Become a fan of Slashdot on Facebook


Forgot your password?

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).


Comment: Re:Christian Theocracy (Score 1) 1084

you shouldn't discriminate based on what others do or don't do as long as it doesn't involve you.

What if it does involve you?

Do you offer a prayer before your training sessions start? Maybe you do and maybe you don't. Regardless of your choice, I don't think you should be forced to based on the preferences of your students or potential students. In Indiana they give you the right to refuse to do something that disagrees with your own beliefs. In Colorado, you as a business owner, must do things that disagree with your own beliefs.

That's the key point most of the reports and discussions on this subject are ignoring. Indiana is trying to preserve the right of business owners to refuse to take a specific action. Colorado has taken the opposite stance and legally obligated business owners to take an action they disagree with on moral and/or religious grounds.

In Colorado, where bakers have been ordered to create things they find morally objectionable, the door has swung the other way now as well. There is a case being pursued, right now, where a man asked for a cake that had an anti-gay message and was refused.

Is it reasonable for a law to require you to provide the same service to people regardless of their characteristics? I think so. Is it reasonable for a law to require you to provide a service that you would never provide otherwise because of who requests it? Indiana doesn't think so, but Colorado does.

I appreciate people who make me think or speak ideas I couldn't formulate clearly on my own and you have a good start on that. I can't promise I can do the same for you, but I hope you'll consider my reasons for replying to you if you decide to reply to me. I am willing to change my mind, even on the most basic issues, if I'm given sufficient reason.

Comment: Re:Is My Religious Liberty Being Threatened? (Score 1) 1084

Number 5 is applicable if you rephrase it:
5. My religious liberty is at risk because:
A) Members of my faith can be forced to create something endorsing activity my religion prohibits with legal repercussions if they refuse. (Colorado)
B) I am now prohibited from forcing people with beliefs contrary to my own to create something their religion prohibits. (Indiana)

This is directly applicable to what is happening:

The customer, named Bill Jack, also wanted Marjorie Silva to add “an image of two men holding hands, covered in a big, red X.” ... We're not doing this.... Jack has filed a religious-discrimination complaint

the bakers in question are not refusing service to a type of people — they are refusing to be party to a type of message.

[Judge] Spencer ordered Phillips to bake cakes celebrating gay marriage for any other parties that ask for such a cake in the future.

An Oregon bakery will have to pay a gay couple up to $150,000 for refusing to bake them a wedding cake ... pay up to $75,000 each

Comment: Re:So netflix no longer has to pay Comcast?? (Score 1) 631

by youngatheart (#49143917) Attached to: FCC Approves Net Neutrality Rules

I think you're right but I'm too lazy to google for it right now. I think there is a little more detail and wouldn't mind someone pointing me to corrections if I'm wrong.

The way I think it is working now is that Netflix has Content Delivery Network servers at the ISP and they pay the ISP for putting them there. Essentially it makes the customer happy because Netflix downloads are faster and it makes ISPs happy because they're getting money from their customers and Netflix. Maybe Netflix has to raise their prices to compensate for the increased cost of renting CDN space, but the average customer blames Netflix instead of the ISP.

The ISPs could have put a bigger connection in that would have made Netflix happy and the ISP customers happy, but the ISPs had no incentive to make their customers or Netflix happy, and since they offer competing services, they had every incentive not to. Netflix even offered to pay for the bigger connection in at least one instance, but the ISP basically ignored it since they made more money by not doing anything.

It will be interesting to see if the FCC change actually makes a change in this situation. I think it is too early to really be sure, but I don't think what the FCC has put in place equates to "ISPs must [take an action to] build infrastructure to support high bandwidth connections." Instead I think the FCC has put in place rules that "ISPs must [not take an action to] unfairly prioritize one service or company over another."

CDNs make sense. Putting servers closer to your customers is a way of offering a better product. It seems reasonable to allow companies to choose to pay for systems that make their customers' experiences better. I think the FCC was wise to avoid prohibiting that freedom explicitly.

I remember net neutrality first coming to my attention when ISPs started throttling or blocking protocols. Essentially the thought was that ISPs provide protocol access rather than general access. So potentially an ISP could offer just unencrypted web browsing but charge extra for secure web browsing, extra for email, extra for file transferring, extra for instant messaging, extra for phone calls, extra for video chats or pretty much anything. This idea nearly works since there are standard ports and traffic can be shaped based on the ports in use. An ISP has the ability to block port 443 and throttle ports 20 and 21 and only allow port 80 access at unrestricted speed. Because we want software to be able to use the port to determine what something does, it would equate to allowing unencrypted web page access, blocked secure pages and only slow file transfers. The obvious way around that sort of situation is to offer secured web pages on port 80 and file transfers on port 80 which works, but makes internet services unpredictable. People who understand that were rightfully offended that the ISPs would reward making a mess of standard predictability and punish people who tried to follow a standard so they reasonably pointed out that "Internet" didn't mean "just some protocols." The demand for Net Neutrality was about making sure that ISPs treated all protocols and ports equally when I first learned about it.

Most people even today don't know what Net Neutrality is about, so the ISPs rightfully guessed that the average consumer had exactly zero interest in the topic and they happily did whatever they could to squeeze more money out of their customers so long as it didn't cause too many people to take an active interest.

Nothing was likely to change a situation where ISPs could squeeze extra money from their customers so long as only geeks were interested. That's where Netflix came into the picture as a force to make changes. Netflix uses a *huge* amount of bandwidth and customers care a lot about how well the service works. Many major ISPs were trying to get extra money from their customers by charging for services that directly compete with Netflix and customers and Netflix had reasonable worries that the ISPs could use their ability to manipulate accessibility. The ISPs weren't stupid enough to enrage customers by blocking Netflix outright, so they chose instead to let Netflix suffer by avoiding action that would keep Netflix competitive.

So we ended up with the situation we had until yesterday: Netflix had to pay extra (a lot extra) to provide service that could compete with the services the ISPs were offering. The ISPs could blame Netflix by saying "Netflix is not paying for special access and we're not going to spend extra to support them" and Netflix could throw all the public tantrums it wanted to but couldn't make any improvements for the customer without giving in and paying the extra money the ISPs were demanding. Netflix however had one card they could pay: public outrage that they couldn't provide the service the customer paid for without raising prices and clearly blaming ISPs in public.

Lawsuits and legal wrangling with all parties having to respond in public led to the FCC getting involved. Customers and Netflix appealed to the FCC as an authority, essentially saying "it's your job to fix this!" The FCC has no actual direct authority to interfere in internet service, but with people pushing them decided that they were the de facto authority since nobody else had any better claim. They set up some rules to make things fair and the ISPs took it to court where the court had to agree that the FCC's rationalization for making up rules wasn't supported by the law. There was some fallout. The FCC chairman was replaced by Obama with someone who had worked as a lobbyist for the ISPs. You'd think that would have made the ISPs happy, but that guy, Tom Wheeler, took his job seriously and put the debate into the public eye and took the recommendation of the court to change the rationalization to "Title II."

"Title II" is a legal authority granted by Congress to the FCC to manage public communications. It grants the FCC the right to dictate pretty much anything they like. They can demand companies grant access to what would otherwise be private property, set prices, require them to build infrastructure or even require them to actually set aside funds to pay for things they don't want to pay for.

Essentially the FCC said today that they were going to use that authority to enforce the rules they want. They also said they were going to limit how they used that massive authority. They explicitly said they were going to limit how they used their authority to a few areas that weren't as terrifying to ISPs. Essentially they are putting themselves in the role of a father saying "I could turn off the electricity and force you to live in a shack with cold showers and eat nothing but vegetables with no TV, no computers and whippings every day because I am your father, but instead I'm just grounding you."

The ISPs essentially responded with "that's abuse, I don't have to follow your rules!" Nevertheless, the courts are likely to agree with the FCC, since it was the courts that suggested the FCC could use exactly that authority.

Comment: Re:Network layer and education (Score 2) 260

by youngatheart (#49104675) Attached to: Ask Slashdot: Parental Content Control For Free OSs?

Do what I did: set up filtering at the gateway and give plenty of time to both discussion and management.

I used a transparent squid proxy with access control lists appropriate for the kid and intercepted and redirected DNS queries. (With more than one kid, I needed multiple acls, ymmv.)

Initially I limited internet access to specific times and a whitelist and discussed what they were doing daily. Over time and with age and maturity, I relaxed the acl to just record what was being accessed and just reviewed their browsing with them when they made questionable choices.

Now they're old enough and hopefully mature enough that I don't need to supervise them other than to keep an eye on their social media activity.

Some people seem to think kids should be given freedom to do whatever they like. Those people must have less experience with kids than I do and were probably much better people as kids than I was. Unsupervised, kids will get into things and situations they will regret later.

Trust but verify. Give freedom but watch everything. Talk to your kids and reason with them. Let your kids explore the world and interact with it so that they can become confident adults.

A parent is responsible for the criminal actions of their children. This fact is relevant. If you think that children should be free from oversight, then you don't understand how badly kids can behave.

Comment: Render unto Ceasar (Score 1) 579

Why does Google keep getting slammed for being the bad guy for releasing information about vulnerabilities? I read about people finding and publishing vulnerabilities all the time and follow discussions on what is responsible disclosure and nobody but Google gets treated like this.

Yahoo does the 90 days thing too. Most I've seen do a lot less than 90 days before disclosure. I understand worrying about script kiddies, but I'd rather know I have a vulnerability than just blithely hope nobody but Google found it.

The odds are that a lot of this stuff is known long before Yahoo or Google or Secunia or whoever announces it. The three months Google is leaving me vulnerable to the talented hackers makes me a lot more nervous than the people who find out about it in the news.

Comment: Re:What rules prevent them from doing this already (Score 2) 221

by youngatheart (#48713141) Attached to: Google Fiber's Latest FCC Filing: Comcast's Nightmare Come To Life

How much does it cost to wire up a town for high speed internet access? Why would a company invest that unless they were confident they'd get a profit? That's why the town offers a special deal and access that the ISP otherwise has no right to.

they should already be allowed to do

You think anybody should be allowed to use whatever city infrastructure they like?

Not that I actually want to defend the mess that is the current system. Perhaps the obvious solution is to allow cities to put in their own ISP structure, but then that's government using it's advantage of force to compete unfairly with private business, which is the reasonable argument for some states to prevent such competition.

Socialist solutions to ISP infrastructure work, but the US tends to have a difficult time with the idea that everyone should be forced to pay for what private companies are already providing to people voluntarily paying for what they actually use.

If the US decides to treat broadband as utility infrastructure, taxes come into the equation, which is money taken by the threat of force, which is completely the opposite of what people like about capitalism. It is a reasonable expectation that it will destroy a private industry and the innovation that is driven by the motive of profit, which is no small trade off in an industry which is rapidly changing.

I actually think that the ISP industry needs to be more strictly regulated by legislation, but it won't take many mistakes to end up with a worse problem than the one we have.

Comment: We all should do what Google did (Score 1) 312

by youngatheart (#48708215) Attached to: Ask Slashdot: What Should We Do About the DDoS Problem?

We all need a massive CDNs and "check for human" built in to our systems. When Google got hammered beyond anything sane, they mostly just absorbed it and tacked on a front end check. Google, Amazon and Microsoft should go into the business of selling DDOS insurance. They already have the CDNs and load balancers and would just need an API into their "check for human" interface.

This is not a problem that can be solved with a protocol or technical trick because the internet will never work that way (SMTP anyone?) until we outgrow the need. This is a problem that can only be really solved by making it an industry standard to develop for cloud based systems with insurance from the giants who can weather the storm and who have the influence to get corrective action out of ISPs in a timely manner.

So what would that look like? When you buy or renew your domain, you'd get an advertisement to "Add DSOS insurance" for a reasonable fee. Bigger companies would get better rates where they made agreements among themselves or negotiated with other CDNs but it would be unusual for any serious website to get knocked down because MS/Google/Amazon and others would also make agreements so that even the worst of the worst attacks would be absorbed.

That and maybe bring back the guillotine.

Comment: Re:Yes (Score 1) 312

by youngatheart (#48705997) Attached to: Ask Slashdot: What Should We Do About the DDoS Problem?

So you think we could change human nature in a couple decades? I don't think we could do it in centuries. Kids love to draw on the wall, even when you tell them not to and they grow out of that phase if given the right environment, but I defy you to find any city of more than a 500 people which has never had any graffiti. It is a basic human impulse to try to make an impact on your surroundings and so long as there is an internet, someone will want to make an impact on it in ways that are not that different from a three year old.

Comment: Re:Are speed cameras bad? (Score 1) 335

by youngatheart (#48705909) Attached to: Out With the Red-Light Cameras, In With the Speeding Cameras

Yup, I am sure you're right.

I think the problem is that the law is supposed to reflect the will of the people, but it actually reflects the will of vocal minorities and the wealthy. It might be reasonable to have the speed limit raised but anyone who does it will be crucified by the media the next time there is an accident ignoring the likelihood of hit happening regardless of speed limit changes. So everybody suffers a longer commute instead.

Comment: Re:Support Yet Another Browser (Score 1) 248

by youngatheart (#48696179) Attached to: Microsoft Is Building a New Browser As Part of Its Windows 10 Push

Just code to standards and... then check in everything and then when some freak out there tells you what you didn't find out is buggy, re-code to standards, but different standards this time, because not every browser follows every standard. Rinse and repeat. Did I ever tell you about the day I accidentally figured out how to crash Netscape so hard the end user couldn't use it anymore? Good times.

Comment: Re:You know what's really sad? (Score 1) 129

by youngatheart (#48431095) Attached to: Court Shuts Down Alleged $120M Tech Support Scam

Really! You were an Apple fanboi until you said this.

I'm an admin, so that probably accounts for a lot of my perspective. I judge a system by more than how convenient it is for me. Most systems have good and bad parts and I've rarely used something I couldn't find both the good and the flaws in. It's not totally unfair to call me a Unix geek, Linux zealot, Apple fanboi and MS shill if you must, they've all helped me earn a paycheck. Even Xenix and SCO had good points. About the only OS I didn't care for at all was an NCR ATM system but even that probably had something good about it if I'd looked harder.

When has Microsoft ever increased security in a application release? There's Vista, where the security was so anal, everyone turned it off. Just about everything else was worse, usually because the microsoft 'extensions' were designed to break the previous version.

I didn't turn off the UAC in Vista for myself or our company; I learned how to work with it. When we moved to Win7, we already had the skills and experience to use it, but I was really speaking of Security Essentials and Windows 8 and 10 building in anti-virus and malware protection. MS had done plenty that they deserve to be faulted for but UAC and integrated AV and Malware protection are things that I think have been good for the industry. It's no SELinux (love it) but it is a step in the right direction.

We would still be limited to Genie/CompuServe/AOL, if that model was really followed.

The open internet seems obviously the way things should have gone now, but back in the days of running a bulletin board system, it wasn't so obvious. Genie/CompuServe/AOL provided a necessary stepping stone. If you think the internet would have developed as quickly as it did without AOLs send everyone a disk approach, you're overestimating the average consumer.

You say how great training wheels are and then whinge you don't want them.

If everyone was like me, there wouldn't be a need for anti-virus and malware protection and UAC. There wouldn't be a need or market for Microsoft for that matter. I can accept that most people need protection from their own bad decisions because not everybody has the aptitude or interest or even energy to learn the things they need to in order to work with computers safely. I'm a long, long way from being an average computer user. It is a hobby, a career and a friggin' paycheck for me. Of course I don't want to follow the normal computer user recommendations, I'm not the normal computer user.

That Windows is a less stable and less secure system is a different issue. Yet many people like you, demand that everyone else be shoved into the walled garden as a solution.

Windows is a quite stable and secure system handled correctly. Microsoft has made the decision to offer backwards compatibility over and over again and there is no doubt that has hurt their ability to make Windows as stable and secure as I wish it were, but Win 7,8,10 have made significant and important strides. Vista had some serious growing pains, but if you move someone from Win7 to Vista now, it is nearly painless, proving the industry was more of the problem than Vista was. When you consider how many programs used to be designed to have free reign without ACL controls, it is clearly Vista that was on the right track. Look what disdain it got them. (Metro was a terrible decision, but it wasn't about security or stability.) The average consumer will make bad decisions even if you try to protect them from it, but making it take more thought is not a bad thing.

Walled gardens have yet to be designed so that people like me can't get around them. (Can I get a woot woot from the Cyanogen crowd?!) If every system was a walled garden, then I might be on the other side of the debate, but the way things are now, people using aptitude, yum, ports and iOS are far more unlikely to mess up their system than people who don't have dedicated package maintainers trying to protect them. You act like iOS keeps people from running what they like but I'm running software on my iPhone now that isn't in the App store without breaking the terms for Apple Care. Anybody really can, but it isn't easy to do by mistake, so the walled garden clearly has gates. If you fear the walled garden then you're either immersed in a esoteric and philosophical debate or too inexperienced to be allowed to take your training wheels off yet.

And they make a lot of money ensuring that you install only devices they approve via their obsolete-in-18-months hardware interface. Plus ensuring that you only install applications they allow and don't want to make themselves

Yup. I run Mint, but my background with LFS, Gentoo, FreeBSD, OpenBSD and other more obscure systems make me desire things that most people don't care about. Most people are happy with the iOS ecosystem. I'm not, but then that's not the same as recognizing that it works well for most people.

It's a lot easier to uninstall a faulty 3rd-party application than a faulty hidden MS service. Plus it's easier to detect that a 3rd-party application is faulty.

Bullshit. I can't tell you how many people I've walked through removing rundll registry keys to replace them with the original OS configuration after a major AV vendor messed them up. Microsoft is far from perfect, but they have the advantage of being able to review an exponentially larger user base's results and they have faster resolution in nearly every case. I was a fan of AVG for a LONG time, but security essentials has a better track record of not screwing things up and I don't think there has yet been an instance of Win8's integrated AV messing something up.

This is outright defamation. A real AV has to use algorithms and databases to check the user is doing the right thing. A fake AV has to open a telnet channel to a data-scraping server. When both are sold at the same price, I have a different conclusion on who is running a scam. And that's avoiding the fact that many real AVs provide virus removal for free.

No true Scotsman? McAfee and Norton pay to get their trialware installed with OEM systems because nobody would pay for them to do what MS now does for free and with lower impact on performance and fewer screwups. They screw up cookie handling or delete registry entries that were useful and harmless so they can appear to be doing something useful. Their business depends on MS not providing decent AV and now that MS is doing just that, they're scrambling to create non-existant problems to fix. The ethical thing to do is close shop and put a "just use the AV it came with" page up instead, but that'll never happen because they have a vested interest in fixing something they don't need to fix anymore. The best way to make money they have now is by deceiving consumers into thinking they need something they don't, and they do that. It may not be illegal but it's shady as hell. It seems to me to be a very, very short step from outright scamming. Why do you think Symantec is doing so many things besides AV now? It isn't because they suddenly decided the other markets needed them, it's because they realized that their money maker market was disappearing.

Sure there are decent AV companies out there. Kaspersky (is a pain in the ass and screws shit up but basically does a good job) and AVG do what they advertise with minimal screwups, but I have yet to see someone suffer by choosing MS's free solution instead. The only one that I still regularly recommend is MalwareBytes and I only recommend that to people who have demonstrated a tendency to fall for scams.

Comment: Re:You know what's really sad? (Score 4, Interesting) 129

by youngatheart (#48422795) Attached to: Court Shuts Down Alleged $120M Tech Support Scam


There is/was a popular scam that involved getting people to look at their Windows error log in order to convince them that they needed "help." It was quite effective because the average user easily accepts that errors are the same as problems.

My mom and a co-worker were both targets of this particular scam. The target would receive an unsolicited phone call from someone who made the target think the caller was associated with Microsoft who would show them the errors on their computer. The caller would then try to convince the target to let the caller have access to their computer. Neither of the targets had a clue that the errors they were seeing were normal and it could have gone quite badly for them. Both my mom and co-worker declined to let the caller do anything on their computer saying that they had someone who handled this kind of stuff for them (me.) Naturally I received a not quite panicked call shortly after and was able to reassure them it was only a scam and their computer was fine, but I think either could have been victimized if they hadn't had someone they know and absolutely trust to handle serious computer issues for them.

My company gives me a phone and it's an iPhone so I can give good tech support to the boss who "needs" an iPhone. Because it is a company phone, I can't jailbreak it or hack around on it in good conscience, but it chafes. I can't put whatever software I want on it or make it work the way I would prefer because Apple makes their customers a deal: trust us completely and we'll make your device work the way it should.

As much as it chafes me to deal with such a walled garden, I can't help but think it's the way consumer products need to be designed. The harder it is for my mom and co-worker to mess up their device, the less time I have to spend fixing it.

With that background in mind, I can't help but hope MS goes more and more down the road toward building in their own computer security because it removes the incentive to get an anti-virus package which has to "solve" issues that aren't really problems in order to appear useful.

If the scammers were just a little less greedy, they could have used the same approach to sell actual anti-virus packages. I think most anti-virus companies are just slightly less greedy or they'd be running the same scams.

Greed is the thin greasy line that separates "legitimate" anti-virus vendors from criminals. For decades I've told people they needed antivirus and security software despite knowing the big vendors introduce a new set of problems, because it was necessary. Now MS is building it in and I can tell them to just use the free MS software that's built in and I get less support headaches. I'm sure it's hurting the AV vendors, but I've had to fix too many problems they caused to feel much sympathy.

Comment: Re: Not a chance (Score 1) 631

by youngatheart (#48255035) Attached to: Why CurrentC Will Beat Out Apple Pay

Shill he may be, but he has a point about the protections of CC vs debit transactions... However, it is worth noting that your check card used as a "credit" transaction comes out of your account and gives you the same protections.

There are two real issues here. First, the credit card companies are going to start having less liability because it is going to go to the least secure system as the changes in law take effect. That's why they're loving it. Second, the battle between Wal-Mart's payment system and Google/Apple/Everybody else is actually about who gets your personal data. NFC keeps your personal data with the one company you decide to trust, where Wal-Mart's approach gives it to each merchant you do business with.

Live free or die.