Become a fan of Slashdot on Facebook


Forgot your password?

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).


Comment: Re:FYI: iptables tutorial (Score 1) 349

by slashuzer (#42941767) Attached to: SSH Password Gropers Are Now Trying High Ports

6) Finally your output chain should just allow everything:

# Accept everything: iptables -P OUTPUT ACCEPT

Now this is just plain shitty advice.

Thanks for the four links to external articles, though. Hopefully people will use them as a starting point rather than your own rules when deciding on their firewall configuration.


+ - Cryptographers Aim to Find New Password Hashing Algorithm->

Submitted by Trailrunner7
Trailrunner7 (1100399) writes "Passwords are the keys to our online identities, and as a result, they're also near the top of the target list for attackers. There have been countless breaches in the last few years in which unencrypted passwords have been stolen from a database and leaked online, and security experts often shake their heads at the lack of use of encryption or even hashing for passwords. Now, a group of cryptographers is sponsoring a competition to come up with a new password hash algorithm to help improve the state of the art.

Hashing algorithms are used to secure passwords by taking the plaintext password, passing it through the cryptographic hash algorithm, and then storing the resulting digest, rather than the plaintext password itself. That way, if attackers are able to compromise the database of passwords, what they get are the hashes and not the actual passwords.

However, the algorithms used to hash passwords in most cases are functions such as SHA-1 and MD5, which have known weaknesses that open them up to brute-force attacks. So if an attacker is able to access a database of hashed passwords, he may be able to crack them, given enough time and compute power. When these algorithms were designed years ago, the hardware needed to crack a hash produced by one of them was not commonly available. But now, powerful GPUs and FPGAs are widely available and can be used by an attacker to crack hashes relatively quickly.

"Password hashing is important because it's where we have a problem. NIST has given us some great standard hashing algorithms. The problem is that these hashes aren't necessarily designed for the specific problem of password hashing — where you need something that's fast enough to hash on a server at login time, but slow enough that a GPU can't crack ten million of them," Green said."

Link to Original Source
GNU is Not Unix

+ - Richard Stallman Goes Crazy and Freaks Out ->

Submitted by slashuzer
slashuzer (580287) writes "Stallman was giving a speech in Brazil where they speak Portuguese. Stallman speaks English and Spanish, but not Portuguese.
The audience was asked whether they want Stallman to present in Spanish (similar to Portuguese) or if he should present in English.

The audience originally preferred English but they over estimated their ability to comprehend English. Part way through the speech, the coordinator asked Stallman to switch to Spanish.

Stallman then has a meltdown."

Link to Original Source

Best OSS CFD Package For High School Physics? 105

Posted by timothy
from the why-not-stop-at-algebra-I? dept.
RobHart writes "I am teaching a 'physics of flight' unit to grade 11 Physics students. Part of the unit will have the students running tests on several aerofoils in a wind tunnel. I also want to expose them to a Computational Fluid Dynamics package which will allow them to contrast experimental results with those produced by the CFD package. There are a number of open source CFDs available (Windows- or Linux-based are both fine), but I don't have much time to evaluate which are the simplest to use in terms of setting up the mesh, initial conditions, etc. — a very important issue as students do not have much time in this unit." Can anyone offer insight about ease of use for programs in this niche?

Comment: Not everyone wants more pixels, but better aspect (Score 4, Interesting) 952

by slashuzer (#31948862) Attached to: HDTV Has Ruined the LCD Market
Frankly for most people the existing 'HDTV' resolution has more than enough pixels, to get full benefit from increased number of pixels you would need a larger screen and sit closer to it. As it is, reading text on these high DPI screens is hard enough, and I often find myself increasing the default font size. This issue is particularly pronounced in laptop screens.

What I do want is more vertical resolution. The 16:9 craze means today we buy displays that are physcially larger and have more pixels overall than ten years ago, yet do not provide any more area for vertical display. You still have to scroll down far too much. It would be nice if someone still made decent, affordable 4:3 displays; a 1600 X 1200 in 21" format is going to be a killer!

Data Storage

+ - First SATA 6.0 Gb/s SSD expands solid state's lead->

Submitted by Vigile
Vigile (99919) writes "Even though the unit is a read-only engineering prototype, the guys at PC Perspective were impressed with the performance the first SATA 6.0 Gb/s SSD offered over the competition. The Marvell drive was meant to demonstrate the controller technology the company has developed as an end-to-end SATA 6G proponent, and it does so nicely. With burst speeds as high as 350 MB/s (which is 90 MB/s faster than the current stop SSDs) and sustained read speeds going as much as 175% faster than the best spindle-based hard drives available today, the SATA 6.0 Gb/s spec looks to extend the performance lead for solid state drives greatly in 2010."
Link to Original Source

Comment: Re:I don't even need to read the summary. (Score 1) 387

by slashuzer (#30275956) Attached to: Are Ad Servers Bogging Down the Web?
Google analytics won't seem to slow down your website as long as you add it to the very bottom of your page, just before closing the html tag. The page and content will load quickly, even though the analytics might take another second the user doesn't care since everything else is alreasy visible on the screen.

How Do You Evaluate a Data Center? 211

Posted by ScuttleMonkey
from the check-for-major-fault-lines dept.
mpapet writes to ask about the ins and outs of datacenter evaluation. Beyond the simpler questions of physical access control, connectivity, and power redundancy/capacity and SLA review, what other questions are important to ask when evaluating a data center? What data centers have people been happy with? What horror stories have people lived through with those that didn't make the cut?

Why Doesn't Exercise Lead To Weight Loss? 978

Posted by timothy
from the that-would-be-too-easy dept.
antdude writes "The New York Times' Well blog reports that 'for some time, researchers have been finding that people who exercise don't necessarily lose weight.' A study published online in September 2009 in The British Journal of Sports Medicine was the latest to report apparently disappointing slimming results. In the study, 58 obese people completed 12 weeks of supervised aerobic training without changing their diets. The group lost an average of a little more than seven pounds, and many lost barely half that. How can that be?"

Comment: No one is safe from the "oops" bug (Score 0) 313

by slashuzer (#26241775) Attached to: Apple OS X 10.5.6 Update Breaks Some MacBook Pros
These problems can happen with any company's product these days: Microsoft, Apple or even the open source OS like Linux or Freebsd. There are so many configurations to test that it is difficult to gurantee that the updates will work flaswlessly across the board.

It is nice that this issue can be fixed by users themselves without having to send the computers for repair.

Simplicity does not precede complexity, but follows it.