×

Announcing: Slashdot Deals - Explore geek apps, games, gadgets and more. (what is this?)

Thank you!

We are sorry to see you leave - Beta is different and we value the time you took to try it out. Before you decide to go, please take a look at some value-adds for Beta and learn more about it. Thank you for reading Slashdot, and for making the site better!

Comments

top

OpenSSL To Undergo Security Audit, Gets Cash For 2 Developers

atomic-penguin Re:Something needs to change (132 comments)

It's probably tax deductible too.

No, the OpenSSL foundation is a for-profit consultancy whose primary business purpose is US government FIPS support contracts.

about 5 months ago
top

OpenSSL To Undergo Security Audit, Gets Cash For 2 Developers

atomic-penguin Re:OpenSSL and what else. (132 comments)

I don't have an Ubuntu/Debian box at my disposal at the moment.

You could try

apt-cache search mod_nss

or

apt_cache search mod_gnutls

though. It would probably be named some variant of that.

about 5 months ago
top

OpenSSL To Undergo Security Audit, Gets Cash For 2 Developers

atomic-penguin Re:OpenSSL and what else. (132 comments)

The issue that I find, is that OpenSSL is the only Open Source Player out there.

But It is not the only SSL/TLS game in town. There is also GnuTLS and Network Security Services (NSS).

about 5 months ago
top

Red Hat Acquiring Cloud Storage Company Gluster

atomic-penguin Re:Pot calling kettle (34 comments)

So OpenStack is a hypervisor independent private cloud API. Its corporate backers include Rackspace, NASA, and Dell. There is a similar competing product called CloudStack, by Citrix. The Citrix CloudStack team has integrated a number of OpenStack components into their own product, and have contributed code back to OpenStack as well.

As far as I know, RHEV does not compete with either of those products head on. RHEV is for managing kvm, and maybe xen, hypervisor(s). It is primarily a management frontend for RedHat's supported hypervisors. While CloudStack and OpenStack are Amazon-like private cloud APIs which support a number of different vendors' hypervisors.

more than 3 years ago
top

Science Fair Entry Shuts Down Airport Terminal

atomic-penguin Re:Private Property (380 comments)

I think that is a rather narrow view of libertarianism. It really has nothing to do with the central point of the parent's or grandparent's post. Neither poster ever brought up libertarianism to begin with.

The parent post was countering the grandparent's point using extreme hyperbole.

As it has been pointed out by, both you and I, the airports in question are public property.

Please, try not to over-generalize and lump an entire political movement in with the ignorant viewpoints of the grandparent poster.

more than 3 years ago
top

Science Fair Entry Shuts Down Airport Terminal

atomic-penguin Re:Private Property (380 comments)

Airplanes are private property. If you don't like what they do, don't set foot on their property.

Airports that deal with commercial travel, are public property. Those public airports may be owned by the state or other municipalities, and make up the largest percentage of airports. These public airports are where the constitutional rights are being surrendered by US citizens to US government officials, whom the citizens are supposed to be expressly protected from in their constitutionally granted rights. There are privatized airports and chartered commercial flights, that is not what we're talking about.

The airlines are not suing the government to stop the TSA, so by implication they are happy with the arrangement.

The airlines are not the victims. The state of Texas tried to do something about it, and the Department of Justice threatened to make Texas a federal "no-fly" zone (See: TSA vs Texas).

You don't HAVE to fly. There are other means of transportation.

Its the most reasonable form of long distance inter-state and international travel. Certain people who travel for work may only be able to travel in a reasonable amount of time by flight, not because it is a matter of personal choice.

When you board an airplane, you trade your constitutional rights away in exchange for the convenience.

There is no provision or asterisk, in the letter of the law, that one shall only have their constitutional rights some of the time, or when its deemed convenient.

You do the same thing when you drive a car, you trade away many constitutional rights when you climb behind the wheel and go out on the public roadway. Again we do it out of convenience, the loss of rights has much lower value than the utility of transportation. For example, the police can ask you to get out of your car and take a sobriety test. There is no way that the police could do this to you if your were in your own home.

Probable cause does not mean you waive your constitutional rights upon entering/operating a car, its a reasonable discretionary stipulation in the law. Many states even have laws in place to pre-announce holiday sobriety checkpoints to the public, so as to not egregiously violate constitutional rights.

more than 3 years ago
top

Massachusetts Lottery Broken

atomic-penguin Re:How do you physically do it? (376 comments)

The gamblers involved have companies set up to split the pot and probably to pay the taxes on the winnings. So the accomplices (ticket buyers) each have some quota to buy from some lottery vendor. The company, or individual ticket buyers, may have an agreement with a lottery vendor so they can monopolize the lottery machines once a quarter. Likely the more tickets they can buy at once in the beginning of the exploitation period, then the better the odds for their high payout. The odds are most in your favor by getting a bulk of unique numbers all at once.

The company selling tickets takes a 5% cut of the ticket price. So how many of those companies are going to turn down several thousands in profit today, to let me tie up their machine for a few hours to print 100,000 tickets? In the article they refer to a couple who bought 614,000 tickets over a three day period from a couple liquor stores, a profit of $5,000 per day for each liquor store at $2 a pop. One of the liquor stores sold only $47 worth of tickets the day before that couple arrived.

The gambling company has access to public information about the lottery so they could re-model how many tickets to buy based on the payout they expected, and how many lottery vendors will cooperate.

more than 3 years ago
top

The Humble Indie Bundle 3 Released

atomic-penguin Re:Linux users the least cheap? (158 comments)

I think thats the crux of it. As a Linux IT professional, I spend a great deal of time writing complex software. A lot of the Mac crowd I personally know are either in the same Sysadmin specialization as myself, or are proficient in graphic design and web development. Either way, that type of user is a completely different demographic than the casual Windows user who likely has no interest in software, or the system itself.

As far as digital entertainment goes, I'd say the average Mac user is better served with the Apple store and the introduction of Steam to their platform than the average Linux user. I mean, sure we have games on Linux and have for years. However, its still a vastly under-served market by comparison to Windows/Mac users despite Linux making up a smaller percentage of desktop computer use. The original organizers of the Humble Bundle, Wolfire games, have a couple interesting blog posts about the effective size of these under-served markets. What I find interesting is seeing nearly the same purchasing stats for *each* humble bundle when the only advertising is word-of-mouth blogs and social media.

more than 3 years ago
top

The Humble Indie Bundle 3 Released

atomic-penguin Re:Linux users the least cheap? (158 comments)

Its called an over-served market, that is Windows gaming.

Does it not make logical sense that an over-served market with millions of mediocre games would pay less dollars? As opposed to under-served markets whose only choices are either, just a few natively developed games, or games known to work with the assistance of wine.

Is that not the basic gist of supply and demand? There is an over supply of Windows "PC" games, the over-served market can only afford to buy some of the entertainment available to them. There must be something like a hundred new games on Steam, available for Windows only, every month. On the other hand, you have an under-served market of highly technical users who likely make a professional living from their primary OS of choice (Mac or Linux). The demand in that particular corner of the under-served market is greater than the supply of quality entertainment.

more than 3 years ago
top

Sun CEO Explicitly Endorsed Java's Use In Android

atomic-penguin Re:Dalvik VM - clean-room? (204 comments)

Well there was two issues initially.

First of all, the source file contents/code has nothing to do with patents. A patent with regards to software covers the function of the software, not the code itself. There is no alternate way to describe a function to sidestep a patent. Oracle initially submitted 132 patent claims, and Google brought hundreds of prior art references to counter these. The judge whittled the number of claims down to 3 and allowed Google 8 prior art references, so as to have a more reasonable number of trial claims. Clean room implementation won't sidestep patent infringement. The only outcome is whether, or not, these 3 patent claims are in fact valid. Also Google could potentially get a ruling that this was "willfull" infringement meaning the damages would be increased just by Google knowingly infringing upon said patents.

So the other issue was copyright infringement. The story is that some unit tests to verify whether some given code is compliant/compatible with the Java standard, were accidentally committed to the public Android repository. Sun rightfully had a restrictive copyright on this code, so there is really no question about infringement on this issue. It really doesn't even matter that the code never shipped to a production Android device. Its a clear-cut case of unauthorized re-distribution of copyrighted material. Google couldn't get out of this one, and will pay a minor damages fee. I think the maximum is $30,000 if it was unintentional, or $150,000 if it was willful infringement. Really, this thing happens all the time. Especially within Open Source, infringing parties are given a chance to correct such mishaps before it ever sees a court room. Most of the time this kind of thing is dealt with in an amicable manner, because it rarely is intentional by the infringing party or damaging to the copyright holder.

more than 3 years ago
top

How Long Will Oracle Stick With Open Source?

atomic-penguin Re:Oracle bought Sun for MySQL (80 comments)

Oracle XE is a loss leader, not a product. You know thats when you get a taste for free, but it'll cost you an arm and a leg the first time you get some undecipherable ORA-XXXX error. You get a version of Oracle Database limited in a number of ways, XE may legally:

  • execute a single instance on a single 32-bit CPU
  • allocate a maximum of 1 Gb of RAM
  • store a maximum of 4 Gb of data

XE is a free for development use, not production use, version of Oracle Database. It can be used by developers, and educators or students for educational/training purposes. Its also licensed for use by Independent Software Vendors whose product fits within these restrictions and this small footprint.

more than 3 years ago
top

World IPv6 Day: Most-watched Tech Event Since Y2K

atomic-penguin Re:Why only HTTP servers? (243 comments)

I'd say for most organizations, the public-facing corporate website breaking is less of a big deal than if all e-mail routing ground to a halt for a day. Not that this was likely to happen today.

HTTP is also an easier IP application to troubleshoot than say SMTP, DNS, or even and routing at layer 3. When troubleshooting effectively, you make small changes then observe the effects of the change. Which is really the next reason not to test SMTP on IPv6 today...

Participants aren't just testing HTTP servers today. Someone also had to keep a close eye on DNS infrastructure, and network layer 3. I have seen Cyrus IMAP Murder clusters failing to replicate with link-local IPv6 turned on in DNS and on the IMAP servers, while IPv6 was disabled at network layer 3. That tends to back up mail routing real quick, when something like IMAP services do not function as expected. Its nearly impossible to troubleshoot a situation like that, mail routing is backed up, DNS queries all seem to work, and then you have Cyrus spewing weird incomprehensible error messages which might lead you on a red herring troubleshooting hunt. I am sure most participants do not want a shit-storm to deal with today, just by throwing mail services into the ring.

So our own organization turned on IPv6 at layer 3 on a few isolated VLANs a couple months ago to test everything out-of-band in a lab environment. We learned a few lessons like what exactly NDP (Network Discovery Protocol) does in IPv6, and how to firewall an IPv6 Linux server. The ICMPv6 rules are drastically different than the equivalent on IPv4, because you're supplanting ARP with NDP for the most part. Gradually we turned on IPv6 in the production DMZ VLAN. Then turned IPv6 on for one external DNS server and the corporate website, observed the effects for a day and made adjustments. Then finally turned IPv6 on for the remaining external DNS servers. At which time, it was discovered our TLD doesn't fully support IPv6 DNS glue yet, despite them being a fairly early adopter of technologies like IPv6 and DNSSEC.

Today was about testing the waters by sticking a toe in, not diving in head first to a pool with only 3 inches of water. Events like today's puts pressure on hardware vendors, major ISPs, and application vendors. It would be great to be able to dump some network stats for my IPv6 interfaces on the DNS boxes, although our network monitoring systems don't quite fully support IPv6 yet. There really isn't a good way to differentiate DNS or interface stats between IPv4 and IPv6, yet.

I kept some pretty thorough notes on IPv6 Linux configuration for anyone who hasn't had a chance to play with IPv6, yet, link here.

more than 3 years ago
top

Linus on Linux, 20 Years In

atomic-penguin Re:Ethics (197 comments)

No, you're confusing ethics with moral. Morals are for the most part black and white, these are principles and values that remain consistent and universal across race, nationality, and religion. Something like "do no harm to others" is a moral principle.

Ethics, on the other hand, is an entirely different branch of moral philosophy. In a sense, you could say ethics are moral principles practically applied to situational circumstances, particular world views, or as you put it a particular social context. Ethics are where you find the shades of gray which people tend to see things differently, depending on the situation and context. For example, someone might subscribe to the ethical philosophy that you shouldn't do harm to others, but it may be ethically acceptable to harm in the context of curtailing some greater evil, or harm.

So why is it that Linus should have to subscribe to the Free Software Foundation's ethical standards? More specifically, why should he have to subscribe to the FSF's ethical objections with regard to tivo-ization and DRM clauses in the GPLv3?

more than 3 years ago
top

Red Hat Nears $1 Billion In Revenues, Closing Door On Clones

atomic-penguin Re:Red Hat certification classes cost a small fort (201 comments)

If you round off their 2010 income numbers, subscription income totals to $639 million (85.3%), and training service income totals to $110 million (14.6%). That is all on page 40 of their 2010 Annual SEC (10-K) filing. The subscriptions had a 93% profit margin, and the training had a 36% profit margin this year. Which makes sense, I imagine training services cost quite a bit, you would probably have equipment and training material costs, as well as trainer's salaries. Then, at least some of the time, there would be travel and hotel costs incurred for the trainers themselves, anytime they are training groups.

According to page 48 of the same report, they spent $272 on sales and marketing, which the fancy training mailer pamphlets would fall under. However, that would also include expenses from sponsoring Open Source conferences under the same line item (its not all wasted on those fancy pamphlets).

Research and Development I imagine covers salaries for Kernel and subsystem developers. R&D costs total $148 million. Administrative costs were $104 million. According to the 10-K report, they have 3,000 employees globally.

Total operating expense for 2010 was $534 million, once you have tacked on taxes the Net income comes to $87 million.

There is a lot of boring stuff in SEC filings, most always something interesting to learn from them though. If you really want to find out what a company is all about, there are some interesting details, a lot of it is in there. It explains in brief detail what each line item in the Balance Sheets and Income Statements actually mean in mostly plain English. Plus, the executive summary gives you some insight into their management's frame of mind, business model, and strategies.

more than 3 years ago
top

Does Android Have a Linux Copyright Problem?

atomic-penguin Re:Yet Again (292 comments)

I think I've seen a few non-anonymous Florian Mueller articles.

But my thoughts exactly. Why are anonymous article submissions allowed? Why wouldn't the submitter put their own username on the submission?

more than 3 years ago
top

Blogger Fined $60K For Telling the Truth

atomic-penguin Re:From another point of view (433 comments)

Don't know the employment law in Minnesota, but depending on how faculty/staff are classified (either state, or for-profit research division of the Uni.), I would think that the University would be liable for unfair termination. That is if Jerry Moore was not guilty of some legal or ethical breach of conduct, the University would be liable for unfair termination of a classified state employee without due process (hearing his side of the story). On the other hand, if he was an at-will research division employee then any perceived ethical breach could legally lead to a quick termination, and he doesn't even have to be guilty of any misconduct.

There is an off-hand comment in the story about the Westboro Baptist Church, and while that is a shallow comparison for the blogger in question, it does bring up a good point. We let those scumbags get away with their "protests" at military funerals in the name of freedom of speech. Freedom of speech does extend to the press when the reporting is based in fact, and is not libelous. Its a tiny bit hypocritical to not extend the same courtesy to a blogger, even if the blogger in question is just as much a scumbag. Briefly perusing his blog, he does seem to have a bone to pick with this guy. However, if you start putting conditions on freedoms, where do you justifiably stop?

I agree with you on two points, however. If the University fired Jerry Moore merely to save face (rather than some breach of ethical conduct prohibited by his employment contract) then that is wrong. In my opinion, that is the University's liability not the blogger in question. Also, 12 jurors agreed on this and anybody now reading this, only has some of the facts. Without having all the facts, I would like to place some confidence in a jury. Despite all the faults of the justice system, jury trials are one of the most direct ways to participate in government and actually test the law, more so than voting for representatives.

more than 3 years ago
top

Reminiscing Old School Linux

atomic-penguin Re:Old School Linux (539 comments)

I may have done (or at least attempted) an install of Slackware around that time direct from CD-ROM (w/ boot & root floppies). I distinctly remember having to RAWRITE more than just the 2 floppies, though. It could have been that I couldn't get my root disk to read from CD, or it may have just been not knowing any better. It is briefly mentioned near the end of the INSTALL.TXT in that release that it was possible. However, it would have been easy to glance over, and miss that part. The file does however stress the point several times, that you can install from: NFS, hard disk, or floppy.

From the INSTALL.TXT:

There are other means of installation, such as CD-ROM. These should be self-explanatory as well.

more than 3 years ago

Submissions

atomic-penguin hasn't submitted any stories.

Journals

top

Page 23, 5th Sentence

atomic-penguin atomic-penguin writes  |  more than 10 years ago

Page 23 of Nearest Book...

Grab the nearest book. Turn to page 23. Find the fifth sentence. Post the text of the sentence in your journal along with these instructions.
 
I have two books next to me, both I just finished reading:

"Documentation/CodingStyle is amusing reading and a mandatory lesson for anyone interested in kernel hacking."
          --Linux Device Drivers (2nd Ed.)

"They look at you and see you as a badge of pride, because they were able to circumvent the law and have a Third."
          --Ender's Game

Slashdot Login

Need an Account?

Forgot your password?