Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Comment Re:Competing theories (Score 1) 88

Here's some past examples of True Pundit "journalism" for you.

  * Clinton secretly wearing mini stealth earbud to receive answers from her team during the debate

  * Clinton was using secret hand signals to tell Lester Holt what to say

  * Claims Clinton had a medical issue during the debate and Trump mouthed the word "Seizure"

  * Offers a $1m reward (as if a website like True Pundit has $1m) for Clinton's medical records, suggesting that she has "dementia, post-concussion syndrome, Parkinson’s disease, brain tumor, brain injury, complex partial seizures, and/or many more alleged ailments" and is followed by a doctor disguised as a Secret Service agent carrying an autoinjector of diazepam.

Comment Re: Wikileaks is a toxic organisation. (Score 2) 87

Um, have you seen their Twitter feed lately? It's a nonstop feed of anti-Clinton propaganda, half of it retweets, a lot of the claims so bad that even Wikileaks supporters on the Wikileaks Reddit sub have been calling them out on it. It's morphed into Breitbart.

They're even repeating Trump's "rigged election" lines:

There is no US election. There is power consolidation. Rigged primary, rigged media and rigged 'pied piper' candidate drive consolidation.

Comment Re:easily made up in peripherals. (Score 1) 419

Speaking as an admin, the number of mac users that request elegant peripherals is not trivial.

No doubt, but a business is allowed to say 'no' to those requests, if it feels it's not worth the money to buy the elegant peripherals.

I imagine a lot of businesses probably don't care though, since compared to their ongoing salary costs, the cost of an occasional frou-frou trackpad is rounding error. If a one-time $80 purchase makes a $3000/week employee happier and/or more productive, why not?

Comment Re:Were the users randomized? (Score 1) 419

Tried that. It didn't work because the technically inept parent still had just as much problem with the Apple product. It turns out that you can't idiot proof something.

Sometimes you gotta up the dose. If a Mac isn't simple enough, switch them to an iPad. If they can't handle the iPad, then there's no hope, you'll need to migrate them back to pen-and-paper.

Comment Re:Were the users randomized? (Score 1) 419

it's a hidden cost that is virtually impossible to tally on a spreadsheet: your productivity is lost while you fix that problem. Did it take you an hour, where a tech might have taken 10 minutes?

Not really an issue at my employer, where the IT department will always take at least 48 hours to respond, followed by an additional 8 hours to diagnose, only to conclude that my Mac "must have come down with a virus" and recommend that I reinstall Windows on it.

(only mostly kidding)

Comment Investigating IF this is a criminal act?? (Score 1) 248

At the very least it's criminal mischief -- denying someone the legal use of their property. You can add all sorts of cyber crimes to the pool as well -- like using zombie servers means accessing (hundreds of) thousands of people's computers without authorization or permission.

The next thing to look at is whether or not this is just a dress rehearsal for a real attack. My guess is that this is just a test... They want to know what it takes to shut down a chunk of the internet. Next time will be the real act of 'terrorism'.

Comment Re:DCMA Fair Use / Parody (Score 1) 214

No, it wouldn't. These notices are made on behalf of Samsung about an exclusive right to something about the Galaxy 7 which is allegedly being infringed. The assertion of infringement has no legal standing, but the assertion is made on behalf of the owner of an exclusive right that is allegedly infringed.

A judge can find a load of other shit you're doing wrong if you're misusing the statute. Abuse of the legal system is frowned upon.

Comment Re:6.8 Billion (Score 1) 305

Yes. I've run numbers before. No, I'm not going to be bothered to do them again for a Slashdot chat on a thread that's rapidly becoming out of date. Feel free to do your own if you doubt me. Take a sampling of solar plants with a realistic capacity factor and a sampling of hydro plants with a realistic capacity factor, and compare. You'll need a broader sampling on hydro because solar thermal plants are "fairly" consistent (with the exception of compact linear fresnel plants, of which last I checked there was only one), while hydro reservoir sizes vary wildly for a given output.

Comment Re:Mitigations (Score 1) 89

The simple mitigation is to not have local users who will hack your machine.

If you run a server, an exploit of the server software (nginx, PHP scripts, Ruby on Rails, etc.) will provide local non-root access, which you can then root.

If you run your server software in Docker, then the host system's binaries aren't exposed. That means an attacker can't modify the disk cache for /bin/su and then su to root; he can only modify the disk cache for /bin/su or glibc from e.g. the debian:jessie image that the Docker image the container used is based on. Elevation in the same container is useless: anything mounted read-write is likely already writable by the software the attacker exploited in the first place, so they have that access; and modifying the system is pointless, since you can just destroy and recreate the container in 10 seconds.

A container exploit might give a cross-container exploit to all containers eventually descended from the same version of the same base image (e.g. everything ultimately built from that release of debian:jessie), but it's tricky. You can modify e.g. /usr/sbin/nginx and send a reverse-shell to all nginx containers; or you can modify glibc and get it into everything using the same base image (because it's from the same disk blocks, thus the same disk cache). Either of those has to use the existing memory space (can't add empty memory pages or use anything outside the file), replace code in an existing function, and not outright crash (or the container terminates and all processes end immediately); and a glibc modification would make your reverse shell kind of useless (bash would just re-exploit and call a new reverse shell).

Escape to the host system is as impossible as it is without this exploit, so there's that.

So, for some server software configurations, this is diminished to the point of uselessness. For others, they get the www-data user and then su straight to root.

Comment Re:Were the users randomized? (Score 1) 419

I have never had those problems or had anyone on my team of 9 and my team of 15 have those problems on windows PC's either.

However, I agree the Mac has a more polished operating system. That's usually been at a higher initial cost however. I went to PC's in my personal life because Mac's were 3x to 4x the cost for less capability. The ratio is much lower today but even five or six years ago, macs were still significantly more expensive.

Slashdot Top Deals

Scientists will study your brain to learn more about your distant cousin, Man.