Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
Get HideMyAss! VPN, PC Mag's Top 10 VPNs of 2016 for 55% off for a Limited Time ×

Comment Re: net6501 (Score 2) 247

Ubnt edgerouter

I'm a fan of their stuff so I recently picked one up to play with and use as a backup to my Juniper.

While the features are there actually configuring and using them is a PITA that is wrought with frustration if you have any experience with real enterprise level gear.

The biggest frustration for me was it's inability to load full structured (e.g. not a list of set commands) config files from a default configuration. The problem is that rather than wipe the existing config and apply the new one, it does it sequentially and not in a transaction. This causes problems when it realizes that you've deleted the default firewall, but it fails to remove it because an existing interface is still referencing it even though later in your config you change the settings for the interface and remove said reference. In such cases it also leaves the configuration in an odd state as some things get applied and other (even unrelated to errors) aren't.

After 2 months of fighting with it and still not being able to replicate my Juniper config I ended up dropping another $400 on a new Juniper to be my backup/dev router.

I like the idea of the Edgerouters, but they just aren't there yet. At least I'm only out $50 for it though. It certainly has a lot for $50!

Comment Re:NoSQL is amateur land. (Score 4, Informative) 96

The issue here really isn't SQL vs NoSQL. It's about securing the data and access. Lack of security is not inherent in NoSQL, it just occurs more often than SQL databases.

Well, I'd have to disagree here. If I install a MongoDB on some cloud VM using the default setup, I have an insecure database available on the internet. If I install Postgres, well... I can't even access the database remotely.

Ummm, unless something has changed recently the respective "createdb" tools for both MySQL and Postgres make it very simple to start up a new DB with an open root account and listening on an IP.

I agree with your general view on NoSQL and who tends to use it, but it's the ones using it that are the problem here and not the software itself. The only argument against NoSQL/Mongo here is that it is shocking in this day and age for any server to allow un-authed access. That can be applied to many server software packages though including OSS SQL DBs.

What this is really a symptom of is the people with no real experience that are just about "getting the job done" rather than understanding the actual problem and the potential risks. I don't know how many times I've seen cases in my career where the first sign of communication issues causes people to start tearing down the security barriers. Most of the time the real problem was a minor config issue (going over the wrong interface, missing host to host ACL, listening on the wrong port, etc..), but the damage done to "just get it working" is rarely ever fixed.

Comment Re:I'm not sure I understand (Score 1) 146

Give the users some kind of feedback to know that SHA1 is being used by the site and that they should maybe get their shit together, but whether or not support is dropped should be up to the site administrator.

Cause that works so well for the existing "connection may not be secure" messages that the average person doesn't understand so they blindly continue on.

What I don't understand is that it is the browsers removing the access. If a website really wants to support the old clients/ciphers they are still free to do so.

What it really seems to be is that this will force some lazy sites to update their certs to not support only SHA-1. If so then they need to shut the hell up and protect their customers.

Comment Re:Where did I see this?.... Better Call Saul (Score 1) 503

Unfortunately, tell people their disease is mental, not physical and they are insulted and rage. When in fact mental diseases are real and certainly FEEL real to the person suffering from them. I find it far more likely that our brain can suffer from "idea viruses" that it takes far too seriously, than somehow our body is reacting to radio waves, when those same waves are, and have always been, present from our favorite daystar (and to a much lesser degree, all the other daystars shining at us).

You aren't accounting for the long history of things that have been attributed to being in someone's mind that later get shown to be real issues. We shouldn't turn off all electronic devices, but more study is certainly worthwhile.

From my own experience I know I can see fluorescent lights flickering when others around me can't and I used to be able to see refresh "lines" of CRTs when others couldn't. There are also cases where I have detected "noise" from electronics that others couldn't. In all such cases it turned out that the item in question was failing and I just happened to be able to sense/see/hear it sooner than others. From my own non-empirical study it seems that those that have a higher sensitivity to such things also show a propensity for regular migraines.

I've never felt the need to kill myself over it though or demand the rest of the world return to the stone age.

Comment Re:Not justified (Score 2) 137

That's not an adequate justification for forcing ISPs to expend substantial resources

Substantial resources? Seriously? That's a basic shell script to run a bunch of DNS resolutions and then add the addresses into an existing Firewall drop policy. That's sys/net management 100 level stuff.

If you are a bad admin you have to run the script on each Firewall. If you are a good one you have a central place to update such policies that can then be pushed out as desired.

If you are expending "significant" resources on such a task, you are doing it wrong. Seriously wrong.

Note: I'm not defending what they want to do, just pointing out that your anti-justification is ludicrous.

Comment Re:National level? (Score 1) 171

A better question is, Who thinks asteroid mining is economically feasible to the extent that they needed a law regarding property rights for it?

Ones that are far thinking enough to realize that they can get such laws passed now while both the law makers and general public A) are ignorant of the impact and B) aren't interested enough to care.

This isn't about anyone doing anything now, it's prospecting for the future.

Comment Re:How can there be? (Score 5, Insightful) 622

I'm not sure why people have been clinging onto these ideals of "unlimited data."

Maybe because the tiered plans they offer as an alternative are ridiculous?

All these plan switches I've looked into offer a couple cheap options with ridiculously low caps then some larger (which still aren't always enough) plans for a non-comparative increased price. Often you find that the plan that would fit your needs is more expensive than what you are already paying for the unlimited plan. Finally if you end up going over the plan cap, the overage charges are obscene.

Then factor in if your usage isn't predictable and can swing by 50% or more each month you then start talking about wasted money (paying for a big enough plan to cover your "bad months") or are getting screwed by the overages on the months you run high.

This push for caps has nothing to do with any small subset of user's usage outside of the PR spin. It is all about getting us to pay them more money either upfront (too big of a plan) or after the fact (picking too small of a plan and then getting hit with overages with no effective warning or way to prevent it). If this was really about resources they would automatically throttle you after a certain point or these would be hard caps that cut you off until you took action (e.g. upped the limit) rather than just start adding dollar signs to your account. I have also yet to see one that offers easy to use/find tools that let you control what happens as you approach and hit the cap (e.g. notifications, throttle the bandwidth, cut it off) and that's the biggest indicator that this stuff is just to line their pockets while emptying yours.

You also have to ask just how many residential users have any idea how much data they are consuming on regularly basis?

Comment Re:These folks know nothing of science. (Score 1) 248

They understand science, they just want to fully monetize it like they want to monetize/privatize everything. Their "ignorance" is willful. People like Ridley know that what they are saying is pure bunk, but as long as enough "journalists" and government officials believe him (or just use his nonsense as cover), the corporations looking to make a buck will lobby the crap out of Congress to defund the NIH and give the money to pharmaceutical companies instead. Industry does not invent things, they monetize the inventions of others.

Phama loves the government funding bio-tech research. Where do you think a good majority of pharmaceutical "innovation" comes from? They let the Government grants fund the research and take the risk. Then they come along, purchase the promising patents at a fraction of what it would have cost them for internal R&D, and then tack on a massive markup when it finally goes to market (you know, to cover their R&D costs...).

What Pharma wants defunded/neutered is the FDA so they can push more stuff through with less oversight.

Comment Re:Not a problem (Score 1) 161

So no, do traffic shaping by all means. It's a reasonable and proportionate approach to assuring quality of service. Just do it for all packets of that type.

Or they could always do something novel like not oversubscribe their service or build out their infrastructure to actually support what they are selling.

Traffic shaping at the local network level where the administrators actually know what type of traffic is important to them is fine. Shaping at the provider level is ridiculous as it will always unfairly hinder someone (why should your gaming/streaming/backups/pr0n/etc... be more important than whatever I am doing? Why should whatever I'm doing be more important than what you are doing?).

Maybe those things that have a low tolerance for latency should finally go back and deal with it like they should have to begin with. Our problems with network traffic are perfectly analogous to memory and storage foot prints of applications. There was a day when resources were finite both in availability and price, but as the resources became more readily available we collectively got lazy and just said "buy more resources". I'm not suggesting that we go back to living in a 300baud world, but there is also no reasons for services to blindly consume as much memory/disk/bandwidth as possible when they rarely actually need to if they put the effort in up front to design their systems better.

Comment Re:rebuild or develop from scratch or... (Score 1) 146

Or, more likely, switch to FreeBSD and forget Linux ever existed.

This was along my line of thinking. Few are going to try to rebuild most of those things if they all of a sudden disappeared. They are simply going to another vendor that already offers a similar product.

There is certainly a cost to all of that and it would be painful, but I somehow suspect that the price of switching would be far less than their estimate. Well, unless you went to Oracle for everything...

Comment Re:Routers with VPN (Score 3, Insightful) 173

Just use a couple of small business routers with built in VPN. They do all of the different subnets and wireless and all of that stuff. They're a few hundred bucks each. http://www.cisco.com/c/en/us/p...

Ubiquiti has a small router with enterprise level features for less than $100. A site to site VPN and VLAN support are just a few of it's features and all you need to solve this problem.

I'm still running a Juniper SRX-210 at home, but I've been happy with the UniFi APs and EdgeSwitches I have from Ubiquiti so this little router is definitely on the short list when the time comes.

Comment Re:Oh Spare Me Please. (Score 2) 151

and I can always travel by other means if I don't want to be tracked (..., uber, ...)

Wait. What?!?

You don't follow the news much do you? Uber is seriously the wrong example to use about not having your movements tracked...

Talking about carrying your cell phone with the auto updating maps also doesn't really forward your desire to not have movement information about you tracked.

I agree with your general sentiment though. The belief companies have that this information that is inherently ours is somehow free for them to take is obscene. That they then believe that they have some right and obligation to profit from it should be criminal.

Slashdot Top Deals

Asynchronous inputs are at the root of our race problems. -- D. Winker and F. Prosser

Working...