Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?

Comment: SSH (Score 1) 34

So, I have to trust a server to automatically replace a trusted key with a new trusted key.

Yeah, this is the type of thing I'll try when it's been in the code for five, ten years.

I'm perfectly sure, as a mathematician, that you can use some kind of secure exchange to make this work but - fuck - I won't be trusting implementations of it for a while.

Isn't this exactly the sort of thing that, half-assed, will generate security problems for years to come and yet still seems to be outside the SSH protocol and has to be a custom extension? Is there an RFC for this?

Sorry but as far as I'm concerned key management shouldn't be a part of the process that's handling connection authentications, etc. Why can't this be an outside protocol entirely? For decades, we've been waiting for some kind of automated decentralised, anonymised key-store and surely the effort going into securing this very dangerous piece of code would have been better put into moving the problem away from SSH and allowing multi-protocol use of such things.

Comment: Re:So what's the real story here? (Score 1) 59

Just like they tell you that you any time you think you might be being pulled over by someone who's not a real cop (say, an unmarked car), you can drive to the parking lot of a police station before pulling over.

Disclaimer: That only works if you are white.

Comment: Re: Problems with the staff (Score 3, Funny) 118

by PopeRatzo (#48949953) Attached to: The Pirate Bay Is Back Online, Properly

there is a Flash exploit that STILL isn't patched, that only requires a user to visit a site with a bit of compromised embedded flash content like a banner ad, and BOOM, owned. You don't even have to click a link, just visit a domain hosting the content on a page.

I notice your account was created yesterday. Please let me be the first to welcome to you Slashdot.

Maybe you could tell us a little bit about yourself, by way of introduction. Like maybe your badge number.

Comment: Re:Create a $140 billion business out of nothing? (Score 2) 384

by BasilBrush (#48947583) Attached to: How, and Why, Apple Overtook Microsoft

But Jobs didn't want third party applications on it. There was no App Store. And when prompted about third party apps, Jobs envisioned some kind of web app system. But he didn't want the perfection of the iPhone soiled by third parties.

I understand that's entirely wrong. Apple understand the danger of pre-announcing. The "no apps" position was to get people to buy the iPhone as it was in version 1, rather than wait. The "web apps" position was to have something to tell developers at a time when the SDK was far from ready to announce. But Apple were intending to have third party apps right from the point they selected a cut-down OSX OS.

Comment: Re: Create a $140 billion business out of nothing? (Score 0) 384

by BasilBrush (#48947493) Attached to: How, and Why, Apple Overtook Microsoft

and eventually that will diminish especially since apple has stopped innovating.

iPhone 2007, iPad 2010, iWatch 2015. When did they stop innovating?

And anyone who thinks that's not innovation need to consult a dictionary for the difference between innovation and invention.

Comment: Re:More ambiguous cruft: hardly. (Score 1) 488

by riverat1 (#48947349) Attached to: The Gap Between What The Public Thinks And What Scientists Know

That's a reference to the climate science deniers in the previous sentence. More specifically someone whose ideology drives them to be "skeptical" of some scientific knowledge but who will uncritically accept something that appears to support their position even though usually they're just misinterpreting what was said. As an example they hear the news that Antarctic sea ice is increasing in extent lately and automatically assume that means it must be getting colder therefore no global warming. They never bother to dig deeper into the scientific research about it.

Comment: Re:Sigh (Score 1) 107

by ledow (#48946489) Attached to: BT Unveils 1000Mbps Capable G.fast Broadband Rollout For the United Kingdom

No, I may have mistyped because I'm lazy, but I only work in "Mbps" being bits. When you want to talk bytes, I use "MB/s" like everyone else has does for years. Pedantry over the captialisation only came later. Generally, nobody states in "MBps" and means bytes or "Mb/s" and means bits.

ALL numbers in my post? Mbits. Fuck multiply by 8 if you want and it's still - on average - worse than the 4G on my phone in the same area, but that's NOT the number I'm getting.

Comment: Re:500Mb/s or approx 50MB/s (Score 1) 107

by ledow (#48946465) Attached to: BT Unveils 1000Mbps Capable G.fast Broadband Rollout For the United Kingdom

And if Gigabit is already commodity hardware at home, and bog-standard small business switches are built with 48 ports of Gigabit plus whatever backbone for a few hundred quid for the last ten years, what do you think serious ISPs and datacentres have been using all that time for, say, leased line and stuff.

Of course it requires upgrades but they would need to have been a generation ahead since the start and kept replacing or they would not be able to handle anything.

BT are a telecoms company. They handle the international fibres for the UK and all kinds of stuff. Internal switching on their networks must be fantastic already, even if our end-user experience is shit.

Comment: Re:500Mb/s or approx 50MB/s (Score 1) 107

by ledow (#48946001) Attached to: BT Unveils 1000Mbps Capable G.fast Broadband Rollout For the United Kingdom

If you're not on Gigabit already, I'll be surprised.

Even basic cheap laptop wireless, smartphone wireless and wireless routers are in the, what? 300Mbps or so range? Two or three of those and you can flood a Gigabit connection.

You would need a new router with BT anyway, because it's a new protocol. And then you'd need to throw away the BT router and buy a real one after the first week when you read how crap and insecure they are.

But there are £200 routers on the market that have triple WAN failover (including USB 3G/4G) with VoIP, VPN, wireless, and Gigabit switches built-in.

And networks have an even easier problem. Buy one Gigabit port and push all your dozens / hundreds of users over it who almost certainly all have Gigabit ports anyway. Bottleneck before you even start. And if you don't have at least a Gigabit network backbone and 100Mbps to the desktop, you are technically worse than every primary school I've worked in in the last 15 years.

More likely is that your webfilter/VPN will struggle to process that amount of traffic, but it's unlikely if you've bought anything half-decent. The last VPN/Firewall I saw that couldn't handle more than 100Mbps was an old Netgear thing about the size of a pack of cards that was so old it refused almost all modern browsers thinking they were Netscape.

Comment: Re:Telegraph poles mostly gone in UK (Score 2) 107

by ledow (#48945993) Attached to: BT Unveils 1000Mbps Capable G.fast Broadband Rollout For the United Kingdom

Er... crap.

I have a street strewn with telegraph poles. My parents live in a streeet strewn with telegraph poles. So does almost everyone I know. Most of those people live in London, for a start, and it's not limited to just there.

Fuck knows where you live but if you don't have pole at the end of your street with cables going to each house, I'm guessing it's a new build estate (which are in the minority compared to, say, 30's/40's/50's/60's houses).

However, what you might mean is that those poles will feed the cables from each house down to a green box which may have some kind of fibre/copper backbone that goes under the street. But it's still copper... FTTC hasn't arrived in many places.

But if you live in a UK town and are more a few hundred metres from a telegraph pole, I'd be surprised.

Comment: Sigh (Score 4, Insightful) 107

by ledow (#48945973) Attached to: BT Unveils 1000Mbps Capable G.fast Broadband Rollout For the United Kingdom

Slashdot are posting what The Register posted two days ago, so I'll post the same comment I posted there two days ago:

I work for a UK school.

BT took nearly TWO YEARS to get a leased line to us. They were blocked from completion after we cancelled the contract because they said there was a 20th delay because "there's not enough room in the duct" followed by "there's not enough room at the exchange". You'd have thought someone might notice in two years that you had no room, eh?

We cancelled because, despite wonderful promises, prices and speeds, we never actually managed to get the line into the building.

In the meantime, I'm running a school for 400 kids on a VDSL line with ADSL backup which BT promise me can get "45Mbps" and "20Mbps" at best, respectively. Funny. Because my Smoothwall says we've never pushed more than 10Mbps for a fraction of a second and the average over the working day - with 500 users and 600 devices - is somewhere around 4MBps down and 1MBps up..

BT can make all the "maximum" speed promises they want. If you can't get it installed, or the actual download is so much less than the maximum, it's pointless. Absolutely pointless.

Ironically, I get 32Mbps download on 4G when sitting in the IT Office. If only 4G didn't have such pathetic data allowances.

Comment: Re:Good data first, then maybe big data later (Score 2) 93

by NeutronCowboy (#48945853) Attached to: Cutting Through Data Science Hype

Absolutely true. Unfortunately, it's far easier to convince management that the problem is the lack of a shiny tool that shows them pretty graphs than shitty data that they have to pay some consultant an ungodly amount of money to fix. Because, of course, no one in the company has the time to fix the data on which they run their business.

The only thing necessary for the triumph of evil is for good men to do nothing. - Edmund Burke