Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror

Comment Holy shit (Score 1) 487 487

Microsoft also adds that Wi-Fi Sense will only provide internet access, and block connections to other things on the wireless LAN

So I'm reasonably certain all this will do is block access to your subnet and only allow traffic to your gateway. Which in any corporate environment is a massive security risk because if they're doing it right, employees are sitting on different subnets (RFC1918 or otherwise). So, yes, random guy who happens to be a contact in Outlook.com (which literally BEGS to let you make every you ever emailed a contact) now has access to every normally permissible network node as long as he's not interested in the wifi subnet.

Yes, most corporations should be using per-employ authentication, and hopefully Sense engineers are dumb enough to share out AD/LDAP credentials (well, maybe they're not smart or interested enough to go into *nix authentication). But that's not always the case.

Can't wait until this is called "Wifigate"

Comment Re:USPS (Score 1) 385 385

I was going to suggest using a box of 3.5" floppy disks as I wouldn't expect them to have the equipment to read them anymore, but then I realized this is the post office, so maybe just a DVD would be okay since they probably haven't gotten around to procuring any of those yet.

Comment Re:NADA is very powerful. (Score 1) 190 190

My knowledge of this comes mostly from Wikipedia and a movie I saw called Beer Wars. I took an interest some years ago when Surly Brewing had a long battle with the three tier system in MN. Mostly I just wanted to be able to buy a pint locally.

I've been trying to pay attention to the Tesla vs Dealership battle for a while. Mostly with the hopes that some day I could afford to comfortably pay $90k for a vehicle some day. Though I'd be more than happy to get the Model 3 when it becomes available. :)

Comment Re:NADA is very powerful. (Score 2) 190 190

Nice summary! Off topic, but this really reminds me of the way that alcohol industry is set up. Originally people felt like it was a good idea because the manufacturers had way too much power. But in the end the manufacturers are sorta getting screwed, and the public is really getting screwed.

I try to buy my beer from independent brewers (mmm... growlers...) because the distributors can make or break them, and I'd I'd leave dealerships in the dust if I could, too.

Comment Re:No... (Score 1) 331 331

That would be interesting, indeed.

I've never seen a corporation spring for anything greater than the smallest HDD available, though, so the returns wouldn't be too substantial for anyone on a long-term refresh, though I have seen .5 and 1TB drives shipping recently (and you'd probably want to keep your hands off the SSDs for now). Assuming 100 nodes at an average of 100GB of free space allocation each is perhaps 2TB of questionably reliable storage (10TB of very volatile data). You couldn't allow heavy access to the distributed storage during the day (tanking r/w performance for users). If the licensing and maintenance are very low cost, you could slap 1TB drives everywhere and dedicate half that space for distributed storage. Per 100 users there would be roughly 10TB of relatively redundant space that could be used for, say, deep archives of encrypted backups, logs, or whatever.

Or hell, save space by dedicating a 2nd HDD in every box to distributed storage. A descent SAN will kick its ass any day, but it could potentially cost 1/10th of the price.

Comment No... (Score 1) 331 331

It's a pretty cool idea. And the algorithm would be fun to explore, but the individual overhead alone on this systems isn't worth the time or money for the minimal payout. How much could you possibly, reasonably expect to pull in? A few bucks a year? Certainly not enough to offset your new bandwidth and power requirements.

You'd be better off building a small SAN in your basement and selling cloudiness to people you know for the maintenance costs. A while ago I helped some friends set up a small mesh of Drobos and other cheap SANs where they could deposit their photos, etc, at each other's houses. Four people had four copies of their data in four physical locations. Everything was encrypted and everyone got the same space. So long as they keep everything on and plugged in...

Comment Re:Conclusion goes too far? (Score 1) 159 159

I didn't see a reason to go into the details of this particular situation more than that which I found humorous and nerdy. I still don't. The situation was handled very professionally, as I handle all situations. But the professional part isn't as interesting in this context to me as perhaps it is to you.

If you find yourself in a situation like this and you circumvent the rules and get away with it, bully for you. If I'm your net admin and I find out about it, I'll make sure to type up a full report as to why some ass hat in accounting or something like that felt it was okay to skirt compliance and company policy so he could do whatever it is the company decided he's not supposed to do. And a week after that I'd be more than happy to submit your termination to my admins for processing. I'm more concerned about saving your company from the idiots and self righteous. Certainly DGAF about your comfort or position. You want something you ask the people that pay for it and I'd be happy to make that happen if your company decides it's something they want and can afford.

And you're right. Cisco is overpriced and over valued for the most part. But I wasn't the architect (or the owner, who had a major Cisco hard on), so it wasn't my call. Even if I was, I wouldn't be selling $60 consumer grade routers to companies with a 4 hour SLA on hardware knowing full-well that I'd have to send an agent out there 2-3 times a year to replace fried equipment and making my company look like morons. Some of them did that enough on their own...

Comment Re:Conclusion goes too far? (Score 1) 159 159

Upside-down internet is a lot of fun. And you're right. I'm not a control freak. We set up security rules and guidelines for a reason. Some of these places have stringent compliance needs for HIPPA, PCI, and other regulations that strictly forbid the behavior I mentioned. So, yeah, I'm fucking with him but I'm also not getting him fired, either. It's my ass on the line and as long as I can keep the situation under control it's not a big deal.

Comment Re:Conclusion goes too far? (Score 1) 159 159

As I mentioned in another post, the author went out of his way to state that it was non-routable and unreachable from the outside. It sounded like he was implying there was no subnetting (as you will always need a route to get from one subnet to another). I'm a network engineer so I know perfectly well how this should be set up. There are ways to use layer 3 switches to prevent broadcasts from going where they don't likely belong.

And, in another article discussion, I mentioned that I've redone a corporate network that was using a single class B subnet for their entire corporation. No subnetting, there was around 8,000 nodes all with /16 subnets (with an internal IP scheme using a public IP they didn't own). So people do boneheaded things all the time.

I've seen people who had resources to do things right (the company I mentioned spent $100k on network equipment due to poor performance, rather than redesigning their network properly, which is what I did). I've seen people somehow manage to set up striped RAID arrays on partitions of the same disk and complain about poor performance (still baffled how that got set up). So you can perhaps see why I can believe that PDRK can do such a crazy thing as use a flat class A.

Comment Outlook (Score 3, Informative) 49 49

I'm pretty sure MS caught hell for this about a decade ago when their preview pane would preload the entire contents of an email, including VBS scripts and links... It's not like it's the first time it happened, but it looks pretty bad for Apple having made the same mistake twice.

Comment Re:Conclusion goes too far? (Score 1) 159 159

I've got something close to that in my past...

Years ago I worked for a managed service provider with about 100 different companies all within one managed network. Part of the consumer contracts were that companies would buy their components, but would not have the power to manage them while under the contract. Also, they could only purchase approved hardware for their infrastructure (all Cisco).

Every once in a while we would get a call that people's interwebs were going super slow, or not working. In most cases they weren't allowed to have wireless, or the company wouldn't purchase new equipment for various reasons... whatever. Anyways some dude would bring in a router he got at best buy and plug it in. Usually I was able to spot it the minute someone called in with problems, email the user (if I could ID them directly), their supervisor, and maybe the CTO of the company that an unapproved device had been installed and blah blah blah. Then shut down their port until they called us to sheepishly appologize.

Better still we would get people calling in for help with their "home" wireless router. This wasn't something we supported but the service desk usually helped out to be nice. I'd overhear conversation queues and start investigating and find out that the customer was doing this from their cube. I'd shut them down and have an evil sysadmin laugh about it.

One time, though, someone got it right. They looked up their local networking and managed to configure their home router to mimic local DHCP. If they were really thinking hard, they would have set the range higher so there wouldn't be an overlap. After overhearing some service desk calls I quickly located our rogue DHCP client, shut it down, and started pushing out MAC filtering to our switches for that company (repeat offenders) for all the well-known consumer network equipment MAC addresses. So any time a D-Link, Linksys, what have you router was detected, the port would shut down for 2 minutes. I watched this happen the day after this incident as the dude walked around his office shutting down ports left and right. His supervisor had been informed that it wasn't allowed, but the dude was relentless.

"Why waste negative entropy on comments, when you could use the same entropy to create bugs instead?" -- Steve Elias

Working...