Forgot your password?
typodupeerror

Comment: Re:pfsense (Score 1) 193

DD-WRT is no walk in the park. It's difficult to find a stable version for newer hardware, if there even is a recent release considered stable. Examples: I bought a router that was supposed to be compatible, but it turned out that the only release available wasn't stable. I installed it anyway, but I later found out it wouldn't accept a manually entered IP (due to a javascript problem on the web GUI - resolved in a later release) which turned into a huge headache. On another release (different router), the 5GHz radio didn't work - something about the driver. On the other hand, I have a slightly older router with DD-WRT which has been up for prob over a year with no issues. Verdict... ? If you do your research first and really vet the device you're going to use, you might be okay.

On the other hand, I've setup three boxes w/ pfSense in the past year, and each has been stable and good to me. The gui is certainly more cryptic than DD-WRT, but it's also far more powerful (as it should be, as it's running on beefier hardware). I've run it on an old P4 (the never ending supply of SFF Dell P4 desktops are good for this), but for something more efficient (and fanless) I've also installed it on inexpensive Atom-based boxes. Still more energy (and more expensive) than a ARM-based device, but the features and stability have been worth it. For WiFi, I just use an inexpensive AP-only device

+ - Code Released To Exploit Android App Signature Vulnerability->

Submitted by chicksdaddy
chicksdaddy (814965) writes "A security researcher has published what he claims is a proof of concept program that exploits a security hole that affects almost all Android mobile devices in use today.

Pau Oliva Fora, a security researcher for the firm Via Forensics, published a small, proof of concept module on GitHub (https://gist.github.com/poliva/36b0795ab79ad6f14fd8) that exploits the flaw in the way Android verifies the authenticity of signed mobile applications. The flaw was first disclosed last week by Jeff Forristal, the Chief Technology Officer at Bluebox Security, ahead of a presentation at the Black Hat Briefings in August. (https://securityledger.com/2013/07/flaw-leaves-900m-android-devices-vulnerable/). It affects versions of Android going back four years.

The simple program leverages APKTool, a common, open source tool for reverse engineering Android applications – decompiling and then recompiling their contents. His script allows a user to select and then decompile a legitimate Android application and then recompile it, creating an altered, “malicious” APK that will have the same, cryptographic signature as the original file. In an e-mail statement, Google said that a patch for Forristal’s vulnerability was provided to Google’s OEM (original equipment manufacturer) and carrier partners in March, and that some (Samsung) have already shipping a patched version of Android to customers. However, that response hasn't been universal — a reflection of Android's fragmented install base. (https://securityledger.com/2013/03/android-ecosystem-still-fragmented-insecure/)"

Link to Original Source

+ - The Black Underbelly Of Windows 8.1 'Blue' 3

Submitted by snydeq
snydeq (1272828) writes "Changes in Microsoft's forthcoming upgrade to Windows 8 reveal the dark underbelly of Microsoft's evolving agenda, one that finds pieces of Windows 8 inexplicably disappearing and a new feature that allows Microsoft to track your local searches cropping up, InfoWorld's Woody Leonhard reports. 'As Windows 8.1 Milestone Preview testers push and prod their way into the dark corners of Windows 8.1 "Blue," they're finding a bunch of things that go bump in the night. From new and likely unwelcome features, to nudges into the Microsoft data tracking sphere, to entire lopped-off pieces of Windows 8, it looks like Microsoft is changing Windows to further its own agenda.'"

Comment: Re:It will take more than a new box (Score 1) 178

by no_such_user (#44045263) Attached to: TiVo Series 5 Coming This Fall

This adapter is often a device that must match the type of cable system your provider runs

I was under the impression that this was under the umbrella of the CableLabs OpenCable spec, which means, in theory, it'd be a standard. And, hey, what about (I should think twice before mentioning this, but here goes nothing...) True2Way?

Btw, the fact that you even need one pretty much confirms your cable system is crap...

I'm not usually one to defend my cable company, but I'll make an exception this time. The current implementation of SDV is crap, yes. But the infrastructure is most certainly not. So instead of wasting millions of dollars to upgrade, we use what we have now and fit as much as we can. Besides, practically speaking, building a better infrastructure won't give me anything I don't have now, except a higher cable bill.

Comment: It will take more than a new box (Score 5, Informative) 178

by no_such_user (#44039121) Attached to: TiVo Series 5 Coming This Fall

Dear Tivo,

1) Lower your damn prices already! You'd have people beating down the doors if you'd lower your monthly fee to $5/month, and you'd still be making good money to boot!
2) Stop treating your old customers as second-class citizens! The old Tivos work just fine, so why aren't you porting new features to these units? Even UI/UX improvements which take negligible CPU or memory usage are never implemented. Sure, there are a lot of lifetime account holders, but you're still collecting monthly fees on some of these, right?
3) Integrate the "tuning adapter" for switched digital video to inside the Tivo. The fact that I need such a thing in the first place is ridiculous.
4) Lower your damn prices already! $60 for a wireless G dongle? $90 for an N wireless bridge?! C'mon!
5) What's the deal with CableCard, anyway? Are cable companies going to continue to support this? What about users of IP-based services, like AT&T's U-verse?
6) Don't get me started on copy-protection...
7) Lower your damn prices already! $5/mo -- it's worth repeating!

Thanks,
Me

Comment: Can't wait! (Score 2) 50

12 hours and only 37 comments? The response to a device like this should be far greater on a site like Slashdot. *Sigh*.

Anyway, I've always felt TAPR kits were not entirely within my grasp due to either high prices or high complexity. I hope this will be an affordable kit which doesn't require a ton of SMD soldering. Take the lead from Raspberry Pi - small, simple, affordable hardware.

Good luck! I'll see you guys at Dayton!

Comment: Re:RFID = The Mark of Beast? (Score 1) 743

by no_such_user (#42080473) Attached to: Student Refusing RFID Badge Now Fights Expulsion Order

A person can believe in a god, belong to a religious community, and integrate that belief and community into their daily lives without it becoming obsessive and/or intrusive. In my book, that's what lets science and religion remain compatible.

Can she become a competent civil engineer and build bridges as well as the next person? Probably. A talented chemist? Sure. You're right, it is a big house. But if she can find the devil in an RFID badge, I'm wondering what else she'll shun because of a religious concern. That's the shadow I'm talking about.

Comment: Re:RFID = The Mark of Beast? (Score 1, Insightful) 743

by no_such_user (#42052535) Attached to: Student Refusing RFID Badge Now Fights Expulsion Order

Off topic? Given that it's the protesters PRIMARY ARGUMENT, it seems pretty damn on topic to me.

Anyway, I find it difficult to reconcile the religious aspect of her argument with the fact that she's attending a science and engineering based magnet school. I'm not saying that religion and science are inherently incompatible, but I am saying that her equating an RFID badge to the "mark of the beast" makes me think her devotion to her religion will place a shadow over her science education.

FWIW, the article says the school offered to disable the electronic portion of the badge, but that the school requires the parents to stop protesting. I would love to hear the school's side of this story.

Comment: Anything, if it gets TM out of the loop! (Score 1) 58

by no_such_user (#41744401) Attached to: Crowdsourcing Concerts — the Future of Live Music?

I'm all for this, especially living in a 2nd-class city (when it comes to concerts). But just as important as getting artists to play here is removing Ticketmaster from the equation. Could this mean the ticket price is what you pay, no more hidden service fees, etc.? No more monopoly by one ticket service? I won't get my hopes up... surely TM will just buy them if they show any sign of doing well.

Comment: Re:Cool (Score 1) 398

by no_such_user (#41631237) Attached to: Why Eric Schmidt Is Wrong About Microsoft Not Mattering Anymore

Wordperfect was *the* standard word processor in the late 80's/early 90's. When Microsoft's Word 2.0 came out, with a beautiful GUI and no more finger-contorting F-key combos which required a chart to use, it **blew away** Wordperfect. Excel's inline graphs, expression helper, and crazy-easy cell formatting **blew away** Quattro Pro. Access' drag and drop table linking, virtually automatic query generation, and included example dbs and help system **blew away** Paradox/Dbase. It was a revolution that Microsoft ushered in. For most laypeople, it wasn't just cool, it was near magic. First they made "cool" killer apps when others were stagnant and relying upon their entrenched position to keep up sales. And then they put in place anti-competitive agreements with OEMs to make sure they kept their position.

In the late 90's, Microsoft was no longer cool for end users, but for developers and their associated sales force, they sure were. Devs were EXCITED to use MS's development tools and languages (VB/C++/Interdev/etc.). It was cheap to get started, plus there were a ton of resources for cheap training. SQL Server had easy hooks into all of the MS stuff, and watching a five minute demo on linking a SQL Server db to your web app was powerful. A new generation of IT admins preferred Windows NT's GUI to command line Solaris/Irix/AIX/etc. This was all backed by the ease of becoming a Microsoft partner, which would mean a steady flow of sales leads to your shop. For better or worse, their technologies revolutionized a whole generation of developers who thought MS was cool. First they had cool tools when others were stagnant and relying upon their entrenched position to keep up sales. Then they used shady, anti-competitive tactics to keep that position.

All I'm saying is that they were perceived as cool at one point. I'm also saying that I'm glad that era looks to be over.

Comment: Mobile setup (Score 1) 331

by no_such_user (#40354953) Attached to: Ask Slashdot: How To Evacuate a Network

I know this won't help the OP now, but If you live in a disaster-prone area and you could ever be hours away from a sudden evac, consider setting up your hardware as if you were doing a mobile installation. 19" rack cabinets on casters, which can be quickly pushed to a truck. Note: just because you have wheels on your rack doesn't mean they're meant to be moved when loaded down with equipment. But the appropriate equipment. If you want to see something like this in action, go to a major televised sporting event a couple of days before the event starts and ask nicely to talk to the tech manager.

Man is the best computer we can put aboard a spacecraft ... and the only one that can be mass produced with unskilled labor. -- Wernher von Braun

Working...