Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Comments

top

Samsung Acknowledges and Fixes Bug On 840 EVO SSDs

Just Some Guy Re:DOS version? (101 comments)

The current firmware update ships as a bootable ISO. Burn it to a CD/DVD (or a flash drive if you can work it out), hold down "option" at boot, and you'll be looking at a DOS prompt in no time. I verified this two days ago when I misread the firmware version on the website and downloaded an updater for the version I already had.

4 days ago
top

Help ESR Stamp Out CVS and SVN In Our Lifetime

Just Some Guy Re:If it works, leave it alone. (243 comments)

The problem is that you're building more and more tooling on top of a painfully decrepit system. Every time you spend more than zero seconds dealing with renaming a file, you've lost money on the deal. Every time you work off HEAD because it's too painful to branch, you're spending developer salaries. I get that "if it ain't broke, don't fix it", but CVS it utterly and fundamentally broke. You're throwing good money after bad trying to keep it alive.

5 days ago
top

Help ESR Stamp Out CVS and SVN In Our Lifetime

Just Some Guy This is why they made the cloud (243 comments)

Hosting Git is dirt cheap. Converting from ${old_terrible_system} to Git is the painful one-time expense. Here's how you do it:

1. Fire up a suitably bit AWS cloud server.
2. Copy your repo to it.
3. Run the command to convert your old repo to Git.
4. Download the new Git repo.
5. Shut down the instance.

You don't buy expensive, power-hungry software that's going to cost an arm and a leg to store, power, and cool for the next year when you only need its brute force for a few hours. The Cloud isn't a magical cure-all, but it's a perfect fit for things like this.

5 days ago
top

OS X 10.10 Yosemite Review

Just Some Guy Re: Wait, what? (303 comments)

I mourned Spaces for about a day until I started actually playing with Mission Control, with the goal of Trying Things Their Way. I now like MC much better than I ever liked Spaces. It works like I'd expect it to without any of Spaces's dumbnesses.

about a week ago
top

FBI Director Continues His Campaign Against Encryption

Just Some Guy Re:And he is, probably, right (284 comments)

I suspect, he is right — it will hurt public safety.

I don't think Apple or Google making phone encryption suck so criminals can find and abuse the law enforcement backdoor would improve public safety.

about two weeks ago
top

Apple Announces iPad Air 2, iPad mini 3, OS X Yosemite and More

Just Some Guy Re: Apple Pay (354 comments)

Do you have a cite for this? I'm pretty familiar with how Google Wallet (with and without a hardware Secure Element) works, and I *know* that CC info is presented to the POS in order to make the transaction.

Any of the hundreds of articles about how Apple Pay works. Here's one that explains that the device gives the credit card terminal a 16-digit randomized token and a unique one-time-use CCV. Payment processors use the pair to identify the credit account to bill.

In short, your actual credit card numbers never leave your device. Google for "apple pay token" if you'd like to dive into further detail.

about two weeks ago
top

Apple Releases CUPS 2.0

Just Some Guy Re:Web server for printing... (178 comments)

Yeah, no thanks. I'm using AirPrint on iOS, which stays entirely on my LAN.

about two weeks ago
top

If Your Cloud Vendor Goes Out of Business, Are You Ready?

Just Some Guy Remote Backups (150 comments)

I find that cloud backups are an excellent complement to local backups. I have a 6TB Synology unit at home that stores all our family photos, Time Machine backups, scans of all our important docs, etc. I love and trust that little server. I also have it configured to ship nightly backups to Amazon Glacier so that if my house burns down and takes the Synology with it, I can restore it all and have my digital life back.

I guess I could buy a second unit and keep it at work, but that's a lot more effort than setting up a scheduled job to sync everything up to a remote server without my manual intervention.

about two weeks ago
top

Apple Releases CUPS 2.0

Just Some Guy Re:Web server for printing... (178 comments)

even still, the only time anyone I knew personally printed anything from a mobile device was over 10 years ago and that was in an electronics store, printing goatse over bluetooth to a printer on display.

The last time I did it was this morning when my kid's school emailed a permission slip that I needed to sign and return. I like not having to go find my laptop, locate the same email, and print from there when the thing I want printed is already being displayed on the phone screen that I'm staring at.

about two weeks ago
top

ISPs Violating Net Neutrality To Block Encryption

Just Some Guy Re:I think the part that scares me.... (149 comments)

Not only did this company not have the chops to figure out that 'someone may have incorrectly configured a firewall!', oh no. They decided to compound their inadequacy by including it in a filing to the god damn FCC.

Yes, they should be experts in gear they may not themselves be using. They should also not complain to the government office responsible for receiving complaints about such things, because ISPs always do such things as honest mistakes and not as predatory rent seekers.

about two weeks ago
top

ISPs Violating Net Neutrality To Block Encryption

Just Some Guy Re:The "It's not working" attack (149 comments)

We need the equivalent of HSTS but for SMTP. Maybe it replies with a "250-ALWAYSTLS" to EHLO, and clients and other servers cache the fact that "server foo.example.com always wants TLS". Then those clients can warn users when their messages can't be delivered according to the recipient server's TLS policy.

This would be so easy if we had DNSSEC or an alternative equivalent, so that you could publish something like an MX record but with added content like "always use an encrypted connection" (perhaps replacing MX records with SRV, maybe?). They'd have to be signed, though, or you could count on ISPs to forge false records.

about two weeks ago
top

Password Security: Why the Horse Battery Staple Is Not Correct

Just Some Guy Re:Oh great (549 comments)

I'm perfectly fine with that (except 12 words?!? seems very likely to make people use the Post-It note password manager), but that's quite a lot different from what we were discussing.

about two weeks ago
top

Interviews: Ask Florian Mueller About Software Patents and Copyrights

Just Some Guy Re:OK... (187 comments)

It kind of does. Well, at least it will go a long way toward having your opinions fall on deaf and unwelcoming ears - here, anyway.

I don't know you, Florian, and I don't have anything against you personally. You might be a great guy that I'd enjoy hanging out with for all I know. However, I'm sure this isn't the first time you've heard that large chunks of the F/OSS community don't particularly trust you. I can't comment on your disclosure timeline that you described in another post, but I know that I was disgusted to find out that you'd written some very supportive stuff about a company which was seen as attacking Free Software, and then it came out that they were paying you. While you have as much right to speak your opinion as anyone else, you can't be surprised that forums like Slashdot are unlikely to care to hear it.

about two weeks ago
top

Password Security: Why the Horse Battery Staple Is Not Correct

Just Some Guy Re:Oh great (549 comments)

Unless you're talking about something that I'm not getting, it's not susceptible to a dictionary attack. The individual words may be, but a brute force attack would still need to guess all of those words in that order.

The part you're missing is Markov chains and Bayesian analysis. I'll bet a reasonable corpus of phrases would show that "is" follows "love" fairly often, and "love is beautiful" is far more common than "love is axiopisty". Similarly, "birds that sing" is hugely more likely than "birds that exhibitorship".

While the whole phrase is unlikely to be the first random thing someone types, each word in that phrase is quite likely to be the one chosen based on its predecessors. I still think correct horse battery staple is a poor idea compared to a strong randomly generated string, but /usr/share/dict/words on my system has 235886 entries and 235886^4 ~= 2^72. That's reasonably random. I would much rather have to iterate through Markov chains branching from each word in the dictionary and trying the likely phrases than to have to brute force each possible 4-word combination. I don't have the numbers to back it, but I bet you could reduce the search space by quite a lot of orders of magnitude.

about two weeks ago
top

The Correct Response To Photo Hack Victim-Blamers

Just Some Guy Re:Healthy relationship (622 comments)

Somehow that doesn't sound like a loving healthy relationship. It sounds like a relationship based on sex and mutual attraction.

By what corruption do you assume that those are mutually exclusive? It's perfectly normal to be in a loving, healthy relationship with someone you're attracted to and want to have sex with. If Ms. Lawrence wanted her boyfriend to think of her when the separation grew unbearable, then that's between her and her boyfriend. There's nothing remotely unhealthy or unusual about that.

about two weeks ago
top

The Correct Response To Photo Hack Victim-Blamers

Just Some Guy Re:Victim blaming? (622 comments)

Everybody already knows that the only way to absolutely guarantee that your nude selfies don't get out, is not to take any.

No they don't. Lots of people believe that Facebook's privacy controls actually work as advertised, and that WhatsApp messages disappear after a while. Most people have no idea how a computer works, and anyway it would never occur to them that you could just use a camera to take a picture of your screen if you really wanted to preserve a photo or chat so badly.

You and I know that privacy controls mean "best effort but no guarantee" and that DRM is impossible, but plenty (maybe most) intelligent adults don't have the technical background to reach the same conclusion.

about two weeks ago
top

The Correct Response To Photo Hack Victim-Blamers

Just Some Guy Re:Victim blaming? (622 comments)

Telling someone it's a bad idea, in all of those cases, is not "victim blaming."

Thank you! If you want to blacklist all advice giving as victim blaming, then you quickly create an environment where it's impossible to give someone safety tips without someone else calling you an ass for doing it.

By the way, I wrote up my own advice to my children in "What I Tell My Kids About The Internet". I'd be very upset if my kids' private information was leaked all over the place, so I gave them practical advice on how to make that not happen. This isn't the same as blaming them if it got out anyway.

about two weeks ago
top

Interviews: Ask Florian Mueller About Software Patents and Copyrights

Just Some Guy Re:OracleVSGoogle: Judge can program, you still fo (187 comments)

Name names. What specific programmers not financially motivated by their employment with parties in the case disagree with the judge's decision? I've talked to quite a few people about the case and have yet to meet one who thought Alsup was wrong.

about two weeks ago
top

Interviews: Ask Florian Mueller About Software Patents and Copyrights

Just Some Guy Re:Who can you think of that is less popular? (187 comments)

You bet he would. Although I disagree with Steve on a great many things, the guy is very open and honest about his biases. I'm sure I could have a great conversation with him at a party and walk away knowing I got his true opinions.

about two weeks ago

Submissions

top

SCO On The Ropes

Just Some Guy Just Some Guy writes  |  more than 7 years ago

Just Some Guy writes "The SCO Group just published their SEC Form 10-Q Quarterly Report for July 31, 2007. In summary, they really needed a victory over Novell that didn't come. In their own words, "[as] a result of both the Court's August 10, 2007 ruling and our entry into Chapter 11, there is substantial doubt about our ability to continue as a going concern." Other highlights include:

Revenue from the UNIX business decreased by $2,704,000, or 37%, for the three months ended July 31, 2007 compared to the three months ended July 31, 2006 [...]


and:

Revenue from our SCOsource business decreased from $31,000 for the three months ended July 31, 2006 to $0 for the three months ended July 31, 2007.


Are we close to the end of the saga?"
top

SCO No Mo'

Just Some Guy Just Some Guy writes  |  more than 7 years ago

Just Some Guy writes "The other shoe has dropped; SCO has filed for bankruptcy. From their press release: "The Board of Directors of The SCO Group have unanimously determined that Chapter 11 reorganization is in the best long-term interest of SCO and its subsidiaries, as well as its customers, shareholders, and employees."

Although they "want to assure [their] customers and partners that they can continue to rely on SCO products, support and services for their business critical operations," they later go on to say that "SCO owns the core UNIX operating system", contrary to findings in the SCO v. Novell court case. It's not advisable to take their words at face value."

Link to Original Source

Journals

top

PyCon 2011

Just Some Guy Just Some Guy writes  |  more than 3 years ago

I am in Atlanta for PyCon, and you're on Slashdot reading about it. So there. Neener neener neener.

top

I think they're trying to kill Slashdot.

Just Some Guy Just Some Guy writes  |  about 6 years ago

I seriously believe that someone is trying to sabotage Slashdot by making it decreasingly pleasant.

Exhibit A: the new-and-busted discussion system. I actually like it more than the old way for reading comments, but for writing comments it's almost maliciously bad. The new system's preview button is much slower than the old way, and the mandatory waiting time between posting comments is a lot longer than it used to be. The net result is that whenever you're eventually allowed to click the "Submit" button, if your comment doesn't go through immediately, you're stuck staring at a pink error message until the countdown is finished. The only thing keeping this tolerable is that you can middle-click on "Reply to This" to open the old-style comment form in a new window, but I don't know if this workaround is going to be left in place long-term.

Exhibit B: Idle. This is truly the worst interface I've ever seen on Slashdot, from the painful color scheme to the tiny fonts to the difference between the markup used in comments between Idle and the rest of Slashdot. For example, the <quote> tags are treated like <p> in Idle, so there's no visible difference between text you're quoting and your own words. I don't even mind the content so much because it can be an amusing diversion, but wow, the implementation is just terrible.

No, I contend that the new changes are deliberately designed to drive away readership. I don't think that the Slashdot admins are incompetent, so I'm convinced that this is on purpose.

top

Avoid the Ramada

Just Some Guy Just Some Guy writes  |  more than 6 years ago

This isn't tech-related in the least, but my family just got back from staying at the Ramada Inn in Kearney, Nebraska. It wasn't pretty.

Not that Kearney is a likely destination for Slashdotters, but for those who might find yourselves there: you've been warned.

top

Tuning Slashdot, part 1: Relationship CSS

Just Some Guy Just Some Guy writes  |  more than 6 years ago

Refactoring relationships

Right now, relationships are embedded into the comments section of story pages with tags like:

<span class="zooicon"><a href="//science.slashdot.org/zoo.pl?op=check&amp;uid=198669"><img src="//images.slashdot.org/fof.gif" alt="Friend of a Friend" title="Friend of a Friend"></a></span>

This is ugly for a few reasons. First, it's a mess. Second, it means that every visitor has to have their own custom-rendered comments sections so you can't apply aggressive caching to the page-generation code. I would replace this with per-user CSS.

First, create a CSS file for each user like this:

/* Default class */
a.relationship {
background: url(neutral.gif);
width: 12px;
height: 12px;
display: inline-block;
text-decoration: none;
}

/* User-specific values start here: */

/* Friends */
a.user3352,a.user42 { background: url(friend.gif); }

/* Foes */
a.user666 { background: url(foe.gif); }

Next, replace the HTML in the comments section with generic relationship information such as:

<link rel="stylesheet" type="text/css" href="relationships.css">
[...]
<p>by neutral (1234) <a href="bar" class="user1234 relationship">&nbsp;</a> on 2008-01-20</p>
<p>by Just Some Guy (3352) <a href="bar" class="user3352 relationship">&nbsp;</a> on 2008-01-20</p>
<p>by foe (666) <a href="bar" class="user666 relationship">&nbsp;</a> on 2008-01-20</p>

All "a" tags with the "relationship" class get the default CSS values. If there is also a corresponding "user*" selector in the visitor's stylesheet, then the values in that selector override the defaults. For a sad user with no friends, this means that everyone gets the neutral.gif icon. As that user accumulates more specific relationships, those CSS definitions are applied instead.

This benefits Slashdot because suddenly they don't have to generate a brand new comments section for every visitor. The per-user CSS would also be extremely simple to generate. In any case, it would be no more difficult than the current method of embedding all that information directly into the comments section.

Finally, those CSS files could also be cached very easily. Since they would only change whenever a user's relationships are modified, Slashdot would no longer have to query that information every single time it creates a page.

There are two drawbacks to this idea. First, there are no more alt attributes on images, so users don't see a "Friend" popup if they hover over the relationship button. If that's a problem, replace the icons with little smiley or frowny faces as appropriate. Second, it would take slightly more work to support putting users in multiple categories at the same time ("Friend" + "Freak"). The fix is to create a whole set of graphics like "friend_freak.gif" and "foe_friendoffriend.gif" and corresponding CSS classes. There aren't that many categories, though, so it would require only minimal extra work to cover every possible combination.

How 'bout it, Taco - could you use something like that? Less code, less bandwidth, and less processing should be pretty easily reachable goals.

top

Get over it, UbuntuDupe

Just Some Guy Just Some Guy writes  |  more than 6 years ago

UbuntuDupe screwed up an Ubuntu installation almost two years ago. He still hasn't gotten over it.

UD, let me give you some free advice: move on. Really. You don't even have to admit that you were wrong. Just stop yapping about it and move on.

Do you notice that every time you bring this up, everyone opposes you? It's not because we don't like you, but because even if you were in the right (which you weren't), after two years we simply don't want to hear it anymore. Stop embarrassing yourself and let it die already, OK?

top

NSFW? Fark off.

Just Some Guy Just Some Guy writes  |  more than 6 years ago

Fark: Is read by your boss.
Slashdot: Is read by the weird guy in the server room.

Fark: Tries to be corporate friendly.
Slashdot: Links to Tubgirl.

Fark: Garfield.
Slashdot: Doonesbury.

Quit whining about "oh noes this is not teh NSFW!" If you want Fark, read Fark. This is Slashdot.

top

I've been mod-bombed - yay!

Just Some Guy Just Some Guy writes  |  more than 8 years ago Within a five minute period yesterday, 5 of my comments got modded down with "-1: Troll". They were in different stories about completely different topics, but they were my most recent posts at that time.

I noticed that I've been building up a nice little list of liberal extremist freaks lately. It seems pretty clear to me that one of them happened upon some mod points and decided to spend them by modding me into oblivion.

I'm kind of flattered in a way, because they must have felt that I'm pretty important to spend their points against me. Even better, though, is this reminder that the favored tool of the liberal is silence. It's not enough to ignore opposing viewpoints, since someone else may hear them and be influenced. No, their response to someone who doesn't buy into their propaganda is to steal their voice.

On Slashdot, at least, they're limited to moderation. That's a lot better than in reality, when they'd probably scream "racist!", or "sexist!", or "capitalist!" in hopes that I'd run for shelter. That's not quite as funny.

top

I Am Not This Serious. Seriously.

Just Some Guy Just Some Guy writes  |  more than 9 years ago I think I may have to take a break from Slashdot.

Why? Is is because it's eating into my work? Nah - I have plenty of long compiles that allow me to waste a few minutes here and there. Is it because I'm actually building a "Freaks" list? No way! The fact that some people find my honest opinions too insulting to bear is kind of amusing.

No, it's because I've started Acting My Age and becoming way, way too serious.

I am not at all like my Slashdot persona. I mean, my opinions and beliefs are the same - I've never once misrepresented those - but my personality is completely different. I'm a nice guy who likes to laugh, enjoy life, and have fun. I'm almost never this intense or serious in day-to-day life, but put me in front of a comment box and I go uber-professional and detail-oriented. Those are OK traits, sure, and it's nice to know that I'm capable of logical and serious discussion, but that's still not who I am.

I even get along brilliantly with people I disagree with. Although I'm a very staunch conservative, one of my long-time good friends is a deliberately homeless tree-hugger (I mean it - literally!) who's typically into paganism, environmentalism, socialism, and a lot of other isms that I don't really want any part of. We get along great, though, and although we disagree on pretty much everything we always have a fun time in the process. Not here, though. Oh, no. For some reason, I seem to lose the ability to parse gentle sarcasm when I come here and just have to respond in a pedantically exact manner.

So, why is that? I kind of blame Slashdot itself, and its "coverage" of the 2004 elections in particular. Despite our differences, we used to all pretty much get along before then. Now our little green corner of the 'net is hyper-politicized and angry, and you can't ask for a recommendation of a nice IDE drive without being lectured about the evils of magnetoresistive manufacturers and their harm to the third-world environment.

I'll make you a promise: if you promise to lighten up and begin enjoying the humor inherent in a population of nearly a million crotchety geeks from across the world, I'll do the same. In fact, as a token of good faith, I'll be the first to try. On the other hand, if I can't pull it off, then I'm out of here. Seriously. I enjoy life too much to be sucked down into a swirling pit of Seriousness and Thoughtful Deliberation.

Let's have fun again, shall we? Wish me luck.

top

Why you're my foe

Just Some Guy Just Some Guy writes  |  about 10 years ago I use my "Foes" list to manage the people who've established a pattern of saying things far beyond my threshold of tolerable stupidity. It's not that I dislike these people personally but that they detract from intelligent conversation to the point that they make themselves a nuisance. I'm not going to spend mod points to silence them, because that goes against my principals (and because I'd rather reward good conversation than attempt to "punish" the bad), but I personally have no interest in what they have to say and don't want to be bothered with it.

So, I think it's only fair to tell people why I've added them to the list. I'm not going to bother with prior entries, but I will be explaining all new ones.

The first recent addition is killjoe. I've disagreed with some of his postings, but this quote is what pushed him from "people I sometimes disagree with" to "people I don't want to listen to":

As for me I think the days of the peaceful liberals are over. It's time we adopted the republitard tactics. Yes that means dragging them behind cars and crucifiying them alongside the highways.

As far as I'm concerned, people who make comments like that are ineligible for civil conversation.

top

Authenticated anonymity on Slashdot

Just Some Guy Just Some Guy writes  |  more than 10 years ago

Want to post anonymously but verifiably? That is, do you want to be able to say things that you don't want traceable back to yourself, but you do want interested parties to be able to verify that multiple posts originate from the same person?

Right now, Anonymous Coward (AC) posts are stored without any identifying information. This means that while you may divulge some important information, another person can reply to your post, claiming to be you, and contradict your statements. Example:

You: I have proof that my company is making toxic waste.

Reply from twit: And no matter what you hear, I was not fired from my last job for making false accusations!

With common software, this is almost trivially easy. The idea is to post as an AC but always sign your messages with the same GPG ID. The advantage is that you can still be an AC when it's important, but interested observers can verify whether other a given set of posts come from you.

If you want do this, here's how:

  1. Generate a GPG key.
  2. Submit your key to a public keyserver.
  3. Write your Slashdot text in an external editor.
  4. Sign the post with your "anonymous" key.
  5. Use <ecode> tags to encapsulate your signed message.
  6. For added obscurity, add "no-version" to you gpg.conf file. If you're using GPG on Linux, that string may not narrow the field of candidates too much. If you hand-compiled it on your TI-85 calculator, and you've explained to your boss in great detail how cool it is to run crypto on your calculator, then it may reveal more information than you want.
  7. Be sure to click the "Post Anonymously" checkbox!

Now people interested in such things can verify that all of your posts originate from the same person, even though they can't determine who that person is.

This isn't exactly a brilliant invention on my part; all of the pieces already existed in usable form. However, I've never seen anyone actually do this, and I thought it might be a useful idea for someone.

Caveats:

  • Assume that your IP is logged by Slashdot and the public keyserver and available to whomever you're trying to hide from by posting as an Anonymous Coward.
  • Be darn sure that you remember to check the "Post Anonymously" box or your cover is definitely blown in a big way; the people you're hiding from can now trace a whole batch of incriminating posts back to you. For example, when I first tested the idea, I made that mistake and forever ruined a key with a clever name (IMHO).
  • This method can't prove that a post did not come from you. In the example above where an anonymous twit is trying to negate your statements, your best course of action is to post a signed reply to him stating that the reply post was not from you.

A Note To Slashdot Editors

I'm not writing this to be a pain in the butt, honest - this seems like a legitimate need that I think needed to be addressed. This specific implemention relies on the idea of <ecode> tags keeping the contents in pristine condition. If people start using this, please don't change ecode's functionality so that old signed posts are broken.

A giant extra helping of karma to the authors if you add code to detect signed messages, keep a list of key IDs that've been used, assign a serial number to each one, and print that serial number in the message header of each signed message. Then, casual visitors could see that a string of messages were all signed by "Slashdot authed AC #243", although responsibilty for actual verification would still lie with interested end-users.

top

Ditch "Overrated" already!

Just Some Guy Just Some Guy writes  |  more than 11 years ago Would-be moderators, get this through your head: "Overrated" should almost never be used! If you think that something moderated as "Funny" isn't very humorous, then accept that other people enjoyed it and move on. If something is marked "Insightful" but you don't agree with it, then move on. Get the point?

I always kill "Overrated" in meta-moderation. Always. Keep that in mind, would you?

Slashdot Login

Need an Account?

Forgot your password?