Follow Slashdot stories on Twitter


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 Internet speed test! ×

Comment Fido & UUCP were my communications eye-openers (Score 1) 181

I loved BBSs, used them from 300 baud on up in Winnipeg. They were great for the local scene, but it was the advent of store-and-forward networking that really blew me away. Mail and newsgroups to and from my home system, through a guy working at an ISP (hi Greg!), and off to the world.

By batching up messages together and sending them in a periodic squirt, you didn't need to tie up the phone line for long. Sending email meant storing it in the spool, and it would go out soon enough when the connection next occurred. Now that I live on a coastal island where DSL doesn't reach everywhere, I wonder if this tech is still useful. Ditto for when things go down (tree on the wires, this time of year), would love to see a robust, distributed alternative. Maybe a mesh net?

Comment Re:Were the users randomized? (Score 1) 524

Of course they had lots of issues still, they're *marketing*. Across all my years' experience in a few companies, I have never seen a group more technically inept than them, except perhaps for sales. Sure, there's an occasional bright light, but the field sure attracts the techno-peasants.

Comment Those that are still here? Maybe. (Score 1) 205

I'm in a company that was acquired by a competitor, where the resulting company was in turn acquired by a much larger, overseas firm. That latter firm knows little I think except the balance sheet, so things are really managed by the CEO of the first acquiring firm. He isn't at all from our field, says the right things, and much of it bullshit. Most of the firm I came with is gone, on their own or when much of it got closed suddenly. So yeah, many of the employees he had would fire him, but it's probably 50-50 on those that are left.

Comment Re:Encrypt everything (Score 1) 94

Heartbleed was/is a critical issue, and easy to exploit to be sure. On the other hand, you had to attack a server to try and find useful bits of information such as the private key for that server. Bad as it is, I'd far prefer that to *plaintext*, in which every knob-puller between you and the server is free to muck with it as much as they want, with no clue that it's going on. With all its warts, even the unpatched servers provide more help than hindrance, should it be used.

ASCII-based plaintext protocols are great for hand-bombing via a terminal, but really have no place in the modern world. Encrypt everything, all the time, and high muckety-mucks have to be specific about which needles they expect you to reveal.

Comment Encrypt everything (Score 1) 94

Services are increasingly moving towards HTTPS by default, which is awesome. Besides the obvious privacy implications, it prevents these ISP wankers from messing with your content, as it all becomes a sea of bytes (as it should be).

There have been hints of this sort of meddling in the past, when providers started injecting ad banners and other cruft into web responses.

Comment Ugh, need a clue-bat for commenters (Score 1) 120

What's with all the anonymous wankers beaking off about PHP vs Node, or JavaScript in general, when it's a server-side parsing of input that leads to the vulnerability? WebGoat was written as an on-purpose vulnerable web app for learning on, maybe some of you should download it and Burp or ZAP and do some self-education. OTOH, I'm sure someone would look at WebGoat, and respond with, "OMG, Java is teh suckz!"

Comment SANS is great content, if expensive (Score 2) 70

I've taken the intrusion detection and incident handling courses, with certs in both (still have the latter). When considering them, try to align with what you figure you'll be doing job-wise, if you know. The intrusion detection stuff was great for grubbing through packets to figure out what's going on, where the hacker tools and incident handling gives you some hands-on playing and knowledge you'll want for incident response. I wasn't doing any network monitoring in my role though, so didn't keep up the intrusion analyst cert, but I did love the course.

Slashdot Top Deals

Real wealth can only increase. -- R. Buckminster Fuller