Forgot your password?
typodupeerror

Comment: There's still no free lunch. (Score 3, Interesting) 303

by pushf popf (#41869485) Attached to: Ask Slashdot: How To Deal With a DDoS Attack?

Before I found that there was a lot more money and a lost less hours and stress doing consulting than being a cubicle drone, I worked for a large hosting company.

Handling a DDOS attack is a piece of cake. We handled a few a week and this was in the early 2000s. We would watch the router traffic graphs and see a spike that might be eating 5% or 10% of our capacity and just grin. All you need is money. Your ISP needs giant pipes, spare server capacity distributed around the world and sharp network guys, and for the right price, they'll simply make the problem go away for you.

However the cost of doing this means that if $1500 to Rackspace sounds like a lot of money, you're not in this league.

If you're at the "less than $200/month" level for hosting, your best course of action is to not piss people off, and if you're attacked just hope you can wait it out.

The "up side" of having a small site with cheap hosting is that it probably won't actually do much damage to your business if it's down for a few days.

Comment: Re:Wrong.!! (Score 1) 738

by pushf popf (#39782865) Attached to: Software Engineering Is a Dead-End Career, Says Bloomberg

> I'm 43 and I work in the way he describes. I've never had more freedom, more time, or more money.

Absolutely! Start your own business and whore yourself out to the companies that were dumb enough to fire all their really talented guys.

I've never been happier. I wake up every morning at the crack of "whenever the hell I feel like it", make breakfast, take the dog out for a walk, then drop in on some clients.

While the money has never been better, the freedom and peace of mind is infinitely more valuable.

Comment: Re:Planning for success (Score 1) 504

My bet here is that some Slashdot posters are going to enter this conversation and tell you that you don't need a CS degree to be successful. That you might even be able to get away with taking a few formal classes, working on some more open source projects, and to keep trying.

I have no CS degree. I have no degree of any kind and have been working in IT for 25+ years. I was snatched out of college before I had the chance to finish my P/E requirement. Apparently knowing how to run around a track or dribble a basketball was important somehow. In any case, I never went back and never finished.

In any case, once you have some successes under your belt, nobody gives a crap where (or if) you graduated.

While there's nothing wrong with a degree, it really doesn't certify that you have any special knowledge or level of expertise, it certifies that you're a good drone and can put up with huge quantities of pointless tasks and bullshit assignments, which makes you perfect for the corporate workforce or government.

Comment: Re:Political Theory (Score 1) 94

by pushf popf (#36622046) Attached to: Chinese City Wants To Build a Censorship-Free Hub

* Ahem * As a degree holder in Political Science with a minor in International Relations, ,i>kaff-kaff,/i>, I may be able to contribute here. The suspicions above are not without foundation. However, historically whenever a totalitarian regime has tried to espouse free and independent thought in a "contained" place, they often wind up growing free thinkers that they cannot later control. Hitler tried coddling his engineers, but they wound up sending secrets to the English and Americans. Stalin tried pampering Sakarov. So while I wouldn't drop my drawers in Chongqing's proposed Cloud Computing Special Zone, but I would applaud and encourage it. It could become an incubator for a representative there who actually believes what he's promising and would be frustrated to learn he's a front... a breeding ground for future Nobel Peace Prize nominees. So polite hurrahs are warranted.

Oddly enough, the Chinese government isn't stupid and takes a very long-term view of things.

This could be exactly what they're planning and want this to happen so they can have the benefits and freedom due to the "changing times" without having to embarrass themselves by back-peddling with their current policy. It also lets them selectively enforce "who has freedom" by allowing the access policy to the area be "leaky".

Comment: Not possible on a shared host (Score 2) 182

by pushf popf (#36326368) Attached to: Ask Slashdot: Verifying Security of a Hosted Site?

If you don't control everything on the box, you can't ensure security.

Regardless of what they claim or what they do, you're essentially sharing the box with hundreds or thousands of other users who potentially have access to run whatever they feel like.

I would suggest a Virtual Private Server on Linode. Your server is yours and security will live or die by how you configure it.

Comment: It's false scarcity based on greed. (Score 2) 537

by pushf popf (#35986956) Attached to: On Monday, AT&T Customers Enter Era of Broadband Caps

When most of the long haul and medium haul fiber was laid, they didn't just bury what they needed, they buried a bunch of it. However most was never connected to equipment (lit up).

This dark fiber is still sitting in trenches and conduits (many were taxpayer funded) running along a huge number of US superhighways, and has not seen a single byte of data.

This is mostly because having additional capacity would remove the artifical limits, increase the supply and cause prices for internet access to drop.

While some companies have problems with "the last mile" (to the home), companies that ran fiber to the home like Verizon, are still attempting to limit bandwidth and create artifical shortages.

Censorship

+ - US Internet ‘Kill Switch’ Bill to be R->

Submitted by suraj.sun
suraj.sun (1348507) writes "The resurgence of the so-called “kill switch” legislation came the same day Egyptians faced an internet blackout designed to counter massive demonstrations in that country.

The bill, which has bipartisan support, is being floated by Sen. Susan Collins, the Republican ranking member on the Homeland Security and Governmental Affairs Committee. The proposed legislation, which Collins said would not give the president the same power Egypt’s Hosni Mubarak is exercising to quell dissent, sailed through the Homeland Security Committee in December but expired with the new Congress weeks later.

“My legislation would provide a mechanism for the government to work with the private sector in the event of a true cyber emergency,” Collins said in an e-mail Friday. “It would give our nation the best tools available to swiftly respond to a significant threat.”

Wired: http://www.wired.com/threatlevel/2011/01/kill-switch-legislation/"

Link to Original Source

Comment: Re:Chill out... (Score 1) 347

by pushf popf (#34347528) Attached to: Anxiety and IT?
My answer was to "say no"

In fact, I went on to say "If you really need 24x7x365 support, you need three shifts of employees, not one poor bastard that you think you can call at 3am because something is unhappy"

It worked just fine and I never got a call. when I went home at night, I was gone. When I came back in the morning, I was there.

Setting limits with employers will do wonders for reducing stress and workload. They probably won't fire you unless they're complete dickheads, in which case a better job awaits somewhere else.

Comment: Re:Don't put it on the Internet! (Score 1) 227

by pushf popf (#34181838) Attached to: Evaluating Or Testing Utility SCADA Security?

That is completely impractical.

People in userland need data from the SCADA network to keep the business running. They absolutely must have a way to get it. Saying "no" isn't an option.

Sure it is.
 
  Watch this: "You're being paid to do a job. Being inconvient helps to safeguard the public utilities and prevents tampering from remote locations. If I find any systems that are connected to the public internet in any manner no matter how convoluted, I will fire the responsible individual(s) and their manager(s) on the spot."

See how easy that is?

Need data? Write it to a DVD and sneakernet it to whoever/whatever needs it.


Good advice. Try it with 30 plants covering a 1500sq mile area. While you were out all day updating your servers, an instrument tech forgot to clean his thumbdrive before plugging it in to an IEM to update the firmware. Since you didn't have regularly updating anti-virus, your whole network is now down and the company is losing millions of dollars an hour in lost production while you try to clean the 60 servers and 400 consoles on your SCADA network.

That's even more of a reason to not be connected to the net. The damage would be limited to the area one man could travel in a day, instead of everything, everywhere.

And you know what? I don't care if it's practical. Not all jobs get to be "convienient".
 

Comment: Re:Don't put it on the Internet! (Score 1) 227

by pushf popf (#34153558) Attached to: Evaluating Or Testing Utility SCADA Security?

Good safe practice for separating a process control network from the internet is something like: internet > corporate network > buffer network > process network. Completely separating it is not advisable, because it can actually make it harder to administer and protect (updates, antivirus, etc). It's an option though if you are diligent with sneakernet updates and whatnot.

That's absolutely a recipe for disaster.

Nothing on the SCADA system should connect to anything, on any other network, using any method. No VPN, VLAN, Dameware, Citrix, or anything else you can come up with. Nada. Zip.

If this makes updates harder, that's awesome. It's supposed to. Someone is getting paid to do maintenance. It's their job. If by chance, you wish to do an update at some point, download the update, verify all the signatures with the vendor, burn it to a DVD and walk it over and install it. Then put the DVD somewhere safe, so when your system goes down you can find out what did it.

Comment: They seem to be missing the point. (Score 2, Insightful) 450

by pushf popf (#34088896) Attached to: Fighting Ad Blockers With Captcha Ads

Advertising exists in order to create a demand for stuff people don't need.

People already know they need food, water and shelter. Nobody needs a steak from Outback or a new Disney toy.

They can't "force" anybody to do anything and if viewing specific content requires watching an ad, then I guess they'll have to get along without my business.

Idle

+ - 3D image of girl in street used to slow drivers->

Submitted by Anonymous Coward
An anonymous reader writes "Safety organizations are always searching for new ways to get drivers to slow down, but this latest idea may be a step too far. It may even cause accidents.

The BCAA Traffic Safety Foundation has partnered with safety group Preventable to place an optical illusion of a little girl chasing her ball in the street. For drivers it will appear as a 3D image of a girl in the street which they have to decide is real or not.

This experimental idea meant to remind drivers to drive within the speed limit and stay alert will first be seen in a school zone on 22nd Street, West Vancouver. It is made possible due to a $15,000 display that has been installed that allows the girl to be seen most clearly by drivers 30 meters away. Further away it won’t be seen as anything other than a blur, and as you get very close it will disappear."

Link to Original Source

nohup rm -fr /&

Working...