Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror

Comment the real game changer: 4G (Score 3, Interesting) 158

The game changer here is that US cell phone companies have finally figured out that 4 layers of NAT isn't exactly a great way to manage a growing network, and are switching to IPv6 for their 4G networks. That is millions of customers right there, using IPv6 without even knowing about it.

Pieces are falling into place, it's just a matter of time now. And if you lobby your ISP instead of complaining about it, you may get it native too soon enough.

BTW: for those worried about the switch, let me just mention that both ipv6.google.com and www.kame.net (common test IPv6 addresses) are reachable in *less* latency and *less* hops than their ipv4 counterparts. IPv6 rocks.

Comment gcstar did the job for me (Score 3, Interesting) 230

I did the inventory of my 500+ book collection here and while it took a few days, the upkeep is minimal, and gcstar allows me to also keep track of people I lend the book to. The interface is awful, but it does connect to Amazon and so on to get book details, including cover pictures, if you have an ISBN. If you don't, then it's likely that Amazon doesn't carry it and you'll have to enter the details by hand anyways, but that's still fairly easy.

I do not label the books with stickers, RFID or bar codes of any kind. I simply rely on the book name for reference, and since I have very few duplicate books, this usually works. Duplicates can usually be told apart by printing dates or something similar. The library itself is physically arranged by loosely defined categories - I did *not* bother with Dewey.

I have written a complete article about this that may be useful to you. You may also want to contribute to that wiki page which compares different software offering.

Comment Re:Trust us, we have root (Score 1) 255

They don't need root access, but in a way, you are giving them the right to run any code on your machine if you accept the updates coming in without review. As we have learned throughout the Microsoft Windows, Apple iTunes and others updates, the upstream can ship software that users sometimes disagree with and while it's not equivalent of giving them "root", it does mean that, once you accept the update, code you don't like will run on your computer.

There are of course alternatives: switching operating systems, refusing updates or removing the malicious software, all three which have been suggested elsewhere in the discussions here.

Comment Re:Trust us, we have root (Score 1) 255

I beg to differ, and request that you explain what "begging the question" is, since I obviously seem to misunderstand it. On the site which I refer to, they define it as:

You presented a circular argument in which the conclusion was included in the premise.

This logically incoherent argument often arises in situations where people have an assumption that is very ingrained, and therefore taken in their minds as a given. Circular reasoning is bad mostly because it's not very good.

Example: The word of Zorbo the Great is flawless and perfect. We know this because it says so in The Great and Infallible Book of Zorbo's Best and Most Truest Things that are Definitely True and Should Not Ever Be Questioned.

I definitely see a parallel in the above explanation and the reasoning behind the "we have root" argument.

Say the question is: "why should we trust Canonical or Ubuntu to have a peek at our personal search results?" The answer from Shuttleworth seems to be, "because we have root, it means you trust us". In other words, the response to the question of trust is trust, posed as a premise.

Also, the additional argument you are describing, we can summarize as "you can trust us with X because you trust us with X-1", which may be better presented as a slippery slope fallacy.

Then again, you are accusing me of misunderstanding logical fallacies, something at which I cannot respond to other than asking you to clarify how I misunderstand, or explain your accusation as a poorly articulated ad hominem attack, as opposed as demonstrating my argument as wrong.

Thank you for your comment and have a nice day.

Comment Re:Trust us, we have root (Score 1) 255

I understand that point. The issue I see with it is that it is taken as an argument to justify what I consider to be a privacy issue. Saying "you should trust us with our data" needs a commitment, a show of *ethics* that actually makes us believe and understand they will be careful with it. Instead, we are presented with "well, you should trust us because... you already trust us, because we are root". It's a fallacy, more specifically begging the question.

I could also construe the whole intervention of Shuttleworth as an appeal to authority, but that would be pushing it a little since, as I said, the Benevolent Dictator doesn't even *need* to appeal to a higher authority. He is, in effect, your root and overlord, and is asserting his power without any shame or guilt. Whee. Also, to be fair, he is making a point that they should think about their responsibilities as admins of all those machines, I just happen to disagree with the path they are taking.

Comment Trust us, we have root (Score 4, Insightful) 255

Apart from what's already been mentioned here, one bit particularly troubles me:

We are not telling Amazon what you are searching for. Your anonymity is preserved because we handle the query on your behalf. Don’t trust us? Erm, we have root. You do trust us with your data already.

I don't equate having root with having people's data, personally. I happen to adhere to a Ethics Code (SAGE's) that *keeps* me from peeking over people's personal data, *especially* for my own interests. Adding a snitch that report back not only the machine's existence (you get that through APT automated updates) but also personal search requests to Canonical headquarters by default does seem like a major privacy breach.

That the dictator of Ubuntu and Canonical brushes his responsibilities aside like this is downright scary if you ask me, especially given the argument is "we have root, we 0wn you already, sorry bud".

The Internet

Submission + - Fibre break between UK and Netherland causing internet loss past 48 hours. (beusergroup.co.uk)

An anonymous reader writes: Interoute are currently experiencing a network outage on the UK/Netherlands section of their Transmission network. Cause of the issue is a fibre break between UK and Netherland. [snip] OTDR completed and break location identified as a sub-sea break – cable repair ship now being arranged.

Comment a few excerpts (Score 3, Interesting) 101

Good article, quite interesting to see the problems a community is faced when going through standards processes.

Our standards making process is broken beyond repair. This outcome is the direct result of the nature of the IETF, and the particular personalities overseeing this work. To be clear, these are not bad or incompetent individuals. On the contrary – they are all very capable, bright, and otherwise pleasant. But most of them show up to serve their corporate overlords, and it’s practically impossible for the rest of us to compete. Bringing OAuth to the IETF was a huge mistake.

That is a worrisome situation. With the internet openness being so much based on open standards, the idea that the corporate world is taking over standards and sabotaging them to fulfill their own selfish interests is quite problematic, to say the least.

As for the actual concerns he is raising about OAuth 2.0, this one is particularly striking:

Bearer tokens - 2.0 got rid of all signatures and cryptography at the protocol level. Instead it relies solely on TLS. This means that 2.0 tokens are inherently less secure as specified. Any improvement in token security requires additional specifications and as the current proposals demonstrate, the group is solely focused on enterprise use cases.

I don't know much about oauth, but this sounds like a stupid move.

Comment SFLvault (Score 4, Informative) 198

I have been keeping an eye on this project for a while. To quote their description: "SFLvault is a Networked credentials store and authentication manager. It has a client/vault (server) architecture allowing to cryptographically store and organise loads of passwords for different machines and services."

The design seems sound, and it is a server/client model which seem to fit well your "multi-user" requirement, which isn't fulfilled by any other password manager that I know of. It can also automagically log you into different services like SSH, MySQL or sudo and can do multi-hop.

The only issue I have found so far is that installing the server component is a bit of a pain (ie. no Debian package, as opposed to the client side)... but i guess this really depends on the "Linux" environment you are using...

I have been maintaining a list of FLOSS password managers in our public wiki for a while, any suggestions not mentionned there are welcome.

Slashdot Top Deals

It seems that more and more mathematicians are using a new, high level language named "research student".

Working...