Beta

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Comments

top

Ask Slashdot: Command Line Interfaces -- What Is Out There?

RedLeg Just Wrong (383 comments)

Less useful but still useful are command shells.

Really?

You obviously do not get it if you do not understand the Jedi Power of a person who has mastered the shell. Pick a shell. When you think you have mastered the shell, experiment with other shells. Hell, change your shell to perl, I know a couple of perl junkies who run that way.

Sometime when you are bored, and have more that three brain cells on shift, from the command line (that would be a shell prompt) execute "man init" on your favorite Unix, and read the page. Then read the init scripts. {sarcasm}no, the shell is not useful{/sarcasm}

In a Unix Xwindows environment (or in MacOS X for that matter), the GUI is a tool, a nice place for multiple graphical proggies to play together, and an easy way to have multiple terminals open and visible at once. If you are an absolute luddite, get yourself an old VT101 terminal, learn how to plumb in a serial terminal to your machine, and explore the wonders of tmux.

Happy new year

-Red

about 6 months ago
top

Ask Slashdot: Recommendations For Beautiful Network Cable Trays?

RedLeg Alternatives: (250 comments)

OK, IF you have suspended acoustic ceilings, keep reading, otherwise forget the first suggestion and skip to the other option....

We started out with twist on attachments that mounted to the ceiling framework and provided a 1/4 inch stud, added a barrel nut and a bridle ring. All came from the local electrical contracting supply house, and were inexpensive, plus it all goes together with no tools other than a step ladder to reach the ceiling.

We we moving into a very large open space with a LOT of equipment to be interconnected. I managed the effort, and the one thing I was sure of was that the floorplan would not be what we imagined once we got used to the new space, and that it would be fluid over time. The bridle rings let us get the cables overhead and out of the way, but it's very easy to change things up, either by adding/removing cables, or rerouting them. If you need to go off in a different direction, it's a simple matter to add more rings. If a particular ring is no longer needed, simply remove it and the barrel nut, leaving the (unobtrusive) stud fixture in place for potential later use. They're cheap.

The intent was that as things stabilized over time, a "backbone" would emerge, and we would replace the bridle rings on the stable portions of the network with product from these guys: http://www.snaketray.com/ , with the idea that we could unscrew the bridle ring and barrel nut, and then hang the snake tray from the same attachment hanging from the suspended ceiling framework.

As it turned out, we never got around to that upgrade, as the bridle ring lashup worked very well for us. I no longer work there, but the approach I describe above worked for ~10 years.

The other option to explore is some variation of raised flooring. It does not have to be in the mode of the old machine room, 12 inches or so above the base flooring...... there are companies that sell what are basically interlocking floor mats with cable channels and removable carpeting tops. Looks like regular office flooring, but houses your cabling.

Hope this helps.....

-Red

about 8 months ago
top

New Fujitsu Laptop Reads Your Palm, For Security

RedLeg Not new technology (107 comments)

They demo'd this at CeBIT several years ago, and were spinning it at the time for high security applications, banking, etc. It did not get much traction IIRC, not sure how successful it was in Nippon.

One of its claimed advantages was (at least what they demo'd) that it used infrared to "see" the heat of your veins through the palm of your hand. Cut the hand off, it ain't gonna work, or so they claimed.

It will be interesting to see how this is accepted in the larger notebook market.

-Red

about 8 months ago
top

FOIA: NSA Contracts Stored In Paper Files, Unsearchable, Unindexed

RedLeg They're asking the wrong question... (114 comments)

What do all government contracts have in common? Payment of the contractor.

Ask whoever writes NSA's checks (probably DFAS, Defense Finance and Accounting Center) for all contract numbers between NSA and (list of interesting companies). Then ask NSA for copies of those specific contracts.

It would not surprise me at all to find out that whichever payment agency, and you may rest assured they are automated, also has copies of the contracts themselves, so while you are at it with the request above, ask for existant copies of the target contracts.

You could always start with asking NSA to tell you in detail who does their accounting, and more specifically, handles accounts payable for contracts.

about 8 months ago
top

Ask Slashdot: Cheap Second Calculators For Tests?

RedLeg Read the Certification Test rules, dumbass (328 comments)

RTFM, or in this case the rules governing the test. WE certainly have no idea what they are, since you neglected to mention which test you were standing.

I would be astounded to find, if they forbid certain models/features, that they do not have a whitelist of allowed models. THAT's where you should start your product research, not here, not with a vague, un-actionable question.

And Oh, By The Way, to echo another posters tongue in cheek remark, if you are in a scientific field, you really should know how to use a sliderule, even in these days. There ain't no batteries on a slide rule to run out, or be unavailable, nor are you ever likely to ever take a test where the use of one is forbidden.

-Red

about 8 months ago
top

Ask Slashdot: Can Bruce Schneier Be Trusted?

RedLeg It's Personal (330 comments)

If you've been in the security community for a while (oh, 15+ years in my case), you meet and work with people, and develop personal friendships and trust, based on personal interactions with colleagues, competitors, and other professionals.

I have competed with Bruce's companies (Counterpane, BT), met Bruce several times in professional settings. I've never worked with him personally, but I have plenty of other colleagues who have.

I trust Bruce.

-Red

about 9 months ago
top

Ask Slashdot: Mitigating DoS Attacks On Home Network?

RedLeg Practical Advice, step by step (319 comments)

You more than likely have something "phoning home" that the bad guys are tracing back to you.

SO, to track that down, do this in exactly this order:

1. Prepare to reconfigure your router for new IP / MAC, but do not reboot it, yet. Make sure the router is NOT registering with some dynamic DNS service, if it is, that's probably part of the problem. Your ISP may be doing that for you, if so, ask them to change your reverse lookup name.

2. Power down every other computing device on the network. I'm assuming you have a wireless router? If so, track down everything that it connected to it, and power those down too. Save your most trusted device (an iPad perhaps?) for monitoring / reconfiging your router. If necessary, borrow a device from someone you trust.

3. Press "go" to reconfig the router, and observe. Your DOS should go away. If it does not, either the reconfig was unsuccessful, your ISP is somehow part of the problem, the router is registering itself somehow, or the router itself is infested.

4. Assuming the DOS abated, one by one, power up the devices you previously disconnected and observe. If the DOS starts after powering up a particular device, that's the culprit. There may be more than one. Do this slowly, to make sure as you power up a device, it's not waiting some period of time before calling home.

It would not be a bad idea to get your ISP on the phone, explain what you think is going on, and ask them to observe your traffic as you go through the above steps. If something "phones home", and you miss it, they should be able to see the traffic on their segment of the wire.

If you are successful at tracking down a culprit system, enlist the help of the anti-malware vendor in isolating the offending bits. Do this BEFORE you re-image the system. They would probably appreciate a sample. Of course, this assumes you are running anti-malware software on your endpoints.....

Hope this helps.

-Red

about 10 months ago
top

Ask Slashdot: Suitable Phone For a 4-Year Old?

RedLeg School District Reality Check (682 comments)

OK, assuming you are a non-resident dad, or for whatever reason just can't get facetime with your offspring.

Tech is not going to -fix- this. It could help, but I would recommend a more structured approach, i.e. a schedule, and another adult facilitating the connection.

Now, as to having him be able to get in touch with you when needed, unless things have changed drastically, or are different where he lives, you will find that schools do not allow students to have phones on their persons during the school day. If you are lucky, they will permit it, powered off, in the locker, which is hardly of practical use in situations where he would NEED it, and my kids did not get lockers until grade 6 or 7. Set him up with a phone at age 4, the schools will deprive him of it at age 6 or so, defeating the purpose, and causing unneeded stress.

Short answer, bad idea, for a lot of reasons, not the least of which it's just impractical.

-Red

about 10 months ago
top

Scottish Academic: Mining the Moon For Helium 3 Is Evil

RedLeg Random Comments (462 comments)

This fucktard (yeah, I said it) is a Scot, and still obviously out of touch with the impact Scottish engineers have had in power generation, and the industrial revolution in general, but WTF, he's a philosopher, and not responsible for knowledge of the real, tangible world, much less modern history.

Oh, and it seems to me that this dude has:

  • Screened Iron Sky one too many times,
  • Confused Helium3 with Hydrogen3, and
  • Failed to realize that the flick is a work of fiction.

All in all, not too surprising. As to how this story wound up here, I write it off to a combination of it being a slow news day, and the topic being too funny NOT to post.

-Red

about a year ago
top

Ask Slashdot: Printing Options For Low-Resource Environments?

RedLeg Think out of the Box, POS Printers (108 comments)

I think your solution is probably dot matrix, but let's depart a little from traditional office automation.

I'd invite you look at receipt printers typically used in POS (Point of Sale) solutions. I'm betting you can find them that print on wider than traditional receipts, which would be better for medical records, but even the narrow format would work. I KNOW you can get multi-copy impact paper on rolls for them, the advantages being that you have the opportunity to color code the various copies, and best of all, if / when the ribbon dies, the IMPACT produced copies will still get "printed", even if the top copy does not.

Another thought is to include a dense 3d barcode (QR code?) on each printout. You can get an incredible amount of information into one using the right format, the dot matrix is certainly capable of printing graphics, and you can optically scan the encoded info in on the receiving end, or just read the paper record and transcribe manually. Win-Win.

Hope the helps.......

-Red

about a year ago
top

Ask Slashdot: High-School Suitable Books On How Computers Affect Society?

RedLeg Re:1984 (140 comments)

Some of us have to forethought to do a little reference work before we crank out a posting calling someone a "nunce", whatever that is.

  1. https://en.wikipedia.org/wiki/Nineteen_Eighty-Four. Please note the cover of the original British Edition.

    http://www.aim25.ac.uk/cgi-bin/search2?coll_id=5086&inst_id=13&term1=orwell. You might peruse the section titled "Administrative/Biographical history", particularly near the end.

Since the later reference is the top-level catalog of his archived papers, including the original manuscript of the work in question, I would think that rather authoritative.

-Red

1 year,3 days
top

Ask Slashdot: High-School Suitable Books On How Computers Affect Society?

RedLeg Re:1984 (140 comments)

Surely you mean nineteen eighty-four, by George Orwell published in 1949?

-Red

1 year,3 days
top

Ask Slashdot: High-School Suitable Books On How Computers Affect Society?

RedLeg Perhaps some Gibson, or Effinger, or Moran? (140 comments)

My first thought is Neromancer, but that may bust your page limit.

You might also look at selecting a story or two from Gibson's Burning Chrome, but as I don't have a copy handy at the moment, I can't make a hard recommendation.

Another consideration might be George Alec Effinger's When Gravity Fails. READ this one before you assign it, as it touches on some racy subject matter.

Finally, consider Daniel Keys Moran's The Long Run. Not as well known as the others, but a great read.

Hope this helps....

-Red

1 year,3 days
top

Ask Slashdot: Is Postgres On Par With Oracle?

RedLeg Re:The sorts of things you get (372 comments)

Oracle is really an excellent product for a database in which there will be DBA maintenance. If there aren't DBAs Oracle's complexity becomes a minus not a plus.

I could not have said it better. To get your money out of Oracle, you must have a seasoned, professional DBA, usually two or more (production / development). Further, Oracle really takes advantage of higher end hardware, and that takes a different kind of dba experience and expertise to optimize. You're probably on it for a good reason, particularly if on higher end Sun hardware.

Oracle bought Sun for a reason, they could not afford for the platform to go away.

Hope this helps.....

-Red

1 year,19 days
top

Researchers Now Pulling Out of DEF CON In Response To Anti-Fed Position

RedLeg Re:Kevin Johnson's reasoning is very suspect (204 comments)

You obviously can't (or choose not to) read.

Sequestration exists, I didn't bring politics into the discussion, you did. I just pointed out that it's gonna impact the attendance of feds at ALL cons, including DEFCON, until it gets sorted.

As far as student loan rates, and tuition rates while we're at it, fuck you. I have TWO in college right now, so am acutely aware of the pain.

No, I didn't cry about it, I'm just gonna shoulder the load and get on with life. Let me know when you've been paying taxes for 40 years, we'll talk again.

-Red

1 year,20 days
top

Researchers Now Pulling Out of DEF CON In Response To Anti-Fed Position

RedLeg Re:Kevin Johnson's reasoning is very suspect (204 comments)

For your team to purposely pull your talk from DefCon because they have asked that the feds not attend this year is absolutely silly. If your purpose is openness and community, it seems rather fishy that the organizers simply asking that the 'Feds' don't attend (i.e. the guys trying to track hackers) would incite you to pull your talk. I think it is completely disingenuous to say that this is not a political move because the community will still be there - you just aren't targeting the community anymore with your talks and your target audience may not be present...at least that's the way you make it seem.

Seems to me that their motivation is pretty much the same as Moss's *the Dark Tangent" in "uninviting" the feds in the first place.

Publicity.

Looks to me like it's working.

Here's a reality check: Most feds don't come to DEFCON, they come to BlackHat, and stay through (part of) the weekend for the con because:

  • It used to be included in the BH cost (now just discounted) and
  • You get cheaper airfare if you stay over a Saturday, so you save your agency / employer $$ on airfare.

Now let's kick in a little reality: Sequestration has hit the feds a LOT harder than most people realize, with furloughs, draconian travel restrictions including forbidding weekend travel, attending conferences, etc. The feds that DT uninvited were probably not going to be there anyway, and my guess is he's trying to stir up some shit and boost non-fed attendance.

The feds that will be there are either the ones who are genuinely interested in the community, coming back to see old friends, attending more than likely on their own dime, or, those on a mission.

Neither class of fed is going to pay attention to the un-invitation.

Just my 2% of $monetary_unit. I don't know shit, I've only been going to the con for 13 years.

-Red

1 year,20 days
top

Ask Slashdot: How Important Is Advanced Math In a CS Degree?

RedLeg Specific Course Recommendations (656 comments)

Up front, I have a BS in Math, concentrated more in the abstract than applied, and it's 30 years old. I've also spent the last 20+ years in InfoSec, dabbling in programming along the way. I look back on what I took which has served me the best since:

- Formal Logic (might have to look in the Philosophy department for that one, it was dual credit for us)

- Structured Programming

- Number Theory

- Mathematical Modeling

Lots of the rest of it was fun, but I haven't really used much of the college level math since then. The geometry and trigonometry I had in high school have served me much better.

Hope this helps.... Red

about a year ago
top

Ask Slashdot: Best Way To Archive and Access Ancient Emails?

RedLeg Re:Take a look at MH (282 comments)

+1

What he said, MH is the tool for this task. I have mail going back to early 90s, each message in a separate text file, sorted into directories by year. Once you're archiving in this format, you can then index the files for more rapid searches, or, if you're old school, just grep around when you're looking for something.

Best thing is, once you have them organized this way, you're done, and can burn backups of the archive (by year) directories to CD or other long term storage, and not have to worry about loosing anything.

One warning: beware filesystem limitations on number of files in a directory. If you convert a HUGE amount of mail at one time and dump it into one dir, you may end up with a problem, so RTFM (read the friendly man pages) and plan ahead accordingly. You may need for example to split a year into quarters if that years mail exceeds a limit (not that I've run into that problem....)

BTW, the O'Reilly book is a must. Grab the pdf, but get a paper copy if you can as it's quite hefty.

Hope this helps.....

Red

about a year ago
top

Cyber War Manual Proposes Online Geneva Convention

RedLeg Re:This just in: Still clueless (90 comments)

There are flaws to both sides of your analysis because you left out a couple of "players" which are obviously and currently present in both meatspace and cyberspace: terrorists and rogue states.

Terrorists typically have no specific nationality, do NOT wear uniforms, and are not necessarily readily identifiable as such, or as to their origin or objective.

Rogue States simply by definition do not follow the rules, and believe it or not, in conventional warfare, there are internationally recognized laws of war, Geneva conventions, etc. Not only do these guys not play by the rules, they have also been known to sponsor terrorists, and hackers.

The proposal might help if signatory nation states ever openly "went at it". It won't help in the case of covert attacks because of the problem you and others point out of attribution, and won't help at all with the players I describe above.

They'll simply ignore it.

Red

about a year ago
top

Ask Slashdot: How To (or How NOT To) Train Your Job Replacement?

RedLeg Play the game (292 comments)

First, if it's not already explicitly in scope for your existing contract, negotiate a "train my replacement" clause or task, at a premium over what you're already billing. Be frank with your customer that you both need to realize that they are asking you to train your replacement. You might be surprised to hear them say "no, we just want additional staff". If that's the case, negotiate for a long term contract of your own as a condition of training.

Then, mentor the young pup. Treat him like your son or daughter. Teach him everything. You can't teach experience though, so you're ahead no matter what. During this time, evaluate the person's capabilities, including the capability to listen and learn. Think of this as having an intern on somebody else's dollar.

If it all goes south and you lose your customer, you might be able to pull him with you (assuming he's worthy).

THEN you're in a nice bargaining position.

Red

about a year ago

Submissions

top

Brian Krebs gets "SWATted"

RedLeg RedLeg writes  |  about a year ago

RedLeg (22564) writes "ArsTechnica reports that Brian Krebs, of KrebsOnSecurity.com, formerly of the Washington Post, recently got SWATted. For those not familiar with the term, SWATting is the practice of spoofing a call to emergency responders (911 in the US) to induce an overwhelming and potentially devastating response from law enforcement and/or other first responders to the home or residence of the victim. Brian's first person account of the incident and what he believes to be related events are chronicled here.

Krebs has been prominent in the takedown of several cyber-criminal groups in the past, and has been subject to retaliation. I guess this time he poked the wrong bear."

Link to Original Source

Journals

top

RedLeg RedLeg writes  |  about 11 years ago

I simply do NOT understand folks compulsive need to air their laundry on the `Net. No Blogs or Journals for ME....

Oh, wait......

Slashdot Login

Need an Account?

Forgot your password?
or Connect with...

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>