Follow Slashdot stories on Twitter


Forgot your password?
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Comment Re:3 Billion Marks (Score 1) 79

For what it's worth they are spying on you anyway, even if you don't have an account. Every time you see a like button--whether you click it or not, you are being facebooked. Every time someone tags you in a picture (even though you don't have an account,) you are being facebooked.

At the end of the day you are better off having an account (even if you don't use it) so you can control your exposure. Also, use a script or ad blocker to prevent those stupid like buttons from running their script in the background.

Comment Re:How do you know? (Score 2) 279

Obviously there is no guarantee--there never is in these days of NSA-intercepted shipments, government-sponsored code changes, etc... There are plenty of steps you can take to minimize the risk of this happening though.

1. Use either Open Source software as your firewall platform (pfSense, m0n0wall, your own creation with pf or iptables, etc...), a firewall appliance based on open-source software that update frequently when vulnerabilities are disclosed (Mikrotik, Ubiquiti, etc...) or use enterprise-grade (even if it's used) hardware (Palo Alto, Cisco ASA, Fortinet, etc...) as long as you have access to software updates. Home and SOHO products aren't going to give you the kind of fine-grained controls you need to do this right. You minimally need VLAN support so you can have multiple WLANs to segregate your IoT devices.

2. Follow the vendor/developers best practices when configuring the above firewall. Don't expose any firewall management services to the internet or your IoT network. If your firewall supports any consumer-oriented crap like upnp, TURN IT OFF! Obviously, don't expose any real computers to the IoT network.

3. Subscribe to your vendors/developers mailing list. This way you can stay on top of any vulnerabilities as they are discovered, as workarounds are discovered, and as patches are released. Pretty much all the major vendors in item #1 have been on the front page of Slashdot within the last 2 years for some sort of vulnerability. It happens. Know about it when it does.

4. Patch your shit. Update your firewall often. Read the release notes so you know what you are fixing, then apply the patch.

Comment Re:Will be a huge victory for hams if signed into (Score 2) 195

A trucker with a CB can send critical information 40 or 50 miles on the 11m band on a good day. Legally they are limited to 5w output. Even with a yagi, this is going to be tough.

HAMs (Skilled QRPers) on the other hand regularly communicate to other continents with 5w of power. Your typical 100-150W HF rig is going to be able to communicate anywhere in the world--or worst case, anywhere in the continental US. Some HAMs are also trained in emergency communications and/or formal traffic handling (to verify the accuracy of messages.) HAMs can use modes like SSTV (Slow Scan TV) to send an image of a piece of damaged infrastructure or a damaged building so engineers or rescuers can come in properly prepared. APRS mode is designed to update a real-time map of mobile and stationary transmitters using GPS. Information like this can also be critical in a disaster information. Rescuers won't have to guess where to look to find an injured person, etc... HAM radio is much more than Morse Code (CW) and people talking to each other like on CBs.

Comment Re:Witch hunt (Score 3, Interesting) 227

Just because you can't think of a reason doesn't mean they don't exist.

Here's a list of people you forgot:
People who regularly trailer cars or heavy equipment for whatever reason
People with non-European sized campers - see below
People with large boats - see below

When it comes to boats and campers, you are not taking wind resistance in to consideration. Many campers in the US are much taller than the tow vehicle causing massive amounts of wind resistance. This is a consideration along with weight. Same with any large boat. If it's sticking way above the roof of the towing vehicle, it probably shouldn't be towed by your sub-compact or little crossover.

Any trailer with brakes should be pulled by a full-size truck or SUV, especially if it's towed on a regular basis. Your little car may say it has a certain towing capacity, but that is assuming optimal conditions and new parts. If you are towing on a regular basis, you *will* put more strain on the drive train, suspension, and brakes than someone who doesn't. Most cars, minivans, and hatchbacks these days seem to be built as cheaply as possible so the extra wear and tear does make a difference. Vehicles that are purpose-built for this kind of work are generally heavy-duty enough to handle it.

It makes little to no financial sense, and is wasteful, to own a dedicated towing vehicle if towing is something you do even a handful to times a year. Most families can't afford more than 2 vehicles, so if towing is something needed and both adults are working, the tow vehicle needs to double as a commuter.

The only heavy haulage work involves moving concrete, sand, or building supplies, and if that's your gig then you need a light commercial vehicle.

At least in the US, full-size trucks are the light commercial vehicle of choice and are often driven to job sites by their owners. You can't really expect a construction worker--think of an independent contractor who for sure isn't making tons of money--to own a separate work vehicle.

Comment Re:From GRC who brought you ShieldsUp! and SpinRit (Score 1) 31

A simple TCP port scan doesn't need root. You are just attempting to open a connection to a port on a given host or hosts. This is the same behavior every network-enabled application is using to establish a connection with a remote host. It's also exactly what ShieldsUp does.

Fancier nmap scans (SYN scan for example) do need root.

Comment Re:From GRC who brought you ShieldsUp! and SpinRit (Score 3, Informative) 31

I suppose the authors of nmap didn't think their tool through correctly because it allows joe-random-employee at $office to portscan the ever loving shit out of every device behind the firewall.

Feel free to block the scanner. That's the appropriate response if you don't like having a port scan done. While you are at it, you should probably sit there and watch your firewall logs and block all of Shodan's bots, and all the malware-infected pcs hanging out there on the internet doing port scans. If you consider a port scan a threat to your office's or your company's security, you are relying on security by obscurity and are doing it wrong.

Oh, and SpinRite does work. I used to work at a university back in the days when floppies were the most common way for students to carry homework around. Every semester at finals time, we would have a few dozen students come in to the student support area in tears because their final/thesis/whatever was on a bad floppy and it was their only copy. I had about a 50% success rate with SpinRite. Better than nothing. I have also used SpinRite to get a drive back in good enough shape to pull an image before throwing it out. I've probably done this a dozen times over the years. I won't say it fixes the drive (or floppy disk), because it doesn't, and GRC doesn't claim it does. Generally the act of reading all the data just triggers the drive's internal ECC and it fixes itself by recovering from a spare sector.

Comment Re:That's just great... (Score 1) 378

Assuming the hinges don't crack, the laptop doesn't get dropped, the power connector doesn't break, the RAM doesn't fail, there aren't any capacitors waiting to blow, and there aren't any hidden cold joints in a BGA socket somewhere, I guess you will have to find a new distro 7 years from now.

Most laptops don't come close to lasting 10 years. Desktops are a bit better, but most of them have been 64-bit since 2006 or so. I don't think it's worth wasting a free software project's time and money to support such a fringe case. I'm sure there will be a demand for 32-bit distros in 2023. You will probably be able to use Gentoo, CentOS, Debian, one of the BSDs, or else some enterprising people will create a niche distribution to fill that gap in the market. You will be fine.

Comment Re:That's just great... (Score 2) 378

No reason to stop. If it does what you need, go ahead. I'm sure source-based distros like Gentoo will still be fine. Distros that focus on long term support like CentOS and Debian will probably still provide a 32-bit distro as well.

I would also like to point out that your 10-year-old laptop is having trouble now. Add another 7 years to that and you will be compounding those problems dramatically. I don't see any (desktop or laptop) computers around from 1999 that are terribly useful today. Some parts from a 15+ year old PC are hard to find nowadays (unless you have a huge stash or like risking your money on feebay.) Think IDE hard drives and DDR1 or SDRAM.

Comment Re:That's just great... (Score 4, Insightful) 378

Well, in 2018, the 2006 MacBook will be 12 years old. 18.04 is an LTS release and will have 5 years of support and security updates. By the time there are no more security patches, the machine will be 17 years old and software exploits will be the least of the user's concerns if it is still his/her main machine.

Comment Re: Not Surprising (Score 2) 249

Ads in the app are one thing. Nobody is complaining about that. Taking over the lock screen and advertising to you when the app isn't open is something totally different. It's no better than the mid-2000s trend of including spyware, browser toolbars, etc... with shareware apps--scummy as hell.

FWIW, I CAN'T STAND in-app advertising at all and spend the couple of bucks on the pro version whenever one is available. Apps that don't have a pro version and insist on in-app advertising get uninstalled unless there isn't a better alternative (WIFI Analyzer, I'm looking at you!).

Comment Pedantry (Score 4, Informative) 68

I'm sick and tired of hearing about "The debate between privacy and security." It's total bullshit. It's pretty hard to have security online without privacy. It's not a balance of one versus the other, one depends on the other. The US Government argues my case all the time when bitching about how when Snowden breached the government's privacy, he adversely affected national security.

This brings me to my next piece of pedantry: I'm tired of hearing about "National Security Issues." Terrorism, ISIS/ISIL/Daesh/IS/Whatever, Al Qaeda, Home Grown Terrorists, Lone Wolves, the Boston Marathon Bombers, etc... do not threaten the territorial integrity of the United States. There is no invasion and there never will be. The government isn't in danger of collapse. Terrorism is a PUBLIC SAFETY concern. Stop pretending otherwise. If we do that though, who is going to keep the money flowing in to the military/industrial complex?

Comment Re:Its useless junk (Score 1) 359

You conveniently skipped this part of the article

Note: Teen passengers donâ(TM)t have the same helpful effect with teen drivers.

You conveniently forgot all people in the world are not teens.

So the other live passengers physically present in the car are likely to help, whereas the on-phone conversation partner typically cannot.

First of all, there is no actual data indicating a passenger is helpful affect either in the article or otherwise. Passengers who don't drive (aren't old enough (teens)), or those who are looking up directions on their phone, or are otherwise not paying attention to the road while conversing cannot help pay attention to the road and negate the supposed helpfulness. Same goes for children or other passengers in the back seat.

The point I am trying to make is that even an article from a reputable source that disagrees with my position (as per the headline) can only use conjecture to argue that talking with a passenger is safer than talking to someone hands-free on the phone. Oddly, the don't show the number on the 1-5 scale for drunk drivers anywhere in the article either. Again, more conjecture. The facts speak for themselves.

Slashdot Top Deals

Lavish spending can be disastrous. Don't buy any lavishes for a while.