Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Comment Re:"it was her turn" (Score 2) 332

It should have been a crowded field like 2008.

Because a crowded field did so well for us on the other side of the ballot? Both parties are their own worst enemy (and our's too). Nothing will change, however, without some serious reform (breaking up the 2 party system, term limits, killing the PACs and super PACs, etc..), but contrary to his campaigning Trump will not do any of that.

I agree with your general sentiment though. It was clear very early on that hell or high water, HRC was going to be their nominee. The Dems made it blatantly clear this time that there is indeed a ruling class in this country and we are just supposed to suck it up. It's clear the Reps also think that way too, but they were at least smart enough to not make it as obvious and even dropped Jeb when they realized that nepotism and dynasties weren't going to fly.

I'm not pleased that we got Trump, but I am estatic we didn't get HRC. Hopefully in the next 4 years either her health will have declined to make another run impossible or the Dems will have wised up and kicked her ass to the curb.

Comment Re:Best solution I ever heard (Score 1) 209

We already have the ability to do all that anyway. Somebody forces you to use your phone to take a picture. You may counter that taking a picture in a voting place is illegal, but so is vote selling and coercion.

But there are people in the polling place watching for you to be doing something like that. During the primaries I got chewed out by the staff in my polling place because I pulled my phone out to check a text message. So they are (or are supposed to be) watching for that kind of stuff and doing something about about it.

Hell, I vote by mail. How is there any proof my employer or whoever didn't force me to sign up to vote by mail, then supervise me as I filled out my ballot?

Very true and one of the many reasons I disagree with mail in ballots. They serve a valid purpose, but are far too over used by people that were never meant to use them. Counties should have "early" voting stations open for maybe a month or two (and not for just a day or two, the whole time the office is open) prior to the election so that people (who can prove) that won't be there on the actual day can cast their votes. Mail in ballots should only be available for those that can prove that they will not be able to show up on election day or any of the early voting days (e.g. working overseas).

Of course along with that is that they also need to have voting stations (on election day) setup properly so we don't get these ridiculous lines that take hours or worse to get through.

Comment Re: Best solution I ever heard (Score 1) 209

This is kinda an asinine criticism about electronic voting. There's all sorts of illegal things your boss can do. It's up to you to turn him in to the police, same as you would if he was committing any other federal crime.

Actually it's a very real outcome. Most companies are very easy to figure out how they lean. So with a receipt they will require you to prove you voted by showing it to them. Then while they can't outright terminate you then and there without opening themselves to a legal mess, you can certainly expect to see yourself getting worse jobs, lower bonuses/raises, not getting promotions, higher on the list for layoffs, etc..

That kind of stuff was done before and is what led to all the voter protection laws that we have in place. Take the laws away and we will devolve back to that stuff in fairly short order, especially as long as the political climate remains this contentious and ugly.

Comment Re:Best solution I ever heard (Score 1) 209

Instant voter fraud protection because if your vote mysteriously goes from Clinton to Trump or vice versa

Vote swapping is far from the only type of voter fraud out there and this wouldn't address the others.

It also gives rise to voter intimidation. Currently there is the one copy of the vote and the voter is the only person that actually knows who they voted for. So if someone is intimidating them to vote one way or another, they can still vote as they want and tell the intimidator whatever they want to hear. Add in receipts and not the intimidator can verify that they voted as directed and take action if they didn't. It's no different that the idiots wanting to strike down the laws about taking pictures of your marked ballot.

Comment Re:Thanks, *hats (Score 1) 80

Security is an ever evolving moving target. What is deemed secure today may very well become insecure tomorrow.

While I agree with you on this point, you aren't looking far enough at the problem.

The real problem is the number of these devices that never see updates/patches from the vendor. This plays out in two ways. The first being that the vendor never patches anything and the second is while they do, they don't make it simple for the average user to A) find out about the update and B) install it.

The other problem we have is that security is not a selling point for the average user. They pay attention to the bling, so even if there was somewhere you could go to get honest and up to date security reviews on products before you buy them, most people wouldn't. While I am no fan of government regulations (due to how they instituted and implemented in highly politicized manners), this is something where the world could benefit.

In the later regard I view it much like vehicle emissions. The majority of people just don't care and even many of the ones that do don't understand how wrong they are on the facts. As such it is valuable for governments to step in with clear and impartial (it's Monday, everyone needs a good laugh to start the week) requirements that manufactures must meet before their cars can be sold.

Something similar should be in place for network connected devices to force companies to be better actors. Otherwise, as in every other industry to date, corners will be cut on consumer/environmental safety since such enhancements will generate little if any revenue. It should not be left to the person that can't figure out how to connect their cable router who is also the same person that will think an Internet connected TV or fridge with built-in cameras are a good idea...

Comment Re: net6501 (Score 2) 247

Ubnt edgerouter

I'm a fan of their stuff so I recently picked one up to play with and use as a backup to my Juniper.

While the features are there actually configuring and using them is a PITA that is wrought with frustration if you have any experience with real enterprise level gear.

The biggest frustration for me was it's inability to load full structured (e.g. not a list of set commands) config files from a default configuration. The problem is that rather than wipe the existing config and apply the new one, it does it sequentially and not in a transaction. This causes problems when it realizes that you've deleted the default firewall, but it fails to remove it because an existing interface is still referencing it even though later in your config you change the settings for the interface and remove said reference. In such cases it also leaves the configuration in an odd state as some things get applied and other (even unrelated to errors) aren't.

After 2 months of fighting with it and still not being able to replicate my Juniper config I ended up dropping another $400 on a new Juniper to be my backup/dev router.

I like the idea of the Edgerouters, but they just aren't there yet. At least I'm only out $50 for it though. It certainly has a lot for $50!

Comment Re:NoSQL is amateur land. (Score 4, Informative) 96

The issue here really isn't SQL vs NoSQL. It's about securing the data and access. Lack of security is not inherent in NoSQL, it just occurs more often than SQL databases.

Well, I'd have to disagree here. If I install a MongoDB on some cloud VM using the default setup, I have an insecure database available on the internet. If I install Postgres, well... I can't even access the database remotely.

Ummm, unless something has changed recently the respective "createdb" tools for both MySQL and Postgres make it very simple to start up a new DB with an open root account and listening on an IP.

I agree with your general view on NoSQL and who tends to use it, but it's the ones using it that are the problem here and not the software itself. The only argument against NoSQL/Mongo here is that it is shocking in this day and age for any server to allow un-authed access. That can be applied to many server software packages though including OSS SQL DBs.

What this is really a symptom of is the people with no real experience that are just about "getting the job done" rather than understanding the actual problem and the potential risks. I don't know how many times I've seen cases in my career where the first sign of communication issues causes people to start tearing down the security barriers. Most of the time the real problem was a minor config issue (going over the wrong interface, missing host to host ACL, listening on the wrong port, etc..), but the damage done to "just get it working" is rarely ever fixed.

Comment Re:I'm not sure I understand (Score 1) 146

Give the users some kind of feedback to know that SHA1 is being used by the site and that they should maybe get their shit together, but whether or not support is dropped should be up to the site administrator.

Cause that works so well for the existing "connection may not be secure" messages that the average person doesn't understand so they blindly continue on.

What I don't understand is that it is the browsers removing the access. If a website really wants to support the old clients/ciphers they are still free to do so.

What it really seems to be is that this will force some lazy sites to update their certs to not support only SHA-1. If so then they need to shut the hell up and protect their customers.

Comment Re:Where did I see this?.... Better Call Saul (Score 1) 503

Unfortunately, tell people their disease is mental, not physical and they are insulted and rage. When in fact mental diseases are real and certainly FEEL real to the person suffering from them. I find it far more likely that our brain can suffer from "idea viruses" that it takes far too seriously, than somehow our body is reacting to radio waves, when those same waves are, and have always been, present from our favorite daystar (and to a much lesser degree, all the other daystars shining at us).

You aren't accounting for the long history of things that have been attributed to being in someone's mind that later get shown to be real issues. We shouldn't turn off all electronic devices, but more study is certainly worthwhile.

From my own experience I know I can see fluorescent lights flickering when others around me can't and I used to be able to see refresh "lines" of CRTs when others couldn't. There are also cases where I have detected "noise" from electronics that others couldn't. In all such cases it turned out that the item in question was failing and I just happened to be able to sense/see/hear it sooner than others. From my own non-empirical study it seems that those that have a higher sensitivity to such things also show a propensity for regular migraines.

I've never felt the need to kill myself over it though or demand the rest of the world return to the stone age.

Comment Re:Not justified (Score 2) 137

That's not an adequate justification for forcing ISPs to expend substantial resources

Substantial resources? Seriously? That's a basic shell script to run a bunch of DNS resolutions and then add the addresses into an existing Firewall drop policy. That's sys/net management 100 level stuff.

If you are a bad admin you have to run the script on each Firewall. If you are a good one you have a central place to update such policies that can then be pushed out as desired.

If you are expending "significant" resources on such a task, you are doing it wrong. Seriously wrong.

Note: I'm not defending what they want to do, just pointing out that your anti-justification is ludicrous.

Comment Re:National level? (Score 1) 171

A better question is, Who thinks asteroid mining is economically feasible to the extent that they needed a law regarding property rights for it?

Ones that are far thinking enough to realize that they can get such laws passed now while both the law makers and general public A) are ignorant of the impact and B) aren't interested enough to care.

This isn't about anyone doing anything now, it's prospecting for the future.

Comment Re:How can there be? (Score 5, Insightful) 622

I'm not sure why people have been clinging onto these ideals of "unlimited data."

Maybe because the tiered plans they offer as an alternative are ridiculous?

All these plan switches I've looked into offer a couple cheap options with ridiculously low caps then some larger (which still aren't always enough) plans for a non-comparative increased price. Often you find that the plan that would fit your needs is more expensive than what you are already paying for the unlimited plan. Finally if you end up going over the plan cap, the overage charges are obscene.

Then factor in if your usage isn't predictable and can swing by 50% or more each month you then start talking about wasted money (paying for a big enough plan to cover your "bad months") or are getting screwed by the overages on the months you run high.

This push for caps has nothing to do with any small subset of user's usage outside of the PR spin. It is all about getting us to pay them more money either upfront (too big of a plan) or after the fact (picking too small of a plan and then getting hit with overages with no effective warning or way to prevent it). If this was really about resources they would automatically throttle you after a certain point or these would be hard caps that cut you off until you took action (e.g. upped the limit) rather than just start adding dollar signs to your account. I have also yet to see one that offers easy to use/find tools that let you control what happens as you approach and hit the cap (e.g. notifications, throttle the bandwidth, cut it off) and that's the biggest indicator that this stuff is just to line their pockets while emptying yours.

You also have to ask just how many residential users have any idea how much data they are consuming on regularly basis?

Comment Re:These folks know nothing of science. (Score 1) 248

They understand science, they just want to fully monetize it like they want to monetize/privatize everything. Their "ignorance" is willful. People like Ridley know that what they are saying is pure bunk, but as long as enough "journalists" and government officials believe him (or just use his nonsense as cover), the corporations looking to make a buck will lobby the crap out of Congress to defund the NIH and give the money to pharmaceutical companies instead. Industry does not invent things, they monetize the inventions of others.

Phama loves the government funding bio-tech research. Where do you think a good majority of pharmaceutical "innovation" comes from? They let the Government grants fund the research and take the risk. Then they come along, purchase the promising patents at a fraction of what it would have cost them for internal R&D, and then tack on a massive markup when it finally goes to market (you know, to cover their R&D costs...).

What Pharma wants defunded/neutered is the FDA so they can push more stuff through with less oversight.

Comment Re:Not a problem (Score 1) 161

So no, do traffic shaping by all means. It's a reasonable and proportionate approach to assuring quality of service. Just do it for all packets of that type.

Or they could always do something novel like not oversubscribe their service or build out their infrastructure to actually support what they are selling.

Traffic shaping at the local network level where the administrators actually know what type of traffic is important to them is fine. Shaping at the provider level is ridiculous as it will always unfairly hinder someone (why should your gaming/streaming/backups/pr0n/etc... be more important than whatever I am doing? Why should whatever I'm doing be more important than what you are doing?).

Maybe those things that have a low tolerance for latency should finally go back and deal with it like they should have to begin with. Our problems with network traffic are perfectly analogous to memory and storage foot prints of applications. There was a day when resources were finite both in availability and price, but as the resources became more readily available we collectively got lazy and just said "buy more resources". I'm not suggesting that we go back to living in a 300baud world, but there is also no reasons for services to blindly consume as much memory/disk/bandwidth as possible when they rarely actually need to if they put the effort in up front to design their systems better.

Slashdot Top Deals

I have never seen anything fill up a vacuum so fast and still suck. -- Rob Pike, on X.