Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Comments

top

Inside the Facebook Algorithm Most Users Don't Even Know Exists

bonehead Re:Bubbles (130 comments)

Well, yeah, if you can maintain complete control over the information a person has access to, then, yes, over a period of time you could mold the way they think.

Nobody has that ability. Not the US govt, not the Iranian govt, and certainly not Facebook. "Reasonable and intelligent people" are able to recognize when they're being fed propaganda, and take it with the appropriate dosage of salt.

It's the idiots and morons that swallow it hook, line, and sinker. Obviously, that makes these people a very valuable target audience if you're running for political office.

about 2 months ago
top

Barry Shein Founded the First Dialup ISP (Video)

bonehead Re:Uh... (116 comments)

The best thing about AOL was that for several years, I never had to buy floppy disks. I could count on a reliable stream of free ones showing up in my mail box on a regular basis. Sometimes 2 or 3 in a day.

I was quite perturbed when they switched to sending their shit out on CD.....

about 2 months ago
top

Inside the Facebook Algorithm Most Users Don't Even Know Exists

bonehead Re:Bubbles (130 comments)

He said "intelligent and reasonable" people. And he was right.

It is, however, trivial to influence stupid and unreasonable people. And there is no shortage of those.

about 2 months ago
top

Least Secure Cars Revealed At Black Hat

bonehead Re:Bullshit. (140 comments)

That's why I said earlier in this thread that I have reinforced my belief that my next car will be a late 60's or early 70's muscle car.

Might not be as "green" as some would like. But it was built without any spy tech, and I could spot any suspicious crap that has been added on after the fact.

Not like today's models, which are basically just computers on wheels. Take out the factory radio to install a superior aftermarket model, and suddenly your heater doesn't work.

You can't tell me there's not a 3 letter agency behind that sort of retarded engineering.

about 2 months ago
top

Harvesting Wi-Fi Backscatter To Power Internet of Things Sensors

bonehead Re:Sponsors (138 comments)

Given our success in the "War on ...",

Given our success in the "War on Drugs", we should declare war on prosperity.

Given our success in the "War on Terror", we should declare war on freedom.

Seems like the only thing we accomplish when we declare "War on" something is to ensure that it will propagate and grow. /me declares "War on Giant Piles of Cash in my Bank Account".

(Oh, wait, I already won that war decisively. It was a scorched earth sort of thing. Recovery won't be possible within 10 lifetimes....)

about 2 months ago
top

Harvesting Wi-Fi Backscatter To Power Internet of Things Sensors

bonehead Re:Sponsors (138 comments)

If it is reflecting RF, it is in effect, transmitting.

Well, no. I see what you're trying to say, but... No.

Pretty much by definition transmitting and reflecting are different and separate things.

I suppose it's possible to reflect a signal that you also transmitted, but it would be pointless, since the reflected signal will always be weaker than the transmitted signal.

about 2 months ago
top

Harvesting Wi-Fi Backscatter To Power Internet of Things Sensors

bonehead Re:Sponsors (138 comments)

Like all those "... on a computer" patents...

And then those were all copycatted by "on the Internet" patents.

Which, in turn, are now being copycatted by "in the cloud" patents.

Everyone on the planet can see the absurdity of it except for a very select few morons. Unfortunately, it's those select few morons that we hire to work in the Patent Office.....

There was a time in my life when I believed certain things but was afraid to mention them, lest I be branded paranoid. Two decades having gone by now, it turns out I was actually unrealistically optimistic.

about 2 months ago
top

Least Secure Cars Revealed At Black Hat

bonehead Re:Bullshit. (140 comments)

Everything was fine until OnStar...

Well, yeah, now that I think about it, I'd have to agree....

There's absolutely nothing wrong with these systems in your vehicle being able to communicate with each other. I think most of us can agree that there are many benefits to it.

The problems only arise when the systems gain the ability to communicate to systems outside of your car. And especially when they can do it without your consent, or even knowledge. And OnStar was the first and most obvious example of that ability.

The first time I ever really noticed OnStar was back when it first came out. A buddy of mine was driving, and we made a stop and he locked his keys in. This was "back in the day" so I immediately started trying to figure out where I could get my hands on a wire coat hanger. He pulled a card out of his wallet, called an 800 number, and a few seconds later all 4 doors unlocked. My initial reaction was "Damn! That's fuckin' cool!"

About 10 seconds later I thought "Damn! That's fuckin' creepy!"

And now it's not just OnStar that can do that. Now cars have bluetooth and WiFi, so if it's not secure (and they don't build them with security in mind"), any smart guy with a cell phone and access to Google can do similarly creepy things....

SIDE NOTE: There's an alley at work where we all go to smoke (yes, I'm a smoker, get over it). On the other side of the alley is another company's parking lot. There are two nearly identical GM SUV's that park in that lot. One has a broken off OnStar antenna, the other has an intact OnStar antenna. All of us refer to the two vehicles as "the smart one" and "the dumb one".

about 2 months ago
top

Barry Shein Founded the First Dialup ISP (Video)

bonehead Re:Uh...try again (116 comments)

Don't forget about FidoNet :)

FidoNet was something different.

I'm not saying it's irrelevant to the conversation. Not by any means. It holds a very important place in history. But it was it's own, separate thing. It wasn't the Internet, and it wasn't the commercial online services.

In a way, it was the first "common man's" global network. Sure, the Internet existed, and ARPAnet before that, but for many years they were only available to the privileged few.

Fido Net was a way for a regular guy to use his computer to communicate with people outside of his home town.

Seems like nothing today. Back then it was a HUGE deal.

about 2 months ago
top

Barry Shein Founded the First Dialup ISP (Video)

bonehead Re:Uh... (116 comments)

IIRC, AOL didn't offer actual internet access until pretty late in the game.

VERY late in the game.

And when it finally happened, that's the day that the Internet transformed from something great into the ghetto of spam, scams, and ads that it is today.

And, yes... GET OFF MY LAWN!!!!

about 2 months ago
top

Barry Shein Founded the First Dialup ISP (Video)

bonehead Re:Uh... (116 comments)

As someone who moved away from BBS's to the Internet before there was such a thing as a "web site", I feel qualified to say that, No, AOL was not the first.

Back then there was no Firefox. We used gopher.
There was no Google. We used archie.
Even Mosaic wasn't around yet.
There was no "click here to download". We used ftp from the command line. And there goddamn sure as fuck weren't any Viagra ads.

You could freely post your email address online for the whole world to see, with no worries of getting on a spam list. It was a beautiful time.

Not only was AOL not the first, I feel comfortable and confident in saying that, by far, the darkest day the Internet has ever seen was the day that AOL unleashed its hordes.

about 2 months ago
top

Least Secure Cars Revealed At Black Hat

bonehead Re:Bullshit. (140 comments)

Yup. Are the brakes actually controllable via CAN though?

Old school brakes, like you'd find in a mid-70's muscle car? Nope.

Modern anti-lock brakes, that depend on computer control? You bet your ass they can be fucked with through the onboard computer.

I'm an old-school geek. I've been fascinated and excited by technology for over 40 years now. But in the last half decade, I've been noticing that we're growing way, WAY too fast. We're implementing things and putting them out in the real world as soon as we "can do it". We're not waiting until "we can do it safely".

It's consumer culture gone wild.

about 2 months ago
top

Least Secure Cars Revealed At Black Hat

bonehead Re:Bullshit. (140 comments)

Under the deal, all auto companies would make their diagnostic codes and repair data available in a common format by the 2018 model year

If I offer something for sale for the low, low price of $10,000,000, I have complied with the requirement to make it "available". Ain't my problem if you can't afford it.

Meaningful legislation would specify "make available at no cost", or at least set a cap on what they're allowed to charge.

Like the vast majority of legislation these days, this sounds good on the surface, but has too many holes in it to do anyone any good.

about 2 months ago
top

Least Secure Cars Revealed At Black Hat

bonehead Re:Bullshit. (140 comments)

CANN Buss which is very similar to old buss ...
CANN bus as soon as I got it. It was a nightmare. Parts of the dash didn't even work with the factory radio removed! I had to buy an after market CPU to plug into the buss to replicate some of the radios functions just so I could use a standard dinn mount head unit. All of this and the radio I got, that's not on the Buss, has more features.

What, were you playing Scrabble and got stuck with a bunch of extra 'N's and 'S's? It's CAN bus and DIN.

You must be very insecure and unhappy in your real life.

It's the only reason I can think of that you'd try to put down a very factually correct post based on a few irrelevant typos.....

about 2 months ago
top

Least Secure Cars Revealed At Black Hat

bonehead Re:Bullshit. (140 comments)

you type faster than me ;-)
I just said the same thing. lol
Also, CAN Buss is not new. It's been in Semis for a very long time.

Also, the people who write the software for this type of platform are, at least traditionally, much more concerned about available RAM than they are about security. In this arena, the old-school folks have always worked in an environment where isolation from the outside world was pretty much a given.

As such, even the fairly ineffective security measures that are in place on the Internet haven't even been considered for use in these types of systems. Attaching wireless capabilities to them was very foolish.

All thing's considered, this all just goes to reinforce my dream of owning a mint condition 1965 Plymouth Barracuda.

about 2 months ago
top

Ask Slashdot: What To Do About the Sorry State of FOSS Documentation?

bonehead Re:Read the source code (430 comments)

Damn, you just described the O'Reilly Sendmail book perfectly! (LMFAO)
It's an excellent reference for someone who knows a good amount about Sendmail already, but even as a fairly advanced admin I find it really convoluted in a lot of ways.

To be fair to O'Reilly, it's convoluted because it's about Sendmail.

No admin in their right mind would choose Sendmail these days. For a small installation with no budget, Postfix can do the job and is much simpler to admin. For a large installation, you either get the higher-ups to fork over the dough for CGP, or start firing off resumes.

In this day and age, being a sendmail admin == being a masochist.

about 2 months ago
top

Ask Slashdot: What To Do About the Sorry State of FOSS Documentation?

bonehead Re:Read the source code (430 comments)

Here is why FOSS docs are so nice to you, but proprietary ones are not: audience analysis.

Exactly. The OP gives himself away when he describes his computer use as a "home hobby".

As a pro, I much prefer the nice, succinct, "straight-to-the-point" man pages that you find with open source stuff than the tediously long novels that come along with commercial software.

I'm sure hobbyists would prefer a "for dummies" version, but I just don't have the time to read 30 pages of rambling bullshit just to figure out what the "-x" command line option does.

Personally, I think OSS documentation is, for the most part, exactly what it should be.

Alternate answer:

Docs for commercial software are written by professional "technical writers". Many of them paid by the hour. ALL of them incapable of understanding the details of what they're writing about. Their job is to describe the software to the least common denominator. Many times, the person writing the documentation IS the least common denominator, and couldn't make good use of it to save their life. What they do understand, is that the more words they put in the doc, the bigger their paycheck. So you end up with 750 pages of bullshit that doesn't actually explain how the program works.

OP should fire up a Linux system and type "man rsync" and "man bash", read them top to bottom, and then ask himself why his own inability to comprehend that excellent documentation leaves him thinking that OSS docs aren't up to par.

about 2 months ago
top

In First American TV Interview, Snowden Talks Accountability and Patriotism

bonehead Re:How does one determine the difference... (389 comments)

Any solution is better than no action, even if it may be the wrong one (almost).

The fact that so many people sincerely believe this is a major underlying cause of most of our problems.

Making things worse is most definitely NOT better than leaving things alone.

I agree that things need to change, but care should be taken to ensure that they actually change for the better. It's foolish to advocate change for change's sake.

about 3 months ago
top

ICE License-Plate Tracking Plan Withdrawn Amid Outcry About Privacy

bonehead Re: Driving is a privelege, not a right. (152 comments)

As if anyone gives a fuck where you drive.

That's far too simplistic a way to look at it.

The problem isn't anyone wanting to know where people drive. The problem is what happens when you combine this database with a few others, and the analytics that are possible.

Do some research. The level of detail of a persons life that they can identify from these "harmlessly tiny bits of information" is staggering.

about 7 months ago
top

Why Is US Broadband So Slow?

bonehead Re:it's not that slow (513 comments)

And No, your VOIP should not have QOS priority over my downloading a debian DVD.

Of course it should. VOIP is time sensitive, your iso download is not. There is a debate to be had over whether that QOS should come with an extra charge, but it should absolutely be an option. And VOIP is pretty low bandwidth, giving it priority over your download is probably going to make the difference between getting your iso in 10 minutes 53 seconds VS. 10 minutes 57 seconds.... Not really enough for anyone to throw a fit over....

The real problem is last-mile providers being monopoly providers, therefore so stingy in making prudent upgrades to the infrastructure that everything is constantly pushed so close to the limits that stuff like this start to make a noticeable difference. On an intelligently designed and provisioned network, time-sensitive traffic could be given all the QOS priority it needs without you every noticing a difference.

about 7 months ago

Submissions

top

Can you put an honest man in charge of your network security?

bonehead bonehead writes  |  about 2 months ago

bonehead (6382) writes "So... For a while now I've been pondering this question.

At my current job I work with a team of 6 other sysadmins. They're all very talented, and all have several years of seniority over me.

One guy, in particular, has taken a very strong interest security lately. And he's been working very, very hard to harden the security on our servers. He's a very honest, and seemingly religious guy (religious in the "golden rule" way, not the "jihad" way. His "good, honest guy" credentials are unimpeachable). While his heart is definitely in the right place, his approach is not. Every measure he takes simply makes things more inconvenient for legit users, and will, unfortunately, do nothing to deter a real attacker. My efforts to argue the point with him fall on deaf ears. (He's also very talented, and as many talented geeks are, hesitant to consider that he might be wrong....)

Me, on the other hand, well, let's just say I've never been an angel. About 15 years ago I decided that being on the straight-and-narrow was the way to go. Not out of any moral sense of duty, mostly as a result of having a personality that is incompatible with incarceration. But when I was young and dumb, well, like I said, not an angel.

What I've noticed is that when news of a new exploit becomes known, my fellow admins jump right into thinking "we should firewall that port" or "maybe we should shut down that service". In other words, extreme answers. Myself, on the other hand, my first thought is "ok, how could I exploit that", followed up by "if I tried, what would trip me up"? Invariably, my answer would prevent attacks while minimizing inconvenience to legit users, but I get outvoted, on grounds of seniority, by admins who favor solutions that cause much more inconvenience for legit users, while not actually hindering the bad guys.

Moving ssh to a non-standard port? Eh, not necessarily a "bad" idea, but if I'm determined to get into your network there are a couple things that come to mind. First, I'll find that port anyway. Tripwire won't save you. Second, ssh probably wouldn't be the attack vector I'd choose. So, it's both ineffective and inconveniences legit users. (I won't even get started on the fact that we ban ssh keys on public facing servers, and require passwords instead.... )

So, after that long-winded mess, my question is this: "Can you really defend yourself against the bad guys if you're not capable of thinking like they do?""
top

Rejuvenating a stalled IT career.

bonehead bonehead writes  |  more than 6 years ago

bonehead (6382) writes "First, a little background. I've been working for the same small company for about 12 years as a one-man IT department. I took this job after becoming completely burned out with the corporate politics that seem to infect all large companies, and it's been a great job. My salary is a bit less than what I could make elsewhere, but I consider that to be a fair trade due to the relaxed atmosphere and fairly stress-free environment I've enjoyed over these years.

The problem is that our core business is part of an industry which, as a whole (i.e. not just my company) is now becoming obsolete due to advances in technology. My pleas to expand into other areas 5 years ago went unheard, and now that the situation is clear to the owner, the revenue just isn't there anymore to do much expanding. My personal prognosis is that we have about 2 years left before we're forced to turn out the lights and shut the doors for good.

I find myself in a bit of a bad situation when I consider future job prospects. Being a one-man IT department, I've become something of a jack of all trades, master of none (well, maybe a few). I've had opportunities to do a wide variety of work, and have done it all well. System administration, e-mail servers, file servers, backup systems, networking (mostly Cisco equipment), VOIP implementation, and programming (C++ and Java mainly), and a bit of network security, just to name a few. I've also done a bit of web development, and while I can crank out the PHP code for the backend, aesthetics aren't really my thing. The problem is that I've done such a wide variety of work, that I can't really walk into a job interview and honestly call myself an "expert" at any of those things.

Not a pleasant place to be at 38 years of age.

Given that I have a year or two before I need to move on, I feel that I have time to pick an area, acquire the necessary expertise, and salvage my situation. My question for the Slashdot community is, in the current IT job market, which skill set should I focus on? My original goal when I went to college was to be a programmer, and if I choose that route, what language would make me most marketable? Or would I be better off to pursue Cisco certifications and focus on networking? Or something else?"

Journals

bonehead has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?