Become a fan of Slashdot on Facebook


Forgot your password?
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Comment Re:Story's Not Over (Score 2) 207

If I understand this correctly, Akamai threw Krebs out because Akamai could not handle the DDS. This means I'm never sending any business to Akamai because they can't handle it properly. But it doesn't mean Krebs is off the air for long.

Do you have a source for this? All I've seen is that Akamai/Prolexic was unwilling to keep doing it for free, because it was getting really expensive. That seems like a significant difference, especially from the perspective of somebody intending to pay money for the services rendered.

Comment Re:Dumb (Score 1) 145

Well, mainframe computers have such excellent uptimes (you almost never reboot one) because everything is hot-swappable. CPU failure? Remove the CPU module, insert new one, and continue - all while powered up. The OS takes care of suspending the failed one and scheduling around it. Ditto all other components. Effectively, you should never reboot them.

That's interesting. My recollection from working on them a bunch of years ago was that our mainframes were IPLed on a regular, scheduled basis, because the folks responsible for them were disciplined about it and wanted to make sure there would be no surprises when one needed to be restarted. The fault tolerance you mention was used to make sure that the scheduled IPL's were the only times they went down though, and I never saw any unplanned downtime on them.

Comment Re:VPN Difficulties (Score 1) 197

I use Cloak on iOS, and it supports this functionality. I configure it to allow unencrypted traffic on specific trusted networks, and the VPN auto-connects on any network that I haven't approved, blocking other traffic until the VPN comes up. It seems to use the enterprise features Apple has provided to do this via a VPN profile, and it works very well. I have no idea what features it supports on Android and/or Windows Phones, but I'm very happy with it on Apple devices.

Comment Re:Hopefully the applicants had a relevent backrou (Score 1) 809

Asking whether the document is PDF or Excel demonstrates a lack of understanding. The document type is irrelevant. It is a file of bytes. You want to send those bytes securely. (And you may want the receiver to be able to verify that it actually came from you.)

It demonstrates either a lack of understanding or more than a passing familiarity with the applications. MS Office has used AES for the built-in encryption since Office 2007. That would seem like a reasonable choice for sending a file to a contact, provided you choose a strong password and communicate it out-of-band.

Comment Re:The former iPhone user is an idiot. (Score 1) 238

They could change the timeouts. If an iMessage is sent to a destination that's a phone number (instead of an email address), and a device configured to receive messages for that phone number has not checked in within the past 5-7 days, deactivate iMessage for that phone number until a configured device checks in again.

I agree this is mostly user error and haven't had any problems resolving it for people who've asked me about it, but people don't typically anticipate this result when switching phones, so containing the undesired effects to a shorter transition window would seem like a helpful thing to do.

Comment Re:But is it even usable? (Score 1) 208

IMHE tape is always an order of magnitude slower than the advertized speed, so it is likely even worse than what you calculated.

If your tapes are writing that slowly, something is wrong, and I'd be worried about shoe-shining. Without putting much effort into it, my LTO5 jobs currently run at around 125-135MB/s. With modern tape, it helps a lot to stage to disk first, or get software that can multiplex backup streams to keep the tape buffers fed.

Comment Re:The 21st century formula for a successful compa (Score 2) 291

You may not be a native English speaker, so you may not be aware of the fact that we have no gender-neutral, third person, singular pronoun for a person.

This isn't true. There is a gender-neutral, third-person, singular pronoun for a person. In the nominative case, that pronoun is "he". In the objective case, it's "him".

Yes, it's ambiguous that the gender-neutral pronouns are spelled and pronounced the same as the masculine ones, but it's far from the only case in English where we've got two words spelled and pronounced the same that mean different things. I always figured if people wanted to communicate in an unambiguous fashion, they'd choose a language other than English..

Comment Re:Something To Think About (Score 1) 91

Of course this is a chicken-egg problem in that it then ties back into DNSSEC and root level trust in DNSSEC needs to be solved (through CAs for now) but it decouples the problem and leverages the architecture of DNSSEC (we really do need it anyways) to provide arbitrary certificate trust without putting undo burden on DNS. If we are going to have to have DNSSEC to fix DNS we may as well use it for more than just name to IP resoultion. There is no reason to solve the trust problem more than once since and as long as we use DNS based hierarchies to specify machines or end users (e-mail accounts) we have to trust DNS. The fact that today pre-DNSSEC we blindly trust unsigned DNS replies is the only reason the parallel certificate hierarchy exists at all.

In the current arrangement, the parallel CA hierarchy allows you to provide a (theoretically) verifiable connection despite your registrar or DNS provider being perhaps less reputable than you'd like. For an attacker to silently redirect your SSL traffic, he has to compromise at least two external entities--your CA & DNS host/registrar or your CA and somebody in a position to MITM your traffic (obviously a local compromise gets him everything, but this is within your direct control). While I'm no fan of the CA model, the stuff pulled by companies in the DNS market (registrars and hosts both) make the CA's look positively responsible, and handing them all the keys necessary to silently redirect traffic makes me uneasy.

It seems that by suggesting these functions be consolidated into DNS, you're effectively saying that by consolidating two untrustworthy parties into one untrustworthy party, you'll be more secure. I'm pretty sure I don't agree with that, but I'm willing to listen. How do you address such criticism?

Comment Re:Kernel shared memory (Score 1) 129

This is an interesting approach, especially across hosts in a cluster. Is it safe to assume you expect your hosts and interconnect to be very reliable?

I'm curious about the methods you use to mitigate the problems that would seem to result if you clone VM 1 from Host A onto VM's 2-10 on hosts B-E, and Host A dies before the entirety of VM 1's memory is copied elsewhere. Can you shed any light on this?

Comment Re:Vitual center (Score 1) 183

Perhaps not, depending on the other load the system is working on. Because of the way VCPUs are scheduled (at least in VMWare) that 8-vCPU VM won't get a time-slice until such time as there are 8 real cores available for the duration of that slice.

While this was true in ESX 2.x (which introduced virtual SMP), this is no longer the case. This limitation was largely removed with the introduction of relaxed coscheduling in ESX 3.x (2006-ish). More information is available in this document.

Comment Fats are the key! (Score 2, Informative) 763

It should be cooked until the fats have just liquefied, for optimal juiciness and flavor. In my experience, most good restaurants call this "rare". At most other restaurants, it's a complete crapshoot, which is why I typically prefer to cook steaks at home.

Start with high heat to sear, move to lower heat to finish if necessary, and don't forget to let it rest before you serve/eat it. Rubs are an exercise left to the reader, but kosher salt & fresh-cracked pepper make a good place to start.


Comment Re:Things I look for (Score 1) 456

So what you are saying is that you or your company can't deliver services that you or your company promiss so it's your customer's fault for not buying additional services from other people that can?

That's not what he's saying at all. He's advising you to not put too many eggs in one basket. I'd be more inclined to trust a company that gives such advice, because it's good advice.

If you have all your data and DNS stuff locked up with one company and you want to switch to a new provider, you're at their mercy. If they go under or have a management change that inspires them to be less responsive, you're screwed.

If you use one company as registrar, another to host your DNS, another to host your live site, and another to host your backup, more people have to screw up before you've got an irretrievable mess. If the ones hosting your live site screw up, you can replace them with somebody else, repoint the DNS with your DNS provider, and restore the data from the third-party backup provider. Good luck doing this if you put all your eggs in one basket because the provider assured you they were competent and there was no need to hire anybody else.

Replaying this scenario with screwups on the parts of other parties in this arrangement is left as an exercise for the reader. Alternately, you could just place all your business with the same company and wait awhile. Eventually you'll be pulling your hair out one night saying to a coworker "If only we had placed [blah] piece of this with another provider, we could have had the site back up by now..".

Comment Re:Cup half empty if it worked (Score 1) 202

Still, I'm a bit surprised that they would try this, completely eliminating the snow will slow the warm-up process in spring, and any vegetation will have a much harder time coming back. The snow prevents the ground from freezing as deeply - without it a lot of plant roots die during winter. Do they really have so few plants in Moscow that this is no big deal? No parks or anything?

I remember there being some small parks around Moscow, but I don't remember any being very large or particularly noteworthy. One of the things there seems to be no shortage of in Russia is labor--you'll find humans performing tasks there that seem either completely unnecessary or like they should've been automated away long ago. This extends to park maintenance, as well. I was amazed at how many people it seemed to take to water the flowers in the park outside the Kremlin the last time I was there. I'd be surprised if they worried about it taking a little more work to get the flowers to grow due to lack of insulating snowcover over the winter.

From the perspective of a modern-day westerner, russians seem to have an interesting relationship with nature. When they build cities, they don't play around. They pile in the industry, and the cities are typically dirty and hazy from exhaust of various kinds, dirt, etc. The parts of Russia I've seen outside of Moscow & St Petersburg look a lot like the photos I've seen of Soviet-era cities, aside from the gradual infiltration of english words in signs over the past several years. In contrast, it seems many families--not just the rich--have summer cottages on the outskirts of the cities which are teeming with gardens and plants and anything green or edible, and are quite pretty (ignoring the smokestacks billowing in the background). It's like they have everything neatly compartmentalized.

I can also see why they seem more willing than we are to screw around with the environment. They don't really have suburbs and sprawl in the same way we do in the US. As you ride the train through the countryside, you see a city with some villages clustered around it, then hours upon hours of solid trees and grasses, then another city with some villages around it, then more hours of trees and grasses. It's an enormous country, and it seems largely unpopulated by humans, aside from those small clusters around the cities you see every so often. It's easy to not worry much about nature when there's so much of it around.

Sounds like a sad, dreary place if so.

You think those famous russian authors all wrote depressing novels by coincidence? Personally, I loved St Petersburg in February, but I'm a little odd that way. I've spent an aggregate of about six weeks in Russia over the past couple years, and while I find the culture fascinating and the people wonderful, I'm not sure I could handle living in any of their cities for an extended period of time. There's a possible exception in St Petersburg, but that one's too european to really be russian, anyway. Russia is definitely a cool place to visit, though--I highly recommend it if you get the chance.

Slashdot Top Deals

Any program which runs right is obsolete.