Follow Slashdot blog updates by subscribing to our blog RSS feed


Forgot your password?
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Comment Re:DDOS will continue until we decide to stop them (Score 1) 264

(1) The owner of a device attached to the Internet must make a reasonable effort to maintain it. Specifically, they must install security updates in a timely fashion. In addition, they must disconnect the device if they are unable to maintain it. No device or piece of software lasts forever. You don't get to keep using a PC with Windows XP, or a 10 year old router with dozens of known security holes -- you need to throw them away. Failure to do so will make the owner liable for damages if their device is used in a DDOS attack.

Useless. New devices are at nearly as much risk as old devices; that it's new should not in any way make you feel secure. You'll also be fighting legitimate businesses with legitimate use cases for, say, Windows '95. Specifically, that their legacy software and drivers have never been upgraded by the people who wrote them, and don't work on newer versions of Windows.

(2) Network operators shall be required to ensure that packets originating on their network have a valid source address (e.g. use filters at all ingress points). Failure to do so will make them liable for damages related to the DDOS attack.

(3) Network operators shall be required to provide rapid technical assistance to trace DDOS traffic that is passing through their network, so that it can be traced back to it's source. Failure to do so will make them liable for damages related to the DDOS attack.

Also useless. The modern day DDoS isn't necessarily about flooding a site with spoofed packets from a small number of high-bandwidth machines. It's about sending a tiny number of legit packets from an enormous number of compromised hosts. No outbound packet filter is going to be able to discern the good from the bad (and since the host is already compromised in the first place, there's no help there either).

There are exceptions, of course; for example, many IoT devices should be nuked from orbit, as they have no legitimate reason to EVER talk to most web sites.

I do agree that people should be held accountable for having insecure crap on the Internet and allowing it to participate in attacks. Detection and enforcement, however, is much more difficult than one would think.

Comment Re:The eternal balance question... (Score 4, Insightful) 264

The dynamics of this issue have changed considerably.

Five years or so ago, going offline was a Big Deal. Nowadays, people (both users and CxO's) don't seem to care as much; outages are transient, and accepted as a part of the cost of doing business. It's kinda sad for those of us who build high availability systems, but at the same time it's probably a lot more realistic for the budgets of most businesses.

Part of it, IMO, is that the Internet has been around long enough now (in a commercial sense) that the users are finally more prone to saying "my Internet is down" than "my Twitter is down".

Perception is everything.

Comment Re: Advertising/Commercials Killed TV (Score 1) 198

Tell that to Netflix.

And to my $70/mo "basic cable" bill (of which only about $20 is 'taxes and fees' -- wtf?!).

I don't mind paying for what I use; that's fine. What I do mind is that the content providers are so entrenched that they can charge far more than their content is actually worth. I also object to both paying for cable, and being saddled with a ridiculous number of commercials, some of which actually play over the program I'm trying to watch!

Enough is enough. I'm moving in a couple of months; I'm going to put a TV antenna up in my attic. Cheaper, better quality, and carries the four to six hours a week of TV that I actually watch.

Comment Re:So why hasn't the video creator counterclaimed? (Score 1) 218

No company would have risked investment without it.

Revisionist history if I've ever seen it. By the time the DMCA turned up on the scene, companies were already heavily invested. The DMCA did nothing to foster that. As written, it merely serves to provide content owners more power over anyone they claim is abusing their copyright.

Note that "claim" is not the same as "can prove"; and that is where the DMCA falls down IMO. The burden of proof should be on the claimant, not the target who can be so simply and expediently silenced simply because someone doesn't like what they have to say.

As this issue has very clearly shown.

Comment Re:How much of this is productive time? (Score 1) 403

Google serves 3 meals a day to their employees, and expects you to be there long before/long after those meals to make up for it

And then they give you your 20% "work on whatever you want" time in the hope that you'll produce the Next Big Thing, which they can then appropriate because you came up with it on "work hours" and on "work property".

Anyone smart does not perform true for-hire invention for the company that hires them unless they have a very well negotiated contract up front that allocates them a portion of the revenues.

Comment Re:Quoth the study: (Score 1) 403

This is pretty simple, really.

Look at your cost of living for the last 30 years. Find the trend. Extend that out the next fifty. Now go and find investments for your $2M that pay enough in interest and/or dividends to cover it.

Can't find it? You need more money in the bank.

Found it? Go ahead and retire.

Don't touch the principal; leave that to your kids so they can be considered "old money" when they grow up.


Slashdot Top Deals

Parkinson's Law: Work expands to fill the time alloted it.