Forgot your password?

Comment: But what about the hiatus? (Score 1, Flamebait) 196

by mveloso (#47964085) Attached to: Hundreds of Thousands Turn Out For People's Climate March In New York City

There hasn't been warming for over a decade, but the warming/change advocates have ignored that because it confounded their model - until a bit ago, when they sized upon the ocean as a heatsink due to another study.

How many billions of dollars have been wasted chasing that chimera?

If they really cared about reducing their carbon footprint, they'd all kill themselves. As a westerner, they have a massive carbon footprint that they'll never erase. At least that way they'd be able to give back by fertilizing a tree or something. Of course, if they choose cremation that'll release even more carbon and waste, since they'll need an urn of some sort.

Comment: Re:Wrong Title (Score 2) 499

by mveloso (#47876417) Attached to: Researcher Fired At NSF After Government Questions Her Role As 1980s Activist

The article says that they asked her about a group affiliated to the two groups with which she associated, and specifically if she ever was part of a terrorist group.

I doubt she had any idea that the third group even existed. Not sure what to think, except her response must not have been to their liking.

Sucks to be her.

Comment: Captcha rate limiting error message? (Score 1) 142

by mveloso (#47854733) Attached to: Feds Say NSA "Bogeyman" Did Not Find Silk Road's Servers

I've been thinking about this over the last few days, ever since the story popped up in wired.

If they exceed the captcha's rate limit, the captcha -might- leak information in its rate-limiting error message. The message would be something like "your server at IP has exceeded its request limit."

This is likely because if you exceed the rate limit you'd kind of want to know which one of your front-ends was be the bad one.

Nobody really would test that sort of thing either.

Comment: Coincidence? Or conspiracy? (Score 4, Interesting) 107

by mveloso (#47849211) Attached to: Apparent Meteorite Hits Managua, Nicaragua, Leaving Crater But No Injuries

Like college age kids, meteors seem to always travel in packs. The Chelyabinsk one was said not to be related to 2012Da/367943 Duende, but it sure is a hell of a coincidence that close flying meteors have an "unrelated friend" that impacts the Earth.

Maybe we got the ugly friend?

Comment: Security and liability: think Target (Score 1) 137

by mveloso (#47844057) Attached to: Ask Slashdot: Remote Server Support and Monitoring Solution?

The media says Target was breached due to a compromise at their HVAC vendor. Do you want to be the vendor that gets hit with a liability suit because someone broke in through your network?

It's obvious from your question that you're not really sure what you're doing. SNMP? That's for network crap, not for server and application level stuff. Why would you even talk about SNMP? Why would you even want a VPN into the customer network?

If you need access to your server, write it into your support contract, and ask the vendor for a VPN login. Then the vendor can turn that login on and off when an outage occurs. Then just use NewRelic for monitoring (assuming your machine can get out).

If you need continuous access to your server, write it into your support contract, then make sure that (1) you really need it, and (2)your security is better than your customers' security.

Or, if you want to screw everyone, just run a TeamViewer instance on it and connect to it on the sly. I'm sure your customers would love that, but that's what you're basically asking them to allow you to do.

Comment: Ping is not reliable (Score 1) 137

by mveloso (#47844045) Attached to: Ask Slashdot: Remote Server Support and Monitoring Solution?

Ping is almost the worst way to check to see if your server is up. In fact, certain machines will return an ICMP response even after you've broken into their bios-equivalent (hello, Solaris).

Do a service level check.It's not that hard to do a curl instead of a ping. A curl's results can show you if it's present and functioning. A ping just shows you that the network interface is responding or not.

People disable ping because if you don't know a server is there you can't attack it. It's like enabling MAC address filtering - it doesn't really help that much, but it in a specific set of circumstances help a bit.

"The four building blocks of the universe are fire, water, gravel and vinyl." -- Dave Barry