Forgot your password?

Comment: Re:its not a claim, its a fact of life. (Score 4, Informative) 414

by nabsltd (#48191733) Attached to: Debian's Systemd Adoption Inspires Threat of Fork

One might as well complain about all the basic utilities under the GNU project umbrella.

I can use ls without having to use info, but I can't use systemd-networkd without using systemd. Conversely, there is no logging system other than systemd-journald that works with systemd.

In other words, each individual program that makes up the "systemd brand" must all be installed and running or else none of them work. This is completely different from the current init system, which doesn't care which system logger (for example) you use, and doesn't even require you to use one at all.

So, even though the "systemd brand" is many separate applications, the net result is no different from one monolithic application with many shared libraries.

Comment: Re:Honestly, I prefer the one on the left (Score 1) 414

by nabsltd (#48191611) Attached to: Debian's Systemd Adoption Inspires Threat of Fork

(2) Most importantly, I can hack that bash script to do whatever I damn well please.

And, although you can hack the "sendmail.service" file shown in that link, your hack will be overwritten the next time sendmail is updated, since the file is in /usr/lib/systemd/system. Also, /usr could be a read-only filesystem.

Instead, to make your hack effective, you'll need to create a file somewhere under /etc/systemd (your guess is as good as mine...the documentation sucks) that will do what you want. Since there is also no documentation about what, exactly, must be in the file (do you need every entry that was in the original, or can you just override what you want to change?), you'll have to play around for a while to see what works.

The right thing to do is for the sendmail package maintainer to place an example user file in the right place, and comment out everything so it doesn't actually overwrite the default, but the comments will let a sysadmin know what to change if they need to. But this is yet another major problem with has so damn many config files, that if every package maintainer did this, you'd have hundreds of files in the override directory, even though you only need a few for the changes you want to make.

So, the really right thing to do is to not keep config files of any sort in /usr/lib, but instead put them only in /etc, and then any changes the user makes there are applied as the should be. This is not the systemd way, though, as the systemd maintainers know much better how your system should be run than you do.

Comment: Re:Ho-lee-crap (Score 4, Insightful) 250

by nabsltd (#48185725) Attached to: The Largest Ship In the World Is Being Built In Korea

Considering this ship is designed to hold however many thousand cargo containers and the crew to support it, it needs a lot of empty space inside.

According to TFA, the crew while at sea is 15 people, which is nothing compared to the 5,000 or so on a fully-populated-for-war aircraft carrier.

When you add in the fact that a warship is supposed to be able to go for at least weeks at a time without any replenishment, needs a much stronger hull for its size, has a lot more electronics that need special cabling and conduits, etc., commercial vessels are actually quite easy to build in comparison.

Comment: Re:Blade servers blow (Score 1) 56

by nabsltd (#48168933) Attached to: Making Best Use of Data Center Space: Density Vs. Isolation

The mongolian clusterfuck is the result of the byzantine cofiguration rules each vendor has for determining a blade's NIC or FC mapping with the blade center's (overpriced) internal switch bays.

Cisco's blades do all of this through can add and delete NICs and fiber channel cards with a couple of mouse clicks on the Java applet that runs in the browser.

Comment: Re:Has it been working so far? (Score 1) 387

by nabsltd (#48167871) Attached to: Torvalds: I Made Community-Building Mistakes With Linux

your cars, in your televisions, in your game systems, in your embedded devices...

Now your fanboyism is showing. None of those are significantly Linux-driven, which is mostly because of the GPL.

What are you talking about? Many of those devices do use the Linux kernel, which is all "Linux" really is. The userspace many people think of as "Linux" is really a collection of other software, much of it GNU.

For example, I have two media players, an eBook reader, a TV, a surveillance camera, and an A/V receiver that all use the Linux kernel. On the first three, I can get a shell prompt, and can cross-compile apps to run on them. None of the devices I'm talking about run Android, either.

Comment: Re:No sh1t sherlock. Unbundle the crap! (Score 1) 139

by nabsltd (#48158193) Attached to: HBO To Offer Online Streaming Without TV Subscription

I've read the agreements. The cable guy lied to you. They can't unbundle what they pay, but they can unbundle what you pay.

Apparently, you haven't read the agreements in detail. Not only does the cable company have to pay the content provider for the full package, the agreement also says that the cable company has to provide all those channels on some particular tier (like "basic", "expanded basic", etc.) so that the content provider gets to say "available in X% of homes" to keep advertising dollars higher.

So, yes, the cable company could unbundle the channels and only charge you for the channels you want, but you'd still get all the other channels from that content provider based on your "tier". The only way to avoid this would be to have a completely "a la carte" tier. If that happened, though, the content providers would have lower advertising dollars, and would thus have to charge more for their content, which would mean that a la carte would end up at similar prices to what you pay now, unless you truly do just watch one or two channels.

Comment: Re:wow (Score 1) 564

by nabsltd (#48149995) Attached to: Lockheed Claims Breakthrough On Fusion Energy Project

Yeah, you say that now, but when we get more power, you can all but guarantee we'll use more power.

There's a limit to that before the Earth becomes Venus or Mercury.

Basically, the vast majority of the power on Earth right now came from the sun at some point in time. The exception is nuclear reactions (either in power plants or in the rocks in the ground). Right now, these exceptions are a very small part of the total, but cheap fusion would change that dramatically.

Eventually, all the power turns to heat, and too much of it is a very bad thing. Perhaps reducing CO2 (no <sub> tag support...really Slashdot?) emissions by cutting back dramatically on fossil fuel usage would help balance out and allow radiation of heat to space to be more efficient, but it's hard to say when everything is still speculation.

Comment: Re:Oh great (Score 1) 546

by nabsltd (#48139635) Attached to: Password Security: Why the Horse Battery Staple Is Not Correct

If you use a commonly used phrase, its the same as using a commonly used password.

As I said, if you "pick the words for your pass phrase from a small, well-known dictionary", you're going to be in trouble. A "commonly used phrase" would be the extreme version of using a limited pool of words.

Though, if it is enough words, and you use some kind of mutator (vary spacing, capitalization & punctuation, use l33t, etc.), even knowing the exact phrase would take a few thousand guesses to find which mutators were used in which position.

Comment: Re:Oh great (Score 1) 546

by nabsltd (#48136861) Attached to: Password Security: Why the Horse Battery Staple Is Not Correct

Commonly used passwords are vulnerable to dictionary attacks, that doesn't change when you use passphrases.

Yes, it does, unless you do all the following:

  • Pick the words for your pass phrase from a small, well-known dictionary.
  • Follow the spacing expected by the attacker.
  • Use only the case the attacker expects (all upper, all lower, proper caps, etc).
  • Use only letters and punctuation or special characters.
  • Don't do any substitution of characters (no l33t, etc.)
  • Spell every word correctly.

It's easy to create a phrase that is personal to you and won't appear in any Google search. But, even if it does, if you don't just use lowercase letters with the words run together, it will take a long time for the attacker to run through all the permutation tricks on a 40+ character phrase.

And here's a really good one...the part of your post that I quoted would make an excellent pass phrase, since it contains one word that isn't in the *nix words list. Something as simple as making a compound out of "pass phrase" is enough to cause an attacker pain if they use the wrong dictionary. And, when attackers start including every single "word" in their dictionary, it gets even closer to brute force. When you use "Tatooine" and "Mordor" in your pass phrase that doesn't in any other way reference "Star Wars" or LoTR, it's pretty secure: Tucson is hot, but it's no Mordor or Tatooine. Easy to remember, easy to type, but painful to crack.

Comment: Re: symbols, caps, numbers (Score 2) 546

by nabsltd (#48136695) Attached to: Password Security: Why the Horse Battery Staple Is Not Correct

It's also a potential DOS for the server if a bunch of people start submitting preposterously long "passwords" anywhere they have a password box.

Nobody's asking for sites to allow you to use your favorite novel as a password, but limiting to some insanely short value is not the right way to solve the problem.

Set a limit of 255 characters for the password, and you won't get any complaints about too short a limit while keeping the computing requirements for the hash creation reasonable.

Comment: Re:One quote *is* the story (Score 1) 478

by nabsltd (#48114507) Attached to: The CDC Is Carefully Controlling How Scared You Are About Ebola

this strain of ebola appears to have a 70% mortality rate.

Mortality rates for hemorrhagic fevers are often inversely proportional to the level of medical care available.

Keeping a patient cool and hydrated reduces mortality rate dramatically. Having antibiotics on hand to battle secondary infections is also a big plus. Even a supply of more powerful fever-reducing drugs than aspirin would be considered a luxury in many of the places where Ebola has a high mortality rate.

Do not underestimate the value of print statements for debugging.