Become a fan of Slashdot on Facebook


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 Internet speed test! ×

Comment Re:FYI: iptables tutorial (Score 1) 349

6) Finally your output chain should just allow everything:

# Accept everything: iptables -P OUTPUT ACCEPT

Now this is just plain shitty advice.

Thanks for the four links to external articles, though. Hopefully people will use them as a starting point rather than your own rules when deciding on their firewall configuration.


Submission + - Cryptographers Aim to Find New Password Hashing Algorithm (

Trailrunner7 writes: Passwords are the keys to our online identities, and as a result, they're also near the top of the target list for attackers. There have been countless breaches in the last few years in which unencrypted passwords have been stolen from a database and leaked online, and security experts often shake their heads at the lack of use of encryption or even hashing for passwords. Now, a group of cryptographers is sponsoring a competition to come up with a new password hash algorithm to help improve the state of the art.

Hashing algorithms are used to secure passwords by taking the plaintext password, passing it through the cryptographic hash algorithm, and then storing the resulting digest, rather than the plaintext password itself. That way, if attackers are able to compromise the database of passwords, what they get are the hashes and not the actual passwords.

However, the algorithms used to hash passwords in most cases are functions such as SHA-1 and MD5, which have known weaknesses that open them up to brute-force attacks. So if an attacker is able to access a database of hashed passwords, he may be able to crack them, given enough time and compute power. When these algorithms were designed years ago, the hardware needed to crack a hash produced by one of them was not commonly available. But now, powerful GPUs and FPGAs are widely available and can be used by an attacker to crack hashes relatively quickly.

"Password hashing is important because it's where we have a problem. NIST has given us some great standard hashing algorithms. The problem is that these hashes aren't necessarily designed for the specific problem of password hashing — where you need something that's fast enough to hash on a server at login time, but slow enough that a GPU can't crack ten million of them," Green said.

GNU is Not Unix

Submission + - Richard Stallman Goes Crazy and Freaks Out (

slashuzer writes: Stallman was giving a speech in Brazil where they speak Portuguese. Stallman speaks English and Spanish, but not Portuguese.
The audience was asked whether they want Stallman to present in Spanish (similar to Portuguese) or if he should present in English.

The audience originally preferred English but they over estimated their ability to comprehend English. Part way through the speech, the coordinator asked Stallman to switch to Spanish.

Stallman then has a meltdown.


Best OSS CFD Package For High School Physics? 105

RobHart writes "I am teaching a 'physics of flight' unit to grade 11 Physics students. Part of the unit will have the students running tests on several aerofoils in a wind tunnel. I also want to expose them to a Computational Fluid Dynamics package which will allow them to contrast experimental results with those produced by the CFD package. There are a number of open source CFDs available (Windows- or Linux-based are both fine), but I don't have much time to evaluate which are the simplest to use in terms of setting up the mesh, initial conditions, etc. — a very important issue as students do not have much time in this unit." Can anyone offer insight about ease of use for programs in this niche?

Comment Not everyone wants more pixels, but better aspect (Score 4, Interesting) 952

Frankly for most people the existing 'HDTV' resolution has more than enough pixels, to get full benefit from increased number of pixels you would need a larger screen and sit closer to it. As it is, reading text on these high DPI screens is hard enough, and I often find myself increasing the default font size. This issue is particularly pronounced in laptop screens.

What I do want is more vertical resolution. The 16:9 craze means today we buy displays that are physcially larger and have more pixels overall than ten years ago, yet do not provide any more area for vertical display. You still have to scroll down far too much. It would be nice if someone still made decent, affordable 4:3 displays; a 1600 X 1200 in 21" format is going to be a killer!

Data Storage

Submission + - First SATA 6.0 Gb/s SSD expands solid state's lead (

Vigile writes: Even though the unit is a read-only engineering prototype, the guys at PC Perspective were impressed with the performance the first SATA 6.0 Gb/s SSD offered over the competition. The Marvell drive was meant to demonstrate the controller technology the company has developed as an end-to-end SATA 6G proponent, and it does so nicely. With burst speeds as high as 350 MB/s (which is 90 MB/s faster than the current stop SSDs) and sustained read speeds going as much as 175% faster than the best spindle-based hard drives available today, the SATA 6.0 Gb/s spec looks to extend the performance lead for solid state drives greatly in 2010.

Comment Re:I don't even need to read the summary. (Score 1) 387

Google analytics won't seem to slow down your website as long as you add it to the very bottom of your page, just before closing the html tag. The page and content will load quickly, even though the analytics might take another second the user doesn't care since everything else is alreasy visible on the screen.

How Do You Evaluate a Data Center? 211

mpapet writes to ask about the ins and outs of datacenter evaluation. Beyond the simpler questions of physical access control, connectivity, and power redundancy/capacity and SLA review, what other questions are important to ask when evaluating a data center? What data centers have people been happy with? What horror stories have people lived through with those that didn't make the cut?

Why Doesn't Exercise Lead To Weight Loss? 978

antdude writes "The New York Times' Well blog reports that 'for some time, researchers have been finding that people who exercise don't necessarily lose weight.' A study published online in September 2009 in The British Journal of Sports Medicine was the latest to report apparently disappointing slimming results. In the study, 58 obese people completed 12 weeks of supervised aerobic training without changing their diets. The group lost an average of a little more than seven pounds, and many lost barely half that. How can that be?"

Comment No one is safe from the "oops" bug (Score 0) 313

These problems can happen with any company's product these days: Microsoft, Apple or even the open source OS like Linux or Freebsd. There are so many configurations to test that it is difficult to gurantee that the updates will work flaswlessly across the board.

It is nice that this issue can be fixed by users themselves without having to send the computers for repair.

Slashdot Top Deals

Mathemeticians stand on each other's shoulders while computer scientists stand on each other's toes. -- Richard Hamming