Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror

Comment State level identification (Score 1) 51

Technologies like OAUTH 2.0 have been around for a long, long time, and their purpose is to provide a verifiable audit-trail for users.

And it works! Although there have been (and will always be) security issues, the reality is that technologies like SAML and OAUTH do provide a very useful level of trust.

Except that, although these technologies do allow for a useful transfer of identity, the agents widely used to provide this identity (the IDP) is never an entity that provides a uniformly useful level of identity.

Here I am: Bill Jones (not my real name) citizen of the UK (not my real country, either) and I have no way to properly assert that to, say, Bank of the West (not my real bank, either) or Northern Airlines. (not my real airline)

If I have to assert my true identity, I have a state-issued driver's license or passport. Why do I have no way to assert either of these identification documents electronically?

Why can't I use my passport ID to assert myself to the bank, or the airline?

Seems to me that it would be HIGHLY USEFUL if I could. And it seems to be self-evident and proper that the agencies that issue drivers licenses or passports could offer electronic identification, even if it's sourced out to a tech company with a good reputation.

In the US, it's now become increasingly common to have a unified electronic ID to interact with agencies: see id.me. This is a start, and I know government agencies work GLACIALLY SLOWLY so maybe by the time my grandkids are having babies this could be a thing.

Comment Eh? (Score 1) 36

Eh?

> At some point you have to ask why you're using RAID at all. If it's for always-on, avoiding data loss due to hardware failures, and speed, then RAID 6 isn't really am great solution for avoiding data loss when disks get to these kinds of sizes, the chances of getting more than one disk fail simultaneously is approaching one, and obviously it was never great for speed.

If you're at this point, then using drives at all is probably already off the table. But I think this position is probably ridiculous.

I have many years of experience managing file clusters in scopes ranging from SOHO to serving up to 15,000 people at a time in a single cluster. In a cluster of 24 drives under these constant, enterprise-level loads, I saw maybe 1 drive fail in a year.

I've heard this trope about "failure rate approaching 1" since 500GB drives were new. From my own experience, it wasn't really true then, any more than it's true now.

Yes, HDDs have failure rates to keep in mind, but outside the occasional "bad batch", they are still shockingly reliable. Failure rates per unit haven't changed much, even though with rising capacities, that makes the failure rate per GB rise. It still doesn't matter as much as you think.

You can have a great time if you follow a few rules, in my experience:

1) Engineer your system so that any drive cluster going truly offline is survivable. AKA "DR" or "Disaster Recovery". What happens if your data center gets flooded or burns to the ground? And once you have solid DR plans, TRUMPET THE HECK OUT OF IT and tell all your customers. Let them know that they really are safe! It can be a HUGE selling point.

2) Engineer your system so that likely failures are casually survivable. For me, this was ZFS/RAIDZ2, with 6 or 8 drive vdevs, on "white box" 24 bay SuperMicro servers with redundant power.

3) If 24x7x36* uptime is really critical, have 3 levels of redundancy, so even in a failure condition, you fail to a redundant state. For me engineering at "enterprise" level, we used application-layer logic so there were always at least 2 independent drive clusters containing full copies of all data. We had 3 drive clusters using different filesystem technologies (ZFS, XFS/LVM) and sometimes we chose to take one offline to do filesystem level processing or analysis.

4) Backups: You *do* have backups, and you do adhere to the 3-2-1 rule, right? In our case, we used ZFS replication and merged backups and DR. This combined with automated monitoring ensured that we were ready for emergencies, which did happen and were always managed in a satisfactory way.

Comment Re: Responsibility? (Score 1) 66

I know but did you see any Tory ministers resign because of it in the last government? Did any civil servants responsible for it - who may well be still in Whitehall - step down or get fired?

Labour are not to blame for this and were left cleaning up the mess but nobody has taken responsibility for it at all as far as I can see.

Comment Responsibility? (Score 2) 66

There once was a concept of taking responsibility for mistakes.

Right, so exactly which government ministers and civil servants responsible for the leak took responsibility and resigned? Staying in office until voted out while having the taxpayers pay to fund the clean up is not, in any way, shape or form taking responsibility.

Comment Re:human safari (Score 0) 243

It's complete and utter BS. The 2 state solution has been proposed multiple times ( https://grok.com/share/c2hhcmQ... ) , the Arabs are refusing it because it would de-escalate the conflict and would normalize the very *existence* of Israel, which is what they are denying (and you here as well, due to their very effective propaganda).

Also very very personally, I have 0 sympathy for anyone attacking Israel, so no love to anyone who attempts on lives of any Israelis, may they all burn in this life and any and all afterlives (which I don't believe in, I am a complete atheist).

To me, everyone who attacks Israel is barbaric and must be destroyed, how about that? There is no genocide of anyone in Gaza because it's not me, who is running Israel, does it work for you?

I am well aware of ruzzian/Israeli relationship. There are a couple of million ex-soviets living in Israel, I was one of them back in 1992, when I moved to Israel from Ukraine.

Israel is doing everything anyone could ever do to protect civilians from being killed in fire indiscriminately https://chatgpt.com/c/6876bd05... Sure, you can always say that more could be done, AFAIC they are way overdoing.

Have a horrible day.

Comment Re:Everything old is new again. . . sigh (Score 1) 58

These days, it's a few hundred to get the equipment to interact with this system. When it was invented, computer security was barely even thought about, and the equipment to exploit it would have been extremely expensive (if you could even get it outside industry).

Comment Depends on Laws (Score 2) 55

Why do your confidentiality agreements override your other agreements to the license holder of the software?

My understanding is that in many (most?) countries outside the US EULA's have no legal authority unless you agree to them before purchase. If you buy some software and then, after the fact, you then have to agree to some random crap in order to be able to run it that's not a legal contract so you have no agreement.

Comment BIPM (Score 1) 20

OK it it's something like 1/9,192,631,770 of a vibration of a cesium atom

This was decided by the International Bureau of Weights and Measures which manages SI units. However, this definition is no longer sufficient since Caesium clocks are much less accurate than the current generation of ion clocks like the one in the paper. I believe there is a process underway to redefine the second more precisely presumably using this new technology since the Caesium-based definition is no longer sufficiently accurate, so in this case you are more worried about precision since your accuracy is limited by the definition.

In terms of measuring the precision I suspect they do this by measuring the stability of the frequency produced. Naively I'd do this by having two clocks produce signals and then have them interfere and look for changes in the itnerference pattern since if one frequency changes relative to the other it should produce easily observed changes. However, I do not work in this area and at this level of precision they may have much better ways to do things but I suspect, whatever the actual method, it will be comparing two of the same clock against each other and looking for frequency drifts between them since if the frequency changes it will affect the precision.

Comment Re:human safari (Score 0) 243

Absolutely Israel is fighting for its survival. 7th of October shows that Israel must destroy all of its enemies that surround it. Hamas and others were supplied by Iran, which must be stopped from developing a nuclear bomb specifically because it would be much easier to just get that bomb into Israel through Gaza and blow it up in the middle of any city, most likely Tel Aviv or Haifa (they wouldn't do it in Jerusalem). Any 'civilian' within Gaza is suspect, that's where Hamas is recruiting from in the first place. I applaud Israel for making progress against Iran and now it must finish what needs to be finished all around it, especially Gaza.

Iran has policy of destroying Israel, it's their religious policy and policy of the State, so they are obviously interested in keeping all of the various local conflicts going for as long as it takes to destroy Israel. Israel is under a strategic threat, it's not just Gaza and Hamas, this was made clear when Iran started supplying Houthis with missiles. Hezbollah, Hamas, Houthis under the guiding hand of Iran and with support from ruzzia. That's what Israel is fighting against. Just because you don't understand it doesn't change their equation and they must not and will not give up, they must destroy its enemies to survive.

The fact that the Western world has been brainwashed and is now so antisemitic and anti-Israel just shows how effective the propaganda pushed from Iran with the help of the ruzzian troll/bot farms became, that's a weapon that must be taken seriously. It was used to brainwash Americans into supporting putin and ganging up against Israel as well.

Comment Re:human safari (Score 0) 243

Israel is doing more than anyone to prevent casualties in their fighting, that's exactly why they develop and use extremely precise bombs and ammunition. Again, I wouldn't, but they care.

Israel is fighting for its survival.
Ukraine is fighting for its survival.
Both are attacked by terrorists.
Ukraine is attacked by a terrorist mafia state.
Israel is attacked by a terrorist religiously controlled state.

Their situation is different because Ukraine is a much bigger country in terms of land and people but Israel had much more time to prepare for this war obviously and it had support of the USA for a long time now.

Israel must win this to survive as a country.
Ukraine must win this to survive as a country.

Slashdot Top Deals

If you're not careful, you're going to catch something.

Working...