Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Comments

top

NASA DTN Protocol: How Interplanetary Internet Works

TrueKonrads Re:TFA does not describe how DTN/BP works. (109 comments)

I agree,

it is a horrible article - regurgitates a press release without providing any details. Even the sole picture is not described.

about 2 years ago
top

Mechanic's Mistake Trashes $244 Million Aircraft

TrueKonrads Re:RFID (428 comments)

This is done in medicine - tools are RFID tagged and before patient is sewed back together, they do a sweep.

more than 2 years ago
top

A Decade of Agile Programming — Has It Delivered?

TrueKonrads Re:I think.. (395 comments)

unittests also serve as documentation - show how stuff is used.

more than 3 years ago
top

A Decade of Agile Programming — Has It Delivered?

TrueKonrads Re:Maybe they did it wrong... (395 comments)

The key message behind that principle is: "Don't deliver working software that has no more purpose for business". If you can deliver a well QA'd and developed software that is obsolete by the time it is shipped then that is money wasted. If the development overall objective is always slipping, but along the way useful software modules are delivered to the users and they make money, then it is a success.

more than 3 years ago
top

British Teen Jailed Over Encryption Password

TrueKonrads Re:Challenge response or custom hardware (1155 comments)

I think it is important to make sure no trickery occurs - the system has to be reasonably secure even if all implementation details are known.

Encryption key could be stored in self-destructing HSM. And forgetting a passphrase/password or PIN is a common thing. You could try to perform trickery and say "I am confused and these are my likely guesses". Then watch as police type pin 3-5 times wrong and HSM self-destruct. Proving that you intentionaly misled police would be very difficult, I believe (IANAL).

more than 3 years ago
top

British Teen Jailed Over Encryption Password

TrueKonrads Re:Only 16 weeks? (1155 comments)

Here's a simple option that might very well work. Design a simple challenge response device with LCD which requests PIN code and then provides the long password. Have one PIN that opens and another, say 0000 that unloads a lot of energy into the simple memory chip frying it. Then, when police come, let them guess the PIN or give thre incorrect attempts saying that all this stress caused me to forget exact combination.

more than 3 years ago
top

Good Database Design Books?

TrueKonrads Re:Good SQL design books: (291 comments)

I think it should be mandatory reading for any DB designer. One thing I miss not taking from my last job was Celko's books I had ordered.

more than 4 years ago
top

Affordable and Usable Video Conferencing?

TrueKonrads Re:Lots of choices for dedicated hardware... (170 comments)

In our office we use Polycom to patch in meeting rooms and then laptops running end-user software to bring in the lone warrior. The big problem, of course is jitter, so having right QoS is essential. I can recommend Polycom as good (but not cheap).

more than 4 years ago
top

Using Aluminum Oxide Paint To Secure Wi-Fi

TrueKonrads Re:Does not resonate with me (271 comments)

<quote>Seriously... I work with a WiFi lab at work... I have a Faraday Cage in our lab... One of the techs forgot to install an optical isolator on the network cables, so for a few days the ethernet cables went right into the cage... Well, first day I went to use it, I locked myself in the cage, and was surprised that my cellphone started ringing... Without the optical isolators on the network cable, the RF signals were able to find there way into the faraday cage through the ethernet cables....
with that being said, I highly doubt that simply painting your walls will keep RF signals at bay... Even when the grounding wire was simply loose on the door to the faraday cage, RF signals would leak in...</quote>

This is very interesting! Do You have some physics explanation behind it? Could there be some externalities, such as, door not fully closed, ventilation open, etc ?

more than 4 years ago
top

Large-Scale Mac Deployment?

TrueKonrads Re:Large scale Apple managed LAN? (460 comments)

Isn't this kind of the point? If You can spend 2 hours and have a domain deployment with all the features You need done by a average paid admin, why spend two weeks by a linux guru? IT on a basic level is not something that adds immense value so why spend a lot on it?
P.S. I love hacking just as the next guy and linux on enteprise is my pet peevee.

more than 4 years ago
top

Facebook Releases Open Source Web Server

TrueKonrads How is this different from / better than Twisted (113 comments)

I wonder if the Tornado authors set forth to re-implemented <a href="http://twistedmatrix.com/trac/">Twisted Python</a> just for kicks or out of not knowning about its existence.

Twisted supports epoll kqueue, win32 iocp, select, etc.

about 5 years ago
top

Should Auditors Be Liable For Certifications?

TrueKonrads You don't understand what "certification" means (209 comments)

I am an IT auditor working for a company that You would call if You would want to be certified.

Certification means that there is a work (audit) programme that states control objectives. Auditor follows this programme very closely and then, if the issues are within some zone of tolerance (which may be zero as well), auditor writes a statement that company XYZ is compliant with this and that.

What it does NOT mean is:
  a) a certified company will follow its practice after certification (they may just have put a convincing show).
  b) that there are no other issues with the company that are outside of work programme
  c) that sysadmin will be dilligent in future to apply timely patches

A PCI-DSS compliance says "There are no critical issues on the surface". That's it.

more than 5 years ago
top

Europe Funds Secure Operating System Research

TrueKonrads Re:Wait a second... (376 comments)

That's not what he illustrated, he said that selinux doesn't work because there are buffer overflows.

more than 5 years ago
top

Europe Funds Secure Operating System Research

TrueKonrads Re:Wait a second... (376 comments)

3.3 mil is a lot of money for uncertain outcome. We already have microreboots in some toy systems, that should solve crashes and ensure that system continues to operate (though it will probably go through the crash-reboot-work-crash cycle endlessly. We already have in-memory kernel patching from SUN and partially from linux. Not to mention SELinux and Hurd and the rest of security ideas. I think that the real purpose of the project is to suck funding. Let me quote from Tannenbaum's project proposal:

  • "..but I should start out by pointing out how ambitious and risky this research is." In layman's terms it means: "I want to experiment, but no promises or even deliverables".
  • "... nearly all experience with actual security incidents shows that security problems almost always stem from actions that the design and rules forbid but which bugs in the code allow to happen anyway." and "The most serious reliability and security problems are those relating to the operating system" I am a security consultant and most security incidents stem from misunderstanding the basics, like password management, not buffer overflows. Seriously, has he ever consulted a security practitioner?
  • Some classic proof by (broken) analogy: "Banks lock their front doors at night and have strong safes even though there are laws forbidding bank robbery" What does this prove exactly?
  • "What I am proposing is a fundamental redesign of the operating system." Dude, seriously, You mention known concepts and offer fundamental redesign? Is this just a rewrite project for minix?

I could go on and on like this. This is how funds are spent without any real gain, not even new concept evolution. Andy, give the EU taxpayers money back!

more than 5 years ago
top

Disgruntled Engineer Hijacks San Francisco's Computer System

TrueKonrads Re:I had a dream... (1082 comments)

But it keeps You from doing sudo.

more than 6 years ago

Submissions

top

How to deal with and improve poor handwriting?

TrueKonrads TrueKonrads writes  |  more than 4 years ago

TrueKonrads (580974) writes "Many of slashdotters, yours truly included type on keyboard significantly more than write with pen on paper. However, when interviewing clients or generally taking notes, notebook is still the easiest way to do it. Unfortunately, my handwriting is barely legible and I am happy I can read what I wrote; giving notes to somebody else is simply out of question. How do you deal with it? Abandon notebooks at all or have you found a way to improve legibility?"
top

Navy launches U.S.S Independence

TrueKonrads TrueKonrads writes  |  more than 6 years ago

TrueKonrads (580974) writes "The US Navy launched new Littoral Combat Ship — the U.S.S. Independence. It is a wickedly cool Trimaran, that can be tailored to carry helicopters, big guns, torpedoes and angry men and move at 60 knots, which is a lot for ship this size and for sea faring ships in general."

Journals

TrueKonrads has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>