Follow Slashdot blog updates by subscribing to our blog RSS feed


Forgot your password?

Comment Re:25 mph? (Score 2) 582

Does this mean you are not capable of driving your vehicle at 15mph or 10mph or 5mph?

My last car had an engine idle speed around 7-8mph, meaning it was not possible to drive 5mph at all. Simply letting up on the break and not touching the gas at all would result in the car moving faster than 5.

It was also not possible to consistently drive 10mph, as the slightest touch of the gas pedal would cause the car to accelerate to just over that speed.

Mind you that doesn't mean I couldn't abide by a 10mph speed limit, it just means I can't do so while driving AT that limit, I have to not touch the gas and let the engine pull the car along at idle speed just a touch under 10.

However where I live the lowest posted limit on a public road that I've ever seen is 25mph, including the road I live on.
I have seen 10mph limit signs at a mall parking lot once, and fair enough since anywhere in the lot where there was people walking idle speed was about the safest one could move at, but I've never seen 10 (or even 5) posted on a public road before so all of this has never really been an issue.
(Not to mention I don't own that car anymore)

Comment Re:What's the point (Score 3, Interesting) 312

Today I worked on an addon for a popular open source javascript-based code editor, added some minor features to one of my open source projects and added a bunch of much needed unittests to another of my open source projects.

I also took a few minutes to read some Slashdot posts and make a few comments.

Amazingly, both can be done in a single day!

Indeed! Just as the Hurd team can play on Hurd and contribute to other more useful projects :}

And I apologize for the accusation as well, it's just that the vast majority of people who question others free time activities have a high likelihood of both demanding productivity from others while not living to the same standard themselves.

I suppose it was mostly the fact I quite literally formed the thought "I wonder which of the top three posts will ask 'what is the point?'" as I clicked the article to open the comments, and there this was right at the top in spot 1 with that exact phrase and already modded up to max.

But I am pleasantly surprised for you shattering that expectation.

Comment Re:What's the point (Score 5, Insightful) 312

What's the point of continuing with Hurd?

For the same reason anyone does something they enjoy for fun and recreation, namely so we don't become hollow and joyless, reserved to asking on forums why other people do things they enjoy :P

I note you both read slashdot and posted to slashdot today, as well as aren't out working to do something "useful".

Don't you think it a tad off to spend your free time doing things you enjoy at the same time as questioning other people doing the same?

Comment Re:If you take 3 different steps to conf it public (Score 4, Informative) 37

First, the server admin would have to enable mod_status.
Then, by default it's visible only from the server itself - the physical console or an ssh connection.
Than to see the request urls, you have to turn ExtendedStatus on as well.

It's easy to miss one of these steps when you're TRYING to turn it on. If you're offering a hidden service, it seeme rather unlikely you'd work so hard to gather and publish extended status.

I just spun up a brand new Debian 8.2 VM instance, apt-get upgraded it to current, and apt-get installed apache2 - everything current as of 10ish minutes ago.

root@dev10:~# ls -l /etc/apache2/mods-enabled/status*
lrwxrwxrwx 1 root root 29 Jan 30 21:58 /etc/apache2/mods-enabled/status.conf -> ../mods-available/status.conf
lrwxrwxrwx 1 root root 29 Jan 30 21:58 /etc/apache2/mods-enabled/status.load -> ../mods-available/status.load

root@dev10:~# grep -i extended /etc/apache2/mods-enabled/status.conf
                # Keep track of extended status information for each request
                ExtendedStatus On

root@dev10:~# grep -i location -A 2 /etc/apache2/mods-enabled/status.conf
                <Location /server-status>
                                SetHandler server-status
                                Require local

Both mod_status and the extended status mode are enabled by default.

Yes they are restricted to localhost only, however if one ran apache and a tor proxy on the same machine, the tor proxy would be connecting to apache over localhost and so would be allowed.

Being a debian config I would assume many debian based systems may very well have this same default config.

Looking at the first example screenshot in the article, it explicitly shows it to be apache 2.2.16 running on a debian system. That means the server came setup that way and the owner didn't disable it.

I can't speak for other distros or what the defaults are when apache is compiled from original sources and what not.
But I would certainly recommend at least looking through your 'mods-enabled' dir Just In Case (tm)

Comment Re:Brought it on themselves (Score 2, Informative) 67

Your post is either a standard Apple troll, or you are just purposely being dense.

Please tell me you're kidding. These are iOS users we're talking about. They have purposely chosen the "easy to use" OS (even with all its limitations).

WE are talking about iOS users, but I'm not sure you are on the same page...

Like hell you're going to get them to figure out how to compile an app

Are you seriously arguing Mac users are too stupid to double click one icon? Trollolol?

Not only that, in order to run XCode you need to have a Mac.

That's very likely why he said: and allow iOS device users who also own a Mac

Or put another way, no you are very incorrect. If one already owns a Mac, there is no need for any additional Mac computers. Just the one will do.

I suppose you bought your Android phone to make phone calls, then went right out to buy two or three more Android phones due to your thinking that one of the things somehow wasn't enough?

You just went from a $200-$600 investment in the iPhone/iPad and added a thousand dollars to it.

If you purchase no computer, you will spend $0. How are you arguing not buying a second computer costs thousands of additional dollars?

There are no shortage of iOS users with Windows machines who like their iDevice but aren't ready to make that leap to a Mac.

Hate to have to be the one to tell you this but MacOS is not Windows, and Windows is not MacOS.

He clearly stated this option is only for Mac users. Why do you feel the need to repeat what was already said and specifically name Windows users as excluded?
You forgot to mention Linux users can't do this either, nor can QNX users, nor can Mainframe users...

Quit being dense or try to troll somewhat intelligently next time.

Comment Re:The whole Wikimedia Foundation needs to disband (Score 1) 104

"Only following orders" can sometimes be a valid excuse.

That is less so a "valid excuse" than it is simply a "really Really fucked up position to be in"

It clearly isn't an excuse since legally it excuses nothing.
But it IS really fucked up. If you disobey illegal orders you will be shot. If you follow illegal orders you will be held 100% responsible for your actions and can be anything from imprisoned to executed.

Fucked either way, but the point is you ARE fucked either way - claiming "I was just following orders" will NOT in any way reduce your punishment for following them.

Comment Could still use improvement (Score 2) 216

I can't see any problem with showing clear icons for the state of the connection, which includes unencrypted being distinguishable from encrypted with a cert signed by an untrusted party (aka self-signed) vs a cert signed by a trusted party.

It's better than the current state of things, where the web browser programmers out right mis-interpret what is going on and potentially lying to the user.

For example, if I run my own CA and sign all of my own certificates, and push my CA public key by hand to computers intended to access my server, verified by hash fingerprints - this is arguably MORE secure than a "secure" public CA signed certificate that I have no control over.
After all I know exactly who signs certs with my CA - me - and despite what the public CAs and web browser programmers claim, I in fact do trust myself.

CAs are known to have signed fraudulent certs, so they are not the ultimate high tier of trust.

Of course the self-signed situation described above is very different from random snakeoil.crt style self-signed certs where the only possible way to verify the servers identity is to check the thumbprint hash. And who has time for that?

Displaying the lowest tier of security icon for non-https sounds just as useful as it has been since SSL was invented.
(After all, a lock vs a lack of a lock works good enough for anyone that cares about encryption, but I could care less what the two icons actually are of)

At least Googles approach is better than Mozillas by an infinite amount!
I'd rather use Chrome and at least have it bitch about the lack of SSL while still actually showing me the webpage.
Firefox will soon actively remove non-https support and display an "unknown protocol 'http'" error instead.
Hope you don't like browsing .html files locally in firefox :P

Comment Re:Oy vey! (Score 1) 539

Don't steal content by not watching ads, you internet scumbags!

The privileged of reading this highly valuable post is a million dollars - which you now are in debt to me for.

Until your check clears, you stole from me first.
Until you feel guilt for stealing from me and decide to pay, I will not feel any differently towards you.

Now stop being a scumbag thief and go get a real job instead of leaching off humanity.

Comment Re:Linux is getting much, much worse, too. (Score 1) 458

systemd? Seriously? Get over it man! And Gnome 3 and KDE stuff as well.

Don't tell me what to like and hate, "i do wah i want!" :P

You are trolling here. Your argument is lame.

Quite right though regarding the parent post.
There is plenty to hate in systemd, there's no need to make up lies to imply its worse than it is (and probably gnome3/kde too, though I rarely use DEs enough to have any complaints)

However, I believe Microsoft is perfectly entitled to drop support for newer processors in old versions of Windows. Supporting old versions of Windows cost money and doesn't gather money anymore.

Now there I must disagree, and do so for the exact reason you listed as a counter-argument

*IF* Microsoft went out of their way and spent time, money, and man hours to *write new code* specifically for the purpose of removing an existing feature that came with the product/OS as shipped - I would be very rightfully pissed off.
Not to mention actually doing that would COST them money, compared to doing nothing at all and spending no money.

But at least for the topic at hand, Microsoft has not done this and isn't dropping CPU support, so the argument is really moot for now.
Of course they have done such things in the past, so I won't claim they will never do such a thing, but we should at least wait for them to do the bad thing before complaining they did the bad thing.

Not writing new code for an old OS, aka not adding new features, which is what the case here is, makes perfect sense to me.
Writing new code for an old OS, aka adding or removing existing features, clearly costs money and in the case of a no longer supported OS does not make sense to me (at least in general)

Now, I really fear for the enterprise I am working for these days. They are just starting to migrate from Windows XP to Windows 7 on the desktop. Soon they will be forced to migrate to Windows 10 as the old generations of Intel processors will be phased out.

Ack! Your enterprise consists of nothing but laptops without a desktop in sight???
Yea I must say that would make me fear that enterprise just a bit too. I'm sorry you're in that situation.

At least at my enterprise we thankfully only have a tiny number of laptops (like 10?), and so will be the only concern relating to battery life if I attempted to install Windows 7 on a new Skylake laptop.

We pay industrial rates for electricity so our Windows 7 desktops using the same amperage draw with Skylake chips as they are using right now with Core i7's is perfectly acceptable to us.

Sure it would be nice to use less power with the new Skylake power management features, but not "use windows 10" nice :P

Comment Re:Very wide impact. (Score 4, Informative) 72

I think I'm going to remove the package until a new, fixed version comes out, or at least detailed information on how to migrate the vulnerability until a fix comes along.

The article suggests a mitigation, however it sounds like it may just be easier to remove the package until your upstream provides updates...

James Darnley of FFmpeg suggests that disabling HLS (HTTP Live Streaming) while building the package should do the trick until a fix is committed.
It is also possible to fix the issue by rebuilding the FFmpeg packages without network support, using the --disable-network configure flag, but that seems a bit too much.

A commenter in the arch bug report listing also says:

Btw, one could also do --disable-demuxer='hls,applehttp', but rebuilding without network support looks like a more robust solution for now (until the issue is inspected and fixed upstream).

My understanding is the specific bug reported in russian is exploited via HLS, however it is unconfirmed if the same method could be used and exploited in other network stream demuxers yet.

Comment Re:Keyboards? (Score 1) 332

Unnecessary; a rag, a few squirts of alcohol-based cleaner, and a wipedown will take off all the fingerprints. The omnipresent 'hand sanitizer' goo is near perfect. Pop off a few keys and shake crumbs and hairs out (or run a toothpick between the keys).

Recalling the laundry bags used in ye olden college days, those things were perfect for keeping all the popped off key caps together while in the dishwasher along with the plastic shell of the keyboard.

I noticed in some (rare I admit) cases that the alcohol cleaners and plain wiping would miss gunk in certain crevices and such, in which case a dish washing cycle on cold seemed to always do the trick.

I've done that on some of my more favored gaming and mechanical keyboards, although I've never risked it to run the circuitry through the wash for them.

Lots of modern keyboards use flexible-printed-circuit sandwiches, and will NEVER DRY if you try immersion.

To be fair though its rarely worth it to even bother cleaning a modern el-cheapo keyboard beyond the standard wipedown, seeing as a replacement can be had for $5 full retail price, or less often times second hand (aka "used" but never had the box opened)

Perhaps if there was something special about the keyboard and it would be more than a couple dollars to replace, sure, but generic modern crapboard isn't really worth my time and the effort to clean when it can be replaced so easily and cheaply.

Slashdot Top Deals

Mirrors should reflect a little before throwing back images. -- Jean Cocteau