Become a fan of Slashdot on Facebook


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 Internet speed test! ×

Comment Re:OS X users? (Score 1) 75

It does not affect Mac OS X.

WPAD is used to lookup the server that then supplies the proxy auto config file (proxy.pac).

On Mac OS X, under System Preferences, Network, Advanced, Auto Proxy Configuration.
You would have to type in the location manually, rather than the system using WPAD to attempt to locate it by itself.

So, Mac OS X is not vulnerable to this.

Comment Re:Common? (Score 1) 348

With PCI you'd still need a host firewall. Daft but thats just how the "tickbox auditing" happens.

We have a DB host connected via FICON to the mainframe, and the DB box only has a FICON adaptor and the cable goes from mainframe => DB, not even via a switch.

We still needed a host firewall to comply with PCI and it wasn't worth arguing over that it was pointless, we did it anyhow. Admitted we are a large financial services company, but the rules apply across the board.

Comment Re:Duh... (Score 1) 265

To be honest, if my son was kidnapped, I'd do everything I possibly could to find him.

Anyone that says "You call your lawyer first", cannot possibly have children, or if they do, really need their priority sorting out!

Only thing that matters is finding your kid as fast as physically possible. If that means the police/FBI/whoever want to strip-search me to prove I had nothing to do with it, or search my house or whatever, I wouldn't care. Do whatever and however it takes to find my kid!

And I'm so, so sorry you and your family had to go through that. Holy cow, I cannot even begin to think how hard that must be.

Comment Re:Translation (Score 1) 589

Thats weird, because I work for a FTSE 100 financial services company and we had a few little issues when nearly 72,000 members of the public attempted to use our online services at the same time, when our usual concurrent volume is around 4,500.

We planned for a "worse-case" of 50,000 concurrent trades, but our system DDOS-ed itself at around 71,000 (gotta love fast-switch cluster failover, and back, and over, and back... Oracle FTW!!!)

Anyhow, before we could even think to phone Oracle and shout that our newest 1.2 million pound server wasn't handling particularly well, the head of Oracle UK phoned /us/ and offered us a team of their best engineers to help get us fixed.

I'd have thought we'd be smaller than a US gov agency, but hey ho, Oracle (plus Cisco, Juniper and EMC) parachuted people straight in, nothing too much to help.

Admittedly now we have bought a lot more kit, but they weren't to know that we'd do that considering the failure.

Comment Heartbleed not fixed in 5.5 by default (Score 0) 128

Just an FYI, heartbleed is not fixed in 5.5 without extra (source) patches.


  002: SECURITY FIX: April 8, 2014 All architectures
Missing bounds checking in OpenSSL's implementation of the TLS/DTLS heartbeat extension (RFC6520) which can result in a leak of memory contents.
A source code patch exists which remedies this problem.

Comment Re:sales tax is always on the FULL PRICE (Score 1) 330

Amazon certainly do get that "luxury" as its how they are currently screwing over people in the UK for VAT on ebooks.

Amazon collect VAT from UK residents for ebooks, however as they are "based" in Luxembourg they remit a VAT rate of ZERO, so the VAT they collect is pure profit.

Slashdot Top Deals

Refreshed by a brief blackout, I got to my feet and went next door. -- Martin Amis, _Money_