Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Comments

top

Another Elon Musk Bet: Half of All Cars Built In 2032 Will Be Electric

Flaming Foobar Re:50% is not necessarily a large number (359 comments)

1.64€ per litre here (Finland), which makes it around 7.63 USD per gallon.

Gas is heavily taxed in Finland. Almost two thirds of the price is tax, so it's not really comparable

more than 2 years ago
top

Santorum Calls Democrats 'Anti-Science'

Flaming Foobar Re:So says the religious guy. (1237 comments)

Actually, lack of evidence does lower the probability in a lot of cases, but only if you know what you are looking for already...

But you are still basically correct, as long as we are talking about a deity, a preternatural being of some sort, in a very wide sense. It is impossible to assign any probability to something that is undefined.

However, if by using the word god you mean one of the named gods of the major religions, I think it's pretty safe to say they are unlikely to exist, since the religious literature gives us clues to what to look for, and there appear to be no credible, verifiable findings.

You don't need to fudge the meaning a lot, however, to move it back to the undefined territory, though. Just say none of the holy books are 100 % accurate and there might be some truth to some of it...

more than 2 years ago
top

New Worm Morto Using RDP To Infect Windows PCs

Flaming Foobar Re:Require a VPN connection (200 comments)

Do it right, require a VPN connection before you allow an RDP connection.

Why exactly do you think that increases security? Most VPNs that I've seen use the AD domain password which means once the attacker gains access to the VPN, they can access all the network shares, terminal servers whatnot. You are equally f'ed in both cases. Also, the current RDP implementation uses TLS which is stronger than e.g. PPTP's RC4, still a widely used because it's so easy to set up.

I see this stupidity all the time: you are required to connect to a PPTP VPN, with access to the company LAN to boot, before you get to ssh to a linux box in the DMZ or wherever. Admins also often refuse to open the ssh ports based on some false belief about how it all works. They don't understand the differences between cryptographic algorithms, they don't really understand why firewalls are used and are good for, and they only have a superficial understanding of TCP/IP and the layers on top of it. They just blindly follow some "best practices" that someone somewhere put into a ppt, and cite meaningless shit like the OSI model, never actually taking the time to really understand.

more than 3 years ago
top

The Lesson of Recent Hacktivism

Flaming Foobar Re:Screw vandalism, especially on "soft targets" (159 comments)

For example, a quick google search turns up this page on apache security.

There isn't really much there that will significantly improve security, except the suggestions to keep Apache up-to-date and maybe installing mod_security. For instance, hiding the Apache version number might actually decrease security since now you might miss yourself you are out of date. It's not going to prevent any attack from happening.

more than 3 years ago
top

Amir Taaki Answers Your Questions About Bitcoin

Flaming Foobar Re:Needs economists (262 comments)

The bitcoin effort needs the involvement of some economists with experience studying and understanding currencies, not just techies.

Have you visited the Bitcoin forums? Quite a few economists there. Also, high profile magazines, such as The Economist, have written about it from the point of view that Bitcoin is, in the very least, a highly interesting experiment. No mention of any built-in economic failures there.

I don't understand the knee-jerk reaction that everyone here gets each time Bitcoin is mentioned. Almost every time it's accompanied misconceptions about USD being backed or otherwise thinking that something which is currently valuable (such as gold) is somehow guaranteed to always be that way.

No, I don't have anything invested in Bitcoins, and I wouldn't want to store much value in it until it has stood the test of time, and the implementations are more robust. I was shocked when I found out the private keys are stored locally in an unencryped file - that's a f***ing travesty.

But I do find the concept fascinating.

more than 3 years ago
top

LulzSec Teams With Anonymous, In Operation AntiSec

Flaming Foobar Re:Impact on bitcoins? (419 comments)

No, the difference is who's backing the currency: the government, or... well... nobody, since bitcoin's idea does not involve a central authority

Backing? How? I keep hearing this, but I don't understand what it means.

The way I see it, the value of money comes from the knowledge (or trust) that someone will accept a certain amount of it as an exchange for goods, or work, or whatever. How is any government "backing" that? I haven't seen any guarantees anywhere that my cash will be worth anything tomorrow.

Bitcoin is "backed" simply by the fact that there are enough people who will accept it as an exchange for goods, or work, or "other" currency (I'm still not sure it's correct to call it a currency).

more than 3 years ago
top

Europe Plans To Ban Petrol Cars From Cities By 2050

Flaming Foobar Re:To expensive (695 comments)

That way, people don't have to buy new cars immediately and we don't end up with landfills full of perfectly functional cars.

39 years isn't exactly immediately.

more than 3 years ago
top

Stuxnet's Legacy: Get Back to Basics or Get Owned

Flaming Foobar Re:PHP is a big part of the problem (162 comments)

You can still dynamically generate prepared statements.

You can't use a prepared statement to dynamically turn rows into columns. Or if you know how, by all means tell me.

since you're letting your application layer guess the behavior of the database, so any change to either side, and boom! Or do you think SQL injection is just about sneaking a second command to the first one by adding --, ;, or whatever terminator the database uses, like what most script kiddy attacks do?

Sounds like folklore to me. I suppose you could run into problems if you use, say, mysql_real_escape_string() to escape a string going to, I don't know, Pervasive SQL. But what can I say... just don't fucking do it! Or did you think sanitizing input means string.replaceAll("'","''") ? In that case you'd be the naive one, not me. Also, the database engine won't just change all by itself. Something like 99 % of apps work on a specific RDBMS, and for the most part they won't even begin to work on another one without major refactoring. You have the occasional small project which uses simple ANSI SQL, but anything in the least bit demanding usually only works on a specific system:

more than 3 years ago
top

Stuxnet's Legacy: Get Back to Basics or Get Owned

Flaming Foobar Re:PHP is a big part of the problem (162 comments)

Thats why no amount of string escaping is 100% safe.

People like you think there is something mythical or mystical in programming. There isn't. Sanitizing user input is 100 % safe. It may not be the best way to do things most of the time, but there are times when it's the only way, like when the SQL statements are constructed from another SQL statement, which happens e.g. when pivoting a many-to-many relation.

more than 3 years ago
top

Stuxnet's Legacy: Get Back to Basics or Get Owned

Flaming Foobar Re:Security is hard (162 comments)

As Flyerman points out, the 16 year old was posing as a man, and she social engineered a female within the organization.

The person who got scammed was Jussi Jaakonaho, who is male.

Her gender might still have something to do with it, though. Women are generally thought to have more social intelligence than men, which might make it a little easier for them to pose as someone else in an email.

more than 3 years ago
top

Leaked Cables Reveal US Thinks Saudi Oil Reserves May Be Overstated

Flaming Foobar Re:Its been thought for decades... (385 comments)

it is always in the best interests for each country to lie about it (over stating their reserves).

If you are selling something, wouldn't you want what you sell be scarce so you get a better price?

I'd say it'd be in the interests of the oil industry to perpetually maintain an image of there always being a couple of decades of cheap oil left. You want a good profit, but you don't want your customers to move away from oil.

more than 3 years ago
top

Leaked Cables Reveal US Thinks Saudi Oil Reserves May Be Overstated

Flaming Foobar Re:wrong on several points (385 comments)

. If you spend more energy than you get out of it, then the process will never be profitable.

This is a naive way to look at it. In reality, so long as you use cheap energy (wind, solar, tidal) to extract oil, it will be profitable. The main reason oil is valuable is its high energy density.

more than 3 years ago
top

Running Your Own Ghost Investigation?

Flaming Foobar Re:Wrong location (810 comments)

Don't waste your time in the supposed haunted house, the feeling of a 'presence' and 'ghosts' and any other paranormal crap is all in the person's head.

Has this been proven?

Saying things like that seems unscientific. What a ghost is not exactly well defined. Also, you can't exactly prove whether someone's feelings are of an external source or not. I don't think we have 1/1000,000th of the understanding of the human brain that would be required to say something like that.

Don't get me wrong, I don't think ghosts exist, but pretending that the opposite is 100 % true seems intellectually dishonest. Which probably explains the arrogance such claims are often accompanied with, because there is really no substance to the argument, just personal belief.

The standard 'sceptic' method of studying alleged supernatural phenomena is to confirm that they have natural explanations. Mostly any weird light and sound is always explained by reflections, wind, insects, animals. When someone says, "I felt something pass through me", things start to get tricky, because then you need to prove that the person in question is FOS.

more than 3 years ago
top

Compiling the WikiLeaks Fallout

Flaming Foobar Re:Democrats loved the Pentagon Papers (833 comments)

It's called "being political" for a reason.

We hire politicians to be upfront and honest. We don't hire them to be two faced.

I disagree. International politics is analogous to a game of poker. No one wants to give away all information to the others. Now, what WikiLeaks is essentially doing, is they are publicizing not only some of the "cards" that the US holds, but also what they know about the others' "cards".

I'm all for openness and honesty, but it's not just the American voters who are getting the info. It's available to everyone now.

more than 2 years ago
top

The Time Travel Paradoxes of Back To the Future

Flaming Foobar Re:Frame of Reference Problem (454 comments)

Basically for new writers who write a science fiction time travel story you gotta make sure you mention briefly that you solved the orbit/rotation/surface problem and have calibrated your time machine to account for the ever changing topography of the Earth as well as its orbit and rotation ...

No you don't. That's just bad writing. The less you explain, the better.

A lot of sci-fi suffers from over-explaining things with awful, cringe-worthy, pseudo-scientific crap. It adds nothing to the story. "Midichlorians" is the obvious example, but even explanations somewhat based on real science are often completely unnecessary and just seem self-important.

"I've invented a time-machine" says all that is needed to move the story forward. In fact, I always thought that the whole flux capacitor/88 miles per hour schtick was there just to make fun of all the self-important sci-fi.

more than 3 years ago
top

Company Builds Fast Charging Station For Electric Cars

Flaming Foobar Re:I'll wave when I drive past you ... (359 comments)

And exactly what charges your batteries ?

Hint : probably electricity from a coal-fired lower plant.

That's a stupid argument because the solution is obvious: use wind, hydro, solar or nuclear energy to charge the vehicle.

For gasoline engines, no clean solution exists at all.

more than 4 years ago
top

What Is the Future of Firewalls?

Flaming Foobar Re:The future is now (414 comments)

On a home environment it does a lot - it blocks the default windows ports which are not easy for the user to disable...

Windows has shipped with an adequate firewall for that since XP SP3. If you aren't keeping your Windows system up to date, you are pretty much s-o-l anyways.

more than 4 years ago
top

What Is the Future of Firewalls?

Flaming Foobar Re:The future is now (414 comments)

Honestly now, I'm talking about home users, the other people who use firewalls, even though they don't know it. Make it a standard on routers where on the router's config page, it can accept a small text file with ports to be routed to the current connection.

Or better yet, disable it by default. A firewall in most home environments does exactly nothing. It's snake oil. It's blocking ports where there aren't any services running anyway. The user is still able to open any email attachment or surf any web page with her IE6...

In fact, in most corporate environments a firewall doesn't do much, either. Funny how sysadmins agonize over which IPs can ssh to an up-to-date Linux box, but then they have VPN, a bunch of IIS, Exchange and a whole host of other stuff open to the whole wide world. I just recently made some development work for a company which required me to open a VPN connection before I could ssh into their Linux/PostgreSQL/Apache server. The sysadmin didn't believe me when I told him that it's less secure that way. He saw the break-in attempts in the sshd log so he didn't want the port open...

more than 4 years ago
top

Revised Mass. Gambling Bill Won't Criminalize Online Poker

Flaming Foobar Re:Oh teh noes. (104 comments)

Considering that the biggest gripe of the WSP old-hands is that young players are ruining the game by relying too much on aggressive betting, I would like to argue that it is not nearly as much a game of skill as a lot of people think.

Are you trying to say that the people who make the old-hands fold their chips away are less skilled than the them? The game is played differently today than it was in the 70s, and now it's all about balancing bluffs with thin value, weighting the opponents' hand ranges and optimizing bet sizes. The old school players you are talking about play a very narrow range of hands, their betting patterns are robotic and they only take the top of their range to showdown. All this makes it very easy to play against them, if you have done your homework.

The great majority of people don't spend enough time learning the math and thinking about the game, which is what makes the game beatable.

more than 4 years ago

Submissions

Flaming Foobar hasn't submitted any stories.

Journals

Flaming Foobar has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?