Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Comment Re:May not be illegal, but will any post neg revie (Score 1) 154

No. If the product was bad then that'd be worthy of a 1-star product review, but if you bought 6 of something and only one showed up, that doesn't justify a 1-star review of the product. It would justify a 1-star review of the seller if they don't fix it, but the seller and the product are different things.

(I'm not saying that I necessarily agree with rejecting the review though, because product reviews are sometimes the only way to give feedback about a specific seller.)

Comment Re: Finally (Score 1) 540

And yet it really will be different soon. So far automation has just caused people to move from one type of job to another, but we're getting to the point where AI+robotics will be able to handle the replacement jobs as well. What are you supposed to do when your job is automated and all of the potential replacement jobs are automated as well? There won't even be "programming the AI" jobs, because AI can program too.

This may not actually happen this generation, but it is going to happen, and probably sooner than you'd think.

Comment Re:And with StartCom dead... (Score 1) 136

Even most paid certs are only verified with a file on the webserver or an email sent to the domain.

EV certs are the exception (and in that case the CA does, or at least is supposed to, provide an actual useful identity verification service), but for normal certs you can easily automate the check in exactly the way LE does.

Comment Re:Needless bullshit (Score 1) 136

Read the rest of the post. Strong evidence that the JS was being injected by a middle hop, notably one inside the network of the ISP responsible for China's great firewall.

That they targeted an ad network doesn't mean it was yet another bad ad, it just means that the ad network was a good target because of the way it was included on many other sites.

Comment Re:Needless bullshit (Score 2) 136

Last year, Github was hit by a DDoS caused by attack code injected into plain-text http:// traffic by someone in China.

Let's assume for a moment that the attack on Github consisted of altering the contents of a single 50 byte packet. If that 50 byte packet corresponds to 0.0000000000000000000000000000000000000001% of rewritten traffic, then the remaining 99.9999999999999999999999999999999999999999% would correspond to 10^19 yottabytes of traffic.

Bearing in mind that total global internet traffic is barely even one zettabyte per year, let alone over a million trillion yottabytes, I think it's reasonable to conclude that the percentage of attacks that occur on the webserver as opposed to somewhere in-flight is lower than 99.9999999999999999999999999999999999999999%. (Especially when you consider that the DDoS that Github was struggling with for 4 days most likely involved rewriting more than a single 50-byte packet.)

Comment Re:several people (Score 1) 190

If Mirai could spoof source addresses then it could use DNS amplification attacks and the like to send even more traffic. Mirai is particularly impressive because of the amount of traffic it can source without doing that, but that doesn't mean that spoofing prevention had no effect on it.

Comment Re:First lesson (Score 1) 135

They'll have more address space available, but it'll still be in contiguous blocks. If an ISP as a whole is being a problem then all you have to do is block their v6 allocations, which is no harder than blocking their v4 allocations. (Or possibly easier since the ISP is likely to have a single v6 allocation vs dozens of v4 ones.)

Comment Re:There *was* a proposal simpler than IPv6.. IPxl (Score 1) 125

IPv6 is a one-page solution too, if you ignore all of the actual details.

As a small example, consider these two paragraphs that the page says for DNS:

Name to address mapping is performed with the AX record. AX returns a 64-bit IP address instead of a 32-bit IP address. A DNS server which supports IPxl should automatically translate any known A records for a given name to AX records by prepending 0.0.0.1 to the address. It should likewise automatically translate any AX records with the prefix 0.0.0.1 into A records.

PTR records for IPxl are located under "ipxl.arpa" and work the same way as the records in "in-addr.arpa". A special tree will be created for *.1.0.0.0.ipxl.arpa which CNAMEs each individual record to the respective record in in-addr.arpa leaving the in-addr.arpa zone authoritative.

And here's what the v6 equivalent would look like:

Name to address mapping is performed with the AAAA record. AAAA returns a 128-bit IP address instead of a 32-bit IP address.

PTR records for IPv6 are located under "ip6.arpa" and work in much the same way as the records in "in-addr.arpa", except that each level of the hierarchy represents one hex nibble rather than one byte.

It's a lot simpler, even. And then it comes time to actually specify the standards, and you need to issue an RFC that adds an AAAA (AX) record type to DNS, and an RFC that specifies rDNS and instructs IANA to create the reverse zone, and RFCs that tell people how to handle a mixture of AAAA (AX) and A, and RFCs that cover SMTP's MX record interaction with AAAAs/AXs, and oh let's not forget that there's no standard API for looking up non-A records in programs so you've got to specify that too.

The only reason IPv6 is so "complicated" is because we did go through and specify the necessary changes to all affected protocols. All of these "one page alternatives" would've had to do the exact same thing to get them operational, and thus would have ended up with just as much "make-work" as v6. Except it's not make work, it's the necessary work to support expanded addresses.

Comment Re: I manage Internet connections in 148 locations (Score 1) 125

Assuming you meant Comcast, they should have v6 deployed over their entire network. Qwest are apparently doing 6rd so you should be able to get v6 with them too, albeit over a tunnel.

Can't comment on dialup though. I suspect most ISPs would rather just let their dialup platforms die rather than change anything about them.

Comment Re:Bullshit (Score 1) 284

Okay, you've confused me, I'm not even sure which of my reasoning you think is flawed, let alone why. I'll try again from the start.

You said this:

And on the other hand, as soon as a civilization is living in a simulation, it cannot create a simulation of equal complexity anymore, so as soon as it has happened, the complexity of the possible simulations drop (for simplicity, assume below 0.5 of the surrounding simulation), so withing a small number of steps (simulation-in-simulation-in-simulation...), we have that any simulated world will have a simulation complexity very close to zero.

Which seems reasonable enough, but then you said this:

As our world clearly has a complexity significantly above zero,

which isn't actually clear at all, but even if we assume that it was:

the probability of us living in a simulation is essentially zero.

...this doesn't follow. If you picked a simulation at random, the probability of it having humans in it would indeed be close to zero. However, the number of simulations that are complex enough to support humans will still vastly outnumber the number of real universes, so we're still more likely to be in a simulation than not.

Slashdot Top Deals

Men occasionally stumble over the truth, but most of them pick themselves up and hurry off as if nothing had happened. -- Winston Churchill

Working...