Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Comment Re:Good! (Score 1) 230

You might get an email, but that just tells you that they think it will be delivered that day, not that it will. Besides, what are you going to do, bring a chair to the utility room and camp out waiting for them to deliver a package? Even if you check a few times on that day, you still won't see it for three or four hours, and that's still bad.

Comment Re:Doubtful (Score 1) 230

They don't need planes for the vast majority of their deliveries. Amazon has distribution centers in 21 states, within 20 minutes of something like 30% of the population, and within plausible single-day delivery range of probably the majority of the population. So for products that are frequently ordered (and thus are stocked at every depot), they can deliver to almost everyone on the same day by truck, or rent a few small warehouses in a few places and deliver the next day to probably 80–90% of the U.S. population.

Sure, they'll still rely on UPS/FedEx/OnTrac for deliveries that involve distribution centers in other parts of the country, or for deliveries out into the boonies, but that makes up only a small percentage of their deliveries. And for the ones that don't require all of that, there's no real advantage to using a third-party trucking service over doing it in-house.

Comment Re:USPS (Score 1) 230

The "free two day shipping" I get from Prime is "two day by 8PM". Do you know your mailman delivers as late as 8PM? I know they don't here, and neither does UPS or FedEx.

As I understand it, you'll get packages at 8 if you're near a depot, if you're in a city with lots of businesses, or if your calendar says "December".

Even in your area, they probably deliver things late around the holidays. There's a period around Christmas where the package delivery services hire lots of extra temp employees to handle the extra load, and the delivery hours tend to get extended as a result. I think I even remember seeing one of the carriers in my neighborhood after 8 on occasion.

Also, if you're close to a FedEx or UPS depot, they'll do runs even later. Their depots are both within half a mile of the edge of my neighborhood, so every FedEx and UPS truck in the South Bay literally comes around the back side of my neighborhood when they get off the freeway an exit early to avoid the last two miles of parking lot on the 101.

As a result, I routinely see FedEx and UPS out at six or seven at night making their rounds as they work their way back to the depot at the end of the day, and I've seen multiple trucks doing deliveries here—presumably because they know that they can just toss our packages onto pretty much any truck that goes out that day, and it will be close enough to their route to not be a problem. :-)

Finally, if you have a lot of businesses nearby, they'll deliver your packages after hours. They have to get all of their business deliveries finished by 5:00 (or maybe 4:00, I forget), which means that home deliveries usually happen either early in the morning or in the evening.

As always, YMMV.

Comment Re:Good! (Score 1) 230

I keep having trouble with carriers leaving packages on Saturday and not bothering to ring the doorbell, then going out to church Sunday morning and finding them. I guess that because no other houses in my neighborhood have a doorbell there, they don't bother to look.

The irony, of course, is that package carriers are the main reason I installed a doorbell on that door in the first place.

Comment Re:Good! (Score 1) 230

They both tend to leave random packages on my porch that don't belong to me, as does OnTrac (the other shipper that Amazon seems to use here). Basically, my neighborhood doesn't have consecutive numbering, thanks to me being on a section of street that was added between two existing sections of street, so every time any of the carriers gets a new driver, I end up with packages for the house with a number one below mine, which is approximately half a mile away.

When they do this, it often takes multiple calls over multiple days to get the package removed. One time I got lucky and was able to chase down another FedEx driver who happened to drive by just as I got cut off while on hold with FedEx to call them to pick up a perishable overnight package of food, but the median redelivery time is at least two or three days.

Thus far, they haven't lost any of my packages yet, which could be because the house number below mine is at the end of the road, or maybe it is just just lucky timing. That said, now that I'm employed at a company big enough to have its own shipping and receiving department again, I should really go back to getting all my packages at work. It is just a lot more reliable, in my experience. :-)

Comment Re:Good! (Score 2) 230

I've got a ton of free stuff from Amazon because they keep using Dynamex.

I just call and complain and I get anything from $10 credit to a refund for everything I ordered + the OK to keep it when it arrives.

Literally, every single time Dynamex was used they screwed it up. Same day turning in to 3 or 4 days, saying they delivered the item at 8pm (and I'm on the phone with Amazon saying it wasn't delivered when they show up at 11pm delivering) to not delivering at all (I have a security cam and was able to prove no delivery attempt was made).

Comment Re:The most most seriously needed LEO database (Score 3, Insightful) 181

I get, and to a certain extent agree with your premise that the newsworthy cases of police brutality are most certainly the exception and not the rule, there are two parts of your post with which I shall formally rebut:

While it is true that there are a few officers that deserve jail time (and the do get it most of the time) 99.99% of the LEOs our there are the good guys. They go out every day with a target painted on their back to protect the rest of us for crap pay. I am fine if they want to make sure their neighbors/acquaintances/dates don't have drug or assault convictions. Using that information to blackmail is different, but just having the information is fine as long as they are responsible with it.

I think the 99.99% figure is exaggerated, but I'll roll with it for the moment. I don't get to check if my date has an assault conviction. Just because the police office is in a place where such information is readily accessible doesn't mean that they are allowed to just use it for whatever they want. As an IT/support tech, I have remote access and admin passwords to dozens of servers for dozens of companies. Only once have I ever used one of my clients' servers for personal use, and that was to demonstrate a particular piece of software for a friend of mine, with explicit consent of the owner of that server. LEOs don't sign up to be LEOs with the promise of a $250,000 salary and then realize it's between $40K and 70K a year. That information is abundantly clear long before they ever step foot in the police academy. Access to my confidential data is not penance for making less money than a doctor or lawyer. Even if you are okay with it (as is your right), I am not. The question is which one of us should be able to impose our feelings upon the other.

The second issue I have is with this part...

Put yourself in their shoes. [snip] You have no clue if he just murdered his girlfriend, has $5M in heroine in the trunk, is off his meds or is high out of his gourd.

Nope. But the foundation of everything LEOs are required to uphold is summed up in the following sentence: Innocent until proven guilty. Maybe he did just murder his girlfriend...but unless there's a dead body in the front seat, he didn't. Maybe he's got $5M of heroin in his trunk...but until there's probable cause to search the vehicle, he doesn't. Maybe he is indeed high...that will become bleeding obvious in about 30 seconds of interaction.

If he is not obeying orders and is putting his hands in places where a weapon might be concealed, you have a very reasonable fear for your life. So while not 100% of police shootings are justified, you are a sociopath if you can't at least empathize with the people in our society who put their lives in danger to protect us from the criminal element.

My level of empathy is strenuous at best, for two reasons. First, if the job is too hard, quit. It's not hard to stop being a police officer. There is no shame in saying, "being a competent police officer is too hard for me". It is a tough job, but the difficulties of that job are no secret. If someone signs up to be a police officer, they are signing up to carry a gun that they will hopefully never have to use, but are lawfully authorized to use far more liberally than the average citizen. With that authority should come accountability...and the perceived lack of said accountability is the root of the challenges at hand.

Comment Re:How do IoT manufacturers... (Score 1) 114

Only for an hour, though I guess you could send a new blocking request every 45 minutes.

It would also let me block those idiots who keep trying to sign in to my servers via SSH. You'd think that when they send the original request (for authentication-free login) and the server says that it only accepts private key authentication, they wouldn't send thousands of password-based login attempts, but apparently the people who write those bots don't understand the SSH protocol very well, or else they just like wasting my bandwidth.

And I do periodically block them with filtering rules manually when I notice them, but I don't have time to scan the logs constantly, and they shift IPs often enough to make that problematic. But if I could make it so that the first password-based auth from an IP caused their attacks to immediately get blocked at their own edge router for an hour, it would be worth writing a log scanner.

Even better, ISPs could monitor their networks for those packets, and if a customer keeps getting blocked, they could contact the customer.

Comment Re:How do IoT manufacturers... (Score 1) 114

Actually, now that I think about it, I did forget to mention one small bit of the protocol. Each router that passes on the original request should immediately ACK the request to the previous router so that the previous router knows that it does not need to handle the blocking itself. It should then sent it towards the attacker's IP, and if it does not get an ACK from any router that's closer to the attacker in a timely manner, it should handle the blocking request itself and send back a confirmation request to the original IP address. It should then presumably reject any blocking confirmation requests that come later from closer to the attacker's IP, because they are redundant at that point.

This ensures that only the last router that supports blocking sends a confirmation request to the original server. Otherwise, you could cause a huge amplification attack by causing every hop in the route to ask the original server for confirmation. :-)

There's still a risk of abuse if somebody is able to inject and sniff arbitrary packets between the user and the server by being able to receive the confirmation request and respond to it, but if they can do that, they can also inject RST packets, so I'm not convinced that's an interesting edge case to worry about.

Comment Re:How do IoT manufacturers... (Score 1) 114

Except that what I described is carefully designed to make abuse almost impossible. Any fake blocks are removed almost immediately, and unless the server is actively being DDoSed, assuming it supports the protocol, such removal causes at most one additional packet to get sent in each direction, which means there's no amplification if the server supports the protocol, ignoring situations where packet loss causes a retry.

If the server doesn't support the protocol, there's typically only a 2x amplification (one confirmation request + 1 ping packet). That's a slight amplification, but nothing to write home about.

And the only situation where the block actually stays put is if the server is under DDoS, which is exactly when you would want it to stay put. In that case, a request to block an IP results in getting up to five packets back, but then that IP's traffic never reaches your server for a period of at least an hour (or longer if your server sends out a new packet to extend the block), which should be a huge net win.

But if you see something that I'm missing, feel free to suggest a better design that protects against additional forms of abuse.

Comment Re:Which is cool... (Score 1) 141

The encryption key for all Blu-Ray discs is already well known. There's not a blacklist for discs. There's a blacklist for player keys that can make your player useless for all new discs until you update the firmware to get a new key, but AFAIK, there's no blacklist for discs. There's no rational reason for such a thing to exist.

Slashdot Top Deals

!07/11 PDP a ni deppart m'I !pleH

Working...