Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Comment I'd like to hear a coherent argument (Score 2) 91

That our authority over DNS is legally US government property in any sense the framers would have agreed upon, even stretching that concept of property to include intangible property.

Even if you can argue that DNS is American government property, it's pretty useless property. Since it is largely administered in a decentralized fashion, if the rest of the world wants it can set up its own DNS system and have people in their country point to their preferred root servers.

Comment Re:Good! (Score 1) 226

You might get an email, but that just tells you that they think it will be delivered that day, not that it will. Besides, what are you going to do, bring a chair to the utility room and camp out waiting for them to deliver a package? Even if you check a few times on that day, you still won't see it for three or four hours, and that's still bad.

Comment Re:Doubtful (Score 1) 226

They don't need planes for the vast majority of their deliveries. Amazon has distribution centers in 21 states, within 20 minutes of something like 30% of the population, and within plausible single-day delivery range of probably the majority of the population. So for products that are frequently ordered (and thus are stocked at every depot), they can deliver to almost everyone on the same day by truck, or rent a few small warehouses in a few places and deliver the next day to probably 80–90% of the U.S. population.

Sure, they'll still rely on UPS/FedEx/OnTrac for deliveries that involve distribution centers in other parts of the country, or for deliveries out into the boonies, but that makes up only a small percentage of their deliveries. And for the ones that don't require all of that, there's no real advantage to using a third-party trucking service over doing it in-house.

Comment Re:USPS (Score 1) 226

The "free two day shipping" I get from Prime is "two day by 8PM". Do you know your mailman delivers as late as 8PM? I know they don't here, and neither does UPS or FedEx.

As I understand it, you'll get packages at 8 if you're near a depot, if you're in a city with lots of businesses, or if your calendar says "December".

Even in your area, they probably deliver things late around the holidays. There's a period around Christmas where the package delivery services hire lots of extra temp employees to handle the extra load, and the delivery hours tend to get extended as a result. I think I even remember seeing one of the carriers in my neighborhood after 8 on occasion.

Also, if you're close to a FedEx or UPS depot, they'll do runs even later. Their depots are both within half a mile of the edge of my neighborhood, so every FedEx and UPS truck in the South Bay literally comes around the back side of my neighborhood when they get off the freeway an exit early to avoid the last two miles of parking lot on the 101.

As a result, I routinely see FedEx and UPS out at six or seven at night making their rounds as they work their way back to the depot at the end of the day, and I've seen multiple trucks doing deliveries here—presumably because they know that they can just toss our packages onto pretty much any truck that goes out that day, and it will be close enough to their route to not be a problem. :-)

Finally, if you have a lot of businesses nearby, they'll deliver your packages after hours. They have to get all of their business deliveries finished by 5:00 (or maybe 4:00, I forget), which means that home deliveries usually happen either early in the morning or in the evening.

As always, YMMV.

Comment Re:Good! (Score 1) 226

I keep having trouble with carriers leaving packages on Saturday and not bothering to ring the doorbell, then going out to church Sunday morning and finding them. I guess that because no other houses in my neighborhood have a doorbell there, they don't bother to look.

The irony, of course, is that package carriers are the main reason I installed a doorbell on that door in the first place.

Comment Re:Good! (Score 1) 226

They both tend to leave random packages on my porch that don't belong to me, as does OnTrac (the other shipper that Amazon seems to use here). Basically, my neighborhood doesn't have consecutive numbering, thanks to me being on a section of street that was added between two existing sections of street, so every time any of the carriers gets a new driver, I end up with packages for the house with a number one below mine, which is approximately half a mile away.

When they do this, it often takes multiple calls over multiple days to get the package removed. One time I got lucky and was able to chase down another FedEx driver who happened to drive by just as I got cut off while on hold with FedEx to call them to pick up a perishable overnight package of food, but the median redelivery time is at least two or three days.

Thus far, they haven't lost any of my packages yet, which could be because the house number below mine is at the end of the road, or maybe it is just just lucky timing. That said, now that I'm employed at a company big enough to have its own shipping and receiving department again, I should really go back to getting all my packages at work. It is just a lot more reliable, in my experience. :-)

Comment Re:How do IoT manufacturers... (Score 1) 114

Only for an hour, though I guess you could send a new blocking request every 45 minutes.

It would also let me block those idiots who keep trying to sign in to my servers via SSH. You'd think that when they send the original request (for authentication-free login) and the server says that it only accepts private key authentication, they wouldn't send thousands of password-based login attempts, but apparently the people who write those bots don't understand the SSH protocol very well, or else they just like wasting my bandwidth.

And I do periodically block them with filtering rules manually when I notice them, but I don't have time to scan the logs constantly, and they shift IPs often enough to make that problematic. But if I could make it so that the first password-based auth from an IP caused their attacks to immediately get blocked at their own edge router for an hour, it would be worth writing a log scanner.

Even better, ISPs could monitor their networks for those packets, and if a customer keeps getting blocked, they could contact the customer.

Comment Re:How do IoT manufacturers... (Score 1) 114

Actually, now that I think about it, I did forget to mention one small bit of the protocol. Each router that passes on the original request should immediately ACK the request to the previous router so that the previous router knows that it does not need to handle the blocking itself. It should then sent it towards the attacker's IP, and if it does not get an ACK from any router that's closer to the attacker in a timely manner, it should handle the blocking request itself and send back a confirmation request to the original IP address. It should then presumably reject any blocking confirmation requests that come later from closer to the attacker's IP, because they are redundant at that point.

This ensures that only the last router that supports blocking sends a confirmation request to the original server. Otherwise, you could cause a huge amplification attack by causing every hop in the route to ask the original server for confirmation. :-)

There's still a risk of abuse if somebody is able to inject and sniff arbitrary packets between the user and the server by being able to receive the confirmation request and respond to it, but if they can do that, they can also inject RST packets, so I'm not convinced that's an interesting edge case to worry about.

Slashdot Top Deals

Quark! Quark! Beware the quantum duck!