Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 internet speed test! ×

Comment Re:None (Score 1) 896

Pretty good advice, but the other thing is that you can't get free software to work reliably without multiple layers.

I have XP on my machine.
- Router has hardware based firewall enabled.
- Zone Alarm for outgoing firewall/app control.
- Adblock/Peer Guardian/etc
- Two virus scanners. Two malware scanners.
- Spybot
This all is free and it still only works ~80% of the time.
- Spyhunter (paid for this)
- One other professional app I paid for (no, not Norton or anything typical consumer junk)
The fact is that you need a professional AV and anti-malware/registry locker. The free ones are just not up to the task or updated days or weeks later than they need to be.

- Complete removal of the following from the OS down to the registry/core level:
1: Internet Explorer - my machine throws up "what application should I open this with?"
2: Remote Desktop/Remote Access
3: File Sharing (also remove the relevant parts from the TCP/IP connection)
Plus blocking of FTP and other remote protocols in and out of the machine. If I absolutely have to use it, I'll enable it for those few minutes.

It takes all of that to lock down XP. And that's only if I don't get online and hit a bad site on the web or something that I purposely get caught in.(note - torrent, password cracking, and Online Gaming gold/money sites are nearly 100% infected - avoid like the plague) Secondary are social networking sites and online gaming forums and the like.

Yes, this means you really should be using the net for work and a few specific applications you know are secure. Pretty much common sense. No AV in the world will help you if you start going to astalavista or other crack sites and start clicking links to various sites.

So... What to do?
Upgrading to Windows 7 or ditching it all and getting Apple/BSD or Linux makes a lot of sense if for no other reason than it's so new that the botnets haven't have time to adjust and are still going mostly after the biggest installed target group of users. They're not much more secure but they are a lot less likely to be targeted, which is something I guess...

It stinks but XP is going to be no longer supported at all in a couple of years, tops, and then the entire industry will abandon it and stop keeping the AV and firewall software as up to date. So changing now to something else is probably the best course of action if this really bothers you.
(myself I don't keep anything I can't replace on this machine so I don't care...)

Comment Re:Insanity (Score 1) 383

Education is exactly what you should do, I'm not denying that. But as it was with me (and most likely with you), these things will start to come up when you hit 14-16 years. I never had a talk about such things with my parents, but on the other hand we have those in schools at 7-9th grades. I never really made any big mistakes, I was with a same girl for my teenage years and little bit further and we did love each other, but it also meant things like sending those photos and whatever else.

But point being, you need to teach it before that age actually comes. It doesn't make any sense to interfere with it when it's happening, as that won't result in anything. Education on things before helps.

Comment Re:Microsoft (Score 1) 896

If a product even bothers to tell you about tracking cookies, it's more about religion than security,

That would be why I dumped AVG, actually, which is what I used before trying Avast.

Spy-bot will throw up some cookie warnings once in a blue moon too, but nowhere near as often as AVG did.

Comment Re:Boom. (Score 1) 325

    I saw the other response, but you may be able to source batteries locally. Check places that rebuild batteries. You can frequently find golfcart batteries (6vdc) or RV batteries (group 8D, 12vdc, 1200aH). Watch your charge cycle though. The lead acid batteries don't do so well if they're discharged below 50% frequently. Still, if you're only discharging 25% most of the time, the price is very affordable when they need to be replaced. I spent $65/ea for "rebuilt" group 8D batteries for my RV. They're used both for the "start" (to start the engine) and "house" (to provide lights and stuff inside the RV). My RV takes two just to start the engine (Detroit Diesel 6v92), and I couldn't fake that with 4 strong car batteries. I couldn't find 6 batteries to try a larger array with, but I doubt that would have worked either. I plan on putting in as many group 8D batteries as I can can fit in one section (probably 8 to 10). How long could I run my laptop on 12,000 aH? :)

Comment Re:Not Greed .. (Score 1) 427

So you're telling me that they also need differently-shaped processors, pci wireless cards, ram sticks, gpu's, usb ports, etc? These are all components with a fixed size and they manage to get them to fit into their design. I'm sure that if a few thoughtfully designed, standardized battery shapes and sizes were mandated, they'd find a nice way to make em fit by adjusting things like speakers, keyboards, motherboard, heatsink/pipes, fans and the like.

Comment Re:Not mutually exclusive. (Score 1) 769

Now, how would I build a scheme like that from a GUI? You could argue that it'd be nice to have a GUI tool to configure the netboot server, or build a CD image for me, but ultimately, such a tool is easier to write if it can just add a few commands to a boot script -- and even if such a tool doesn't exist, a half hour of my time to build that system once will pay for itself many times over, when multiplied over a network

Well, here's one way. There was a shell program on MacOS (Pre-X) called MPW. This software had a feature called Commando. You would type in the command you wanted, and then press the commando key. This would pop up a dialog box that allowed you to set all of the options for the command. When you exit the commando box the full commandline is returned to the shell, it is not executed. In addition, the shell was not a normal commandline, it was a text editor. You could highlight any line or set of lines and press the "process command" key (enter, not return) and it would execute the highlighted lines.

So, for your scripted process, you would execute each command individually, once, using the commando gui to build the command lines. Then, once the process was working, you would save off your script, (or leave it available in your default window).

I've often thought it would be a great project to do something like this for the linux commandline. The goal would be to have the commando interface read the output of --help to determine the parameters and build the gui window. This would, of course, require that all of the --help output be standardized. There are a couple alternatives to this, one would be a --commando flag that would give the supported information, another would be to use some sort of external description file to create the gui windows and return back the command line.

Comment Re:Chrome OS? (Score 1) 176

I TOO would be skeptical of ChromeOS, but only because it is from a company that makes its money through advertising revenue.

So far, Google is " evil" but there are still some questions about that since Google has managed to stir up trouble in various parts of the world that simply do not agree with Google legally and/or politically. But in the end, they make their money selling ads. The Android phone platform is agreeable to most mobile carriers because Google is willing to share ad revenue with the carriers. (For that, consumers should enjoy a discounted rate plan for enabling ads... not holding my breath though) ChromeOS is quite likely to have a lot of ads and tracking built in.

With all that said, I have no doubt that some clever group of people 'on a mission' will neuter ChromeOS for the rest of us who would prefer to have an ad-free/tracking-free user experience. So I worry little about it.

But the OP is correct in asserting that an OS (Linux Distro) put out by an advertising company is unlikely to resist the opportunity to track users and present ads. And when the whole OS is geared to that end, that does make it the ULTIMATE spyware.

Comment Re:Wash it (Score 1, Interesting) 1078

Here here.

Nothing worse than working on a smokers PC, the cigarete tar usually filters through any dust in the machine to make a fine layer of sludge (kinda like mud but a whole lot worse) on EVERYTHING.

Having said "nothing worse" yes I have repaired machines where mouse urine shorted the CPU socket, where a nest of white tail spiders (look them up, they have a fun bite) had taken up residence and even a computer that had been in a babies room and was full of talcum powder. And you know why? At the end of the day, you can wash the smell of all that off yourself, but cigarette tar takes about 3 days to fully get rid of the stink.

However, they really should put it in their warranty info, I know we have :)

Comment NOBODY is mentioning FIPS? (Score 4, Interesting) 450

My limited understanding of FIPS compliance is such that I thing the likelihood is much higher that the involvement of the NSA is to work with Microsoft (as they have others) to make sure the right libraries are used and so on for FIPS compliance. If you want to sell software to the US Government, it must be FIPS compliant.

The following is my understanding (which is likely flawed in some ways, but I think is fairly close to accurate) of how FIPS works (Taken from a response I wrote to someone else about this).

In all likelihood, this is all about their encryption being FIPS compliant and has nothing to do with backdoors.

The way I understand FIPS (because I got a mini-lesson on it during an SDR as they were doing it for [another software product I work with alot]) you have to use very specific encryption protocols that not only meet the standard for the encryption routine (e.g. RSA, or whatever) and the bit-size, but you have to use one of a specific set of approved implementation libraries.

That means you can use the exact same encrypting schema and key size as FIPS specifies, but if you don't do the encryption with an approved library, you're not compliant.

The rules get weirder from there. If you are required to be FIPS compliant at work, and must send something encrypted, you have to send it to someone who is also FIPS compliant. -- follow this logic now -- if you have to send it to someone who is NOT compliant, even though they use compatible encryption/decryption code and have exchanged keys with you, you CANNOT send them the encrypted file because their libraries are not FIPS compliant. You can, however, send them the file IN THE CLEAR if you decide it's safe to do so.

In other words, FIPS says it is better to send something in the clear if you cannot be sure the other end is FIPS compliant, even if they can decrypt what you're sending.

That's your government at work.

BTW: The routines which ARE certified have been fully vetted by many government and non-government people, and do not contain any special code in them that would lead to making decryption by the NSA any easier than it would otherwise be. Since the routines are by nature just implementation of well know encryption standards, the only way to do that would be to interrupt the key pair creation process and use "less random" seeds. I don't believe FIPS specifies the random number generation routine used.

Hope this helps.

Comment Re:Insightful (Score 1) 652

Most likely the setup of the test would be - blind test to identify which of two otherwise-identical sound systems uses Cable X and which one uses generic cables. The test is whether you really get better sound quality with Cable X.

Depending on the reasoning Cable X's manufacturer gives for the alleged improved sound quality, you may or may not recognize the claim as paranormal; but assuming that all scientifically-acknowledged factors affecting sound qualty can be controled for in the selection of the generic cables, that kind of thing could show up in a JREF test. Similar things have.

Comment Re:Confidence (Score 1) 42

My whole reason for initiating this thread was to open a discussion on the following economics-related quote from your diary: "My house wasn't nearly worth what I was paying for it, thanks to the economic meltdown the previous administration's deregulation and lack of enforcing the regulations it had on the books."

Actually I think I misplaced an apostrophe; it should have been "administrations' " rather than "administration's".

I find it a shame that it's nearly impossible nowadays to discuss economics without it turning political

Economics is so tied to politcs I don't see how you can discuss economics while ignoring politics. I've had a poor opinion of economists since 1977 when I took an undergraduate economics class; well, actually I dropped the class the first tine the three PhDs made astoundingly ignorant statements. These dunces couldn't understand why someone in a 1st world country couldn't live as cheaply as someone in a 3rd world country. I'd been in Thailand in 1974, I rented a bungalow (which came with a live-in woman) for thirty bucks a month. You could go anywhere on a bhat bus for a nickle. You could feed four people in a restaraunt for a dollar. These idiots couldn't seem to understand that.

I imagine my dad knows about Medicare part D, but it doesn't affect me or anyone my age or younger. Actually you're right about space exploration, but he didn't really push hard for it. And when it came to science, politics always trumped science.

I had to look Sarbanes-Oxley up in wikipedia, did Bush push for that or was it passed with a veto-proof majority? After Enron I don't see how anyone could be against it. The wikipedia article in fact made me, who voted for Ron Paul in the primary last election, become decidedly anti-Paul.

If you can credit Bush for that, then yes it was a good thing. I guess since I credit Nixon for signing the various environmental protections, I have to give Bush credit for Sarbanes-Oxley.

Were you not alive in the mid 70s through early 80s? Stagnant economy with runaway inflation? 20% interest rates?

Yes, and that was at the hands of Nixon, Ford (to a very small extent; he wasn't in office long), Carter, and to a small extent Reagan. Reagan's jawboning the capital gains tax cut through congress hurt the working people of this country. It was like my grandmother describes the "roaring twenties" in that it only roared for the rich, everyone else was struggling.

The nineties, particularly that last half, had a very good economy, at least if you worked for a living.

Other than Katrina?

Yes, but the clucterfuck that was Katrina response made the responses to the other disasters look good, but only in comparison. When the tornados hit here in March 2006* the local government here (unlike N.O.) was on the ball, the state of Illinois was only a bit tardy, it was 2007 before the feds did anything at all.

I can't figure out how I'm better off for Bush Jr., Clinton, Bush Sr., Reagan, Carter, Ford, Nixon, etc. having been president.

IMO Clinton did a good job. His focus was on the economy, which Bush Sr had left in shambles. It started turning around quickly. He put 100,000 extra cops on the street, and my neighborhood (there had been a gang war shootouts between the Crips and the Bloods right down the street from my house in iirc 1990) got a lot safer when we got a "neighborhood cop" funded by the feds. He put the WTC bombers in prison (or rather, the FBI did, and the FBI answers to the President and its head is appointed by him).

Nixon was a bad President that still did some good things. To quote Mr. Spock, "Only Nixon could go to China". Before the Clean Air Act you could NOT drive past Monsanto with the windows down. Before the Clean Water Act, Dead Creek in Cahokia actually caught fire!

Reagan was bad for the poor and middle classes, but he did a few good things (or at least, they happened during his watch), like the fall of teh Soviet Union and the Berlin Wall coming down.

What did Bush do right? That's easy. More importantly than anything I named above, TARP saved us from a true economic Depression.

I'm not so sure about that; there was no accountability whatever. It may have cause us to avoid a depression but we may have avoided a depression without it, and we still may have a depression; unemployment is in the double digits. Obama's bailout wasn't much better than Bush's.

The fact that AIG was bailed out was IMO a bad thing; you should NOT be able to insure gambling (investment) losses. And even though all that money was shoveled into the banks, they're still not loaning it out. I know businessmen here who can't get business loans, and a lot of them are losing their businesses.

The subprime mortgage mess (which you would probably argue was caused primarily by Bush

I'd credit Bush, Clinton, and Greenspan for that mess. But being able to insure against losses was the true culprit, and that hasn't been addressed, not by Bush or by Obama or their respective congresses.

* AFAIK this is the only place in the world that you can have ice storms, snow, thuderstorms, tornados, hail, sleet, freezing weather and balmy weather all in the same week.

Comment Re:It's a bad thing. (Score 1) 1164

Additionally, you may find this study interesting:

It demonstrates that different parts of the brain are used to make decisions when using cold logic versus making decisions after having formed an emotional attachment aka taken a side aka closed your mind aka taken a stance, or whatever other term you want to use for committing to a view rather than keeping an open mind... once you take a side you use emotional centers in the brain when reaching conclusions about that issue or things related to that issue from there on.


Submission + - Can FLOSS development be more inclusive and sane? 1

Can't Sleep! writes: "One thing that could be said about Free/Libre and Open Source projects (FLOSS), is that if you build it, they might not necessarily come, and if they do, they might find the gates closed!
What I would like to ask the /. community, since many of you have served as committers or code contributers to FLOSS projects, is to share your experience in managing and contributing to FLOSS projects.

For the contributors among you:
Assuming that you know how to program, do you find any further impediments contributing patches to a FLOSS community? does the source code organization? helpfulness of current contributors/committer? documentation? or any other factors come into play? Do you find your self sometimes saying, I want to help, but in practice, find that it is impossible to do so? Have you ever showed up to code sprint, only to do nothing, or work on trivial documentation? I would very much appreciate your point of view on the matter to understand what might be wrong, and what would be the solution to making FLOSS development more inclusive?

For the committers among you:
Let me know if this sounds familiar: You find your self overwhelmed with all the requests for assistance (users and developers alike), not to mention the time spent modifying the code contributed by someone, which you could have spent much less time rewriting from scratch than fixing.
Are these problems all too common? What is your experience and solution for making the life of a committer less hectic? and if this problem is all too common, do you think there is a chance of making the development process more inclusive? In addition, what would you say to the complaints of the contributors about: code organization, documentation, helpfulness, and any other factors that might have prevented them from contributing patches. Are these legitimate complaints? Can something be done about it? Or are committers simply too busy?

Please make clear when responding, whether you bring the experience of a committer, or a contributor."

Slashdot Top Deals

The best book on programming for the layman is "Alice in Wonderland"; but that's because it's the best book on anything for the layman.