Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 Internet speed test! ×

Comment Re:Get going. And please, get mobile. (Score 1) 6

Happy New Year to you, glad the writing is going. I've been practicing guitar and bass and math. Though I am building out a spiffy server for a friends company.

I'm glad they're hiding UIDs. I think they might also want to assign random names. :P Okay, maybe that's going a bit far. Have you perused the Stack Exchange sites, like Stack Overflow? I find the reputation system pretty compelling. You get points for posting answers which people find helpful, and for interesting comments, and you can vote up answers and questions you find interesting. You can spend those points on hard questions which no one is answering, or on down voting answers you think are particularly bad.

I haven't thought about it deeply, but it seems like the incentives are good:

Points for useful answers
Less points for useful comments
Trading points for hard work
costs for insisting something sucks.

They also have a mechanism for declaring questions to be poor for a variety or reasons. If you have a high enough reputation, you can edit the question to make it clearer. Or you can vote to close it as being too broad, or off topic for the site.

It's pretty cool. There can be problems, but the ones I've seen are pretty high level, such as the problem that the English Usage site is named badly, and gets a lot of ESL people asking basic questions. (Frankly, I think it's a kind of boring site, and I suspect the ESL "mistakes" inflated the traffic, making the powers-that-be decide it was worth bringing out of beta.)

Comment Get going. And please, get mobile. (Score 1) 6

As another long time reader, I agree with Mr. Maynard. People do care. I hope those in power see that.

At the same time, I was reading this on an iPhone, and a classic mistake was made: I agreed I wanted to see the "mobile site", and got redirected away from Maynard's journal entry, despite having been directed there from an email message.

I want the editors and developers to get it right, and this is a part. Please think deeply about priorities and vision. Don't just react, but act to make a site which will meet to real need. Slashdot can be important. It depends on the passion allowed to happen.

Comment YMMV (Score 1) 3

When I was having problems with my desktop, the Genius kept me pretty well informed, and was very friendly, and completed a full day diagnostic for free.

That said, I've heard a variety of stories.

I'd agree that this is an example of poor communications, and poor service, and I would certainly recommend complaining about it to people up the chain. It sounds like this store is less well managed than others.

Comment Re:What's wrong with functional names? (Score 4, Interesting) 429

Nailed it.

With servers being generally virtual these days, and the underlying physical hardware a highly replaceable substrate, there's no reason for an enterprise to have serves which do more than one thing. If a server does only one thing, it ought to be named for that one thing.


Where is that machine? Somewhere in the blade cage. If I yank the blade, it'll appear in a few seconds on another blade. Where is the data? On the giant fiber RAID, which is replicated in the west coast office, and two secret locations.

Compute is a cloud, storage is a cloud, services come from that cloud, the clouds made of physical devices in as many locations as make sense.

The old physical network topology is finally just the nerves and pumps, and no longer the focus.

The focus is the data. The data is what we produce to make value, to drive the business process. Servers aren't special anymore, they're like hammers. You don't name hammers, typically. But you might have more than w=one, and you definitely want to know two things: where is it, and what is it for.


Submission + - Libya SIGINT jamming satellites, towers (reuters.com) 1

h00manist writes: Libya's Gaddafi apparently loves radio hacking. Confirmed to be using signal jamming to disable Thuraya satellite phones. Also satellite TV network provider Arabsat, affecting vast areas in the Middle East, Gulf, Africa and Europe. Perhaps cellphone and internet transmissions also too, which work intermittently. Soldiers confiscate electronics, too. This has gone on for days, allowing killing carried out largely hidden from the world view, quite different from what happened in Egypt. The locations of the jamming signals is known to company executives, around capital Tripoli, but nobody can do anything. Only POTS available, and monitored. Technically, could this happen everywhere? Alternatives?

Comment Re:NO! (Score 2) 498

If someone wants to steal something, and you are trying to prevent it, short of a body cavity search everyday, you've already lost the game. You can steal a code base and drawings for virtually any product by simply copying it onto a USB flash drive, and walking out. Often your cell phone will suffice.

If you are trying to prevent viruses and stuff, the same techniques apply for company owned laptops versus employee owned. If they can take it home, it can get infected. You might ameliorate things by having a forced virus checker installation, but a voluntary one will generally work just as well.

In the end, the only thing you are can't do is take the machine away, but this is such a rare event that it's almost not worth considering.

Comment Re:Yay process (Score 1) 200

Process isn't a substitute for thinking, process is a substitute for forgetting. A well designed process is simply the thing you'd do if you could keep every *actually* important detail in your head at all times.

You should certainly file bugs against a process (in the same way you would against any work product) if you perceive that a step or steps is useless or wrong.

You *are* following a process, it's just ad hoc, and maybe made up on the spot. Formalizing that process is a way to make it repeatable, and debuggable.

That said, and to reiterate, you must fight against the bad process. Bad process isn't clear. It's a bad program. Debug it.

Comment Re:not dumb (Score 1) 169

So, thinking like a would be cracker, the list of basic places to try first:

Persons front door.
One of their windows.
A bank near their house.
Their car, if visible.

Etc. Given the usual kind of passwords people choose for themselves, I expect this will be similar.

Of course, this assumes the cracker can figure out the person's address, but we know how easy that can be.

I have been teaching people to use a complicated random password, but to go ahead and write it down. Then the basic security problem is getting them to control that piece of paper (keep it in your wallet, please), and makes over-the-net cracking much harder. Most of my users never had a problem with this.

Comment Re:not dumb (Score 1) 169

People are dumb. Millions of people would select something like the entrance for Fort Knox, or Norad, or a local bank. You have a training problem just as large as the one you have now.

Comment Understand the fear, and then address the concern. (Score 3, Insightful) 674

1. Do not belittle or otherwise blow off the customer's fear. In fact, hear it, and agree that it's something to think about.

Them: "I'm worried about this Linux stuff. A guy was telling me that anyone could see the code, and just know how to hack it!"

You: "I can understand how that could be a concern. It is a little like having a map of the valuables in your house taped to your front door."

2. Explain why openness is helpful

Them: "Yeah, so what should we do?"

You: "To be honest, sir, the reason why we like that anyone can see the code is because that means anyone can fix those problems. And lots of people do, for the very same reason you are worried about it. They need something that's secure, and isn't going to surprise them."

3. Mention that serious people have a big stake in making this work.

You: "I should mention that a few companies have bet a lot of money on open source, and wouldn't be happy to see it easily broken. IBM, Novell, and Oracle, to name a few, have very large investments in Linux, and have donated many patches to make sure the code is secure. And for that matter, so has the NSA. They have actually extended the security quite a bit, with their Security Enhanced Linux."

4. Reassure them that people are thinking hard about this.

Them: "Yeah, but if anyone can see it..."

You: "...then you have to be extra careful. See, the strategy that Open Source follows, and everyone should, is to assume that everyone *can* see the code, so you better design it so that the real keys to the kingdom aren't in the code at all. You make sure the keys are completely in the hands of the owners of the system, so it doesn't matter if you can see how the lock works, you still don't have the keys."

5. Point out the obvious.

Them: "But what happens if someone tries to slip something in, and is really good at it?"

You: "Once in a while, someone tries. But when a thousand people might look at the files you are trying to sneak in, someone's going to notice. And then a hundred thousand geeks will make fun of you. In public, all over the internet."


Submission + - Daylight Savings Time Increased Energy Consumption

An anonymous reader writes: An article in the Toronto Globe and Mail (here) reports that the change to extend Daylight Savings Time in an effort to save energy backfired. It seems that electrical usage (as reported here earlier) didn't significantly change, but what is new is that fuel usage for cars and trucks increased more than seasonally adjusted figures would allow.
Linux Business

Submission + - Linux sponsered Indy 500 car campaign

fedaykin42 writes: The Tux500 program was created with a simple goal: "to collect community donations to enter a Linux sponsored car in the 2007 Indianapolis 500." For those that don't know, the Indy 500 is one of the world's most viewed sporting events. With approximately 350,000 spectators at the Speedway, over 5.5 million in the U.S., and an estimated 344 million international viewers, this is a great opportunity to get the Linux name out there. The team is actively working to raise enough money to have "Primary Sponsership", which means not only a large logo on the side of the car but also "Team Linux" in the race team name. Donations can only be accepted through May 21, 2007, so fire up your paypall accounts and let's see a very big Tux going 200mph!

Slashdot Top Deals

The trouble with opportunity is that it always comes disguised as hard work. -- Herbert V. Prochnow