Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Comment Heh, haven't heard that name in a while. (Score 1) 38

I used to follow some of what The Jester wrote. There are a number of people out there who think he's overrated, more brag than anything else. Still, I saw some pretty clever things out of him. For example, at one point he was going after some other hacking collective (I don't recall which one), and he announced a successful attack against them and posted a list of all of their names and real IP addresses. Only, the list wasn't real. Instead, anyone who tried to download the list had their connection logged and probed, an exploit used to trigger the computer to make a (real) TCP connection back to one of his computers, and a number of automated attacks launched against targets it considered particularly suspect (for example, if there was evidence of being logged into a known member twitter account). I.e., it wasn't actually a list of suspects, it was bait to build a list of suspects. I think he did the same trick with QR codes later.

Comment Re:Halfway There (Score 1) 287

Apparently I missed the part of this story where these manufacturers are trying to take your guns.

And on that subject, how many people have you guys turned out to the polls every time warning that the Democrats were with some imminent plan to take all your guns the second they take office? How did that turn out? Apparently I missed the massive seizure of privately owned weapons that you guys are constantly talking about.

Comment Re:Competing theories (Score 3) 308

Here's some past examples of True Pundit "journalism" for you.

  * Clinton secretly wearing mini stealth earbud to receive answers from her team during the debate

  * Clinton was using secret hand signals to tell Lester Holt what to say

  * Claims Clinton had a medical issue during the debate and Trump mouthed the word "Seizure"

  * Offers a $1m reward (as if a website like True Pundit has $1m) for Clinton's medical records, suggesting that she has "dementia, post-concussion syndrome, Parkinson’s disease, brain tumor, brain injury, complex partial seizures, and/or many more alleged ailments" and is followed by a doctor disguised as a Secret Service agent carrying an autoinjector of diazepam.

Comment Re: Wikileaks is a toxic organisation. (Score 3, Insightful) 308

Um, have you seen their Twitter feed lately? It's a nonstop feed of anti-Clinton propaganda, half of it retweets, a lot of the claims so bad that even Wikileaks supporters on the Wikileaks Reddit sub have been calling them out on it. It's morphed into Breitbart.

They're even repeating Trump's "rigged election" lines:

There is no US election. There is power consolidation. Rigged primary, rigged media and rigged 'pied piper' candidate drive consolidation.

Comment Re:First lesson (Score 4, Interesting) 132

I have two major beefs with IPV6. The first is that the end-point 2^48 switch address space wasn't well thought-through. Hey, wouldn't it be great if we didn't have to use NAT and give all of those IOT devices their own IPV6 address? Well... no actually, NAT does a pretty good job of obscuring the internal topology of the end-point network. Just having a statefull firewall and no NAT exposes the internal topology. Not such a good idea.

The second is that all the discovery protocols were left unencrypted and made complex enough to virtually guarantee a plethora of possible exploits. Some have been discovered and fixed, I guarantee there are many more in the wings. IPV4 security is a well known problem with well known solutions. IPV6 security is a different beast entirely.

Other problems including the excessively flexible protocol layering allowing for all sorts of encapsulation tricks (some of which have already been demonstrated), pasting on a 'mandatory' IPSEC without integration with a mandatory secure validation framework (making it worthless w/regards to generic applications being able to assert a packet-level secure connection), assumptions that the address space would be too big to scan (yah right... the hackers didn't get that memo my tcpdump tells me), not making use of MAC-layer features that would have improved local LAN security, if only a little. Also idiotically and arbitrarily blocking off a switch subspace, eating 48 bits for no good reason and trying to disallow routing within that space (which will soon have to be changed considering that number of people who want to have stateful *routers* to break up their sub-48-bit traffic and who have no desire whatsoever to treat those 48 bits as one big switched sub-space).

The list goes on. But now we are saddled with this pile, so we have to deal with it.


Comment Re:'Genuine' is how luxury brands protect themselv (Score 1) 190

Knockoff items are poorly made, badly insulated, and are a fire hazard. They often don't meet spec, so they don't perform as well.

If you want to make a knockoff item, Apple can't stop you, but they DO want to stop people from thinking they're buying Apple cables, which ARE tested and manufactured to a higher standard. Apple is presumably willing to stand behind their products and take the flak if they're bad (I had a laptop charger replaced under a recall), but they can't be expected to stand behind the product of someone else using their branding.

So the problem really is on Amazon's end, because they're the ones giving worldwide distribution and implicit authenticity to these fake products.

I've bought cables from Anker that were MFi certified, and they were cheaper than Apple's and just as good (maybe better? Time will tell). It's not that Apple doesn't let other people make cables, but they're expected to meet spec.

Anyway, your post is basically garbage. Yes, we all know that Apple is in some respects a Veblen good, but their products *do* actually have sufficient merit that ordinary people are willing to buy them.

Comment Flood defenses? (Score 5, Informative) 132

There is no flood defense possible for most businesses at the tail-end of the pipe. When an attacker pushes a terrabit/s at you and at all the routers in the path leading to you as well as other leafs that terminate at those routers, from 3 million different IP addresses from compromised IOT devices, your internet pipes are dead, no matter how much redundancy you have.

Only the biggest companies out there can handle these kinds of attacks. The backbone providers have some defenses, but it isn't as simple as just blocking a few IPs.


Comment Re:6.8 Billion (Score 1) 333

Yes. I've run numbers before. No, I'm not going to be bothered to do them again for a Slashdot chat on a thread that's rapidly becoming out of date. Feel free to do your own if you doubt me. Take a sampling of solar plants with a realistic capacity factor and a sampling of hydro plants with a realistic capacity factor, and compare. You'll need a broader sampling on hydro because solar thermal plants are "fairly" consistent (with the exception of compact linear fresnel plants, of which last I checked there was only one), while hydro reservoir sizes vary wildly for a given output.

Slashdot Top Deals

I'm a Lisp variable -- bind me!