Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
Note: You can take 10% off all Slashdot Deals with coupon code "slashdot10off." ×

Comment Scaremongering. (Score 4, Informative) 156

There's nothing that the LHC (or any other conceivable accelerator that we could build at current technology levels) can do that the sun isn't already doing in the upper atmosphere (or in the centre of the sun)

What the LHC brings is doing the collisions in a small, controllable space where it's (relatively) easy to measure what is happening.

Comment Re:As a former expert (Score 1) 112

I've been out of the field for 10 years, but what I've learned since then is that "experts" don't care if the clients can actually use the system.

I'm not sure that this is strictly true but I think "experts" run up against the problem that "ordinary" people don't believe they will be the target of random attacks so end up having to take a belt and braces approach. "Nobody is going to bother to attack MY account so I can use 'password' as my password."

At the weekend my ssh server came under sustained distributed login attempts - which showed up due to the sheer amount of traffic being transferred. While it wasn't a problem (I only allow public key authentication) it was annoying and I was tweaking firewall rules to reduce the maximum rate of connections per IP. But my girlfriend's first question was "why are they attacking your machine?" and then she was surprised to see her user name in the list of user names being tried (although it wouldn't have worked on the machine that the SSH server is running on as she doesn't have an account on that machine)

It will be good once IPv6 is ubiquitous and I no longer need to have easily findable services (except for the ones that I want people to find)

Comment Encoded with an OTP (Score 2) 423

So two people, independently, publish files of random numbers.

It just so happens that when the two files are XORed together you get the plans for a gun (or any other "restricted" file)

Who are you going to prosecute? After all, anybody can publish files of random numbers. Only one of the two needs to be "constructed" and it's impossible to determine which one is the "artificial" one.

Comment Re:No support for dynamic address assignment?!? (Score 1) 287

I decided to take some more time to investigate this.

It turns out I'm a victim of this bug:

https://bugs.debian.org/cgi-bi...

Sometimes (not always) the VPN /64 ends up assigned to the wrong interface on the client - leading to traffic apparently being sent out on the wrong interface for the source address that is supplied.

This gets doubly confusing because the source address is chosen based on the interface it _should_ be routed through. So if my route to 2001:db8:1:3::99 should be via the wifi interface then it will pick 2001:db8:1:2::20 as the source address even if you tell ping6 to use the LAN interface instead.

And you can have one client successfully connected via the VPN and all is well. Another client connects, radvd starts advertising via the wrong interface and suddenly the working client acquires another /64 on the wlan interface and stops working when it starts picking a different source address. Grrr. Oh well. At least I know what is wrong now.

I _think_ restarting radvd fixes the problem - so a quick fix might be to bounce radvd every time an interface comes up (and possibly goes down too)

Comment Re:No support for dynamic address assignment?!? (Score 1) 287

You see, this is why I'm looking for a good newsgroup, etc.

The ipv4 problems are solved with routing tables and the VPN handing out routes for places that the VPN can reach. But all the /64s are currently in the same /48 so, IIUC, every /64 is equally close to the other /64s.

When I naively map my ipv4 setup to ipv6 it doesn't work.

My laptop, for example, acquires acquires a ::3/64 and ::4/64 address via wifi and vlan. The same way it acquires a x.x.3/24 and x.x.4/24 ipv4 address.

Now, when I ping6 a ::2/64 address it will decide to use the ::3/64 address regardless of whether I ping via the vlan or wifi interface. Or it might decide to use the ::4/64 address on both interfaces instead - it seems to be random which ip it picks but once it's picked one it's persistent for a time at least.

Which makes sense. But doesn't "just work". There are multiple possible ways to resolve it.

Update the default policy table - now it will use the ::3 on the wifi and ::4 on the vpn interfaces. This works but involves setting up the default policy table on the client which I want to avoid if possible. Maybe it's possible to hand out this with the router advertisements - if so I don't know how.

Update the firewall to allow traffic via the vpn interface to the lan even if it comes from the wifi address. But I'm not so sure about the opposite route, allowing vpn ip traffic via the wifi interface - because then someone could spoof the vpn ip and effectively become part of my lan.

Have some sort of hierarchical network structure so that the vpn subnet looks closer to the lan subnet than the wifi one does - hopefully then it will pick the "right" ip over the "right" interface depending on which interfaces are up or down. (I'm guessing a bit with this one)

My home network is "unnecessarily complicated." But my experience with it has put me in good stead when dealing with networking issues on larger networks because I understand what my network is doing and why and so I have a good handle on investigating issues when something isn't working. I'd like to gain the same experience with ipv6. I am not, and have no desire to be, a professional networking engineer but it's very useful to have a good handle on what is going on when I need to talk to them.

Comment Re:No support for dynamic address assignment?!? (Score 1) 287

The way to structure your internal network with three subnets is very simple. You will use three /64 out of the /56 or /48 that you got from your ISP.

Yeh, right. And then it starts sending traffic with one ipv6 /64 address over a different interface, which makes sense because ipv6 addresses are globally routable - except that my firewall thinks "hey this is spoofed traffic" and blocks it.

I have a WLAN which, from the PoV of my LAN is equivalent to "the internet" and I have a VPN. Wifi devices that want to talk to my LAN need to connect via my VPN. Except that I then find the device using the VPN ip via the WLAN IF.

I know how to resolve this, I just don't know the best way to resolve it. My network is small enough that I could just staticly configure everything - but then I'm potentially going to get headaches in the future with devices that don't let you configure the default policy table.

Comment Re:No support for dynamic address assignment?!? (Score 1) 287

I'll put this here for want of a better place to ask the question:

Are there any good resources (newsgroups, mailing lists, forums) for people trying to setup ipv6 networks and trying to understand the best way to do it? The debian ipv6 mailing list is (almost) devoid of traffic.

My home network has three ipv4 subnets but I've discovered that it's non-trivial to use the same design on ipv6. It's possible but I don't want to go there unless it's the right way to do it in ipv6. My ipv4 network is the culmination of years and years of experimenting.

Reading through the other comments here, it sounds like many ISPs are thinking of assigning a /128 or maybe a /120 to their end users which I think is such a shame. At minimum they should be assigning a /64 and, ideally a /56 or even /48.

Apart from anything else, if they start assigning anything smaller than a /64 then it's going to be easy to collect ipv6 addresses to attack and it's going to be hard to impossible for end users to mitigate this.

Comment Re:Simple ... (Score 2) 345

I shouldn't rise to the bait but, oh well.

There is no single job interview where I don't have to correct the interviewer about false assumptions of how certain stuff works in C++ ...

Any competent professional will be aware that C++ is a language so vast and with so many obscure corners that there will be corners that they would need to check to be sure and may well get wrong in an interview situation. However...

What is called in which order? Constructor? Assignment operator? A potential cast from bla to s? Or, the copy constructor?

And why the funk am I supposed to know that?

The reason this question would probably asked at interview is that there is a candidate who claims to be expert at C++ who is making statements about obscure corners of the language that are probably wrong but an interviewer doesn't want to get into an argument about it. So instead they'll ask something that any reasonably competent C++ programmer would be aware of (because this syntax is a legacy of C and doesn't do what a naive C++ programmer might assume)

It's also interesting that the really smart C++ programmers are usually quite self-effacing. They probably won't comment or will say something like "Oh, I thought it was B but I'm not sure" if they think something the interviewer said is wrong. They certainly won't be aggressive about interviewer mistakes (although any sensible programmer won't take a job where the interviewers are making to many basic mistakes in the language)

Comment Re:Not in New England (Score 1) 203

Separated bike lanes ("cycletracks" is the buzzword here) are great.

Separated bike lanes are a total nightmare. On a major arterial route where there is no more than one junction every 3+ miles then they're great for the very small proportion of cyclists who are doing 50+ mile rides but in towns they're a disaster. (The vast majority of cyclists don't make journeys where there are no turnings for three miles - they're going from A-B because it's just about walkable but cycling is less effort and faster)

For motorists they're a nightmare - turning left for me (right for the US) you're going to be negotiating a gap through a barrier across the bike lane - possibly with two way cyclists to look out for. As a cyclist they're lethal - it's hard enough getting drivers to see a bicycle in front of them - it's a guaranteed certaintly that they won't see you if you're in a separate segregated lane - so they'll overtake and then hook you or turn across you without a moments thought.

Unfortuately, I can no longer get google maps to work at all but try looking at streetview for Tavistock Place in Bloomsbury, Central London
http://www.openstreetmap.org/#...

Try cycling along there - where pedestrians will step out in front of you or pushchairs will be pushed out in front of you and you have nowhere to go. Where people take great pleasure in smashing glass in the cycle lane because they hate cyclists and you can't go around it.

In my 10 years of commuting from N1 to EC2A, every time a new cycle lane got "designed" on my route I had to find a new route.

Some cycle lanes are good, a very, very few. The vast majority make the roads more dangerous for cyclists than no lane.

There's a "cycle superhighway" near Whitechapel. I'd never used it - but I'd heard of it by reputation - by the number of deaths to cyclists since it had been built. And the first time I used it I had to make two sudden stops for cars making reckless manoeuvres. The "cycle superhighway" makes it more dangerous - for one thing it keeps a space (mostly) clear of cars - so when someone wants to turn left (right in the US) they can pull out of the queue and nip along the "cycle superhighway" for a dozen feet before their turn. Of course, they do this at the last minute without warning and with a burst of speed and acceleration. A bit of scratched paint and another dead cyclist.

In cities (London), mix cars and bikes together. The average speed of the cars is hardly different to the average speed of cyclists. We've just had a guy gaoled for leading the police on a ten mile (car) chase across London (starting in Farringdon) and despite ignoring signals, driving along pavements, knocking cyclists off their bikes (you can google for the video of some of his driving if you're interested) it took him 40 minutes to do those 10 miles.

Give cyclists an extended green phase at junctions - allow them to get away first - to avoid the pinch at the other side of the junction - and it will also make it easier for pedestrians to finish crossing. Allow cyclists to turn left (right for the US) on red lights but don't think building segregated facilities, or magic paint on the road, will make life safer or easier for anyone.

Comment Re:There is a balance between article 8 and 10 (Score 2) 401

You misunderstood the ruling. The comments were taken down as soon as the website owners were notified. The comments were on the website six weeks before anyone complained about them.

The only way they could have removed them before the complaints were made was by moderating upfront.

No, You misunderstand the ruling:

Estonian law means that the website publisher can be liable for comments by their users. Effectively to comply with Estonian law, the websites are required to proactively monitor comments and remove illegal comments.

This is Part II: RELEVANT DOMESTIC LAW AND PRACTICE

European law does not require this - merely that such comments are removed as soon as the publisher becomes aware of them.

The ruling effectively says that Estonia is allowed to gold plate the European requirements. Removing coments only after you become aware of them is not sufficient if you fall under the jurisdiction of the Estonian courts.

In particular, note that Estonia is the defendant in this ruling. Delfi was trying to claim that Estonian law is illegal and the ECHR has *UPHELD* national sovereignty, i.e. upheld the decision of the Estonian courts.

Comment Re:Almost (Score 1) 263

Have you actually written code in Python and found the whitespace handling to be an issue?

I only use python out of necessity, never out of choice, so I'm probably not a representative voice but:

You cannot comment out an if statement so that the code that was conditional is always executed while debugging. You are forced to either comment out the if and re-indent the conditional code or add brackets and or true. Both lead to higher potential risks when undoing the change later.

Python requires indenting but does not require a consistent level or style of indenting. Every time you start a new indent it can be indented a different number of spaces and/or tabs provided only that it's more than the previous line. It is, however, EXTREMELY dangerous to try to reindent such files because the only requirement is that the indent matches a "valid" line above the current line. If there is a mixture of tabs and spaces in the file then this doesn't have to be the line that it visually matches up with.

Automatically reindenting a C++ program is likely to uncover places where the indenting was misleading. It will never[1] lead to a non compiling program being able to compile or a change in semantics. Automatically reindenting a python program is, at best, going to leave the code unchanged. It can render a non-syntatically correct program valid or change the meaning of a program.

[1] there are some obscure corner cases with line continuation characters that are sensitive to there being no or some whitespace at the start of the continuation line.

Comment Re:once the data is "processed"... (Score 1) 639

There's 6 data sets that support the pause

http://asoidu8q123u9081.imgur....

Admittedly, I'm just eyeballing them but it's far from obvious that any of them exhibit a pause at all.

To exhibit a pause you'd have to show that the trend after a certain point was (aproximately) zero and, equally important, that that zero trend was statisitically different from the trend in the prior data.

There's only 36 or so years of data there so I'd be astonished if you could find any point on any one of them that had a statistically significant different trend before and after the point EVEN IF you don't require the two trend lines to join at the point where it changes.

It looks likely to me that there is likely to be a significant warming trend in all six graphs. I'd not be instantly dismissive of a claim that they were compatible with no warming since 1979 but I'd want to see the calculations.

Comment Re:Any materialized predictions? (Re:Sudden?) (Score 1) 268

none of the actual predictions made over these years by the "alarmists" have ever materialized.

I don't know about none, there's probably one or two somewhere that have come true but essentially, yes, you're right. None of the claims made by the alarmist have come true.

On the other hand, scientists tend to be conservative and like to make predictions that are backed by a good understanding of what is happening. This is resulting in things typically being worse than the predictions that scientists were making.

In the 80s when I first became aware of the problem of CO2 in the atmosphere and the greenhouse effect, scientists were talking about hundreds of years for the Arctic to become ice free in summer. By 2000 they were talking about 2050. 2015 and 2035ish seems to be a point where the money is going. (My guess from extrapolating what the reasoned voices are saying is that the first exceptional melt year after 2020 will do it after which it will rebound for a few years and then we'll have ice free summers theafter)

I've not really followed Antarctica. However, back in the 80s I'm pretty sure it was "tens of millenia to melt all of Antarctica if it's possible at all". More recently I've seen comments along the lines of "It can't happen in less than 5-10 thousand years" with the assumption that it will happen eventually if we continue dumping CO2 into the atmosphere.

Comment Re:It's the semi's that destroy the roads (Score 1) 837

Roads without semis aren't designed for semi loading - so those roads do get damaged by cars. Noone surfaces their driveway (the private bit of road up to your house - sorry don't know what the US calls this) to the standard of interstate highway. Likewise, local residential roads are not built to that standard either (although typically to a higher standard than a driveway).

Additionally, weather and vegetation will eventually damage a road even if it has no traffic at all. For metalled roads that only have foot traffic and bicycles, this is, to all intents and purposes, the only source of damage.

Comment Re:Fourth power rule of thumb (Score 4, Informative) 837

Assuming a reasonable pressure (no trains with flanged wheels trying to drive down the highway) then the damage comes from axle load and not pressure for standard road building materials.

It's the (hopefully elastic) deforming of the roadbed that leads to the damage - typically due to surface cracking that then lets weather in - and so below a certain axle weight (which will depend on the design load of the road in question) the damage is essentially zero.

No metalled road designed for cars (or even just foot traffic) will be damaged by bicycles at anything like the rate that weather (and vegetation) will damage it anyway. No road designed for significant truck traffic will be damaged by cars[1]

It would, of course, be possible to design a road that a 90psi bicycle tyre would damage more quickly than a 40psi car tyre but, in practice, it would be more expensive than one that a bicycle wouldn't damage if a car wouldn't.

[1] Cars under hard acceleration can damage the top surface of a metalled road independent of any flexing of the road bed - I've seen this on a steep uphill after a slow bend - every driver hits the throttle at the same point at the bottom of the hill. Once there is unevenness to the surface, whether from the weather or trucks, dynamic loading from cars can rapidly accelerate the ongoing damage.

What we anticipate seldom occurs; what we least expect generally happens. -- Bengamin Disraeli

Working...