Forgot your password?

Comment: Re:I'd seriously think about a dedicated router (Score 1) 52

by tobiasly (#46783159) Attached to: Ask Slashdot: Which Router Firmware For Bandwidth Management?


I must have been using the wrong search terms.. I scoured NewEgg up and down for something exactly like that Edgerouter Lite but kept coming up empty. I knew there had to be something between some crappy consumer router that I prayed I could get a halfway-decent firmware running on, an uber-expensive business-class rackmount unit, and building my own micro PC. Many thanks, I'm ordering one now...

Comment: Re:No doubt IE is losing share but.. (Score 1) 390

by tobiasly (#46114593) Attached to: IE Drops To Single-Digit Market Share really? That's best data set OP could come up with??

As I was scrolling through this month-by-month tally of 10 years' worth of usage stats, trying to pick out trends, I just kept thinking to myself: if only there were some way to visually represent a large dataset of numbers and their relation to each other over time... maybe some color-coded lines or something... I dunno, just spitballing here

Comment: Re:SubjectsInCommentsAreStupid (Score 2) 293

by tobiasly (#46092599) Attached to: Why Does Facebook Need To Read My Text Messages?

Uninstalled the app, started using FB via browser. For my low intensity usage it's still perfect. Also links to click and youtube embeds work seamlessly now.
Got no messenger installed too.

A thousand times this. The line for me was when my recent camera pics popped up in the app with a caption "do you want to post these to Facebook"? Uhh, fuck no Facebook and stop rifling your grubby mitts through my pics without asking me TYVM (Dropbox, Twitter, Google+ all have similar functionality but have an explicit settings for this).

This is also a weakness in Android permissions IMO: many apps ask for USB access to store their own data but that means they can read everything under /sdcard including photos.

Now I use the mobile site, plus Slice if needed. The only drawback is that apps which require Facebook to login now require an OAuth web dialog where I have to log in again, whereas before the Facebook app showed the confirmation with no re-auth required.

Comment: Re:conduit in anticipation (Score 2) 336

by tobiasly (#45951683) Attached to: New Home Automation?

If he's running conduit there's no reason whatsoever to run all those unnecessary cables through it. The whole point of conduit is it makes it possible to pull whatever you need if and when you need it. I have conduit to at least three walls of each room in my house but I've only pulled cat 6 and tv cable to the specific walls I need at the moment. Why waste the money installing useless cable?

Because maybe then some broadband company later on will come buy up all your dark fiber. Profit!

Comment: Re:Will the Government Listen? (Score 1) 225

by tobiasly (#45608783) Attached to: eBay Founder Pleads For Leniency For the PayPal 14

If an angry mob smashes up some shops fronts, but police only catch 14 people you wouldn't charge them with the total damage of the entire mob, as well as the cost of upgrading security to protect against an angry mob in the future. You would charge each individual according to the damage they actually did.

No, it's not just about making the target of the attack whole, there is also a punitive aspect in order to discourage others in the future. The actual amounts in this case do seem excessive, but it has to hurt enough that future "anonymous cowards" seriously think twice before jumping in. Part of the mob mentality is thinking "there are so many of us, there's no way they'll catch me" and this shows that's just not true.

Look, I dislike PayPal as much as anyone but vigilante mob justice isn't the answer and there has to be more than a slap on the wrist.

Comment: Re:I want everything for nothing (Score 1) 141

by tobiasly (#45491253) Attached to: Review: Puppet Vs. Chef Vs. Ansible Vs. Salt

And it works, because many geeks are antisocial sorts who rather than organising their labour will happily walk over each other just to get that little bit of green. Then, when the race to the bottom has been reached, they'll bitch about everyone else being better treated, rather than stopping to ask why it happened and striving to improve their collective lot.

Organized labor? Uh no, we're too smart for that. I can't speak for everywhere else but where I live there are plenty of well-paying development jobs and I've never seen the type of behavior you describe among my peers.

Every sufficiently old once secure job is now tenuous or non-existent. What is secure today will be tenuous in a decade's time.

Yes, it is a field where you must keep your skills up to date and be willing to switch jobs if market or other conditions dictate. If you stay in one position too long and let your skills stagnate you do run the risk of becoming obsolete.

Comment: Re:What about Git? (Score 2) 92

by tobiasly (#45412639) Attached to: Microsoft Warns Customers Away From RC4 and SHA-1

Git is a great system, but it relies on SHA1. If SHA1 has feasible attacks, is git going to stay on SHA1 or will it move to something more secure? Can it even do so without breaking compatibility?

SHA1 as used in Git proves that a particular commit has the contents and the ancestors that the person with the repo says it does. It prevents two different people from saying, "this is what the source looked like at this point in time". So in practice, coming up with a collision attack in that scenario wouldn't be much use because whatever you come up with to generate the collision obviously isn't source code :)

That said, replacing it with something else would essentially involve rebasing the entire repo, which would certainly be inconvenient but not insurmountable. They could probably even have a backwards-compatibility mode where it recognizes both SHA1 and some other algorithm and clients could gradually switch to the next one.

Comment: Re:All joking aside... (Score 1) 177

Let me see if I understand you correctly. You have no problems handing over your SSL credentials to a web site so you can do remote admin? Does your employer know you do this?

I'm not sure which "employer" you're referring to; these are my own websites and yes I understand the security implications and take appropriate precautions.

Comment: Re:All joking aside... (Score 1) 177

If you have web access, then you can download PuTTY. Much simpler/easier than waiting for an OS to load in your browser ... just to run "ssh".

The wait time of the demo really wasn't that unreasonable. Installing Putty isn't possible if I'm on a platform it doesn't support or on a device where I can't install or run additional software.

Comment: Re:All joking aside... (Score 1) 177

Yes some web based SSH clients are better than others, but I assume the response time would be much quicker than emulating an entire OS as running an SSH client within it.

Did you try the demo? I was quite surprised at how snappy it was. Point taken that the definition of "hacky" is subjective :)

Comment: Re:where do you not have ssh available? (Score 1) 177

Considering that most smartphones will happily run a terminal program...and you can get bootable linux on a usb stick or a whole linux computer on an HDMI plug.

I'm talking about a device where installing additional software or plugging in a physical device that I probably don't have with me anyway is either not possible or not desirable.

Comment: All joking aside... (Score 1) 177

There are many times when I need to do remote admin on a machine from a location where I don't have SSH available. Currently that usually involves some type of hacky browser-based terminal emulator. Actually running a Linux based OS in the browser would be perfect for such occasions, assuming I'm someplace where making outbound port 22 connections isn't a problem.

There are worse things in life than death. Have you ever spent an evening with an insurance salesman? -- Woody Allen