Slashdot is powered by your submissions, so send in your scoop


Forgot your password?

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).


Comment: Re:The real reason... (Score 1) 197

by youngatheart (#49428471) Attached to: Windows 10 Successor Codenamed 'Redstone,' Targeting 2016 Launch

I was thinking specifically of HTML and JavaScript, which do have standards. Companies who have been programming to "work on Windows and IE" are the ones that have been discovering that their stuff is failing now that IE is finally starting to only work right with pages coded to those same standards. You're mistaking my preference for standards for a preference to code to MS, which is the opposite of what I endorse.

Comment: Re:The real reason... (Score 1) 197

by youngatheart (#49426413) Attached to: Windows 10 Successor Codenamed 'Redstone,' Targeting 2016 Launch

As someone embedded deep in the business world, I understand what you're saying and your analysis is valid to a point, but I think you're missing the bigger picture.

For years and years vendors have been refusing to code to standards because enterprise didn't demand support for the current OS. Now that MS is building an infrastructure where even enterprise is going to expect support for a current OS means that's finally starting to change. It can't happen fast enough for me.

I installed and switched to Windows 10 shortly after it came out, and there was some of the expected pain of running a beta system, but most things worked fine and now nearly everything critical does. The ones that don't are those vendors I already knew weren't investing in competent programmers and I'm thrilled that they will either have to adapt or die.

A software vendor should hire programmers who write to follow standards and test and fix things in beta releases. They should, but not all of them do. Now they're starting to realize they'll have to or they'll be out of customers and that makes me euphoric.

Comment: Re:They can hire a lawyer ... (Score 5, Insightful) 83

by youngatheart (#49426059) Attached to: TrueCrypt Alternatives Step Up Post-Cryptanalysis

Yeah, they could if they wanted to, and if they had the money to get the ball rolling, but.... I'm not convinced they want to keep it from being forked. I got the feeling that TrueCrypt was basically a labor of love where the creators wanted to keep control of it and avoid exposing themselves to getting strong-armed into building in back doors.

If you could ask them and get an honest answer, I suspect they'd tell you that government agencies figured out who they were. I think those agencies came to them and told them that they had no choice but to compromise the security "for the sake of the children." I think that's when they decided it was best to just exit rather than fight. I think that if they were given a choice between compromising their work intentionally and seeing other people take over, they'd support other people taking over even if they couldn't publicly endorse the efforts.

That's all conjecture of course, but as a long time fan of their work and someone who listened to many analyses of their exit from the stage, I'm moderately confident in my guesses.

Comment: Re:Christian Theocracy (Score 1) 1168

you shouldn't discriminate based on what others do or don't do as long as it doesn't involve you.

What if it does involve you?

Do you offer a prayer before your training sessions start? Maybe you do and maybe you don't. Regardless of your choice, I don't think you should be forced to based on the preferences of your students or potential students. In Indiana they give you the right to refuse to do something that disagrees with your own beliefs. In Colorado, you as a business owner, must do things that disagree with your own beliefs.

That's the key point most of the reports and discussions on this subject are ignoring. Indiana is trying to preserve the right of business owners to refuse to take a specific action. Colorado has taken the opposite stance and legally obligated business owners to take an action they disagree with on moral and/or religious grounds.

In Colorado, where bakers have been ordered to create things they find morally objectionable, the door has swung the other way now as well. There is a case being pursued, right now, where a man asked for a cake that had an anti-gay message and was refused.

Is it reasonable for a law to require you to provide the same service to people regardless of their characteristics? I think so. Is it reasonable for a law to require you to provide a service that you would never provide otherwise because of who requests it? Indiana doesn't think so, but Colorado does.

I appreciate people who make me think or speak ideas I couldn't formulate clearly on my own and you have a good start on that. I can't promise I can do the same for you, but I hope you'll consider my reasons for replying to you if you decide to reply to me. I am willing to change my mind, even on the most basic issues, if I'm given sufficient reason.

Comment: Re:Is My Religious Liberty Being Threatened? (Score 1) 1168

Number 5 is applicable if you rephrase it:
5. My religious liberty is at risk because:
A) Members of my faith can be forced to create something endorsing activity my religion prohibits with legal repercussions if they refuse. (Colorado)
B) I am now prohibited from forcing people with beliefs contrary to my own to create something their religion prohibits. (Indiana)

This is directly applicable to what is happening:

The customer, named Bill Jack, also wanted Marjorie Silva to add “an image of two men holding hands, covered in a big, red X.” ... We're not doing this.... Jack has filed a religious-discrimination complaint

the bakers in question are not refusing service to a type of people — they are refusing to be party to a type of message.

[Judge] Spencer ordered Phillips to bake cakes celebrating gay marriage for any other parties that ask for such a cake in the future.

An Oregon bakery will have to pay a gay couple up to $150,000 for refusing to bake them a wedding cake ... pay up to $75,000 each

Comment: Re:So netflix no longer has to pay Comcast?? (Score 1) 631

by youngatheart (#49143917) Attached to: FCC Approves Net Neutrality Rules

I think you're right but I'm too lazy to google for it right now. I think there is a little more detail and wouldn't mind someone pointing me to corrections if I'm wrong.

The way I think it is working now is that Netflix has Content Delivery Network servers at the ISP and they pay the ISP for putting them there. Essentially it makes the customer happy because Netflix downloads are faster and it makes ISPs happy because they're getting money from their customers and Netflix. Maybe Netflix has to raise their prices to compensate for the increased cost of renting CDN space, but the average customer blames Netflix instead of the ISP.

The ISPs could have put a bigger connection in that would have made Netflix happy and the ISP customers happy, but the ISPs had no incentive to make their customers or Netflix happy, and since they offer competing services, they had every incentive not to. Netflix even offered to pay for the bigger connection in at least one instance, but the ISP basically ignored it since they made more money by not doing anything.

It will be interesting to see if the FCC change actually makes a change in this situation. I think it is too early to really be sure, but I don't think what the FCC has put in place equates to "ISPs must [take an action to] build infrastructure to support high bandwidth connections." Instead I think the FCC has put in place rules that "ISPs must [not take an action to] unfairly prioritize one service or company over another."

CDNs make sense. Putting servers closer to your customers is a way of offering a better product. It seems reasonable to allow companies to choose to pay for systems that make their customers' experiences better. I think the FCC was wise to avoid prohibiting that freedom explicitly.

I remember net neutrality first coming to my attention when ISPs started throttling or blocking protocols. Essentially the thought was that ISPs provide protocol access rather than general access. So potentially an ISP could offer just unencrypted web browsing but charge extra for secure web browsing, extra for email, extra for file transferring, extra for instant messaging, extra for phone calls, extra for video chats or pretty much anything. This idea nearly works since there are standard ports and traffic can be shaped based on the ports in use. An ISP has the ability to block port 443 and throttle ports 20 and 21 and only allow port 80 access at unrestricted speed. Because we want software to be able to use the port to determine what something does, it would equate to allowing unencrypted web page access, blocked secure pages and only slow file transfers. The obvious way around that sort of situation is to offer secured web pages on port 80 and file transfers on port 80 which works, but makes internet services unpredictable. People who understand that were rightfully offended that the ISPs would reward making a mess of standard predictability and punish people who tried to follow a standard so they reasonably pointed out that "Internet" didn't mean "just some protocols." The demand for Net Neutrality was about making sure that ISPs treated all protocols and ports equally when I first learned about it.

Most people even today don't know what Net Neutrality is about, so the ISPs rightfully guessed that the average consumer had exactly zero interest in the topic and they happily did whatever they could to squeeze more money out of their customers so long as it didn't cause too many people to take an active interest.

Nothing was likely to change a situation where ISPs could squeeze extra money from their customers so long as only geeks were interested. That's where Netflix came into the picture as a force to make changes. Netflix uses a *huge* amount of bandwidth and customers care a lot about how well the service works. Many major ISPs were trying to get extra money from their customers by charging for services that directly compete with Netflix and customers and Netflix had reasonable worries that the ISPs could use their ability to manipulate accessibility. The ISPs weren't stupid enough to enrage customers by blocking Netflix outright, so they chose instead to let Netflix suffer by avoiding action that would keep Netflix competitive.

So we ended up with the situation we had until yesterday: Netflix had to pay extra (a lot extra) to provide service that could compete with the services the ISPs were offering. The ISPs could blame Netflix by saying "Netflix is not paying for special access and we're not going to spend extra to support them" and Netflix could throw all the public tantrums it wanted to but couldn't make any improvements for the customer without giving in and paying the extra money the ISPs were demanding. Netflix however had one card they could pay: public outrage that they couldn't provide the service the customer paid for without raising prices and clearly blaming ISPs in public.

Lawsuits and legal wrangling with all parties having to respond in public led to the FCC getting involved. Customers and Netflix appealed to the FCC as an authority, essentially saying "it's your job to fix this!" The FCC has no actual direct authority to interfere in internet service, but with people pushing them decided that they were the de facto authority since nobody else had any better claim. They set up some rules to make things fair and the ISPs took it to court where the court had to agree that the FCC's rationalization for making up rules wasn't supported by the law. There was some fallout. The FCC chairman was replaced by Obama with someone who had worked as a lobbyist for the ISPs. You'd think that would have made the ISPs happy, but that guy, Tom Wheeler, took his job seriously and put the debate into the public eye and took the recommendation of the court to change the rationalization to "Title II."

"Title II" is a legal authority granted by Congress to the FCC to manage public communications. It grants the FCC the right to dictate pretty much anything they like. They can demand companies grant access to what would otherwise be private property, set prices, require them to build infrastructure or even require them to actually set aside funds to pay for things they don't want to pay for.

Essentially the FCC said today that they were going to use that authority to enforce the rules they want. They also said they were going to limit how they used that massive authority. They explicitly said they were going to limit how they used their authority to a few areas that weren't as terrifying to ISPs. Essentially they are putting themselves in the role of a father saying "I could turn off the electricity and force you to live in a shack with cold showers and eat nothing but vegetables with no TV, no computers and whippings every day because I am your father, but instead I'm just grounding you."

The ISPs essentially responded with "that's abuse, I don't have to follow your rules!" Nevertheless, the courts are likely to agree with the FCC, since it was the courts that suggested the FCC could use exactly that authority.

Comment: Re:Network layer and education (Score 2) 260

by youngatheart (#49104675) Attached to: Ask Slashdot: Parental Content Control For Free OSs?

Do what I did: set up filtering at the gateway and give plenty of time to both discussion and management.

I used a transparent squid proxy with access control lists appropriate for the kid and intercepted and redirected DNS queries. (With more than one kid, I needed multiple acls, ymmv.)

Initially I limited internet access to specific times and a whitelist and discussed what they were doing daily. Over time and with age and maturity, I relaxed the acl to just record what was being accessed and just reviewed their browsing with them when they made questionable choices.

Now they're old enough and hopefully mature enough that I don't need to supervise them other than to keep an eye on their social media activity.

Some people seem to think kids should be given freedom to do whatever they like. Those people must have less experience with kids than I do and were probably much better people as kids than I was. Unsupervised, kids will get into things and situations they will regret later.

Trust but verify. Give freedom but watch everything. Talk to your kids and reason with them. Let your kids explore the world and interact with it so that they can become confident adults.

A parent is responsible for the criminal actions of their children. This fact is relevant. If you think that children should be free from oversight, then you don't understand how badly kids can behave.

Comment: Render unto Ceasar (Score 1) 579

Why does Google keep getting slammed for being the bad guy for releasing information about vulnerabilities? I read about people finding and publishing vulnerabilities all the time and follow discussions on what is responsible disclosure and nobody but Google gets treated like this.

Yahoo does the 90 days thing too. Most I've seen do a lot less than 90 days before disclosure. I understand worrying about script kiddies, but I'd rather know I have a vulnerability than just blithely hope nobody but Google found it.

The odds are that a lot of this stuff is known long before Yahoo or Google or Secunia or whoever announces it. The three months Google is leaving me vulnerable to the talented hackers makes me a lot more nervous than the people who find out about it in the news.

Comment: Re:What rules prevent them from doing this already (Score 2) 221

by youngatheart (#48713141) Attached to: Google Fiber's Latest FCC Filing: Comcast's Nightmare Come To Life

How much does it cost to wire up a town for high speed internet access? Why would a company invest that unless they were confident they'd get a profit? That's why the town offers a special deal and access that the ISP otherwise has no right to.

they should already be allowed to do

You think anybody should be allowed to use whatever city infrastructure they like?

Not that I actually want to defend the mess that is the current system. Perhaps the obvious solution is to allow cities to put in their own ISP structure, but then that's government using it's advantage of force to compete unfairly with private business, which is the reasonable argument for some states to prevent such competition.

Socialist solutions to ISP infrastructure work, but the US tends to have a difficult time with the idea that everyone should be forced to pay for what private companies are already providing to people voluntarily paying for what they actually use.

If the US decides to treat broadband as utility infrastructure, taxes come into the equation, which is money taken by the threat of force, which is completely the opposite of what people like about capitalism. It is a reasonable expectation that it will destroy a private industry and the innovation that is driven by the motive of profit, which is no small trade off in an industry which is rapidly changing.

I actually think that the ISP industry needs to be more strictly regulated by legislation, but it won't take many mistakes to end up with a worse problem than the one we have.

Comment: We all should do what Google did (Score 1) 312

by youngatheart (#48708215) Attached to: Ask Slashdot: What Should We Do About the DDoS Problem?

We all need a massive CDNs and "check for human" built in to our systems. When Google got hammered beyond anything sane, they mostly just absorbed it and tacked on a front end check. Google, Amazon and Microsoft should go into the business of selling DDOS insurance. They already have the CDNs and load balancers and would just need an API into their "check for human" interface.

This is not a problem that can be solved with a protocol or technical trick because the internet will never work that way (SMTP anyone?) until we outgrow the need. This is a problem that can only be really solved by making it an industry standard to develop for cloud based systems with insurance from the giants who can weather the storm and who have the influence to get corrective action out of ISPs in a timely manner.

So what would that look like? When you buy or renew your domain, you'd get an advertisement to "Add DSOS insurance" for a reasonable fee. Bigger companies would get better rates where they made agreements among themselves or negotiated with other CDNs but it would be unusual for any serious website to get knocked down because MS/Google/Amazon and others would also make agreements so that even the worst of the worst attacks would be absorbed.

That and maybe bring back the guillotine.

Comment: Re:Yes (Score 1) 312

by youngatheart (#48705997) Attached to: Ask Slashdot: What Should We Do About the DDoS Problem?

So you think we could change human nature in a couple decades? I don't think we could do it in centuries. Kids love to draw on the wall, even when you tell them not to and they grow out of that phase if given the right environment, but I defy you to find any city of more than a 500 people which has never had any graffiti. It is a basic human impulse to try to make an impact on your surroundings and so long as there is an internet, someone will want to make an impact on it in ways that are not that different from a three year old.

Comment: Re:Are speed cameras bad? (Score 1) 335

by youngatheart (#48705909) Attached to: Out With the Red-Light Cameras, In With the Speeding Cameras

Yup, I am sure you're right.

I think the problem is that the law is supposed to reflect the will of the people, but it actually reflects the will of vocal minorities and the wealthy. It might be reasonable to have the speed limit raised but anyone who does it will be crucified by the media the next time there is an accident ignoring the likelihood of hit happening regardless of speed limit changes. So everybody suffers a longer commute instead.

Comment: Re:Support Yet Another Browser (Score 1) 248

by youngatheart (#48696179) Attached to: Microsoft Is Building a New Browser As Part of Its Windows 10 Push

Just code to standards and... then check in everything and then when some freak out there tells you what you didn't find out is buggy, re-code to standards, but different standards this time, because not every browser follows every standard. Rinse and repeat. Did I ever tell you about the day I accidentally figured out how to crash Netscape so hard the end user couldn't use it anymore? Good times.

Whoever dies with the most toys wins.