Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Comment Re: GoDaddy is HORRIBLE. (Score 1) 33

"But outside EV certificates everyone should be using Let's Encrypt certificates. They are trivial to install, secure and renewals can be fully automated. On top of all that they are free. Anyone buying non-EV certificates is neither cost conscious nor values the time of their IT staff."

There are other low-maintenance ways to get certificates, and they don't require you to put all of your trust in one organisation who has no obligations to you.

For all internal uses, we use an internal CA that will automatically renew renewal requests signed by the key of a currently-valid but almost-expiring cert, and an scep client run from cron that will check all certs and enroll for renewals (as well as enroll for the initial cert).

For public certs the certs we renewed before letsencrypt went live are still valid, so for non-security-critical ones we may consider letsencrypt a month or two before those certs expire.

Comment Re: a singular bully or several? (Score 1) 427

The confusion stems from the fact that a lot of the text comes from a definition of the term gaslighting from the linked blog post:

"Gaslighting occurs at the workplace in the form of bullies unscheduling things youâ(TM)ve scheduled, misplacing files and other items that you are working on and co-workers micro-managing you and being particularly critical of what you do and keeping it under their surveillance. They are watching you too much, implying or blatantly saying that you are doing things wrong when, in fact, you are not. As you can see, this is a competitive maneuver, a way of making you look bad so that they look good;"

So, the only behaviour listed that isn't from the blog post is the supposed over-critical code review.

I can't see that there is any evidence either way between:
- the submitter really is competent and the code criticism is unwarranted
- this is the submitters first real job and the first real (valid) criticism he has received, and doesn't know how to deal with it

Comment Re:Why bother with the machines? (Score 1) 732

Except for the zero proof that the RNC was hacked and repeated denials from the RNC chair that the RNC was hacked.

Two things:
1) The party you hacked to lose the election is the party that you WANT people to know was hacked. Common knowledge of the hack results in dramatically improved credibility of the released information attained in the hack.
2) The party that you want to blackmail is the party that you want the hack to be a secret. The more secretive you can be about blackmail, the more effective it is. Also, if the RNC is being blackmailed due to a hack, would you expect them to announce that to the world!?

Of course, even worrying about the RNC being blackmailed is a waste of time if the president-elect is already compromised by the Russkiy's, something we will know as soon as he follows through with his promise to release his taxes (along with getting Mexico to pay for the wall and bringing back coal. . . in other words, don't hold your breath. . .)

Comment Re:Why bother with the machines? (Score 1) 732

. . . there is the possibility it is being used to tamper with the lawmakers. . .

1) Hack BOTH parties A & B during an election
2) Use hack of party A to help party B win
3) Use hack of party B to blackmail party B after they come into power
4) . . .
5) Pribyl'!

Comment Re: What percentage? (Score 1) 280

"And you'll have to buy a VM offering like VMware which can help you load balance across your servers, so factor in that cost as well."

What, Hyper-V can't do this yet?

Well, then just run ovirt (on say CentOS or maybe even Ubuntu or Debian), the open-source version of Red Hat Enterprise Virtualisation, which has about the same functionality as vSphere Enterprise (but not quite vSphere Enterprise Plus).

Comment Re: "that I'm aware of" (Score 2) 280

"Where is the evidence for your claim? My experience with my Windows 7 -> Windows 10 upgrade was such that there was a nagware screen from the system tray that afforded me the option to upgrade or not upgrade."

Really, you didn't see all the stories about complaints from users whose Windows 7 devices can't run Windows 10 adequately and got upgraded without ever actively opting in, or in some cases without any notification except being greeted with a Windows 10 login screen, or worse.

Here is an example article of how that dialog you saw changed when Microsoft wasn't satisfied with the slow adoption of Windows 10:


That was the first links from googling obvious search terms ...

Comment Re: My internet died... (Score 1) 119

"Anyway, my internet was down until the next morning and even then, it still required a cable modem reset to fix the connection."

Some network equipment vendors sent out field notices about 2 weeks in advance of the leap second, recommending operators to use leap-second smearing (as implemented in chronyd for example) if they had affected versions of network device firmware deployed that could crash as a result.

(We didn't have affected versions deployed, and it would have been non-trivial - at this time of year - to get all our NTP servers upgraded. It't not recommended to use non-smearing and smearing NTP sources on the same device)

Comment Re: Consumer Reports I trust more than Apple (Score 1) 268

"Well, considering there as less than a WEEK between CR's Review and their alleged refusal to Retest, no one should be surprised that Apple hasn't released a patch yet."

All we have to go on at the moment us this statement from TFA:

"In this case, we donâ(TM)t believe re-running the tests are warranted"

We have to assume the use of present tense in this statement has some purpose. Since Apple has (at present) done nothing to address the problem, there is (at present) no justifiable reason to re-test.

Maybe, if Apple finds and fixes the cause, there would be a reason, and then we would have to see what CR says/does. But, they didn't say they would *never* re-test, as you seem to be implying. If you want to maintain that stance, provide a quote that unambiguously supports it.

Otherwise, I don't understand your line of reasoning, as you seem to believe the following:
1) CRs testing methodology is adequate (you haven't contested this)
2) Apple hasn't done anything to address the problem (sure, there hasn't been much time)
3) It is unlikely the outcome will be different (the consequence of (1) and (2))
4)CR should still repeat the test anyway (maybe "because Apple")? But, that would imply that they are no longer independant.

So, you are either:
- incapable of basic logic
- a troll
- an apple fan-boy

Comment Re: So now, they're digging in their heels? (Score 1) 268

"But what about if Apple just codes to fix the issue, instead?"

Then they should:
- push out an update to all affected devices
- thank CR for finding the issue
- hope CR considers re-testing at their own discretion using the publicly-available update

But, they don't even seem to know what the real cause is yet, and AFAik haven't indicated that they have a fix yet.

Comment Re: Seems overwrought to me (Score 1) 268

"I have a brand new Dell laptop for work, and a brand new Macbook Pro for home."

"Brand-new Macbook Pro" refers to one model in like 4 available configuration all costing over $1200. "Brand-new Dell laptop" refers to about 7 models in 50 configurations costing anywhere from $300.

What model Dell was it? A comparable one?

Slashdot Top Deals

Usage: fortune -P [-f] -a [xsz] Q: file [rKe9] -v6[+] file1 ...