Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Comments

top

Alienware Swaps SteamOS For Windows

PetiePooo Re:This actally makes it an intersting product. (173 comments)

OP:

... when configured to boot straight into Steam Big Picture mode, the influence of the underlying OS is visible only in the larger game library.

... and the considerable additional maintenance requirements that go along with a full fledged operating system. Considering that Windows has required more frequent patches for security issues than Linux for the past few years, that's not a trivial distinction.

PP:

With Windows on it, this little machine can fulfill most of my needs for the living room / home and offers me a platform that i am already familiar with to play my games, (Steam supported or not), get some work done (Office etc) and watch movies.

While this is a valid point, it is a realization of this change in paradigm. With Windows 8.1, it is a regular desktop computer, not a gaming console. While that gives you the ability to do office work and more, it takes it out of the single-purpose, dedicated function, "appliance" category that consoles usually fall in.

With Linux running as essentially an embedded OS, it's likely that updates would be less frequent, smaller, and less crucial to it's overall suitability if skipped. As an example, how long has it been since you've updated your smart TV or DVR as opposed to your desktop or laptop?

about a month and a half ago
top

Ask Slashdot: User-Friendly Firewall For a Brand-New Linux User?

PetiePooo Re:Wrong paradigm here (187 comments)

Ok, seems like you're trying to do things the windows way, i.e. blocking outbound connections based which application is running. Things are not done that way on Linux. Outbound connections are open and most of us are fine with it.

The Window Firewall, the original BlackIce for Windows, and AVG as well, I believe, all fall in the category of Application Firewalls, as they base their actions with knowledge of the application holding the IP connection endpoint. IPtables is a Stateful Firewall, so named because it relies solely on the connection's state, without regard to the application at the sending or receiving end of the connection.

The Application Firewall link above actually does have some suggestions about how such things can be handled on Linux using utilities others have described. Mandatory Access Control tools such as SELinux and grsecurity can allow or deny access to resources (such as the network interface) to applications, but I don't believe they have fine-grained controls for conditional access based on IPs or ports.

None of these are as easy to use as AVG for Windows is.. (This could be the new definition of "understatement!") In fact, I would like to think I know Linux quite well, have used it as a desktop and server platform for years, have written patches for kernel modules, and can configure a solid IPtables firewall ruleset from scratch, but AppArmor and SELinux still scare me...

There's a link here describing how to mark packets based on an application's uid (user). This might be a basis for controlling permissions per app, but you're talking about a very complex IPtables ruleset. Definitely not for someone only two days into their Linux journey.

about 4 months ago
top

Cameras On Cops: Coming To a Town Near You

PetiePooo Re:Won't do any good. (264 comments)

Any missing footage should result in someone being fired.

Agreed.

There is one plus side to ubiquitous cameras operated by the police: It will be harder for the police to justify denying us the ability to record our interactions with them. Some police departments haven't gotten the memo yet...

about 4 months ago
top

Ask Slashdot: What Software Can You Not Live Without?

PetiePooo Re:MS Office (531 comments)

Feedback: VLC is my first install regardless of OS. Damn thing just runs anything I throw at it. Used it for years now.

I hope you're not running on Dell hardware...

about 5 months ago
top

Interview: Ask Richard Stallman What You Will

PetiePooo Re:Why a gnu? (480 comments)

Why not perhaps a more majestic creature?

Similar facial hair...

about 5 months ago
top

Adobe's New Ebook DRM Will Leave Existing Users Out In the Cold Come July

PetiePooo Re:Adobe (304 comments)

This was my thought on reading the article as well. "Adobe is doing more to kill DRM with this move than anything they've done in the past." There's nothing like punishing the innocent to get people's attention.

about 6 months ago
top

Ask Slashdot: Configuring Development Environment On a Shared Workstation?

PetiePooo Re:Get another PC (158 comments)

This.

Or what about renting a server? For the RAM requirements you're going to need, you'll likely need more than the entry level offering, but the capital expenses are lower than having to buy a new computer...

about 6 months ago
top

Google, Apple, Facebook, Twitter, Microsoft, Yahoo Form Alliance Against NSA

PetiePooo Re:congrats guys and gals (293 comments)

Now contrast this statement from the recent "STFU" response to AT&T's shareholders. And the complete silence from Verizon, whose name was on the first round of the salvo.

At least these eight are making noise, rather than just hoping the issue fades from the public's consciousness. Here's wishing there was a telecom provider that wasn't so obviously in bed with the spooks...

about 7 months ago
top

WRT trans fats, the FDA should ...

PetiePooo Re:Outright bans (376 comments)


It's not clear from the context whether you're calling the parent an idiot, or if that's how you normally sign your comments.
Many researchers have concluded that overuse of antibiotics is linked to the increase of MRSA. (citation)

about 8 months ago
top

Feds Confiscate Investigative Reporter's Confidential Files During Raid

PetiePooo Re:I don't suppose... (622 comments)

So are you saying that if the files had been encrypted, they wouldn't have been confiscated, all of this would not have happened?

What else precautions one should make not to become the victim of one's own government? Is leaving home allowed? Is there a list of approved websites to visit?

You are making the case that the government is a bullying criminal. And while you can and perhaps should avoid getting the attention of a hooligan/bully/criminal, the government is at least in principle there for you. And in my mind this makes the situation completely different. One shouldn't bow to bullies, but having a bullying government is worse.

And yes, of course the files should have been encrypted. I wonder if they would have detained her in that case.

If the files had been encrypted (after transcription, if needed), then this would be a case about overreaching warrants and illegal government actions, not a case about overreaching warrants, illegal government actions, and wrongful terminations, as that last item will undoubtedly be the end result of the intelligence DHS has collected on the whistle-blowers.

You are right in that she shouldn't have to protect herself and her informants from the government, but such is the imperfect world we find ourselves in while we try to dig our way out of it. She failed her informants. She should have known better than to depend on legal principle to protect her informants from the current administration.

about 9 months ago
top

VirtualBox 4.3 Comes With New Multi-Touch Support, Virtual Cam and More

PetiePooo USB Support (114 comments)

Do they still require a paid license to forward a USB device to the guest?

That killed it for me when they added that "feature" a few years ago now... I think it was the first major release after Oracle took over.

about 9 months ago
top

The Windows Flaw That Cracks Amazon Web Services

PetiePooo Re:About Jeff (114 comments)

I did say his research skills could use some polish. And I figure one more developer that is at least semi-aware of security is a good thing. Many don't even consider the security implications of what they write.

Yes, I did enjoy it. So you didn't. To each his own.

p.s. Vitriol is no way to go through life, son.

about 10 months ago
top

The Windows Flaw That Cracks Amazon Web Services

PetiePooo About Jeff (114 comments)

Jeff Cogswell is the author of several tech books including “C++ All-In-One Desk Reference For Dummies,” “C++ Cookbook,” and “Designing Highly Useable Software.” A software engineer for over 20 years, Jeff has written extensively on many different development topics. An expert in C++ and JavaScript, he has experience starting from low-level C development on Linux, up through modern Web development in JavaScript and jQuery, PHP, and ASP.NET MVC.

Good job, Jeff! Welcome to the exciting world of security research!

I applaud you for (re)discovering these techniques on your own. Your out-of-box thinking and problem solving are to be commended, but your research skills could use some polish. Please don't let the negative comments above discourage you from exploring this rewarding field of knowledge, however I would recommend you run your findings by some existing security folks before announcing your next big discovery, lest you find you're just rehashing something else that has long been known.

Seriously; good job! I enjoyed reading how you worked your way up to your conclusions, even though I knew from the start how it would end...

about 10 months ago
top

Linus Responds To RdRand Petition With Scorn

PetiePooo Re:Linus, you are a bully (566 comments)

I should add that your sentiment of "we know better than you so you should trust us" is exactly what the government is spewing, and you see how well that's working.

While the kernel source is the epitome of transparency, and the NSA is the exact opposite, there will always be people who cannot or will not read the source. That does not mean they don't want to know some of the details so they can make informed decisions. That curiosity should be welcomed, not derided.

about 10 months ago
top

Linus Responds To RdRand Petition With Scorn

PetiePooo Linus, you are a bully (566 comments)

While I respect your technical prowess and make great use of your work, every time you go off like this, you move a little further down the "crackpot" scale. You know, the one anchored firmly by RMS...

Instead of blowing a gasket, why not nicely suggest that a read of the source code will show that rdrand is just one of the entropy sources used, and it is used in such a way that it cannot compromise the end result. Vitriol is no way to go through life, son.

about 10 months ago
top

Ask Slashdot: Speeding Up Personal Anti-Spam Filters?

PetiePooo Re:You could speed up your current solution (190 comments)

...Most of your time is likely spent parsing the patterns.

I second that. And as your rules have built up, there are likely some that have never been used beyond when they were first put in. I'd instrument your next solution to identify outliers and cull them over time so your parser doesn't have to work so hard.

about a year ago
top

Silent Circle Follows Lavabit By Closing Encrypted E-mail Service

PetiePooo Re:enigmail/pgp/gpg (470 comments)

Free association is what is threatened here.

True. So if that's a concern, connect to that darkmail system via a VPN over TOR.

about a year ago
top

Silent Circle Follows Lavabit By Closing Encrypted E-mail Service

PetiePooo Re:enigmail/pgp/gpg (470 comments)

"And for keeping even the envelope info private, just run a private email service of your own (with no external mail gateway) ..."

And ensure no TCP traffic to your gateway goes through any compromised Internet nodes.

Those ellipses conveniently left off the rest of the quote instructing to allow access only via VPN or SSH. Good crypto is designed to defeat MITM and eavesdropping attacks. Listening in? Fine with me; all you'll get is ciphertext. Modify even a single bit and I'll be alerted.

about a year ago
top

Silent Circle Follows Lavabit By Closing Encrypted E-mail Service

PetiePooo Re:enigmail/pgp/gpg (470 comments)

What percentage of you have downloaded the source code, verified the MD5 of the source code against what is reported, then compiled it yourself using compilers that you trust aren't compromised?

The authors of those programs make it easy to verify by publishing the hash along with the source and encouraging people to verify their downloads. I expect your distribution's maintainer follows those protocols when building the released version. That build is automatically signed when built and verified upon download when installing it on your system.

As for trusting your compiler, I assume you're referring to Ken Thompson's seminal Reflections on Trusting Trust (PDF). It's an interesting academic exercise, but I'm pretty sure if such a compiler were out there and in common use, someone would have noticed. Especially now that there is a published way to detect it.

Installing the distro's version is likely safe, although you must realize you're opening up your circle of trust to include the distro's maintainer and server farm instead of just the original author(s) and their source repository.

The bad part of this is, until we get NSA's unconstitutional programs back under control, simply encrypting your emails may be enough to trigger their systems to preserve it.

about a year ago

Submissions

PetiePooo hasn't submitted any stories.

Journals

PetiePooo has no journal entries.

Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...