Forgot your password?

Comment: Re:Wrong Title (Score 2) 499

by mveloso (#47876417) Attached to: Researcher Fired At NSF After Government Questions Her Role As 1980s Activist

The article says that they asked her about a group affiliated to the two groups with which she associated, and specifically if she ever was part of a terrorist group.

I doubt she had any idea that the third group even existed. Not sure what to think, except her response must not have been to their liking.

Sucks to be her.

Comment: Captcha rate limiting error message? (Score 1) 142

by mveloso (#47854733) Attached to: Feds Say NSA "Bogeyman" Did Not Find Silk Road's Servers

I've been thinking about this over the last few days, ever since the story popped up in wired.

If they exceed the captcha's rate limit, the captcha -might- leak information in its rate-limiting error message. The message would be something like "your server at IP has exceeded its request limit."

This is likely because if you exceed the rate limit you'd kind of want to know which one of your front-ends was be the bad one.

Nobody really would test that sort of thing either.

Comment: Coincidence? Or conspiracy? (Score 4, Interesting) 107

by mveloso (#47849211) Attached to: Apparent Meteorite Hits Managua, Nicaragua, Leaving Crater But No Injuries

Like college age kids, meteors seem to always travel in packs. The Chelyabinsk one was said not to be related to 2012Da/367943 Duende, but it sure is a hell of a coincidence that close flying meteors have an "unrelated friend" that impacts the Earth.

Maybe we got the ugly friend?

Comment: Security and liability: think Target (Score 1) 137

by mveloso (#47844057) Attached to: Ask Slashdot: Remote Server Support and Monitoring Solution?

The media says Target was breached due to a compromise at their HVAC vendor. Do you want to be the vendor that gets hit with a liability suit because someone broke in through your network?

It's obvious from your question that you're not really sure what you're doing. SNMP? That's for network crap, not for server and application level stuff. Why would you even talk about SNMP? Why would you even want a VPN into the customer network?

If you need access to your server, write it into your support contract, and ask the vendor for a VPN login. Then the vendor can turn that login on and off when an outage occurs. Then just use NewRelic for monitoring (assuming your machine can get out).

If you need continuous access to your server, write it into your support contract, then make sure that (1) you really need it, and (2)your security is better than your customers' security.

Or, if you want to screw everyone, just run a TeamViewer instance on it and connect to it on the sly. I'm sure your customers would love that, but that's what you're basically asking them to allow you to do.

Comment: Ping is not reliable (Score 1) 137

by mveloso (#47844045) Attached to: Ask Slashdot: Remote Server Support and Monitoring Solution?

Ping is almost the worst way to check to see if your server is up. In fact, certain machines will return an ICMP response even after you've broken into their bios-equivalent (hello, Solaris).

Do a service level check.It's not that hard to do a curl instead of a ping. A curl's results can show you if it's present and functioning. A ping just shows you that the network interface is responding or not.

People disable ping because if you don't know a server is there you can't attack it. It's like enabling MAC address filtering - it doesn't really help that much, but it in a specific set of circumstances help a bit.

Comment: Retarded and wrong comment (Score 1) 99

by mveloso (#47837949) Attached to: LLVM 3.5 Brings C++1y Improvements, Unified 64-bit ARM Backend

Maybe if you had read the release notes you wouldn't have posted such a retarded comment. Oh, and large chunks of the llvm/clang team work at Apple.

"During the 3.5 release cycle, Apple released the source used to generate 64-bit ARM programs on iOS platforms. This took the form of a separate backend that had been developed in parallel to, and largely isolation from, the existing code.

We decided that maintaining the two backends indefinitely was not an option, since their features almost entirely overlapped. However, the implementation details in both were different enough that any merge had to firmly start with one backend as the core and cherry-pick the best features and optimisations from the other.

After discussion, we decided to start with the Apple backend (called ARM64 at the time) since it was older, more thoroughly tested in production use, and had fewer idiosyncracies in the implementation details.

Many people from across the community worked throughout April and May to ensure that this merge destination had all the features we wanted, from both sources. In many cases we could simply copy code across; others needed heavy modification for the new host; in the most worthwhile, we looked at both implementations and combined the best features of each in an entirely new way.

We had also decided that the name of the combined backend should be AArch64, following ARM’s official documentation. So, at the end of May the old AArch64 directory was removed, and ARM64 renamed into its place.

At the source of every error which is blamed on the computer you will find at least two human errors, including the error of blaming it on the computer.