Become a fan of Slashdot on Facebook


Forgot your password?
Slashdot Deals: Cyber Monday Sale! Courses ranging from coding to project management - all eLearning deals 25% off with coupon code "CYBERMONDAY25". ×

Submission + - NTP protocol vulnerabilities allow clock shifting (

jaredmauch writes: While recently the interest in the NTP protocol was the use for Denial of Service attacks, a team at Boston University has released 4 different attacks that permit shifting of clocks, or will make your NTP client no longer listen to accurate time from trusted servers.

Comment Re:Like a grownup (Score 1) 657

I was perhaps trying to be more subtle. This should have been a non-event. The problem here is clearly that people without a clue about technology went and abused this kid who is still learning. Did you take a moment to read the letter the school district sent out? They basically said that nobody else should bring something like this in and if they do to "tell an adult" vs ask some questions and have it be a non-event. Instead they paraded the kid out like he was a criminal. That's surely not private where the teacher saying "hey this is cool, can you show me after class" might be much better.

Thanks for misconstruing my comment though, I see it got you +5. I'll go back to cowboyneal jokes vs trying to engage in dialogue.

Comment Like a grownup (Score 1) 657

This is "tell a grownup" territory vs the schools helping teach teenagers (which need guidance, just like some of us adults need from time to time) on what is appropriate or not. This will obviously be a trigger story for people in the tech community that feel sensitive to this issue or raw because of bullying they received and why some of us have trouble trusting school judgement as grown men and women.

I just wish they handled this privately with the parents without dragging the liason officer into the mix, the local police, etc.. Judgement call made wrong way clearly.

And really. If the threat was actually real, or realistically perceived that way, we should have heard of the evacuation on the news yesterday.

Comment Re:The answer has been clear (Score 1) 390

I see consistently faster times with my IPv6 vs IPv4 with my native service at home, even with just pings. This seems to be the norm with most networks. If you are using a tunnel broker, such as or otherwise you are most likely going a longer path with those artificial midpoints. Also, your browser may be broken as it doesn't implement rfc6555 properly.

Comment Re:Waiting for the killer app ... (Score 4, Informative) 390

Perhaps you missed world IPv6 day when they both jumped at the same time to enable their front pages? There are a lot of things that don't work right in an IPv6 only world, such as Skype but the list of things that doesn't work is getting shorter. If you take a look at the statistics it's quite encouraging to see a steady growth curve.

Comment Re:The answer has been clear (Score 2) 390

[citation needed] for your assertion. Been deploying IPv6 at a major ISP/carrier for 13 years now. If you bought the wrong stuff or didn't ask for IPv6, you may be right but the proper gear is out there and doesn't cost any more. I can even get IPv6 over my VPN connection.

The issue is one of mentality and training. Above someone says "turned off IPv6, problem went away". That's certainly one way to say "I blame IPv6". They didn't troubleshoot the problem. Perhaps it's a DNS problem or something else they haven't properly diagnosed. Without actually understanding how the protocols work, one is doomed to failure and blame.

When you look at the major players who have deployed IPv6, including Netflix, Google, Yahoo to name but a few and compare that with the statistics on the cellular side... VZ Wireless sees over 60% IPv6 traffic. With the coming "great mobile demotion" tomorrow, it's more likely those devices if they come over 3GPP/LTE will perhaps visit you via IPv6 than via IPv4 if you properly enable your front door. If you are a CDN customer, it's a button to turn on IPv6. Cloudflare has it on by default, Akamai you have to ask, same for Limelight.

The edge protocols have only really reached maturity in the past 2 years to deliver a connection to the edge or your home. CPE lifetime is somewhere in the 3-7 year range, we are still another generation away from having the home properly IPv6 enabled, but it's more often just going to be there and "just work". There are a lot of IT workers who haven't invested enough to learn about the subtle differences in V6, such as NDP vs ARP, etc and will block all ICMPv6 not understanding they are blocking NDP so can't see a response to their NS. This too will pass much in the same way as those who only knew appletalk or IPX routing.

Comment Re:Great -not so much (Score 4, Interesting) 106

Not really, Fiber is the same cost to put in the ground and you can get fusion splicers for around $1500 these days. The cost is all in putting the cable into the ground. If you are touching the earth, that's the expensive part. Permits (which understandably people want to leverage Title II to assist with repairs/upgrades/deployment) can actually be 1/3rd of the cost. next 1/3rd is labor and last 1/3rd is the fiber.

There is a cultural split here, many people want things for the cheapest possible amount, or will switch for the next "deal" in 1-2 years because it saves them $5/mo and comes with a gift-card, but they have to take the day off for an installer to come by, costing them more than their savings in lost wages. Some people flat out value their time at $0.

The community of Slashdot may be willing to pay $70/mo for google fiber plus $100/yr for Prime, $96/yr for Netflix, etc. The cost per home to wire for fiber is about $2500, if you think the cell phone subsidy model in the US is an issue, try getting someone to write a check for that. Shared tenant buildings like Apartments are quite complex, including in NYC as the telco can get access to the building riser/copper but would have to install fiber. Who is responsible for the in-building wiring in that case?

AT&T has fiber about 1200 feet from me but the only speeds offered are 768k and 1.5M down. I would be willing to pay for a FTTH install, but there is no way for them to figure out how to do it. Last time I got a quote for a build, it was about $60k to build fiber. Moving easily becomes an option at that point.

It's not farmer john you have to worry about, that long strech of fiber likely already exists, and they can give right of way much easier. It's the Township, County and Road Commission that has got to get paid for permits and labor costs, not the cost of the fiber.

C'est magnifique, mais ce n'est pas l'Informatique. -- Bosquet [on seeing the IBM 4341]