Slashdot is powered by your submissions, so send in your scoop


Forgot your password?

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).


Comment: Go for it (Score 1) 309

by jakeguffey (#46975245) Attached to: Ask Slashdot: Computer Science Freshman, Too Soon To Job Hunt?

I say you should go for it. I don't think that the recruiter thing is the best way to go, though. As you have experienced, recruiters generally have their hands tied as far as what they can present to potential employers because of experience and degree requirements. That said, look locally. I grew up in a tiny dying town with almost no jobs in IT, but there was a local IT business (WISP, consulting, PC repair) that I got to work for as a helpdesk tech my Senior year in high school. When I went to college, I left on good terms so I had a Summer job waiting for me. Throughout college, I worked there and for the school of Engineering's network helpdesk. When I graduated, I was able to go on with a degree and experience to get the job that I wanted and now I'm working as a network security engineer and I'm 5-10 years younger than all my colleagues.

The point is, maybe don't look for an official start to your career right now. Instead, look for work locally that will get your foot in the door and give you experience. Find a local IT consulting or web design house and ask to work for them. Sell yourself like you did in this submission. If that doesn't work out, talk to your university. I don't know what they have going on, but I'm sure there are plenty of opportunities for undergrads to get involved. Talk to the helpdesk for your particular school within the university (like ECN at Purdue); talk to the university's global helpdesk (like ITaP at Purdue); talk to your professors. If none of those turn up anything (which I find highly doubtful), look into contributing to open source projects. Drupal, Joomla, and friends are possible projects to start with. Just don't quit looking for opportunities wherever they happen to appear and remember that there are more local opportunities than you may realize.

Comment: Re:Keepass (Score 4, Insightful) 445

by jakeguffey (#46307141) Attached to: Ask Slashdot: How Do You Manage Your Passwords?

Came here to say this.

I've used KeePass (or, in my case, KeePassX since I'm on *NIX) for about 6 years and it's been great. Encrypted local storage that I can sync between devices if I want, with an Android app (KeePassDroid) available makes life easy. It's also the only approved password storage method where I work.

Comment: In the midwest (Score 1) 632

by jakeguffey (#41581121) Attached to: Ask Slashdot: What Were You Taught About Computers In High School?

the normal curriculum generally didn't provide any exposure to computers beyond "Keyboarding" and "Computer Applications," meaning MS Office. I graduated from high school in 2006 and there was really nothing made widely available by my school. There was a vocational class for computer operations (only 4 students including myself took it), which was actually quite useful -- intro to networking concepts, intro to programming (VB 6), and all of the information needed to get CompTIA's A+ certification. Throughout the year, I was able to bat ideas around with the teacher, including the idea of making a beowulf cluster (just 3 or 4 nodes) to showcase some of the things computers could be used for. The class was the last half of the day and really helped solidify my basis into computing. At one point, the teacher had the network engineer for the school system come in to teach us how to terminate fiber (which we later ran to provide network access for the machine trades vocational class). I really have some fond memories of that class and to this day, I'm friends with the teacher.

My experience was *not* normal by any stretch, though. As I mentioned, there were only 4 students (later dropped down to just 3) in the class from the entire county. I was the only person from the hosting school (1000-1500 students). The teacher I had that year returned to industry the very next year and, from what I heard, the quality of the class dropped tremendously when his successor took over. To my knowledge, the class is still the same poor quality that it was after he left.

As far as I know, learning anything related to computers in high school (in most midwest counties) is learned the same way as it was a decade or two before -- individuals being motivated to learn for its own sake and befriending others who are like-minded. LAN parties, though passed off as completely useless by parents (more often than not), provide(ed) the greatest source of computing knowledge exposure -- setting up the LAN (and segmenting it from the user's parents' use), troubleshooting why a computer would fail to work, troubleshooting why a pirated game wouldn't run on one machine when everyone else wanted to play, and understanding physical infrastructure requirements (i.e. power) are routinely dealt with in the environment of a high school LAN party, and are directly applicable to industry (with much more learning outside of these parties to fill in the gaps, of course).

Comment: Wow (Score 1) 338

by jakeguffey (#40067529) Attached to: Ask Slashdot: Best Way To Monitor Traffic?
So many comments and none of them really answering OP's question. First: Yes, OP needs to ensure that what he's asking for is actually what he wants to do. Now, OP: How about using Open Source IDS/IPS? Something like Bro ( could be a good option. It's completely scriptable and keeps track of general information (number of connections, what IP addresses are talking to what others, etc.), but where it really shines is that it alerts on "weird" traffic and since it's scriptable, you can write your own protocol inspection code to look at network streams on the fly and only pull out what matters. To implement this kind of system, I'd put a linux/bsd box inline acting as the network's gateway so everything on the network outbound goes through it, enable routing (linux: add net.ipv4.ip_forward=1 and net.ipv6.ip_forward=1 to /etc/sysctl.conf, bsd: add net.inet.ip.forwarding=1 and net.inet6.ip6.forwarding=1 to /etc/sysctl.conf), configure the firewall as needed (NAT and what have you), and set bro up to look at the traffic. Then I'd define very clearly what traffic I thought was "interesting" and warranted looking into. That traffic I would write some inspection code for and wait for alerts (which can be formatted however you please -- they're just text). Finally: Should an I[DP]S be used for oppression? No. Should this type of solution even be implemented at all on a home network? I think that's an issue that can only be answered by the client. Remember: anything can be used for good or evil. Make sure that anything you build and sell is going to be used for good (as much as you can ensure such a thing, of course). Talk to your client. I have a feeling that training for dealing with social engineering will go a lot further than a custom-engineered DLP system.

Comment: This is a complete (Score 5, Informative) 84

by jakeguffey (#39652747) Attached to: Critical Flaw Found In Backtrack Linux
non-issue. According to the advisory, this particular issue "Spawns a root shell [and h]as not been tested for potential remote exploitation vectors." As has been stated multiple times earlier already, BT is generally used as root locally and (until someone determines remote exploitability) this is a local-only exploit. TFS is wrong. This is not a "critical flaw in BT," but a flaw in WICD that allows privilege escalation. Still something that definitely needs fixed, but if someone has local access to your box, you can pretty much assume they already have root.

Comment: Re:A confusing summary on /., let me try to do bet (Score 1) 187

by jakeguffey (#38085954) Attached to: Potential 0-Day Vulnerability For BIND 9
I am 100% with you up until you say, "I'm amazed how many people run large, production name servers on BIND yet don't have a cheap support contract. If you run BIND, rather than getting your alerts via /. look into a support contract so you get them directly from the vendor." I have a couple issues with this. The first is simply that it's perfectly reasonable to expect a good UNIX admin to handle BIND without issue for generalist deployments. The other issue I have is that you don't need a support contract to get these alerts. Sign up for the bind-announce mailing list (link: Again, I'm totally with you up until the end there.

Woman Develops Peanut Allergy After Lung Transplant 146

Posted by samzenpus
from the no-extra-charge dept.
An anonymous reader writes "A woman in need of a lung transplant got her new lungs from someone with a peanut allergy who died of anaphylactic shock. Seven months after the surgery, the woman was at an organ transplant support group when she ate a peanut butter cookie and had a violent allergic reaction. So how had the woman's new lungs brought along a peanut allergy? A blog post dives into the medical details and explains that immune cells in the donated lungs couldn't have lived in the new body for long enough to cause the reaction... however, if they encountered an allergen (i.e. something peanuty) shortly after being transplanted, they could have trained the woman's native immune cells to respond."

Is it possible that software is not like anything else, that it is meant to be discarded: that the whole point is to always see it as a soap bubble?