Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Comments

top

OpenBSD Team Cleaning Up OpenSSL

Nightshade Re:PolarSSL (304 comments)

Yes, openssl is a piece of junk that is far too widely used. Polarssl looks nice and especially interesting is the version that was mathematically proven to be immune to a whole bunch of CWEs: http://trust-in-soft.com/polar...

But for OpenBSD they can't use polarssl since it's gnu licensed. The sad thing is polarssl was originally called xyssl and xyssl was originally BSD licensed. If only OpenBSD would start with the final xyssl codebase and replace OpenSSL with that...

about 5 months ago
top

Interview: Ask Theo de Raadt What You Will

Nightshade South Africa (290 comments)

Theo, you left South Africa at the age of 9. Do you have any connection to the country? Have you been back? Do you think of yourself as a South African or a Canadian? Do you speak any Afrikaans? Places like Cape Town are beautiful and hike-worthy. I believe you enjoy hiking so was wondering if you've ever been back there for hiking.

Also, it is interesting that there are so many South Africans in tech. Elon Musk (Tesla), Mark Shuttleworth (Ubuntu), etc. Do you feel any connections to them due to a common heritage?

about 6 months ago
top

OpenBSD Looking At Funding Shortfall In 2014

Nightshade Re:Wait, wait , WAIT a moment. (277 comments)

I tried to do the math on this too. First of all, I'm not sure if the number is 20,000 USD or CAD (Since OpenBSD is based in Canada not the US). Next up is the fact that many of the machines are older non x86 machines that are not power efficient. For example when the SGI/AlphaStations/VAX/SparcStations were produced, focus was on MHz not power utilization. Finally, I think the project might use some type of uninterruptible power supply (UPS) as well as network switches, etc.

So by your math you're looking at CAD 20,000 = EUR 13,500 which at EUR 0.20 per kWh would buy you 67500 kWh = 7.7 kWh.

Now the project has supports about 20 architectures. And there are dedicated machines used to build the base system and dedicated machines used to build ports so at least 2 of each machine. On top of that there's probably an NFS server to host the source code, some UPS, network switches, etc, etc. So say about 50 machines total.

So 7.7kWh / 50 machines gets you to 154 watts per machine. I do believe they are on 24x7 as there are daily builds for many architectures, etc, etc. 150 watts is not unreasonable power consumption in my opinion.

about 8 months ago
top

The Last GUADEC?

Nightshade very misleading (376 comments)

Take a closer look at the google trends data. If you click on the "qt" tab you actually see that most of the searches are related to "qt syndrome" or "long qt". these are medical conditions and have nothing to do with UI toolkits. if you click on the "gtk" or "gnome" tab, the search terms are all related to UI toolkits.

Perhaps it's not something specific to gtk/gnome, but maybe all the toolkits including qt are in decline. Either due to smartphones/mobile or ubunut's unity or something else.

about a year ago
top

Fedora Project Developer Proposes Layered, More Agile Design to Distribution

Nightshade just like BSD (74 comments)

So they're basically "reinventing" how BSD does things? They even blatantly copied an OpenBSD image for this presentation...

(Compare slide 13 from the presentation with OpenBSD 4.9 art)

In all seriousness though, it's a pretty good plan. Everyone knows that BSD means real engineering while Linux is "just a hobby, won't be big and professional"

about a year ago
top

Are You Sure This Is the Source Code?

Nightshade nothing new here, please move along... (311 comments)

Even if you have the source, it doesn't mean you can confirm what the binary is doing. See the classic "Trusting Trust" attack which is decades old. In my experience the most common reason for binaries that are not reproducible is due to build timestamps being embedded into the binary. For example, the ar command added the D flag in the past few years exactly for the purpose of being able to output reproducible results. (see the man page at http://linux.die.net/man/1/ar) It's true that reproducible binaries are probably a good thing from a security stand point, but in practice it can be a lot of work to make sure the build produces these. And even then, as Thompson showed, that doesn't always guarantee that what you see is what you get.

about a year ago
top

FTC Offers $50,000 For Best Way To Stop Robocalls

Nightshade simple really (614 comments)

answer all calls with a robo-answerer... no one uses phones anymore, all communication now happens on facebook/twitter.

about 2 years ago
top

What's Wrong With American Ninja Warrior?

Nightshade this is nonsense (349 comments)

This show is great, your complaints are silly.

So next you'll complain about having an American version of iron chef? Go back to watching reruns of Takeshi's Castle...

more than 2 years ago
top

Ask Slashdot: How Do You Securely Store Private Information For Posterity?

Nightshade Re:Wuala + Dropbox (257 comments)

hi, go read the links again. i think they speak for themselves; it doesn't matter to me if you have a different view of things. frankly this is getting away from the question that was asked so this is the last i have to add here.

more than 2 years ago
top

Ask Slashdot: How Do You Securely Store Private Information For Posterity?

Nightshade Re:Wuala + Dropbox (257 comments)

lastpass was definitely hacked. even the ceo admits usernames and encrypted passwords could have been taken: http://www.pcworld.com/article/227268/lastpass_ceo_explains_possible_hack.html

having encrypted passwords plus at least some people choosing weak passwords plus rainbow tables or other brute force tools is a recipe for some people's accounts to be compromised.

more than 2 years ago
top

Ask Slashdot: How Do You Securely Store Private Information For Posterity?

Nightshade Re:Wuala + Dropbox (257 comments)

um... no. cloud vendors can disappear without notice in which case you're out of luck. lastpass was hacked last year so that isn't the safest choice either. see http://lifehacker.com/5799036/the-best-password-utilities-that-dont-store-your-data-in-the-cloud so this is a real problem. the fact that you;re thinking about this means you're planning which is like better than probably 80% of people out there. so what i would do is come up with something that works for you and have your spouse/next of kin actually try to follow the agreed procedure without you around and have them report back on problem areas. a lot of businesses have disaster recovery plans which they try to play out once or twice a year. trying it definitely finds some problem areas.

more than 2 years ago
top

Ask Slashdot: Post-Quantum Asymmetric Key Exchange?

Nightshade Re:No expert but... (262 comments)

see the comment above on the 1978 cryptosystem...

more than 2 years ago
top

Ask Slashdot: Post-Quantum Asymmetric Key Exchange?

Nightshade what's old is new again (262 comments)

This 1978 crypto is supposed to be safe against quantum computers: http://www.technologyreview.com/blog/arxiv/25629/ (if that's the specific angle you're worried about). The downside is the key management because the keys have to be really really long (i.e. 20,000+ characters vs having a memorable passowrd or passphrase that you'd be able to use today).

more than 2 years ago
top

OpenBSD 5.0 Unleashed On the World

Nightshade Re:Wow! KDE 3.5 and Gnome 2.3 .... (185 comments)

They're actually far ahead in some areas. WiFi is a breeze to setup compared to some Linux distros. And they really do aim for extreely high standards (i.e. POSIX) compliance. The other area that's outstanding is the documentation. Most *commercial* products don't have the level of quality the openbsd documentation has.

more than 2 years ago
top

OpenBSD 5.0 Unleashed On the World

Nightshade Re:Wow! KDE 3.5 and Gnome 2.3 .... (185 comments)

I use OpenBSD for everything from online banking and web surfing with Chrome to playing games, to watching youtube and viewing PDFs and my photo collection. About the only desktop activity I can't do on OpenBSD is use Wine for windows emulation which isn't supported and probably never will be. But in a pinch they have qemu which I keep meaning to try out because unfortunately I still need to use MS Office for work. And I use gnome which very closely follows the latest releases. KDE is another story and is quite far behind but there's been a recent effort to finally get it updated and maybe the next release will have some of that work included.

more than 2 years ago

Submissions

Nightshade hasn't submitted any stories.

Journals

Nightshade has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>