Please create an account to participate in the Slashdot moderation system


Forgot your password?
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Comment Re:ISP's need to hold each other more accountable (Score 1) 237

One of the major things that needs to be fixed is to put an end to IP address spoofing. Generally, the worst of these attacks are some sort of amplification attack, where the attacker sends requests to some legitimate service that comes back with a large amount of data, and spoofs his IP address to the target of the DDoS. The first thing every ISP router should check on any packet is "Is it reasonable for a packet from this IP address to come in on this wire?" and if not, drop it. And at some point, "If you allow packets with spoofed IP addresses out of your network, we won't talk to you. At all."

Yeah, there may be some legitimate uses of spoofed IP addresses for diagnostic purposes, but as has been said elsewhere, "This is why we can't have nice things."

Comment Re:Slashdot needs that too (Score 1) 220

Kill files based on keywords and users would be a boon. It's not so much about being "offended", it's more about killing a lot of crap.

This. I want to kill file , for starters, any mention of Trump, Clinton, anyone associated however remotely with the Kardumassians, football, and celebrity gossip.

Comment Re:Analysis of the videos (Score 1) 251

Maybe some of the outer walls would fall off, but there would be a central core at least 1/2 to 1/3 of the height of the building sticking up.

I don't know why I'm attempting the hopeless task of trying to educate a "loose change" type person, but this shows you don't know how the Twin Towers were constructed. The outer walls were the structure. It was not hanging off of a central core. And before you do the tired old "fire can not soften steel" thing, google "Sherman's Neckties".

Comment Re:the H1B salary level needs enforcement / direct (Score 1) 338

My modest proposal -- if a company does the "lay people off and replace them with H1B workers" thing, they completely lose the right to hire ANY H1B workers, not now, not in the future, not ever. And any H1B workers they already have on their payroll get converted to green cards, so they are free to go elsewhere.

Comment Re:Unions are needed! (Score 1) 338

Beats me why many people think one of these is a great thing and the other is a problem.

One reason: Compulsion. "You are not permitted to have a job unless you join the union, submit to all our rules, work based on strict seniority as if everyone in each particular job were identical interchangeable worker-units, and activities rigidly controlled by job description, including requiring you to call a Union Electrician when you want to unplug your desk lamp and plug it in on the other side of your desk, you must walk off the job and bad-mouth the employer when and how we tell you to, and pay us a substantial percentage of your pay for the privilege, much of which goes to political candidates you despise. And if you don't like it, tough cookies, you don't get to have a job unless we say so."

Remove the compulsion, and I don't have a problem with them. Cue shrieks of outrage about "freeloaders" from all the totalitarians at this point.

Comment Re:Countdown to endless arguments in 3.. 2.. 1.. (Score 1) 248

Except that flying didn't actually violate the known laws of physics...

Eppur si muove trumps all the "laws of physics" in all the textbooks in all the universe.

If it works, it'll prove we don't have as absolutely complete and comprehensive a knowledge of the actual laws of physics as we think we do.

Assuming it does work, which I would not put any money on. But if it does work, that will be very exciting

Putting it in space should settle the "does it work" issue.

Comment Switched from Open to Libre... (Score 4, Interesting) 137

Oracle's antics caused me to switch from OpenOffice to LibreOffice, not from any "GPL Purity" reasons (which I care little about) but from a reasonable suspicion that Oracle, being Evil, would soon do something I did not like.

When it was given to Apache, I'd basically consider it a toss-up between the two, but I was already on LibreOffice, and didn't have any particular reason to go back. Since then, Libre seems to be a more active project than Open, so I prefer it on that basis.

I suspect that's a lot of the issue -- People left "because Oracle" (makes Signs against Evil) they're very close to the same software, one is getting more work done on it than the other, no particular reason to prefer OpenOffice.

Comment These are rampant. (Score 5, Informative) 189

This has been going on for at least three years that I know of. There's no real "hacking" involved here at all. Just solid research and social engineering.

The thief finds out the name of the CEO, and possibly his email address.

He then finds the name and email address of the treasurer or controller, someone who can transfer funds.

The thief may register a look-alike domain, for instance, "" instead of "". (Depending on your font, you might not be able to tell the difference between those two without a magnifying glass. Or even with one.) Or, he may send the email forged as "from" the CEO's real email address with a Reply-To header diverting replies to a Gmail, Hotmail, or email address. (We all know how easy it is to forge email addresses, right?) Or, he may just have a normal-looking Yahoo address. Usually, the "human readable name" of the From header is the CEO's real name, so MS Outbreak will helpfully not show the victim that the email address is not right.

The thief addresses the treasurer or controller by name. Sometimes the initial email is nothing more than "Hey, Bob, are you in the office today?" If Bob bites, then the pitch for the transfer is sent. Or, the transfer request might be right up front. A common phrase is "I'm in meetings and can't take calls, kindly email me." If the thief gets no answer, he'll often send a "Bob, did you get my last email?" ping.

Amounts are usually in the few tens of thousands of dollars. If the financial officer falls for it, more transfer requests are likely to follow until they finally wise up.

I saw one where the thief somehow knew about a legitimate transaction, and inserted himself, saying "We changed banks, send the payment for that shipment of widgits to our new account, ..." That one I suspect was an inside job.

A related scam is "Hey, Bob, I'm in China, and this fantastic merger opportunity came up. It is absolutely imperative you keep this completely quiet, and tell NO ONE about it! The lawyer who is handling this will be contacting you in a separate email." This scam can go for hundreds of thousands or even millions.

Defense: Everyone who handles money, and everyone who says how money is to be handled, most especially the CEO, must agree and sign off on an absolutely inflexible rule that financial transactions are NEVER NEVER NEVER done just on the basis of email. Actual voice confirmation should be required, or the request must go through the company's normal accounting application, etc.

Comment Re: Perpetual motion machine of the first type (Score 1) 532

Oh, for a mod point to mark this "funny".

Though, if the cosmos is a simulation, one way to prove it would be to find a way to hack it.

On the other hand, if you do, THEY will likely save the state, halt the simulation, debug their code, then re-start it with the vulnerability closed, and we'll never be the wiser, except "That's funny, that worked yesterday..."

Comment Re:Prepare to be (Score 1) 532

Eppur si muove trumps "Known Laws of Physics", Newton, Einstein, Hawking, and everything else.

Assuming, of course, it actually does muove. I'm not convinced. But if they've gotten this far, I say, launch the thing, run it in space, and see if the anomalous thrust still happens.

If it does, then it's the "Known Laws of Physics" that have to bend to reality.

Slashdot Top Deals

A penny saved is a penny to squander. -- Ambrose Bierce