Follow Slashdot blog updates by subscribing to our blog RSS feed


Forgot your password?

Comment less malware, hacks. More, better devs for more fe (Score 1) 362

Are you asking about the benefit of securelevel or the benefit of a fork that doesn't have an asshole culture?

Securelevel is of benefit to systems that run for a long time in the same configuration, making them more secure. This applies to many servers. Basically, it separates having the machine RUNNING from the setup process of CONFIGURING the machine. 99% of the time, the machine is in run mode (securelevel > 1) and in this state it's configuration can not be changed. To change the configuration, you boot into configuration mode (securelevel 1). That's a basic summary.

The submission is more about this dev getting tired of the culture, the environment that Linus has created and doing his development outside of that structure. It's not clear if he intends to lead a group of developers who aren't assholes. If so, that could mean more developers would contribute and they might be more productive in a less caustic environment. More developers being more productive would mean end users get more features, done better.

Comment yep. We should talk (Score 1) 232

Sounds like you have it basically figured out. You keep the corporate politics BS from interfering, and I'll deliver an effective, reliable solution quickly.

> choose the right devs in the first place (the difference in productivity between a good dev and a mediocre dev can be fucking scary, let me tell you, we're talking 20x sometimes)

I don't know, an average developer can produce quite a bit of technical debt very quickly. That's productivity, right? :)

Message me when you're hiring.

Comment I take it back (Score 1) 224

> As an aside, it was a few years later when we got an actual IT staff (and before we hired the database wizard) who kicked out of my own server room. Again, I listened. That was why I'd hired them too. They, like the programmers, could do the job faster and better than I. I mean, yeah, I could make it work and did make it work but they were far more adept than I.

Sounds wise, uncommonly wise. I think I've recently called you a fool or a jerk. If so, I take it back.

Comment overdose X 10 (Score 1) 36

It is not at all uncommon for one leaf to have a hundred times higher concentration of the active ingredient than another leaf from another plant, picked at a different time. So to get 10mg of medicine, you might need one leaf, or you might need 100 - and there is no simple way of knowing.

At the same time, individual "doses" of the raw plant might vary just as much in the concentration of a bad substance which causes significant side effects. Ten leaves might be dangerous, or maybe 100 leaves. You don't know.

Putting these two together, you don't know if 20 leaves will heal you or hurt you. By seperating out the active ingredient and the hurtful ingredient, you can give the patient the right amount of medicine, without the harmful part. That turns what was Russian roulette with the raw plant into reliable medicine.


Nissan Creates the Ultimate Distracted Driving Machine 135

jfruh writes: More and more research is suggesting that it isn't safe to text or even talk on our phones hands-free while driving, but one brave car company is pushing full-speed in the other direction. Nissan has created a concept car in which every surface, including the entire dashboard and even the seats, is a display device. The car is the result of "extensive" surveys with the younger generation that came to the conclusion that, according to Nissan, young people "feel that time spent in a car should be time for connecting and sharing experiences with friends."

Comment you're insane? (Score 0) 336

It's been said that insanity is doing the same thing iver and over again, expecting different results.

If said that a response of "call to verify" did not actually mean what it says, that would have been perfectly believable.

However, you went on to say that you've been calling each time for 7-8 years, and with a million dollars of transactions per day, and it never doesbany good for your type of charges. (So around a hundred "call to verify" per day).

  You've called tens of thousands of times with the same result, because they don't approve your Viagre site charges under that code. You keep calling, failing to understand that they're not going to approve your charges.

So if I take what you said 100% at face value, you're whacko. It's also possible that you're not actually insane, you just created some of those "facts" without thinking about the fact that if your story were true, it would mean you're a moron.

Comment deniable enc: rubberhose, phonebookfs, librecrypt (Score 2) 240

That's called "deniable encryption" and it's quite common. I made my own implementation (I'm a security professional) . Well known implementations include the rubberhose filesystem, phonebookfs, and librecrypt.

A simple implementation is as follows:
Encrypt the disk with a few decoy files on it, along with some videos or other randomish bytes to fill the disk.
Then delete the videos.
You will now have a disk which, when decrypted, is full of randomish bytes plus a few files.
Defrag the disk.
The large empty space created by defrag is where your hidden, inner encrypted volume will go.
Select any encryption which does not include a plaintext header.
Create an encrypted volume in the free space.
Do not write to the outer, decoy volume.

It's that last bit that more complex systems handle - allowing you to change the decoy data without affecting the inner volume.

Repeat as many times as desired, nesting volumes within volumes. You may choose to have a large inner volume with your porn collection alongside a much smaller one that contains the real secrets.

Comment my credit union calls me in seconds. Cashiers shou (Score 4, Interesting) 336

I've been happy with my credit union's fraud prevention and detection (which is outsourced to some company). Sometimes I'm 100 miles from home when I spend about $800 on electronics at Fry's or Microcenter. (The datacenter is 100 miles from my house, for now.) The transaction sometimes returns a "call to verify" code. The merchant COULD call, they are supposed to, but most cashiers just say "it didn't go through". This is a training issue on the merchants' side, in my opinion.

At the same time that the cashier is saying "it didn't go through", my phone rings. It's the fraud department calling to verify the purchase. The cashier re-runs the card and it works fine. It seems to mainly happen when buying from an electronics retailer, as I also remember the same thing at Best Buy. I'm fine with that. I know that if a crook gets my card, the bank is watching out.

Occasionally, they'll call about an internet purchase or some other purchase after it happens (fraud detection). It's quick and easy to verify the transaction.

I used to do another type of fraud prevention and detection, not directly related to credit cards, and I know our false positive rate was under 0.1%, probably under 0.01% - we stopped at least a thousand fraudulent instances for every one we declined in error.

Comment an example for those unfamiliar (Score 1) 388

I figured I should add a citation here in case the next reader isn't familiar with McCain's stance on various military interventions and doesn't know what I'm talking about. Here's an example of what I mean (he had two sons serving in the line of fire at the time):

War is an awful business. The lives of a nationâ(TM)s finest patriots are sacrificed. Innocent people suffer. However just the cause, we should shed a tear for all that is lost when war claims its wages from us. But there is no avoiding this war. We tried that & our reluctance cost us dearly. While this war has many components, we canâ(TM)t make victory on the battlefield harder to achieve so that our diplomacy is easier to conduct. That is not just an expression of our strength. Itâ(TM)s a measure of our wisdom.
  2004 Republican Convention Speech , Aug 30, 2004

McCain generally opposed interventions where there was no clear "win", no exit strategy. He has repeatedly argued that once we are engaged, we need to be "in it win it", get it done and over with.

Theory is gray, but the golden tree of life is green. -- Goethe