Forgot your password?

Comment: Antiquated features, disloyal to paying users (Score 4, Interesting) 95

by dutchwhizzman (#47931763) Attached to: How Flickr Is Courting the Next Generation of Photographers
Flickr made paying users regret paying for their service, since they suddenly gave away almost all of the premium features for free. Antiquated features aren't really updated (where's the password protected gallery?) and the forum/app that they have to request features is broken since months. At this sort of pricing/service, I'll get a VPS and use that for hosting my pictures before my subscription us up for renewal again...

Comment: Yes there was (Score 4, Insightful) 36

by dutchwhizzman (#47931719) Attached to: eBay Redirect Attack Puts Buyers' Credentials At Risk
Although a vulnerability to XSS isn't directly a hack of eBay, it *is* a hack of everyone visiting that page. *Every* visitor would be redirected to the malicious page automatically and their credentials would be stolen there if the user would re-enter them. Since eBay left their website vulnerable to this sort of malicious automatic redirect, abusing this vulnerability to place malicious code on eBay's website is technically a hack.

Comment: Yes they need individual desktops (Score 2) 245

by dutchwhizzman (#47895707) Attached to: City of Turin To Switch From Windows To Linux and Save 6M Euros

Yes they do, because ergonomics require decent keyboards, screen and mouses. They may not need fat clients and would be off just as well with thin clients, but laptops or that form factor do *not* replace desk top systems since they still need the keyboard, mouse and screen and will essentially be used as a desktop almost all of the time.

They need access to their individual applications and data too. While it may be possible migrate all those to web applications or some client-server model, I doubt Turin has managed to finalize that sort of thing yet. Most EU cities have over a thousand custom applications that often run on antiquated proprietary systems and they will still have a burden of those for a long time.

Getting people the cheapest computer possible sounds like an easy way to save money, but in the end the price of the hardware is only a fraction of the costs and often the extra costs incurred by buying cheaper will make it more expensive. Starting with migrating just the desktops to linux and running the proprietary cruft on things like Citrix servers will save them a lot of money without a significant down side.

Oh, because they're not running windows, they can probably use their older systems a bit longer too, if electricity costs don't make it cheaper to upgrade anyway to more energy efficient devices.

Comment: Subcontractors (Score 1) 123

by dutchwhizzman (#47873779) Attached to: SpaceX and Boeing Battle For US Manned Spaceflight Contracts
You are describing how either Boeing or Space-X would get sub-contractors to compete so they can get good quality components for a decent price. If you take the creativity out of the current bid phase, you'll never get innovation and "new" designs going up in to the sky. Oh and don't forget, it just may be that whoever wins this, might have to comission things from the losing party just to fullfill the contract.

Comment: Why tab unloader if FF could implement a limit? (Score 1) 107

by dutchwhizzman (#47804703) Attached to: Raspberry Pi Gets a Brand New Browser
FireFox thus far have refused to implement a configuration feature where they themselves limit the amount of memory they use. They say it's already built in and auto-tuning based on the amount of memory the OS reports. It's about time that FireFox stop being so arrogant and just let me set a limit, because I don't want them to eat all memory that I want to use for other applications that now have to resort to swap because a browser eats over 2G of my ram.

Comment: Did they already catch them then? (Score 2) 107

by dutchwhizzman (#47804683) Attached to: Hackers Behind Biggest-Ever Password Theft Begin Attacks

Why would these "Russian criminals" be the ones behind this attack? Sure, some company that used the argument that there seems to be a list of over 1 billion accounts floating around on the internet to sell their services some time ago. It may even be that this list was found for sale on a Russian market place. It may even been that there are actual Russians selling this list. The accounts could even be mostly real, although probably most of it will be relatively dated.

But why would that same group of people that are actively selling this list be the same group that is using it? It makes much more sense that some group that bought part of this list, or bought some other list, or has their own trojan to steal passwords is now attacking namecheap. Unless there is substantial evidence that the same group is behind it, this is just FUD and sensationalism.

Namecheap is under attack with what's most likely a brute force list with accounts that were compromised in some yet unknown way. I think those are the facts and the rest is purely speculation.

Comment: You forgot one thing (Score 1) 84

by dutchwhizzman (#47794239) Attached to: Wi-Fi Router Attack Only Requires a Single PIN Guess
You are trusting your ISP to deliver you a router that has all these things properly configurable and not leave back doors for their own remote admin and whatnot still open. ISPs don't do that, they always leave themselves a backdoor and often are lax in upgrading firmware. If at all possible, let your ISPs router do only the minimal required to let your network connect to the internet and do the rest (firewalling, NAT, WiFi) on your own trusted devices.

Comment: Raspberry Pi, obscure NAS boxes (Score 4, Interesting) 98

by dutchwhizzman (#47762853) Attached to: Project Zero Exploits 'Unexploitable' Glibc Bug

While you have a point, you shouldn't forget the Raspberry Pi. It is probably the most popular internet facing non-mobile ARM platform today. Literally millions of these run glibc and at least hundreds of thousands are in some way or form directly connected to the internet. While I don't believe that this bug can be exploited without first gaining RCE on the raspberry pi, once an attacker gets access to the rpi, this bug should be able to get them to escalate to root privileges.

There are quite a few people that put a full debian (or other) distribution on their NAS server. I own a zyxel NSA 325 and it is possible to install a full debian release on this and some other NAS boxes. These might be a limited amount of systems overall, but it's significant enough to deserve mentioning because they too often are internet facing.

Comment: On a super-high capacity drive? (Score 1) 316

by dutchwhizzman (#47762827) Attached to: Seagate Ships First 8 Terabyte Hard Drive
I doubt this would be cheaper than a fast 15Krpm 4TB 2.5" drive to manufacture and the 4TB drive would probably be faster overall. Sure it'd work on a 3TB consumer drive and probably be a good tradeoff, but on "the largest capacity drive in the world" I have my doubts it'd be economical and most certainly not double the speed.

Comment: You're not making much sense (Score 1) 106

by dutchwhizzman (#47754323) Attached to: Linux 3.17-rc2 Release Marks 23 Years of the Linux Kernel

Sendmail is historiy just as bind is history. Sendmail uses m4 for it's configuration files (you shouldn't edit the "compiled" stuff), so it's not sendmail that is culprit here. Bind is history because there's powerDNS now. Exim and samba aren't a mess, but they do use "text files" for configuration.

Anyway, they all use a standard, since it's human readable ascii. It may be obscure since there isn't much if anything that uses their format apart from themselves, but it's a standard. You could argue that all these apps should standardize on XML, but then you'd have all the tags that need to be standardized too. Going for binary files means humans will need extra software just to edit that and machine generating those will be harder too. The Windows Registry is a mess if I ever saw one and after about 20 years it's such a myriad of patches and additions that it's hardly managable.

Standards are great, which is why everyone invents at least one new one. Pushing very different requirements into one standard usually makes it either too crippled to be useful or too bloated to be maintainable. Maybe it's you that needs to find something else to do if you can't muster up the energy to deal with these inconveniances anymore. There will always be incompatibilities and annoyances if you have to deal with technology so either put up or move on.

Algol-60 surely must be regarded as the most important programming language yet developed. -- T. Cheatham