Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 Internet speed test! ×

Comment They are also often newer (Score 1) 163

That is another huge determining factor. The big cost is laying the infrastructure. The kind doesn't matter so much. So, if you are doing new deployments, fiber is more likely. The cable company here is all FTTH all the time for new build outs. However once that shit is deployed a replacement is a lot of money that you'd rather not spend. So they are less inclined to do it.

Well new developments also tend to not be low income. Usually middle and upper class is what they target. No surprise then that is where you see more of it.

There are plenty of rich neighbourhoods where I live with no fibre. The one right next to me is a good example. About 2 blocks away, and they have the same cable and DSL offerings I do in my cheap condo. Neither the telco nor cable company feels there's enough money to be made in ripping up and redoing the lines in either place, despite the fact that those houses are almost all 7 figures.

Go out in to a new subdivision though, and it is usually FTTH.

Also when they do rip things up and replace, of course they target the rich places since those people are more willing to spend the money. Offer someone low income the option of $100/month gigabit or $20/month 1.5mbit and they will likely go with the 1/5mbit. Ya it is way more per bit and annoyingly slow on the modern Internet, but it gets the job done and $80/month is a lot in the budget of someone low income.

Comment Re:Agreed, though may I suggest (Score 1) 149

Thanks. I like the look of those a lot. It's a good deal cheaper than a similar Netgate device (my go to since they own PFSense). Only real area it looks like it would have notably worse performance would be VPN since it lacks AES acceleration. But so long as that isn't being used it should be around the same speed as the 4 core atoms Netgate uses.

I may think about one for home. I'll probably stick with my Edgerouter Lite since those Cavium chips just get lower latency than you can get in pure software at this point, but I am a bigger fan of PFSense than EdgeOS for sure.

Comment Agreed, though may I suggest (Score 1) 149

Moving to a better router? DD-WRT isn't as updated as it should be these days and has slow performance. Modern consumer routers are fast because they use packet acceleration tech built in to their chips. DD-WRT doesn't know how to do that (at least not that I've ever seen).

So what I recommend for geek types is go to three devices: Modem -> router -> wireless. You can repurpose your existing router as a WAP, or get a purpose built WAP. Either way, you don't do routing on it. Then get a purpose built router.

My top recommendation is a Ubiquiti EdgeRouter Lite. About $100 for a little wired 3-port device that'll pass a gig of traffic with low latency since it has packet acceleration and knows how to use it. It's a bit on the complex side and you can't do all setup through the GUI (IPv6 requires commandline work) but it is powerful, and they are pretty good at updating it. Runs a customized version of VyOS and provides you with access to all the low level stuff. You can compile your own shit for it if you like (is MIPS64 though).

If that isn't to your taste my second choice is PFSense. You can run that on anything x86 but the devices they sell on their site, made by Netgate, are great choices. Its more expensive to hit a gigabit speed because it runs all in software, and that also means its latency is higher. However that said I like the interface better and it is an exceedingly powerful and flexible firewall. It's updated regularly, you can buy professional support, and since it is software you can run it on anything, including a VM. Runs BSD underneath and you can get access to the low level if you want to mess with it.

Third choice would be a something like a Cisco RV340 or maybe RV320. It's the same general hardware as the EdgrRouter Lite, a Cavium Octeon processor which is MIPS64+packet processing, but with Cisco's OS whacked on. Easier to use overall, though not as flexible. Cisco tends to be ok with security updates. They use a slower CPU and less RAM so you aren't going to get a full gig, but they are pretty fast and are nice and low latency. Not too bad price wise either, like $150 for the RV320.

Comment Re:Seeing is believing (Score 1) 202

If solar panel lifetime is shorter than 15-20 years like you say, why do solar manufacturers offer warrantees for 25 years or more?

A sales trick? Only the original purchaser gets the warranty and they are likely to move before it fails or seriously degrades? Or the poster is using dated technical info, those LG panels might be quite different that what was manufactured a decade or so earlier. A friend considered going solar 10+ years ago and dug into the technical info and it wasn't quite cost effective back then. Today it probably is, but he moved from CA to WA.

Comment Re:Ya, it's called IPSec (Score 1) 67

Oh ok, gotcha. In that case, I'd go for Private Internet Access. Their privacy rules are very good (in all cases we have to take the company's own statement on it), price is good, performance seems to be good, and it uses open standards for VPN connections. It also isn't like some where they are located in some minor island nation you've never heard of, they are in the US.

It's what I use and what my instructor at SANS recommended to someone else this week who asked the same question.

If you wanted to filter all systems though it you'd just need a router/fw that did it, again PFSense would do. It uses OpenVPN by default (can do IPSec as well) and PFSense supports that. Your internal systems talk to PFSense, have PFSense VPN to PIA and then set your routing to do 0.0.0.0 over the VPN. Make sure outbound rules are properly configured so traffic is only allowed over VPN interface and you've got an automatic, transparent, system where all systems will communicate via the VPN. You can always change rules if needed to permit direct communication.

If you don't want a network box you can set up your OSes to auto-dial PIA on start. For Windows this is best accomplished with the inbuilt IPSec VPN client, on Linux OpenVPN works nicely (though either can do both). Again you set local firewall/routing rules to prohibit traffic over the local net and require the VPN to be up. Then just treat it like dialup from the old days.

So give PIA a look, they seem to do well.

Comment Need 3L not 1L ... (Score 1) 202

I have no idea where you're getting 300L a day. A human only needs around 1l of water a day to survive.

No, active adults need about 3L not 1L. So with this device producing about 2.8L it could sustain a single person. Things get complicated with activity levels and climate, and water in food counts towards the total.

The 1L per day figure is life raft level rationing where you are sedentary and either rescued from the sea in a few days or likely to die so additional water is unlikely to change the outcome.

Comment Because government like Internet (Score 3, Insightful) 141

It is getting hard to work in the world with no 'net access. The governments want to use it themselves for many reasons, including just entertainment for the party elite. So, cut that off and they are brought down to the level of their citizens, and that they don't like.

Sanctions can work when they can actually effect the powerful. If you can do something that makes their life worse, that has an effect on them, then they care. This is something that has the potential to do that.

No silver bullet, but nothing is.

Comment Ya, it's called IPSec (Score 1) 67

With IPSec you can set up all kinds of policies as to what can communicate with what and you can, if you wish, encrypt all traffic, even over the local LAN. Be warned: It can get complex and you are going to need PKI set up if you want to have any realistic hope of managing it in an enterprise. However you can set things up so that all traffic is encrypted on the wires for all communications, and so that devices can only communicate with other devices of your choosing.

So for a simple setup you could have a firewall (PFSense if you want a cheap one) that talks to whatever your VPN/Proxy is. Then set IPSec policies so that all your computers talk only to it. All traffic will pass only through the PFSense (even internal traffic) and it'll all be encrypted (if you specify that). You set the firewall/routing rules on the PFSense and you can force all outbound traffic over the VPN, and decide what can talk to what inside.

That's a simplistic setup, and the firewall will be a bottleneck, but that's a simple startup. You then can do things like have system to system IPSec communication, more firewall, additional routing controls (on systems or the network) etc etc.

Comment Not only that (Score 1) 289

GM looks severely undervalued. What a "normal" P/E valuation should be varies depending on who you ask but usually in the realm of 14-20. In really bad bear markets indexes go down to like 7-10.

Well, GM is like 5. That would imply that it is quite undervalued at the moment.

So you have a very undervalued stock, compared to a stock that people are buying heavily on hyper/hope. That doesn't make for an accurate comparison. Sure Tesla has a bigger market cap... now compare earnings and get back to me.

Slashdot Top Deals

You're using a keyboard! How quaint!

Working...