Slashdot is powered by your submissions, so send in your scoop


Forgot your password?

Comment: Re:Spamming daemon packed inside ELF binary (Score 1) 180

It wouldn't be the first time I've seen malware installed via compromised wordpress. Wordpress has had more than a few vulnerabillities over the years and most people who install it just forget about it after and never install security updates. To top it off, wordpress has a web accessible world writeable folder so any exploit easily becomes shell level access.

On the plus side, most of the spammers never even try to gain root.

Comment: Re: Is that proven? (Score 1) 442

by gmack (#49555407) Attached to: Debian 8 Jessie Released

And then slow devices cause the server to fail to start correctly every time? There is a reason that so many init.d startup scripts had sleep statements. It makes sense to argue that the timeout is too long but it make no sense that things shouldn't wait for things they depend on. That's the whole point of "dependency based booting", most of the systemd alternatives do the exact same thing.

Comment: Re:Here we go again. (Score 4, Interesting) 304

by gmack (#49547703) Attached to: Microsoft, Chip Makers Working On Hardware DRM For Windows 10 PCs

I have yet to see a good Linux blu-ray player. The result is that I simply rip the blu-ray with makemkv and then run the result through handbrake to bring the size down a bit. This has the added advantage that my quad core xbmc box ($110 CAD) lets me browse though my movie collection on my NAS using my remote and that's far less effort than swapping discs. This also came in handy when I was in Spain and Amazon sent me the US region movie instead of the EU region movie and the blasted thing wouldn't play in my EU locked blu ray player.

Comment: Re:systemd rules!!! (Score 2) 494

by gmack (#49547105) Attached to: Ubuntu 15.04 Released, First Version To Feature systemd

I can't tell if you are stupid or just a troll but I'll respond anyways. One of Systemds improvements is that it handles process (apache etc)reloads. One advantage to this, is that things are now restarted in the exact same environment (path, variables, CWD etc) as when the system is booting. The next advantage is that networking restart no longer needs to be run with nohup when done remotely, it just works now instead of dropping the interface and then dying.

This means that if say, a webdev or a junior admin makes a typo in a daemon and it fails to start you can now just use journalctl to see the output that previously went to console.

Less often(usually when I'm doing the initial setup), are things like iscsi, glusterfs etc that choked hard under the old init system and still need a bit (although easier) tweaking with systemd.

Comment: Re:Upstart or Systemd? (Score 1) 494

by gmack (#49546505) Attached to: Ubuntu 15.04 Released, First Version To Feature systemd

What is happening is that Systemd is waiting for either the daemon to come up, or a timeout before it continues. If you wait about 5 minutes, the boot will resume. (which I agree is an annoyingly long default) The downside of doing things the way they were before was that if something was slow to mount, the system would blindly continue which is why I've seen a ton of boot scripts with sleep statements in them.

Comment: Re:systemd is a bad joke (Score 1) 494

by gmack (#49546467) Attached to: Ubuntu 15.04 Released, First Version To Feature systemd

The people that know the difference between AT&T and BSD flavors, especially after the 4.4 Tahoe lawsuit know that you don't just add stuff for politics's sake. For example, Sendmail took a ton of revisions before it was secure.

Sendmail took a ton of revisions before it was secure because it wasn't written with security in mind. Qmail, Postfix and Exim haven't had any near the number of problems sendmail had.

And we are all going to relearn this lesson with systemd, with one large code blob running as root (breaking the philosophy from decades of UNIX state that you run stuff as root as little as possible), so this means one large remote root exploit waiting to happen... and all it takes is a weakness on the ports systemd listens to.

This is just FUD.
1 Systemd is modular with components running with each componant running with the least amount of privilate to do it's job.
2. The network components not a part of the core project and are very optional.
3. I have yet to see any distro enable the network components at all, let alone by default.

So, production systems now have this major chunk of nascent code that is going to be a bonanza for the blackhats. All we have is to cross fingers and hope that the systemd coders at least paid lip service to security... but if something as mature as OpenSSL can fall, it only is a matter of time before systemd gets hit and hit hard, since AFAIK, there are no experts familiar with secure/defensive programming coding systemd.

As far as you know? I have already seen audits of the code for both correctness and security.

Oh well. Oracle Solaris can be easily moved to, and it isn't open source... but it has stood the test of time when it comes to security.

The same Solaris who dumped sysv bootup scripts a few years back in favor of their shiny new system that's very similar to systemd? Good plan!

Comment: Re:Upstart or Systemd? (Score 1) 494

by gmack (#49545113) Attached to: Ubuntu 15.04 Released, First Version To Feature systemd

It worked.. except when it didn't. I should not have to hack my init scripts just because I have iSCSI or Clustered Fileystem mounts. Init was made in a time when the boot dependencies are more flat and don't do well at all when your setup requires network+daemon before the filesystem can be mounted.

Comment: Re:Game of Thrones (Score 2) 106

by gmack (#49473079) Attached to: In New Zealand, a Legal Battle Looms Over Streaming TV

6 years ago I moved from Canada to Spain. Should I have bought all new DVDs and Blu Rays when I did? And should I have bought them again when I came back last year? My favorite was the Blu Ray I bought from Amazon UK that had a US region lock so it refused to play in my Blu Ray player. The best fix? Rip it and stream it off my NAS.

And don't even get me started on the social aspect. I spent 5 years having people send me links to movies and trailers only to discover they are region locked and getting the same complaint when I sent links to my friends and this is still a problem now that I have friends in 10 different countries. And if I wanted to play online scrabble against my family? Not permitted. Europeans can only play against other Europeans and not anyone in North America.

Region coding is just plain evil and people hate it for more reasons than just not wanting to pay for things

Invest in physics -- own a piece of Dirac!