Forgot your password?

Comment: Re:If Comcast was honest.... (Score 2) 318

by unrtst (#46757467) Attached to: Netflix Gets What It Pays For: Comcast Streaming Speeds Skyrocket

But how does that get them more money?

They would have far less traffic transiting other networks, greatly reducing the thing they kept complaining about, which supposedly costs them money, so this would save money there.
It would also provide a benefit to many of their customers experiences.
This is all very similar to Akamai and other CDN's. As an ISP, it's a win-win, especially if the provider (netflix/akamai) foots the bill for their hardware.

Of course, they may be making more cash from this agreement with Netflix... but that's not really a good thing for anyone.

Comment: Re:For the Swarm! (Score 1) 126

by unrtst (#46726165) Attached to: The Graffiti Drone

[...] it's not like they're doing art now either.

Wait, are you saying it isn't art because:

* They're tagging and therefore it can't be art

* Grafitti isn't art no matter how it's executed

* This particular tagger isn't talented enough to be an artist

Pretty creative quoting there... you snipped our a whole two words so you could exclude the main point/categorization - they're taggers. That invalidates the latter two points, and the first point is much easier to approach - is tagging art?

Defining "art" is completely subjective. Was Duchamp's "Fountain" art? IMO, that piece is about as far as I'd push the definition, and I'm still not sure if it is. It did make a significant statement, but it did far more with the piece than tagging a building. (almost) anyone can sign their own name, and can do so anywhere, so there would have to be something else to justify a signature on some random piece of property as "art". In "Fountain", there was timing involved in what was happening at the time, the exhibit in which it was displayed, and a very minimal level of object manipulation to justify a change to the original (turned on its side, placed in a different environment than it's normally seen, and signed).

So, what does a tagger need to do for his tag to be considered art to you? (graffiti and other works do not apply here)

Comment: Re:lol (Score 0) 126

by unrtst (#46719041) Attached to: Photo Web Site Offers a Wall of Shame For Image Thieves

Your bad analogy led to your incorrect conclusion (though I wouldn't be surprised if you had already made up your mind in that regard).

Of course, you then have to ask yourself the question, "How did Person B come to be in possession of Person A's keys?" Presuming that Person A did not hand the keys over willingly, it can be assumed that Person B stole them in order to make a copy.

Ok, I'll go along with you that far...

Now to the digital part: Person A makes his living from taking pictures and posting them online; ...

The rest of that doesn't matter, because that just broke the analogy. They posted them online, which made them readily available for legitimate copying. When you view an image online, you're not actually getting an image beamed directly to your monitor... you are downloading the image file and saving a copy on your hard drive (normally in your browser cache), then running it through libs to turn it into something you can see on your screen. IE. you and everyone else that looks at those images is making a copy of it.

So... your original analogy would have to have Person B placing a bucket filled with copies of their key on their side walk with signs around the neighborhood saying "please come examine my keys at 123 Happy Photographer St" etc.

At that point, well, I think we'd both say that Person B didn't steal the key. What he does with it afterwards is another matter (further theft, breaking an entering, mugging, kidnapping, whatever). In the digital world, that's just a copyright violation (since we're just talking about a photo, and not using someone else's username+password for nefarious purposes).

Comment: Re:Situation is a Shambles (Score 3, Interesting) 239

by unrtst (#46716237) Attached to: Heartbleed OpenSSL Vulnerability: A Technical Remediation

Add to that the fact that interpreters are generally written by expert programmers, and then they receive lots and lots of testing and debugging, and then (hopefully) become mature/stable shortly thereafter; whereas application code is often written by mediocre programmers and often receives only minimal testing and debugging.

I'd wager that most of those writing/maintaining OpenSSL are not only expert programmers, but, overall, are more security concious than the authors/maintainers of interpreters. You point would be completely valid if the topic was some builitin board / wiki / chat program / etc. Sadly, that's not the case at hand.

Comment: Re:Gimmicks gonna gimmick. (Score 1) 180

by unrtst (#46641735) Attached to: A Third of Consumers Who Bought Wearable Devices Have Ditched Them

Is everyone else missing the point that 2/3 of buyers of wearable devices are still using them after six months?

That. And also the statement, "The idea of giving them up just wouldn't occur to them." (wrt early smartphone adopters) is rediculous. A large portion of early adopters of anything end up giving them up. That's part of the early adopter pattern... it's new and shiny, so they early adopt it, and then it's no longer new, so they move on. They may come back to those types of thing later, but it's normal for many people to give up up in the early days. For example, on my first phone with MMS, I set up an email forward to forward all my emails to my phone. Initially, it seemed useful. That was too much, so I changed it to only forward ones matching certain patterns. Initially, that was neat. Then I turned it off because I'd rather not be bothered by it. I rarely every check my email on my phone even today, and I was certainly an early adopter... that doesn't mean it won't or didn't catch on.

Comment: Re:So what's the problem? (Score 1) 205

by unrtst (#46617311) Attached to: Typo Keyboard For iPhone Faces Sales Ban

While there at it, can they make some that slip over popular andriod phones? By the look of the design, it seems like it'd be pretty easy to make versions that fit other popular phones, and keep using the same bluetooth keyboard (fyi, it extends the length of the phone a bit, so this isn't a question of how much non-screen real estate exists at the bottom of the phone).

Slightly off topic... anyone know of a good keyboard case for a galaxy S4? The only one's I've found add incredible bulk, have poor reviews, make camera use very awkward, and just don't seem usable. I miss my evo shift keyboard, and G1 before that :-(

Comment: Re:Safety issues? (Score 1) 262

by unrtst (#46606117) Attached to: Prototype Volvo Flywheel Tech Uses Car's Wasted Brake Energy

1) How fast do your wheels spin now?

about 800 rpm at 60mph.

2) How often do they shatter?

rarely, but frequently enough that tire chunks are commonly seen on the highway (mostly from 18 wheelers)

WTF that has to do with this is beyond me, except that you didn't take two seconds to think about it (or google it) before posting and made a really bad guess :-)

Comment: Re:mass in motion (Score 1) 262

by unrtst (#46606023) Attached to: Prototype Volvo Flywheel Tech Uses Car's Wasted Brake Energy

If the flywheel spins parallel to the road I don't think it would affect turning left or right - except it would resist the car leaning to the side on a sharp turn, which might be a good thing.

Assuming it had significant gyroscopic effects, that would be just as bad as not being able to turn! Most bends in roads are banked, and many are banked a lot. Go into one of those with a strong horizontal gryo and your car would be on two wheels.

Comment: Re: There's a reason people argue about vim and e (Score 1) 248

by unrtst (#46569031) Attached to: Neovim: Rebuilding Vim For the 21st Century

It's really not that hard. I've been through it on big projects with extensive history and multiple sync'd outside projects with internal patches and the whole 9 yards.

Start with what you own. If you don't own it, leave it be. Do all files in one big patchset. That'll be the point in time where stuff before and after won't diff very nicely, It sucks, but a year from now, it won't really matter.

Include a per-commit check. That way, no new problems get introduced.
Include the header. One does HAVE to use vim or emacs, but the mode lines I supplied work with those two. If your group has another common editor, add its mode lines if it supports it. It's just a helpful extra, and is safely ignored by other editors. And if none of you use vim or emacs, disregard those lines.

If someone has a branch that was cut prior to the big reformatting patch, they'll have to deal with it at merge, or rebranch or rebase. Sucks, but it's a one time thing.

The alternative sucks more - having code with mixed standards. How do multiple groups deal with that? Your patches are going to be even worse! Someone uses their editor to indent a block or copy/paste it, and all those mixed tables and spaces go to whatever they're using, causing all lines to diff poorly, instead of just the little pieces they touched. It's awful, as you noted.

Your specific problem you referenced was users that were using an outdated 6 year old .vimrc that had been mailed around, and it caused problems with your code because of the difference in coding standards. ADDING THE MODE LINE FIXES THAT!

The rest of it sounds like you just don't want to be bothered to clean up the problem, and just want to complain and blame others. It's trivial to fix. It comes with a small cost (one time giant ugly patchset), but it's easy. And you don't need that one time giant patch.. you could let them be fixed as changes are made, but I wouldn't recommend that as every future patchset will be more complicated than it needs to be. Just get it all out of the way in one go and move on.

For integration with external code/repositories, work within the standard of the governing body. If they have a well defined standard, you can even add the pre-commit checks to your personal repository if you want. In general, this doesn't matter as much as the above, cause either your guys are behaving well and working with the external group, or they're not - manage accordingly.

Comment: Re:It's not arrogant, it's correct. (Score 1) 466

by unrtst (#46567811) Attached to: AT&T Exec Calls Netflix "Arrogant" For Expecting Net Neutrality

... Netflix are aware of that and have the Open Connect Content Delivery Network, but that won't solve all the probelms.

That DOES solve the case in point. AT&T are just finger pointing and trying to latch on to a cash cow, while gaining an unfair advantage in customer pricing.

True net neutrality helps the little guys everywhere. Netflix noted that on the service side, as others have here, that if big companies have to pay for connectivity to the last mile to the users, small services will be hurt. It also makes absolutely no sense (services already pay for their internet access; customers already pay for theirs; there's lots of middle men, and those guys are trying to get around each other and get profit from customers on the other side).

The other side is that a competing ISP would also have trouble. If AT&T, for example, was charging all websites for their bandwidth to the end users, then at some point they really don't have to charge the end users anything. Where's the balance? How would a new ISP charge his customers?

The ISP tiered pricing is simply wrong if their network can't handle their customers requests. The cheapest possible plans often get you very good download speeds (ex. 15Mbps for the first 12months at $14.99/month for time warner). That's the problem right there. Their standard fee for that is $35/month, and $15 will only get you 2Mbps... which is still plenty for most people.

I'm all for cheaper and faster internet access, but if it's a problem for them, then they should put the squeeze on their customers, not the services their custom wants. Netflix is a selling point for the ISP; something they should, if anything, be paying MORE for to get improved quality for their customers.

The only reason they should want to squeeze netflix is, IMO, because it competes with their other services - TV. That's anti-competitive through and through.

Comment: Re: There's a reason people argue about vim and em (Score 1) 248

by unrtst (#46552113) Attached to: Neovim: Rebuilding Vim For the 21st Century

You should/could also slap some mod lines at the start of your files. Ex:
# ex: set tabstop=4 expandtab smarttab softtabstop=4 shiftwidth=4:
# -*- Mode: tab-width: 4; indent-tabs-mode: nil; basic-offset: 4 -*- #

You could also just run it through a tidy program and a site-specific config if you really want to be a formatting nazi.

Comment: Re:Using a service on a user's behalf (Score 1) 162

by unrtst (#46458935) Attached to: Top E-commerce Sites Fail To Protect Users From Stupid Passwords

Say a server running service A uses service B on behalf of users of service B. In order to do this, service A needs to store a credential for each user of service B.

You're doing it wrong.
One way is for Service A to establish a trust with Service B (ex. using SAML), and have the user at Service B authorize that usage. Service A and B agree on a unique key for that exchange (ex. private/public certs), and Service A issues those commands to Service B using its user + that authorized cert to perform on that users behalf.
Of course, if Service B offers no such ability, then you'll need some sort of kludge like you suggested, but that doesn't make it right. Even so, they should protect those credentials in a much more sophisticated way than just another table in the same DB with an encrypted version of the Service B credentials (ex. a key server appliance).

Comment: Re:Erm. Is the "DNS problem" a DNS problem? (Score 2) 349

by unrtst (#46458749) Attached to: Crowdsourcing Confirms: Websites Inaccessible on Comcast

Seems like this is a flaky domain with some messed up settings. There's a very good chance comcast cached an NXDOMAIN. Wouldn't be too surprised if something similar had happened with his little personal site. Many DNS servers serving large volumes of users ignore low TTL's and cache longer than normal. It only hurts edge cases they don't care much about since large established sites do not rely on fast DNS updates for things like load balancing or failover.

Use another DNS server is still a good suggestion.
Without a more extensive test (1 in a few hundred random sites is not a statistically good sample size... could have hit the same random one out of a million, for example), this doesn't really say much.

The poster put enough time into this that it shouldn't be difficult / much more time intensive to expand the test and provide a larger list of good/bad domains. Those could also be weeded out to find those that are generally flaky or configured poorly. If any remain, then test those.

His buddies personal site didn't work for an hour or so, and some random chinese site doesn't reliably resolve... that's not enough to start the scare tactics (...that there about a million or more websites similarly affected").

Comment: Re:"Obviously" not Last Pass or 1Password (Score 1) 445

by unrtst (#46327715) Attached to: Ask Slashdot: How Do You Manage Your Passwords?

Relying entirely on the security of someone else's encryption (especially if you don't have the understanding and ability to verify it) is very naive.

What is the alternative, assuming you don't have the understanding and ability to verify it? Are you making your own? Good luck.

Putting sensitive stuff on Dropbox is like storing your lockbox full of valuables at Joe's Totally Trustworthy Free Storage.

BS. "sensitive stuff" here is an encrypted blob. It does not live solely on Dropbox servers. A physical lockbox (your analogy, not mine) would be a single physical item. Leaving said item at some shady place means that, at the very least, they could destroy it. Physical locks are also much easier to bypass if you don't care about destroying the box, as opposed to brute forcing a well designed encryption scheme.

I'll never understand why people are so blindly trusting of people they've never met and treat even the slightest bit of skepticism as paranoia.

If you re-read my post, you'll see that i don't use those services.

You asked (in the post I replied to), "What if he doesn't trust the implementation of the encryption in the password manager?"
There's a long list of options that anyone should be able to easily discern if they are at the point they don't trust a particular implementation, and that was my point. What was wrong with all of the other options I supplied (which should have been obvious next steps)?

And the original post asked what we use. What do you use?

Comment: Re:"Obviously" not Last Pass or 1Password (Score 3, Interesting) 445

by unrtst (#46311233) Attached to: Ask Slashdot: How Do You Manage Your Passwords?

What if he doesn't trust the implementation of the encryption in the password manager?

These "what if's" are getting a bit silly. I'm not saying he should trust that implementation, but if he has reason not to, I'd hope that he's also smart enough (or believes he is) to pick an encryption scheme he does trust. We're really just talking about how paranoid someone wants to get with passwords that will be used on a lot of hosts, many of which are problem secured weakly. IE. seems like you're trying to create a flow chart out of this thread :-)

* 1password +dropbox or similar stuff? - don't trust dropbox
* 1password + your own sync or backup? - don't trust 1password encryption
* clipperz + your own sync or backup (btw, clipperz is open source)? - not sure what you/he may not trust
* name-your-own-encryption + a text file? - maybe you don't trust your own network connected OS
* any of those, put inside a vm?
* any of those, put inside a vm using full disk encryption in the vm?
* ... with the vm files mounted via loopback encrypted again?
* any of those on separate hardware (Raspberry Pi, an old android phone, HDMI dongle PC, etc)? ... this list can keep getting longer and longer.

The orig question was "what do you use?", not "what should I use if I'm a paranoid schizophrenic that doesn't trust anything, especially the aliens that keep talking to me in my sleep?"

To answer the orig question: I use an encrypted text file. I occasionally check out some of the offerings out there like lastpass, keepass, clipperz, etc, and even recommend those to others, but my simple encrypted text file has served me well for a long long time, and it is by far the fastest interface there is (vim). There is a security risk with it - one could do memory scraping while it's open to read the buffers, or use a key logger to snag the password for the master key, etc; and there's portability issues - it's trivial for me to get access setup once I'm on a linux OS anywhere in the world, but I don't always have that on me, and that hasn't been a problem.

Nothing is rich but the inexhaustible wealth of nature. She shows us only surfaces, but she is a million fathoms deep. -- Ralph Waldo Emerson