 70-100 rings would allow them to do "some serious stuff" in quantum computing.

Comment: Re: So let me get this straight.... (Score 1) 346 346

There was a time I did computer repair as an Independent Contractor for a Repair Business. I filed as a 1099. That was my only income at the time. I was not an employee. I was not entitled to benefits. My job there evaporated at a pre-determined end of contract date (which happened to coincide with the start of the next school year). Try again.

The company that paid you *decided* you were not an employee and gave you a 1099 (presumably after requesting you fill out a W-9 form).
The company could have decided you were an employee, gave you a W-4 and a W-2 at the end of the year.

The company could have done it wrong. It is not up to them, nor is it up to you. The final decision is made by the employment department of the state in which you did the work and it depends on many factors (including if you were restricted in any way to work for only that company and not a competitor at the same time).

Comment: Re:Job security (Score 1) 229 229

I don't think it's any easier to apply for permanent residency just because you hold an H-1B, but the point is, you can apply.

Although it technically might be easily apply for permanent residency, depending on your situation, the only realistic chance you have is if you have some "in" like an H-1B.

Depending on your personal situation, it is generally *much* easier to obtain permanent residency if you hold an H-1B visa. The generic option for most people is to get married to a US citizen or enter the green-card lottery (aka the diversity visa program). For example, if you are married already, or if you happen to be coming from a country that sources a large number US immigrants (say india or china), or don't happen to be world class at anything in demand, an H-1B is likely to be the only realistic option to get permanent residency status in your lifetime (other than maybe to have an anchor baby and wait until your kid turns 21 and can sponsor you for permanent residency).

Comment: Re:Update the resume (Score 3, Informative) 229 229

But, that doesn't mean a group of workers, who aren't in a legal "Union", can't just walk out anyway. If they're being abused, they should walk out and make their complaints known.

Although a non-union group of worker can "just-walk-out", the company can just replace them in most states. This generally isn't true with a company with a union contract (which covers allowed strikes and work stoppages/slowdowns). Also in the united states at least, there is a distinction between an economic demands strike and an unfair labor practices strike (basically company attempts to subvert collective bargaining, e.g., selective firing, refusal to bargain with a certified union). Any job protections in the case of an economic strike are basically non-existent, unless covered by a union contract.

So if your goal is attempt to walk-out as a group to protest being replaced by cheaper labor, unless you are unionized, you have pretty much just resigned as a group. A better strategy if not unionized is to raise a stink so that the company backs off (hey, sounds familiar)...

Comment: hope springs eternal (Score 2) 55 55

When facing a nearly unprovable situation (e.g, the security or insecurity of a system), we often resort to deities and idolatry.

It's much easier to believe in magic pixie dust called security protection that you can apply to some activity which is insecure to make it secure, than to face the reality that the activity itself might be inherently insecure and we must modify our activity to make it secure.

You have a virus, there must exist anti-virus protection, you have malware, there must exist some anti-malware protection, just a little more encryption, and a little more authentication will always help too (just like sunblock and contraceptive devices, you gotta apply that stuff correctly or it doesn't work as advertized). However, as we have seen, the belief in these artifacts are mostly a mirage. It's not to say these things aren't useful to a limited extent, but we want to believe we can use technology to "solve" a problem that is intrinsic. Hope springs eternal.

Comment: Re:Time frame simply too long (Score 4, Informative) 413 413

Sadly, it isn't that simple. Basically what happened is that the Senate passed a bill (62-37) that coupled the Trade Promotion Authority (TPA) extension with an amendment that extended a worker retraining program. In the House the bills were decoupled. The vote rejected the *retraining* bill (but passed the TPA bill) which effectively requires a revote by the senate to grant TPA separately (if the goal is to get it in a form for the president to sign it rather than just blame someone for its failure to pass).

The extension alluded to by the OP is that there is an extension clause in the bill that allows the president to request an extension from 2018 to 2021, but the extension must be requested before June 30, 2018. If either house can pass a bill that rejects this extension, it is considered denied. FWIW, a similar extension clause has been in most TPA that have been granted in the past and were generally put in as a safety in case negotiations schedules are not maintained.

The only foreseeable situation that this affects is if one party were in control of both houses and the presidency, the out-party could then still theoretically filibuster a vote on a negotiated treaty in the Senate if the TPA authority was not in effect. However, with the recent change in filibuster rules of the senate regarding nominations by the democrats (the so-called 'nuclear-option' that was exercised), it isn't inconceivable that filibustering a treaty could trigger a similar 'nuclear' option in the senate if it came down to it, so it may not even matter in practice and is kind of a red herring.

As to why TPA is necessary, it of course isn't, but not having it allows a few members of congress to essentially hold the enabling legislation for a treaty hostage by offering amendments or failing to issue a committee report to allow a floor vote. Since adding an amendment would force the negotiators back to the table, it is presumed that other treaty parties would never offer their best level of concessions during ordinary negotiations (saving them to counter future nit-picking terms offered by rouge legislators) resulting in a sub-optimal agreement for us.

The TPA isn't like the war powers resolution in that it is a bill that affects the rules congress applies to itself by simply limiting debate, amendments and other procedural measures (which it is of course free to do to itself and has done many times in the past). The WPR is hotly debated as being unconstitutional in that it appears allows the president to take unilateral action and report on it later without action from congress. Also, the TPA also has many provisions in it directs negotiations a certain way and if the president ignores them, the TPA is effectively revoked (debate and amendments are then allowed in these areas). Unlike the WPR, the TPA allows congress to reject a treaty *before* it takes effect (not after the fact like the WPR).

"Experience has proved that some people indeed know everything." -- Russell Baker