Forgot your password?

Comment: Re:Corporatization (Score 3, Insightful) 103

by skids (#46739949) Attached to: Why the IETF Isn't Working

Yeah, to say that "standards don't keep up with technological progress" is a one-sided perspective, since technology doesn't keep up with standards. If it did, I'd be more of a coder and less of an implementer, because 80% of my time is papering over standards noncompliance in vendor equipment.

Better to say implementors and standards bodies don't coordinate like they should.

Comment: Re:Until warp drive is invented... (Score 1) 290

by skids (#46722027) Attached to: Nat Geo Writer: Science Is Running Out of "Great" Things To Discover

First of all, science is trying to better understand the world, by making models predicting something. It isn't engineering.

Engineers don't just apply known science, they deal with the parts of the system that aren't obeying the textbook rules and find places to look for new phenomena in the process. To do so they analyse behavior and build models that predict the tolerances needed to get things working with a high degree of confidence. The difference is they don't go off on tangents because they have an objective, but engineers are often the initial discoverers of phenomena. It usually takes a pure scientist to then go in to spend the time explain more precisely why they had to make the tweaks they did, but there is plenty of overlap and there are plenty of people you cannot put into one category or another.

most of the basic ideas in (mechanical) engineering are pretty much settled since Newton got hit by the apple

Um, no, mechanical engineering has more to deal with now than they did then, because materials science and nanotech are increasingly important components.

I don't know where you get your ideas about the engineering disciplines. They pretty much all have frontiers.

Comment: Re:Level of public funding ? (Score 1) 290

by skids (#46721865) Attached to: Nat Geo Writer: Science Is Running Out of "Great" Things To Discover

Again, I am not supporting or disclaiming Horgan's thesis, but I am suggesting that it is an interesting topic worthy of discussion.

It's a worn out thesis echoed many times over by the occasional erudite edlder for some physchological reasons that will perhaps never be fully understood, even by said erudite elders.

If you want an interesting discussion along these lines, it's much more interesting to discuss how educational techinique could be improved to bring people up to speed faster, given the amount of knowlege needed to make an impact is arguably higher but we obviously haven't managed to figure out how to teach faster. Or how we are starting to get culturally desensitized to discoveries that actually would be ground shaking back in the day. Or how emergent behaviors have suddenly made new areas of math not formerly considered worthy of the title of "science" much more pertinent, and after all, physicists were really doing just math to explain observations back when they made their Nobel winning discoveries.

Comment: Re:Not necessarily known since 2012 (Score 2) 303

by skids (#46701529) Attached to: OpenSSL Bug Allows Attackers To Read Memory In 64k Chunks

I don't think so in this case. I normally would have waited on the firehose for a submission with a better writeup, but this was relatively urgent news so I upvoted it anyway.

(Yes someone did understand you weren't talking about the potential intentionality of the bug, don't despair there are people capable of comprehension out there and you may even meet one face to face someday :-)

Comment: Re:It's really annoying (Score 3, Insightful) 303

by skids (#46690619) Attached to: OpenSSL Bug Allows Attackers To Read Memory In 64k Chunks

There may seem to be more now because there is more auditing going on since the NSA revelations reminded people what had to be done, and also the slower trend of case law starting to punish mishandling of customer data. The halcyon days are over and the backlog is being cleared up.

Comment: Re:Yet again C bites us in the ass (Score 1) 303

by skids (#46690555) Attached to: OpenSSL Bug Allows Attackers To Read Memory In 64k Chunks

Only the smallest core of the OS should use unmanaged code with direct memory access. Everything else, including the vast majority of the kernel, all drivers, all libraries, all user programs should use managed memory.

My computer is too busy calculating an MD5 in a managed memory VM that doesn't even have an unsigned or sized integer types and thus must perform basic left barrel roll operations in about 50 opcodes worth of abstraction container dereferencing, to allow me to respond to this post appropriately.

Comment: Re:Things are starting to turn around (Score 5, Insightful) 303

by skids (#46690079) Attached to: OpenSSL Bug Allows Attackers To Read Memory In 64k Chunks

Somewhere higher up the bug is described as a "simple bounds check" — which would be easy to implement. The truth is, probably, in between somewhere.

It's not the fix of the code that's messy. It's the fix of the trusts using that code to function. They are all broken. After the upgrade keys need to be replaced, certificates re-issued, endpoints and clients reconfigured to trust new keys, and in some cases customers and end-users may need to be involved. For anything of CDE level security or higher, it's as big a cleanup job than the one that gave us openssl-blacklist, but the blacklist for this would be neither complete nor easy to assemble.

I predict a lot more interest in turning on CRL pathways in the future.

Comment: Re:Things are starting to turn around (Score 0) 303

by skids (#46689931) Attached to: OpenSSL Bug Allows Attackers To Read Memory In 64k Chunks

While you're right this was very negligent for a project of the stature and importance of openssl, merely discovering this bug in closed source software would have required a fuzzer and much luck, leaving it unfixed for whoever had managed to get a a copy of the source to exploit for much longer.

All I can say personally is I sure picked the right two years to get lazy about patching up.

Comment: Re:definitely news for nerds (Score 1) 303

by skids (#46689799) Attached to: OpenSSL Bug Allows Attackers To Read Memory In 64k Chunks

Basically it means if you know any UNIX sysadmins, they'll be pretty cranky for the next week or so as they've been busy trying to put the poop back in the baby.

Oh yeah, and lots of your gadgets and favorite cloud services may be vulnerable, so anything stored on them may be in the hands of others.

Comment: (Score 1) 186

by skids (#46673831) Attached to: Ask Slashdot: User-Friendly Firewall For a Brand-New Linux User?

Though the leading edge of development of end-user level UI for firewalls is on embedded projects like OpenWRT, firewall builder definitely deserves a look. It's close to many of the tools targeted at small-network administrators, like Cisco's ASDM for their ASA product. It may take a short time to learn about service objects and network objects, but that time will be payed back many times over.

The biggest issue an end-user will face with it is setting up the backends as it is less than totally flexible in that department (it has a particular deployment model in mind and is missing a couple hooks in certain places that prevent it from being used for certain purposes.) That said, it is very capable of allowing one to change backends easily (e.g. switch from one brand of firewall to another) with minimal adjustments.

Comment: Re:Aren't most wireless networks still on 2.4Ghz? (Score 1) 73

by skids (#46627537) Attached to: FCC Boosts Spectrum Available To Wi-Fi

You don't have to have an especially powerful signal to be able to see other devices. The occasional lucky packet will bounce around "just right" and leak through enough to see the device. So if GP said he didn't see many devices, it's because there just plain weren't many devices.

That said, even with the cheap vendors not putting dual-band in their crap devices, we're seeing a good number of devices in our dorms that are 5GHz capable. Enough to improve life significantly for everyone still stuck on 2.4GHz. Unfortunately many of them are Apples and they manage to turn this advantage into a liability because their drivers stick their heads up their own asses the minute they find AP using the same SSID on both 2.4 and 5, so they spend most of their time roaming between APs every two or three minutes and torturing their users with bad performance during roams. Supposedly OSX 10.9.2 helps undo some of this damage.

2000 pounds of chinese soup = 1 Won Ton