Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Comments

top

jQuery.com Compromised To Serve Malware

Vellmont Re:They will never learn (66 comments)

I disagree with your basic premise, that things are secure, or insecure. Everything is a tradeoff. Using a foreign CDN is a tradeoff of trusting a third party to be secure vs doing it yourself. Just because you do it yourself doesn't mean it's "more secure", it's just more in your control, which can be good or bad.

We make this tradeoff all the time. Have you ever used 3rd party software on your website? Well then you're making a tradeoff as well.

You're right to be suspcious of trusting a 3rd party, but I don't agree that using a CDN is always a bad choice, incompetent, and obvious to anyone competent.

2 hours ago
top

Ask Slashdot: How To Avoid Becoming a Complacent Software Developer?

Vellmont 40 hour weeks != complacent. (274 comments)

People develop lives and other interests. If you'd like to dedicate yourself to one thing, great. But you have an odd idea about the nature of liking what you do. Liking what you do is very different from wanting to do it all the time. The world is an interesting place with a lot of different things in it. Don't assume people that have other interests (Family, hobbies, houses, travel, leisure) aren't passionate about what they do, they've just realized that there's more to life than computers.

In fact, a good way to get burned out is to do exactly what I suspect you're doing. Working really long hours, and dedicating lots of your free time to software. Cut it out, and maybe you won't get burned out.

4 days ago
top

Ask Slashdot: Have You Experienced Fear Driven Development?

Vellmont Re:Experience counts (232 comments)

I think you said the words you're talking about in your anecdote. Worth and trust. Both those are earned, and can be over-valued. The developer in question shouldn't be trusted.

4 days ago
top

Apple Will No Longer Unlock Most iPhones, iPads For Police

Vellmont Re: So everything is protected by a 4 digit passco (504 comments)


Not without huge advances in theoretical mathematics, no.

Cryptography relies not only on the math being correct, but the implementation as well. How sure are you that Apple implemented the random number generator properly, for instance? Maybe that 128 bit key only has 64 bits of entropy because someone screwed up. 64 bits of entropy is feasible to brute-force.

Also, only RSA relies on factoring large numbers. RSA, and other public-cryptography is only used to encrypt the key. The underlying algorithm is still generally block ciphers like AES, which aren't dependent on prime numbers.

4 days ago
top

Apple Will No Longer Unlock Most iPhones, iPads For Police

Vellmont Easy fix for the government. (504 comments)

So instead of requesting access to the data, they'll request access to installing a special update to your phone that simply transmits the encryption key.

If you trust Apple to update your software, and Apple has to do whatever the government says, there's always going to be a way for the government to get your data.

4 days ago
top

Ask Slashdot: Have You Experienced Fear Driven Development?

Vellmont Re:Experience counts (232 comments)

Of course, the respect you're seeking must be proportional to your actual skills, merit to the company, etc.

Hmmm.. this is the only statement I find questionable. Everything else I agree with. I think everyone deserves respect. The lowest level employee doesn't deserve to be yelled at for missing deadlines, or having a bug that's missed. That's basic human nature, and you're not entitled to it simply because you're more valuable, it's something all people need. I understand your position, but if the only way you can gain "respect" is through fear (fear you'll leave), that's still an indication of a sick organization.

Long term, you should still leave if everyone doesn't deserve respect, not just "valuable" people.

about a week ago
top

Schizophrenia Is Not a Single Disease

Vellmont Re:Then I guess you could say... (222 comments)


The trick is that doctors need to stop treating schizophrenics like we're sick. They need to start treating us like we're real people that just happen to have a different sense of reality.

In a sense, I sort of agree with you, in another, totally not. Depression is also another way of viewing reality. Is someone who's depressed "wrong" about concentrating on the negative aspects of living? No... but I think most people who're depressed would rather NOT be depressed. Obviously telling someone who's depressed to just "cheer up", and "things aren't that bad" isn't going to help much. But like a disease, it's an aspect of yourself you'd rather not have and aren't in total control of, and want to be "cured" of. So the disease model isn't too far from the truth. I don't see how scizophrenia is much different.

You yourself don't really like your symptoms, wouldn't you rather they be gone? So I'm not sure I really understand your point.

about a week ago
top

Why Atheists Need Captain Kirk

Vellmont Re:Deism (922 comments)

The same inadequate reasoning that makes people think their could be meaning to the universe is the same lack of reasoning that causes smart people to be religious.

You make the mistake of categorizing all religion into one big bin. Thinking about our place in the universe is a religious activity, but also a very human one. Deciding we have no place in the universe, or the universe has no meaning is also in that same category. By seeking to escape religion, you're only being ensared by it.

about two weeks ago
top

Windows Tax Shot Down In Italy

Vellmont Re:Need more than a legal precedent (421 comments)


More than a legal precedent this needs solid regulations with teeth. I suspect that if you walk into whatever the Italian equivalent of Best Buy waving this judgement around and demanding a refund that they will just have security escort you out. But if refusal to even offer a Windows free machine was worthy of a fine, let alone not removing it, then windows free machines would be widely available.

I've spent some time living and working in Italy. I'd be very, very careful before I simply apply US and Canadian ideas and norms onto Italy. Italy isn't filled with big box stores. I don't know that there's an equivalent mass retailer that sells everything from PCs to appliances in Italy. Rome at least is more filled with smaller retailers rather than enormous mega-retailer stores like in the US. There's some big retailers to be sure, but there's a lot more smaller ones.

But the one thing you should be VERY wary of is applying the rule of law to Italy. The normal rules of fines, and governments imposing restrictions on things doesn't always apply. Italian courts are a mess, and regularly change verdicts. So I wouldn't just naturally expect Italian retailers to suddenly start offering Windows free machines available for sale. Italy isn't like the US, or even the rest of the EU.

about two weeks ago
top

Publishers Gave Away 123 Million Books During World War Two

Vellmont .06 is not free. (121 comments)

$.06 is about 80 cents today. That's not free. You may think it's a minor distinction, but the truth is it's not. We know from repeated sociological studies that people treat free as a different category than something that's charged for. And if you establish the value early on as free, it's VERY hard to go back and get people to pay later on.

That's totally different than charging 80 cents in 2014 dollars. I'd also imagine that being in the military has different expectations than civilian life. It's a donation the publishers gave to the war effort. Once the war is over, nobody would expect to go back to being given cheap books anymore.

about two weeks ago
top

In France, a Second Patient Receives Permanent Artificial Heart

Vellmont Re:Predictable (183 comments)

Before you go around calling people morons, you might want to learn a little about how software is horribly insecure, even when designed to be. The recent OpenSSL vulnerability is a good example.

If you think "slapping encryption, message signing, and sanity checks" is going to save you, you have a LOT to learn.

about two weeks ago
top

Home Depot Confirms Breach of Its Payment Systems

Vellmont Re:PCs are the problem (111 comments)

That and credit card companies are too fucking cheap to switch to chip and pin. The only reason the rest of world switched was because the companies were forced to. Not in the good old USA.
Well, you're going to start getting your (and my) wish starting around October 2015. That's the date the liability shifts. Then the liability shifts to the party implementing the least technology. So if the card issuer issues a chip and pin card, and the retailer has only swipe, the retailer is responsible for any fraud from customers with chip and pin cards. If the retailer has a chip and pin machine, but the card issuer has only swipe, then the card issuer is liable.

So essentially you're going to start seeing big retailers upgrade to chip and pin machines sometime around Oct 2015. I'm sure it'll be a slow process, with small retailers taking many years to finally upgrade. But it'll happen.

about two weeks ago
top

Does Learning To Code Outweigh a Degree In Computer Science?

Vellmont Re:False premise (546 comments)


  If you are still skeptical, I invite you to go to talk to HR and ask them what it would take to get entry-level job without a degree.

Not all companies have HR gatekeepers. HR is their to filter out job requirements. If the job requirements say "Or equivelent experience", that's your ticket. If there's no HR department (the case with many smaller companies), then that barrier is gone.

Bascially, I'm calling bullshit here. I've known many people, including myself with very successful careers in IT without college degrees. Please stop applying your experience to everyone.

about three weeks ago
top

Akamai Warns: Linux Systems Infiltrated and Controlled In a DDoS Botnet

Vellmont Re:JAVA (230 comments)


To me, that indicates a JAVA vulnerability, not a Linux vulnerability.

Right. Just like Nigerian 419 scams are conducted in English, so English is a vulnerability.

about three weeks ago
top

The Apache Software Foundation Now Accepting BitCoin For Donations

Vellmont Re:Why wouldn't they? (67 comments)


  For real business purposes, though, you'd be bonkers to accept bitcoins.

Bonkers like Newegg, and Dish Network? Both of which accept bitcoin.

about three weeks ago
top

Choose Your Side On the Linux Divide

Vellmont Re:My opinion on the matter. (826 comments)


This is exactly what I'm talking about. Yes, it has worked for years, and that's why you like it. You (we?) are now that "old generation" that I was referring to, and I'm not about to become a grumpy old admin.

Some things are basic to design. The design philosophy of Unix/Linux has nothing to do with technology, and everything to do with human beings. Technology changes, human being stay the same. I'm a developer now, and that same design philosophy is how people create good programs. It's the same human element at work.

Simple designs are really quite lauded across all of design. It's not just software. Complexity is what you get when you don't have any other choice. It's not really an old fashioned value at all. Einstein said "Everything should be as simple as possible, but no simpler".


Worked just fine. I also worked for vendor J, who used one big binary: rpd handles just about every routing protocol you can imagine. Is J bad and is R good? According to the market, J is doing very well, while R has been acquired and assimilated by a another company.

Well, that might be OK. From an admin perspective, what's the difference since routing is really routing. One binary is easy to deal with. If they architected the software in a sane way and devided the big binary into sane objects, it might even be easy to code as well. It makes sense because networking is networking. I just don't see the same thing being true for system services. Starting up services is ENTIRELY different from mounting a share. Why would you group those two functions together?

But really though you're judging the goodness/badness from the wrong angle. Which company is successful has zero to do with which is a better design. Success has as much to do with marketing, price, luck, branding, and golf outings as it does with the design. Deisgn is just a small part of success.

The question should be, which did YOU find easier to deal with, and which one do the software developers find easier to code and add new features to.

about a month ago
top

A Horrifying Interactive Map of Global Internet Censorship

Vellmont Re:Stop being such a drama queen. (158 comments)

a) the ubiquitous availability of information is a relatively new thing. Public libraries didn't even really exist until the latter 19th/E20th centuries. The internet is less than a generation old.
b) governments and power structures have controlled such information throughout the span of human history.

I'm not even 100% convinced that the ideal of universal access to information is an unalloyed good.

Nothing is pure good. Fortunately that's not the standard for good. Unfettered access to the Internet merely has to be better than government censorship of the internet. That's the real choice, not internet vs no internet. Unfettered access to information is one the founding principles of Democracy. Western nations have embraced this idea for around 200 years. Developing nations that aren't particularly democratic or are newly democratic are having to come to grips with this fact.

A country where the Government gets to censor what we see and hear can't function as a democracy. Democracy relies on the citizens being able to freely communicate. That can't happen under censorship. In the US the founding fathers reconized this because they were subject to a government that tried to control them. That's why the created the first amendment, and why other countries equally recongized this basic fact of a functioning democracy.

about a month ago
top

Choose Your Side On the Linux Divide

Vellmont Re:My opinion on the matter. (826 comments)

I don't think the seasoned admins will argue that systemd is bad because it doesn't follow history, they'll argue it's bad because it doesn't follow well established design principles.

(I'd also dispute that there really were a large percentage of Network engineeres who really disliked Ethernet. I heard some complaints 20 years ago from people who did real-time process control systems, but that's quite a small nitch.)

I've been doing Linux admin in some fashion or another for 20+ years, so in many ways I'm part of the "old guard". The argument about small being better, making programs that do one thing well, etc is a good design element that's worked for years. At the same time I've also often been bitten by the problem of having to port "yet-another-shell-script-for distributiion-X" problem that seems like it should have a more standardized way of doing things. So from a replacing init-scripts perspective, I can see the appeal.

I'm not heavily involved in administration like I once was, so I don't have experience with systemd as of yet. (My systems run Ubuntu or Debian, no RHEL7). With that said, the monolithic design and trying to do everything sounds like a major design flaw to me.

about a month ago
top

Ask Slashdot: Corporate Open Source Policy?

Vellmont Waaaay too general. (57 comments)

Your question is far too generalized. You don't mention what your product is, what your firm does, or what the risks you're trying to protect from. Nobody can give you any meaninful advice unless you provide real details. What is it you're afraid of exposing? What's the IP you're afraid of diluting? Is your company a 100 person shop, or a 10,000 person shop? It matters.

Those risks may be illusory, depending on what this code is. I've had a few project I'd like to release as OSS, but there's zero IP dilution and zero risk of exposing anything. Despite what people tend to think, code isn't a commodity. The specifics matter quite a bit. The only answers you're going to get with the information you provided are very generalized useless ones.

about a month ago
top

Oracle Hasn't Killed Java -- But There's Still Time

Vellmont Re:C is replaced (371 comments)

C has been replaced with C++, C# and Java.

In some cases, yes. But that doesn't mean C is dead or dying. It's just not as dominant as it once was. Languages are like living things, they compete with other languages for space. There's still a TON of applications written in C. The linux kernel is a major example. C isn't as dominant as it once was, but that's a natural development of diversity. Greater diversity doesn't mean the death of what was once dominant, only that what was once dominant fills a smaller niche.

about a month and a half ago

Submissions

top

Vellmont Vellmont writes  |  more than 7 years ago

Vellmont (569020) writes "I live in an apartment, and I've recently become enamored with the idea of turning my Linux server into a burglar alarm. The goal would be to provide the same features of a professional burglar alarm (motion detection, keypad de-activation and activation, and a loud alarm) plus some extra features that's easy for an internet connected computer such as paging alerts. Has anyone found hardware that can be fairly easily interfaced with Linux, as well as an open-source project that drives the alarm?"
top

Vellmont Vellmont writes  |  more than 7 years ago

Vellmont (569020) writes "Xname.org, a popular provider of free DNS hosting has been taken offline do to a distributed denial of service attack. Their website now reads:
XName is temporarily closed since 08:00PM CEST yesterday evening. We were experiencing the largest DDoS we ever had on both ns0 and ns1 IP addresses, forcing our upstream providers to cut off XName servers in order to preserve their other customers. We're working hard in order to have at least one DNS server answering ASAP, and we already negociated with a premium transit provider to host one of our DNS servers shortly.
Anyone relying soley on Xname.org for DNS hosting should probbably change their domain records to point elsewhere."

Journals

Vellmont has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>