Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror

Comment Re:Oh please (Score 1) 253

Honestly, it scares me that vanilla FTP is so widely used and the defacto way to transfers files for so many services. Its completely unencrypted.

Er, not everything needs to be encrypted. Having it as an option is great, but for non-sensitive data (e.g., source code that I'm already making available to the world) I'll take the protocol with the lower overhead.

Comment Re:Why? (Score 3, Insightful) 375

remember how they said that we'll all be using Netbooks??

Yep. This post it being written from one, and it's really rather nice. That said, I'm running Xubuntu, as Windows 7 crawled when I had it on here. MS really does need to remember how to make a lean, fast, and usable OS. Right now they've got market share, but the only way to keep that is to stay ahead of the game. As they say, complacency kills.

Comment Re:well, he might be right (Score 1) 643

Netbooks were killed by the simple fact that I can now get a full-size notebook for $350, so why would I want a DVD-less netbook for the same price?

Because it's half the size and the battery lasts longer. Though with Intel's crappy Atom chipsets perhaps the second part is no longer true.

Quite the contrary - I got one of the newish Atom netbooks (dual core), and its battery life is just perfect, provided I don't do anything really squirrelly, like sudo renice -19 -p $$ && sudo ionice -c 1 -p $$ && make -j12. At which point, I'd reasonably expect the battery life to drop on just about anything, given a complex enough code base.

Comment Re:C'mon Python Users tell us why (Score 1) 375

I cheat. I write python code that writes its own plain C code, compiles it then executes it. this way, I work once to write a C template, that I then reuse through a high level language. and when I combine the advantages of python (sympy for instance) with the speed of C, I get stuff that is ridiculously faster than what I did before. in the sense that I don't work a lot to write it, and I don't wait around a lot for it to actually run afterwards. working with numerical simulations, I'm allowed to cheat this way...

Might be a silly question, but have you given Cython a shot? It sounds like you're doing something very similar to what their project was built to do.

Comment Re:Like a zombie (Score 1) 375

Indeed, D2 looks amazing. And as I've said before, I love C++.

I'm curious as to how the C and C++ interop fronts are for D, though. I mean, one of the big reasons C++ hasn't gone away is the enormous amount of libraries written in it. Lua has Luabind, Python has Boost.Python ... how does one connect D to these marvelous wonders that keep us from diving head first into NIH syndrome?

Serious question - I haven't had a chance to look into it myself.

Comment Re:Like a zombie (Score 1) 375

Indeed. Add onto all of those the fact that, AFAIK, on Linux, completely static linking a project is damn near impossible.

If you know otherwise, please let me know. I love the hell out of the language (yes, yes, I'm insane) but this kind of shit kills me. Is it so much to ask, to want to be able to compile a program and simply drop it onto another machine, without having to worry about what version of the standard libraries that machine has installed?

I can understand the issue with network libraries - C has issues with those, as well. But for basic applications - a non-networked game, for instance - this sort of limitation is annoying.

Comment Re:Pity about the skills decline (Score 1) 539

just hook into a repository for your distro and let it do the work for you.

This works, until you find that the version of $LIBRARY available in your distribution's repo is old as dirt - and the unofficial ones floating around online aren't much better - and you want to write software that has the latest features, bug fixes, etc. Then it's back to compiling and dependency tracking... :D

Google

Submission + - Bing Becomes No.2 Search Engine Globally, Still at (statcounter.com)

suraj.sun writes: Bing Becomes No.2 Search Engine Globally, Still at 4.4%

Bing has overtook Yahoo for the first time worldwide in January and increased its lead in February according to web analytics company, StatCounter. Its research arm StatCounter Global Stats finds that globally Bing reached 4.37% in February ahead of Yahoo! at 3.93%. Both trail far behind Google's 89.94% of the global search engine market.

In the United States Yahoo! at 9.74% still retains its lead over Bing at 9.03%. Google's share in the US is 79.63%. In July 2009 Microsoft announced an agreement whereby Bing would power the Yahoo! search and it has been implemented in the US, Canada, Australia, Brazil and Mexico.

Statecounter: http://gs.statcounter.com/press/bing-overtakes-yahoo-globally-for-first-time

Comment Re:Clone my car! (Score 1) 500

But, because there is a large influx of semi-skilled people who think that the fact they installed Ubuntu on their PC at home makes them a sever admin

While I won't say that it does make them a server admin, everyone has to start somewhere, and a lot of schools these days leave out a lot when it comes to technology. A friend of mine graduated with a Comp Sci degree a few years ago, and had barely touched anything *nix at all. I think they might have had them log into an old RHEL VM and use pico, perhaps start and stop apache, but that was it. This isn't to say that he wasn't smart, it's just that they didn't teach him anything outside of VB.NET and (how it use it to work with) XML.

I've since met and worked with others who had similar experience, if you s/VB.NET/Java/

Not precisely what I'd consider a broad range of education.

Comment Re:Another Linux admin with a superiority complex. (Score 1) 705

- require https over http to devices, yet still have telnet access enabled.

I'm sure I have several devices on my network with telnet enabled. Why should I bother disabling it? I don't use it, so its vulnerability to password sniffing is irrelevant.

I'm curious as to why you wouldn't disable telnet on those devices, if you don't use it.

Comment Re:Persistent myth? (Score 1) 705

I had a test OSX server at my last job I was at. Pretty much closed all ports except for 80 and whatever port Apple RDP ran on (actually, I closed that down at first, oops, had take a macbook into the server room to fix that), then opened up ports as needed.

I'm sure you realize this now, but for the sake of anyone else reading this you could have saved yourself a trip to the server room had you left 22 open; most OSX services can stopped and started via command line, just like any other *nix. I could be wrong (I don't use Mac's often), but I think they stick them in /System/Library/CoreServices, or somewhere similar.

As far as not using sudo, I think it depends on what you're doing. For example, if you're just running a single command, it makes sense to sudo (e.g., editing /etc/hosts, restarting a service, etc), but if you're going to be working with root privileges for a while, it just makes more sense, and saves you some keystrokes, to use su.

Comment Re:And it's fucking irritating (Score 1) 321

YI have a choice to not watch.

You do... for now. I fear the day when people track our purchases closely enough to notice when we aren't buying DVDs or cable. It's a small logical jump to come to the conclusion that because we are not buying we must (obviously) be torrenting, instead. The jackboots will then be dispatched forthwith. Think it can't happen?

It won't happen as long as they're selling books.

Oh, damn.

Comment Re:Portability, not security (Score 1) 197

I'm not. Anyone familiar with medical records and computer security issues considers the security portions of HIPAA a joke.

The primary reason is that medical records are pretty much universally kept on MS Windows systems.

I guess I was lucky. Most of the medical software I've worked on has run on CentOS or RHEL systems.

There are several reasons why this makes data security a joke. The main one has been discussed here at /. several times: Windows has an automatic update feature, which you can turn off for "application" level software. However, it can't be turned off for "system" level software. MS has admitted that this has been true since XP. Their excuse is that kernel security issues are taken seriously, and updates are mandatory.

However, if you think about this for a few seconds, it obviously means that any time your Windows system is connected to the Internet, MS can silently install any new software they like. If your machine isn't reporting the contents of selected files to a .microsoft.com site now, it could be by the time you read this, and unless you're a real Windows security guru, you'd never suspect.

So if you're running Windows, you must assume that anyone who has "socially engineered" a connection at MS has access to all of your data.

And, less you think this is all spurious, you might look around in the records of the internet back in the 1990s when MS was first supplying systems with internet access. There are multiple reports of people getting curious about why their modem's lights were flickering when the machine was idle. Attaching a line monitor showed that the traffic was a list of the contents of the disk, being sent to a .microsoft.com address. The server on the other end could obviously also ask for the contents of files. This was ignored by the media and most managers, but it was noticed by the geeks among us with even minimal understanding of network security. Similar behavior has been reported for most releases of Windows.

This all has obvious application to HIPAA rules. My wife has worked with medical data for several decades now, at several employers. Every one of them worked exclusively on Windows systems. She has a Windows partition on her Mac "for work", and uses it a lot. She also has a work-supplied take-home Windows laptop. It's true that they use VPN to connect to the office computer systems. But this does nothing for the above issues. Since her Windows partition and laptop are connected to our home network, VPN just supplies an internet connection to her office machines, so their "silent upgrade" feature can work any time she's connected. This shoots down any claims that her office is protected from malicious sites (such as microsoft's ;-) by VPN. We've verified that both her Windows systems can easily access .microsoft.com web sites while connected via VPN, showing that there is a data path for MS's silent update software to work.

This is hardly a secret. We've discussed it here on /., and it's been discussed in lots of other forums. Microsoft has a clear and obvious silent path to any medical data stored on their systems, any time they have an internet connection, which is almost all medical systems in the US. Anyone who can bribe the right people at MS also has such access.

So the fact that HIPAA rules don't forbid the use of MS Windows makes those rules a joke. I'd bet that many medical records people understand all this. It should be no surprise that they treat HIPAA data security as a joke.

Oh, that's actually pretty simple. Block Microsoft's sites via firewall rules (not on a per-machine basis, that would be silly, but at the point of entry). You can still have machines outside of the network download all the security updates that a machine might need, put them on a DVD, and make that available to the workstations (via IT reps or whatever), but this way you control the flow of data.

It's interesting to consider non-MS systems in this light. Fully open-source systems are probably immune to such problems, since they'd be exposed fairly quickly. Apple systems are about half open-source, but most of the kernel and the UI have hidden source. Apple systems haven't been documented to have any behavior like those described above, so there's a good chance that such backdoors don't exist on Macs. But we can't prove this, because we aren't permitted access to the low-level source. Macs apparently don't do silent updates, but we can't prove that, either. Is there a way to either expose such backdoors or prove they don't exist on Macs?

Sure. Route the Mac's traffic through a device that's capable of inspecting the network traffic. If you don't have a decent router handy, any old box with a live linux distro would do.

Slashdot Top Deals

As a computer, I find your faith in technology amusing.

Working...