Forgot your password?
typodupeerror

+ - Heartbleed Disclosure Timeline Revealed 1

Submitted by bennyboy64
bennyboy64 (1437419) writes "Ever since the Heartbleed flaw in OpenSSL was made public there have been various questions about who knew what and when. The Sydney Morning Herald has done some analysis of public mailing lists and talked to those involved with disclosing the bug to get the bottom of it. The newspaper finds that Google discovered Heartbleed on or before March 21 and notified OpenSSL on April 1. Other key dates include Finnish security testing firm Codenomicon discovering the flaw independently of Google at 23:30 PDT, April 2. SuSE, Debian, FreeBSD and AltLinux all got a heads up from Red Hat about the flaw in the early hours of April 7 — a few hours before it was made public. Ubuntu, Gentoo and Chromium attempted to get a heads up by responding to an email with few details about it but didn't get a heads up, as the guy at Red Hat sending the disclosure messages out in India went to bed. By the time he woke up, Codenomicon had reported the bug to OpenSSL and they freaked out and decided to tell the world about it."

Comment: Re:No shit (Score 5, Interesting) 103

by bcboy (#46740823) Attached to: Why the IETF Isn't Working

Completely disagree. I worked over a decade in the valley, and have now worked for several years in academia. The amount of bureaucratic nonsense I have to deal with now is a few orders of magnitude smaller than what went on in the corporate world. My first six months in academia were more productive than my last six years in the private sector.

Academia does not have the cash required to sustain a large bureaucracy. It's simply not there. Technologies that, in the corporate world, would be managed by a team of thirty people, in academia are managed by one person, because that's all they can afford. Things that took months, or years, now take hours, or days. It could not be more starkly different.

+ - Comcast PAC gave money to every senator examining Time Warner Cable merger->

Submitted by Anonymous Coward
An anonymous reader writes "It's no surprise that Comcast donates money to members of Congress. Political connections come in handy for a company seeking government approval of mergers, like Comcast's 2011 purchase of NBCUniversal and its proposed acquisition of Time Warner Cable (TWC).

But just how many politicians have accepted money from Comcast's political arm? In the case of the Senate Judiciary Committee, which held the first congressional hearing on the Comcast/TWC merger yesterday, the answer is all of them."

Link to Original Source

Comment: Cutting out the middleman... (Score 1) 6

by MonTemplar (#46698939) Attached to: Reminiscence XP

...yeah, if I've gotten a slipstreamed install disc with SP3 on it, I could have saved myself a lot of time when I did the same experiment. *shrug*

Out of interest, which version of IE did it have after install completed? I see you were prompted to upgrade to IE8, but my memory is hazy on whether IE7 was ever included on later XP install discs.

+ - Snowden's purloined documents are now available online->

Submitted by Frosty Piss
Frosty Piss (770223) writes "The ACLU and others have long suspected that the National Security Agency has gone far beyond its mandate of gathering information for counter-terrorism and foreign intelligence purposes. Many Those suspicions were confirmed when, on June 5, 2013, The Guardian released the first in a series of documents provided by Edward Snowden detailing the NSA's unlawful spying activities. All of the documents released since that day, both by the media and the government, are housed in a database maintained by the ACLU and accessible by the public on-line."
Link to Original Source

+ - Kate Mulgrew, aka Captain Janeway, Thinks Sun Revolves Around Earth.-> 3

Submitted by synaptik
synaptik (125) writes "A new documentary film, narrated by a former Star Trek actress, promotes the long-ago disproven idea that the sun revolves around the Earth. 'Everything we think we know about our universe is wrong,” says actress Kate Mulgrew as she narrates the trailer for “The Principle.' The film, which is set to be released sometime this spring, was bankrolled in part by the ultra-conservative and anti-Semitic Robert Sungenis, who maintains the blog 'Galileo Was Wrong.'"
Link to Original Source

Comment: Re:XP is (nearly) dead - long live Windows 7! (Score 1) 7

by MonTemplar (#46688293) Attached to: Tomorrow Windows XP dies, long live Windows XP!

But XP? Not so simple. XP has lower system requirements, it works well on systems that are dog slow under 7. It's STILL BEING SOLD for that very reason, and the machines that ship with it will generally not work with other versions, either from lack of resources, lack of drivers, or both.

I'm aware you can still get XP discs second-hand or ex-stock here in the UK - Amazon lists several versions, although some look suspiciously like they may be OEM versions that are tied to specific brand/model PCs. I'm not aware of any PC maker here in the UK offering an XP options, though - maybe Windows 7, for business systems and workstations.

Ultimately I will probably just put Slackware on the machine that's running XP now but if ReactOS were a little more mature I might use it instead.

I recently wiped my old (2003 vintage) laptop, which originally came with XP, and installed Linux Mint - considering the machine's specs, it works fairly well.

I've read about ReactOS, but given the slow pace of progress I regard it as curiosity rather than a viable alternative.

Comment: XP is (nearly) dead - long live Windows 7! (Score 1) 7

by MonTemplar (#46682747) Attached to: Tomorrow Windows XP dies, long live Windows XP!

Seriously. I remember trying out the preview version on my then-XP-running PC back in 2009, and being blown away by a) how much easier it was to install and get going, b) how well it ran all my existing software, c) how it let me finally use all of the memory installed in my machine, d) how much better it was than Vista. I pre-ordered a copy soon after, and the rest is history. Now, on my Mac, I have my Windows 7 VM for running various applications I still use.

Installing Windows XP today is not nearly as fun as you might think, particularly if you've got a pre-SP2 copy. When I tried it, I had to manually install some patches just to get Windows Update working, then some more before I could install IE8, and some more before I could install MSE. And then all the patches to bring the whole lot up-to-date - that took hours and hours to finish. I'd only recommend trying it if you're installing onto a machine that you don't actually need to use for a good while.

As for the 'but it's tried and tested" argument for hanging onto XP, I would point to the number of flaws that are still being uncovered in the Windows codebase, many of which are also in XP. Yes, you can mitigate against some by hardening your system, running only as a standard user, etc. - but for most current XP installs that will probably mean extra aggravation caused by third-party software written back in the Bad Old Days that expects to run with full admin privileges.

The only excuse for continuing with XP, to my mind, other than sheer obstinacy, is where you've got systems that absolutely, positively require XP running on physical hardware - specialised hardware or software that won't work via a VM because they need direct access through physical ports. Such systems should be segregated from local networks and the Internet as much as possible.

Comment: Re:Google TV failed..possible Chromecast is the wa (Score 2) 96

by slaker (#46665577) Attached to: The Amazon Fire TV Is Kind of a Mess

Chromecast doesn't do enough to add value. The only thing it really brings to the table is the novel control scheme. Yes, it's a cheap streamer that I can control with a $75 tablet or retired smartphone, but I'll bet I can find a price-competitive BluRay player that can do both those things and still play discs AND use a proper ethernet connection.

Comment: Re:Local content? (Score 2) 96

by slaker (#46665505) Attached to: The Amazon Fire TV Is Kind of a Mess

This review read like an Apple user looking for things to whine about. I don't recall seeing anywhere in the verbiage of press over the last two days any promise from Amazon that it would be some universal media-seeking device.

That being said, like any respectable media streamer these days, it DOES support Plex access, which should be your go-to tool for local content access. If it's on the same LAN with a client, you can also connect to it via DLNA and thereby use it with pretty much set top box smart enough to connect to the internet.

The single best STB I've ever found in terms of capability is the LG Smart TV Upgrader, which LG sold for about two months back in 2009 or so. It supports SMB, AFP and NFS, but it also has support for Netflix, Youtube, Hulu Plus and Amazon. It can play h.264, open VideoTS folders and it doesn't have a problem with AC3 or DTS audio. Unfortunately, it's slow as hell and the UI is ugly. I'm not entirely sure if LG is still releasing firmware updates for them but they're a pretty good alternative to a fully functional HTPC.

Comment: Re:Who cares about systemd anyway? (Score 2) 639

by dpilot (#46664201) Attached to: Linus Torvalds Suspends Key Linux Developer

The problem with systemd has been the steamroller attitude of its developers and advocates. They seem to want systemd to be the one true init system, accept no substitutes. RedHat, Fedora, Debian, Ubuntu, and Arch have all gone to systemd, and I'm not sure what other distros have as well. As far as I know Slackware, Gentoo, and Funtoo are the only distros that haven't, though Gentoo offers it.

I don't mind if systemd is an option. But I feel that there is some bad design in there, and would rather not use it myself. The problem comes when I can't avoid doing so.

Comment: Re:systemd Architecture (Score 4, Insightful) 639

by dpilot (#46663853) Attached to: Linus Torvalds Suspends Key Linux Developer

It's only a good idea sticking all of that in PID1 until there's a problem. When PID1 crashes, so does your box. The more stuff in PID1, the more likely there is to be a bug somewhere in there. Now stuffing all of that in PID2, and having PID1 take care of itself and restarting PID2 might be a different story.

The person who's taking you to lunch has no intention of paying.

Working...