Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 internet speed test! ×

Comment My kingdom for a competent editor! (Score 1) 189

So apple is charting a new path with their headphones... but what happens when a user loses a headphone or the battery dies? Perhaps they should have talked with someone familiar with their development.

Seriously... that summary is crap and made head spin trying to make sense of it.

Comment Re:site still down? (Score 3, Insightful) 149

Shouldn't the IP address be set to one of the attacking IP addresses, so the person/ISP with the compromised device has to deal with all that traffic? Collect the attacking IP addresses, find which ISP is the source of biggest share of them, and redirect the entire attack back at them.

And which one of the estimated 200,000 attacking IPs would you target with this? How would the ISP responsible for that IP know that the one IP was part of the problem when being hit with a DDOS from 199,999 other IPs not under their control? The correct response to criminal activity is not to continue the criminal activity.

Due to the fact that many of the nets abuse handling channels are ineffective (roughly half take no observable action in my experience), perhaps a more effective long term solution would be for the major CDNs, Google, Facebook, etc., to get together and work on notifying end users more directly. In this case, the CDNs/etc. could implement a shared/dynamic blocking list for those 200k IPs such that no content would be delivered, only an error message indicating that their equipment is compromised. The end user would still be free to use the internet and transmit traffic, but their favorite sites would be useless until they clean their equipment/submit a removal request. This provides direct pressure on the end user creating the problem, and by extension their ISP thru support desk calls, to clean up the compromised systems.

Comment Re:site still down? (Score 1) 149

Yeah... I had to flush our DNS servers last night. The problem was not that the host record was set to localhost, but that the SOA (Start of Authority) changed from Akimai to GoogleDomains. The old Akimai SOA had a multi-day expiration lifetime and the Akimai servers are still giving out a valid A record response of localhost with a 5min expiration. So until the SOA ages out of various name servers, it will remain unreachable for some.

Comment Re:While you're at it... (Score 1) 120

Upgrade callerID to use ANI or some other tech to prevent it from being spoofed or blocked; so we can find the bastards.

ANI would be awful to use as a callerID because it marks signals the calling service line billing number. When you have a PRI/DS3/etc service trunk, the ANI for all calls out is that service trunk number, even though you may have thousands of legitimate TNs/callerIDs on the trunk.

I run more than a dozen PBXs hanging off a DS3 and multiple PRI trunks, thousands of incoming TN destinations, plus a fee hundred more valid outgoing TNs (think local business offices, outgoing calls with callerID of corporate main or 800 number). The ANI for all these outgoing call is the billing number of the trunk the call goes out.... It represents the responsible billing/legal party for escalation, not the actual endpoint calling. Further... ANI can be spoofed as well. It is much harder to (generally requires an SS7 trunk, which smaller companies dontt generally have access too), but can be spoofed the same.

The problem is not callerID perse, it is that the telcos refuse to filter/identify/track ongoing fraudulent uses of callerID on their network. The telco can easily pull their internal call records, lookup the ANI and routing codes associated with an incoming call, and track that call back thru their systems to the source. We have had repeated problems with dead-air callers to 800 voice numbers (apparently fax spammers) that come in burts from rotating sets of valid but fraudulent callerIDs. (Over days/weeks I have been able to capture the list and then predict the next incoming fraudulent callerID). I have sat on the phone with telco techs as they ran thru my call log of fraudulent callerIDs and confirmed the call path/ANI did not match that of what the presented callerID would have... But the telcos seem to have a policy that they will not investigate or stop the activity until sued in a specific case.

Remove the exemption for charity and political fundraisers and pollsters. Remove the "existing relationship" loophole so that when you add your number the calls STOP unless you explicitly exempt them (And that exemption should be revocable.).

The charity/political exemption is not going away, that is a pipe dream... As for "existing relationships", you can already tell a caller to stop calling you and they must add you to their internal do-not-call list. What needs to be added to the "existing relationship" loophole is a specification that "existing relationship" only applies to existing services between you and the caller and specifically excludes the business or "partners" for calling in references to new services.

Remove the 31-day wait when a number is added (Seriously, WTF? I'm not buying a gun here. I don't need a cooling-off period.

It is not a cooling off period and the 31-day wait is not for your benefit. It is a time frame so the hundreds of thousands of users of the do-no-call list can update their systems (which they are required to do at least once every 30 days). Sorry if you believe this stuff magically happens "in the cloud" instantly... but not everything is instant. It takes actual time and manpower to cross-reference databases, build filtering rules, and upload data sets to equipment. Quality calling centers are updating their do-not-call list every week, smaller call centers every few weeks. Can you guess how often the fraudulent callerID callers update their do-not-call list?

But none of this really applies... In my experience, the vast majority of do-not-call list violations are already illegal to begin with. When you get a "Card Holder Services" call, it is never CHS, it is one of dozens/hundreds of different groups using the name and making fraudulent/criminal calls. As is the same for the "You have won a free cruise", "You have qualified to reduce/refinance your student loans", etc...

Comment Im confused... (Score 2) 80

which also identifies the top cities (two in Australia) for the searches -- Helsinki, Melbourne, Sydney, Brisbane, Singapore, Tel Aviv, and Seoul.

... Which of the two cities are in Australia; Melbourne, Sydney, or Brisbane? (The forum post, by the way, makes no mention of "two in Australia"). Hurray for editors!

Comment Re:Not twice as safe I feel (Score 1) 379

Wow.. I messed that up by picking the second worst and second best some how. worst case is 1 in 60.6 million miles (South Carolina), best case is 175.4 million miles (Massachusetts). These figures include fatalities of motorcyclist/bicylist/pedestrians as well as fatality injured drivers with blood alcohol content (BAC) >= 0.08.

Comment Re:Not twice as safe I feel (Score 1) 379

"the first known fatality in just over 130 million miles where Autopilot was activated," while a fatality happens once every 60 million miles worldwide..

It is quite disingenuous as it is comparing US high-end vehicle driver statistics with world-wide statistics including 3rd-world countries where driving can be borderline suicidal. As a quick comparison via Google. The Insurance Institute for Highway Safety reports as of 2014 (last year stats are available, including all vehicle types), there were 32,675 vehicle crash-related fatalities. By state, that ranges between one fatality in 68 million miles driven (South Dakota) and 161 million miles driven (Vermont), with an average of one fatality in 92.5 million miles traveled nation wide. So even the worst-case US example is better than the claimed fatality rate.

Comment In other words, exactly the right people? (Score 3, Informative) 128

The California State Patrol has arrested two people... instead of busting company executives and engineers that caused the leak, the CSP arrested protesters who had draped banners on the headquarters of the California Public Utilities Commission.

In other words, exactly the right people? On the one hand you have "company executives and engineers" that are responsible for the loss of control over an industrial process; which has been clearly documented, who are currently the subject of state and federal investigation, and which is sure to lead to fines and punishment to cost hundreds of millions of dollars. On the other hand you have a bunch of self-righteous protesters, with no understanding of the real facts of what it takes to provide for millions of lives, who trespassed and possibly defaced/damaged private property. The local authorities have dealt with the local violations. The state/federal authorities are dealing with the state/federal violations. In other words, exactly what is suppose to be happening.

Comment Re:How is a captive portal site different from AOL (Score 4, Informative) 99

How about:
(1) AOL was founded in 1983
AOL didn't offer Internet access until 1993, a couple of months after it started to offer Usenet access It spent a decade as a captive portal.
AOL was just like Prodigy, CompuServe, GEnie, and other services of it's day: You connected to a service through the public telephone network, and it was a subset of the information available, compared to what you'd get from an ISP, and advertisers had to pay for keywords.,

That is a bit of a revisionist history summary there... AOL was not an internet service provider or even "AOL" in 1983, it was platform attempting to sell a select set of products. And it did not call itself "the internet", for all intents and purposes "the internet" didn;t really exist before the very late 80's/early 90's outside of a very small community.

To quote Wikipedia:
AOL began in 1983, as a short-lived venture called Control Video Corporation (or CVC)... Its sole product was an online service called GameLine for the Atari 2600 video game console, after von Meister's idea of buying music on demand was rejected by Warner Bros... In May 1983... [CVC] was near bankruptcy.
On May 24, 1985, Quantum Computer Services... was founded by Jim Kimsey from the remnants of Control Video.... The service was unique from other online services as it used the computing power of the Commodore 64 and the Apple II rather than just a "dumb" terminal....From the beginning, AOL included online games in its mix of products; many classic and casual games were included in the original PlayNet software system. In the early years of AOL the company introduced many innovative online interactive titles and games October 1989, Quantum changed the service's name to America Online.

So again.. AOL in the early years was never an ISP, it was a service (gaming, not network) provider. AOL wasn't even AOL until 1989. Yes it was then a vendor platform, but it did not call itself the internet or claim to link the world, only to sell a select set of games. I remember first learning about "Hyper Text Linking" in about 1991 on Mac computers... it was this new thing to link documents on your local network. Almost no one then really had an understanding of the internet. If you wanted to communicate with someone across the country or the other side of the world, you dialed into your BBS and downloaded Usenet/mail.

In September 1993, AOL added USENET access to its features....AOL quickly surpassed GEnie, and by the mid-1990s, it passed Prodigy and CompuServe. By 1993, AOL was able to provide public Internet access for its Windows client users.

So AOL started providing "the internet" in 1993. I did not even have an ISP or "the internet" until around 1995. The early 1990s were when BBSes started to disappear/transform into actual internet service providers. The internet, a global set of services as we know it, simply didn't exist before that time. Again, Facebook is claiming to provide "the internet" with its India initiative, when it is really providing "select Facebook".

Comment Re:How is a captive portal site different from AOL (Score 4, Interesting) 99

How is a captive portal site different from AOL?

Because AOL was never a captive portal site. AOL was a portal site and used/sold "Keywords" on the portal page as a type of search engine to direct users to prefered endpoints. But there is/was nothing that prevented users from using Yahoo, AltaVista, Jeeves, or any other search engine, or typing destinations URLs in directly.

Facebook's India initiative is a captive portal. Useers can only use select Facebook services, or services approved/advertised by Facebook. Users can not go to any service/website or transmit any data to anything not approved by Facebook. Facebook's system is more analagous to the dial-up vendor/insular BBSes of the 80's which could only be accessed from terminals locked to particullar dial-up numbers and only allowed information within the same network. Yet Facebook claims to call their servicce "the internet".

Comment Re:fire! (Score 2) 54

It seems like it would be difficult to make a mostly paper product flame retardant.

Actually it is quite easy. Finely shredded paper is commonly used as a high-R value blown-in insulation for attics and wall cavities. The paper is treated with boric acid which acts as a flame retardant.

Comment Re:Clickbait... (Score 4, Informative) 45

I don't see anything that looks like affiliate info in that link. And you can copy/paste the URL into a new browser tab so there's no referrer info, either.

The submitter has submitted 24 stories over the course of the last year. Every single one of the stories links to atleast one of the same two domains, on the same subject... It is pretty obviously an affiliated/sock puppet account for an employee or marketing department.

Comment Motorola v190 series (Score 1) 313

I have had a couple Motorola v19x series for the better part of the last decade (v190, v195, v197). A fantastic dump phone if you want great battery life, great reception, and durability.

I have carried as many as 3 different phones at the same time... with a single exception, the v19x has always had signal where the others do not. Battery life is 10-14 days standby, 6-8 hours talk time. Actual numbers, not marketing baloney, I've been stuck inside a client building on a continuous 7 hour call before, debugging failed routers while talking to remote techs, while on a v195 with wired headset... the phone was still had battery life to go.

The only complaints are:
1) Battery replacements - after about 3-4 years of use the LiIon batteries swell and lose significant capacity. Most of the replacement batteries offered out there are actually 3-6 year old NOS which the seller won't tell you.
2) Several of the T-Mobile firmware versions suck, focused far more on trying to get you to buy ringtones/songs/crappy web access than concentrating on being a phone. The one I have currently is significantly less obnoxious.
3) Its now considered a long obsolete model and close to impossible to find new... Yet you can not find a single current phone that comes close in terms of battery life and signal quality.

Comment Re:A story for those who (Score 5, Informative) 128

A story for those who don't understand orders of magnitude?

As a former Californian, the magnitude scale goes something like this:
3.5 - Huh, what? When did that happen?
4.0 - Ehh, something moved slightly...
4.5 - Oh, I actually felt that one there.
5.0 - Heh, that actually qualifies as an earthquake.
5.5 - Oh boy, we are starting to shake pretty good. Stay away from the glass, this one might be a little rough.
6.0 - Find a doorway quick and hang on! This one will be rough.
6.5 - Oh crap, duck and cover! 20sec of destruction, 2 weeks of "The Big One is coming! Are you prepared? Will you die?!" news stories.
7.0 - Oh $h17!!! This one is going to hurt.
8.0 - Wait, what? You mean the Big One is real?

Scale +/-0.5 depending on where you are located in California (i.e. Bay area vs. Inland empire). A 4.0 ranks as barely noticable ...

Comment Re:4 Days? (Score 5, Insightful) 250

While the parent may be off a bit, the quoted article times are ridiculous unless you are counting "man hours" including transport to/from the railcar and stacking on a shelf. It is absurb to think that a single boxcar would be staged on a busy warehouse spur for 3 days of loading or that a modern palletised boxcar takes 3-4 hours to unload with a forklift/pallet jack (it takes about 30min or so).

Long ago I worked a Target dock unloading trucks by hand. Depending on the store volume and the season, that would mean unloading between 3000 and 10,000 cases from 53' trailers each night, 5 to 6 nights a week. Unlike Walmart and some other stores, Target merchandise all came stacked in the truck except for a few bulk items (kitty litter/etc.), it is individually bulk-broke from the warehouse to restock each item depending on the previous days sales. (A large case count on an incoming truck always made us groan as it probably meant lots of deodorant/hair products which come in small 6 count cases.)

A typical 6000 case trailer, including setup and teardown time, would take approximately 2 hours to unload. 2 people in the trailer placing boxes on a conveyor, 4 to 6 people pulling/sorting boxes off the conveyor and on to pallets for storarge or delivery to the floor. If you extrapolate that to a 13,000 piece count you get roughly 24 man-hours, or "3 days" assuming a single 8-hour shift.

Likewise, I also worked a different warehouse job forklift loading 53' trailers. If all of your stock is pre-staged on the dock it takes about 15min to load a trailer. If you are pulling every pallet from the racks and transporting it to the trailer individually it will take 1 to 1-1/2 hours plus. Again, extrapolating that to an 85' boxcar you get roughly 3-4 hours.

So.... the only way you get the articles quoted loading/unloading times is you are counting man-hours including transport/, not literal time as is implied.

Slashdot Top Deals

Quark! Quark! Beware the quantum duck!