Forgot your password?

Comment: Re: Packages can't be removed? (Score 3, Insightful) 118

by pavon (#48227661) Attached to: OwnCloud Dev Requests Removal From Ubuntu Repos Over Security Holes

[quote]It's just irresponsible for the package maintainers to come back and say "we can't pull it, we're leaving it as is, and we're not patching it either".[/quote]
The package maintainers didn't say that. This package is in the universe repository. The entire purpose of this repository is that volunteers can upload packages that Canonical has decided they aren't going to support. So Canonical isn't the package maintainer and you can't really blame them for not supporting packages that they said they aren't going to support.

Furthermore, it sounds like the ownCloud developers want Ubuntu to either use the latest & greatest release, or remove the package entirely. If that is correct, then I think it is irresponsible on the developer's part. Version 7 only came out 3 months ago, so they really ought to be providing security patches for version 6.

Comment: Re:$3500 fine? (Score 4, Interesting) 280

by c (#48217071) Attached to: Tech Firm Fined For Paying Imported Workers $1.21 Per Hour

That's a joke. They should have been fined at least as much as the backwages were.

That's still peanuts.

If you really wanted to send a message, they should be required to pay for an external auditor of the governments choice to come in and perform a top-to-bottom audit on all employee and contractor compensation.

And then get fined for anything fishy.

Comment: Re:How secure is that connection string? (Score 1) 124

Even if BTSync were to process one connection string per CPU clock cycle, it would still take 1e20 years to try all the possible 20-character Base64 strings that BTSync uses by default. If you choose a longer string, then it will take even more time. In otherwords, the standard strings have 120 bits of entropy, and you can increase that to up to 240 bits. This is less than is typically used for encryption these days, but btsync doesn't have to deal with offline attacks.

Rather than key size, I would be more concerned about whether the client potentially leaks data through timing attacks, or any MITM/sniffing attacks that speed up the cracking faster than brute force.

Comment: That isn't open source (Score 1) 124

That isn't an open source implementation of btsync. It is just an unofficial debian package that installs the official proprietary btsync binary. It makes it easier to install and update btsync on debian based systems, but it is the exact same software that you download from the official site.

Comment: No notification of concurrent modification (Score 2) 124

I have been using bittorrent sync for about the same amount of time, and the thing that is killing me is that it makes no effort to detect and warn when a file has been modified on multiple computer since the last sync. It just chooses the one that was modified most recently, and silently overwrites the other one. It does create a temporary archive backup of the modified file that was overwritten, but by the time you noticed you have lost data, it can be very difficult to wade through all the archive files on different computers and figure out which ones need to be merged. The resolution to conflicts will always have to be a manual process, but the sooner you know that a conflict occured the easier it is to resolve.

I've lost track of how many password resets I have had to do because I lost a newly randomly generated password saved to my keypass database, synced across computers.

Comment: Re:Sigh! (Score 3, Insightful) 172

by Sloppy (#48208305) Attached to: Google Announces Inbox, a New Take On Email Organization

I shouldn't have to remind you of the things in the modern world that depends on real-time instructions from software.

You are not one of those things! You GIVE orders to computers, not take! The computer is supposed to be your bitch. Thirty years ago people worried about Terminators, and now I find out that all Skynet has to do, is nicely tell people to jump off cliffs. I can't wait until Google Surgeon, when everyone thinks they should just blindly do what they're told, preferably with impatience and in real time.

Google Surgeon [speaking slowly]: "Snip the art--"

Doctor: [snip] "Yeahyeah doesanyoneknowhow tospeedupthisthing'sspeech?"

Google Surgeon: "--ery, but first, clamp off the blood supply so the patient doesn't bleed to death."

Comment: Re:More changes I don't want ... (Score -1, Flamebait) 172

by Sloppy (#48206627) Attached to: Google Announces Inbox, a New Take On Email Organization

It is positively dangerous when you have to go round a roundabout twice for it to catch up! (In a 40 ton rig).

WTF? How can a mapping program possibly be dangerous or time-sensitive?

(Please don't tell me you are one of those MORONS who relies on software for real-time instructions, instead of having your own plan that was possibly originally aided by software. If you're a moron, then it's not the software that's dangerous; it's that some even bigger, stupider moron allowed you to drive a 40 ton vehicle (or even a 1 ton vehicle) on roads that might have other people within a quarter mile.)

All I can think of, is that the slowness is somehow keeping you from being able to review your route before you it's time for you to leave, so that you end up driving faster to catch up.

Comment: Re:I never ever commented on the SCO issue in any (Score 1) 187

We knew what was going on when you ran your anti-IBM campaign, sometimes even positioning yourself as arguing on behalf of our community. It was a way to lend credence to IBM and MS arguments during the SCO issue. To state otherwise is deceptive, perhaps even self-deceptive.

Florian, you would not be devoting all of this text to explaining yourself if you didn't feel the need to paint your actions in a positive light. That comes from guilt, whether you admit it to yourself or not.

Go write your app, and if you actually get to make any money with it you can give thanks, because it will happen despite what you worked for previously. Keep a low profile otherwise because your credibility is well and truly blown and you can only make things worse. And maybe someday you can really move past this part of your life. But I am not holding out much hope.

Comment: Re:Bruce, I know why u r disappointed. Let me expl (Score 1) 187

So, I see this as rationalization.

The fact is, you took a leadership position, and later turned your coat for reasons that perhaps made sense to you. But they don't really make sense to anyone else. So, yes, everyone who supported you then is going to feel burned.

You also made yourself a paid voice that was often hostile to Free Software, all the way back to the SCO issue. Anyone could have told you that was bound to be a losing side and you would be forever tarred with their brush.

So nobody is going to believe you had any reason but cash, whatever rationalization you cook up after the fact. So, the bottom line is that you joined a list of people who we're never going to be able to trust or put the slightest amount of credibility in.

And ultimately it was for nothing. I've consistently tried to take the high road and it's led to a pretty good income, I would hazard a guess better than yours, not just being able to feel good about myself.

You are in a maze of UUCP connections, all alike.