Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!



Firefox 27 Released: TLS 1.2 Support, SPDY 3.1, SocialAPI Improvements

c0l0 Re: Sync (167 comments)

Yeah, I knew about that possibility before, but since the data to be stored on Mozilla servers was being properly encrypted on my device and in my client, I opted out of the usual "maintain my own infrastructure" chores that one time. Now, the "old" (read: current) Firefox Sync system is going away completely in the not too distant future, and you'll probably have to install some kind of add-on to keep your existing, self-hosted infrastructure functional. Meanwhile, I asked some Mozilla people/developers what the change was about, and how the new system is supposed to keep users' data confidential. The transcript of the IRC session is available here, on Debian's inofficial pastebin - enjoy! :)

about 7 months ago

Firefox 27 Released: TLS 1.2 Support, SPDY 3.1, SocialAPI Improvements

c0l0 Re: Sync (167 comments)

I switched over from Chromium to Firefox mainly because of how Firefox Sync worked back then - in the way that it encrypted your sync data with a secret that Mozilla would never know. Now, with the new sync that just requires a tuple of email address and password, I wonder what - if anything - they use to encrypt the data so they cannot know what I store there (which is a strict requirement for me to even consider any kind of "cloud"-y offering). Given that email/password is used for authentication and authorization only (I'm pretty certain they'll have a routine for users to "reset" their password...), I'm worried they'd left out the one thing that made Firefox Sync usable for folk concerned with privacy...

about 7 months ago

Ubuntu Community Manager: RMS's Post Seems a Bit Childish To Me

c0l0 Typical Canonical/PR bullshit. (529 comments)

It's not that I would expect anything else from someone who is a "community manager" (FOSS' modern-day equivalent to the appendix, in my opinion), but this "personal blog entry" is, of course, a steaming turd. I don't see RMS spreading FUD about Ubuntu, not at all. In fact, he makes it quite clear what they get, in his opinion at least, wrong, and why he sees it that way - and he leaves nothing about that "in doubt" or, in one way or anther, vague. Discrediting this kind of honest and up-front criticism as FUD, whilst he himself is weasling around the true motives (turn desktop users into dollar bills for Canonical's pockets) for the Amazon integration with all that hey-everybody-let's-disregard-that-and-feel-good sidetracking that's going on in that posting really makes me nauseous. "Better user experience", "creating desirable products", yaddah yaddah - yeah, fine and dandy, but trying to sell us this (in my opionion pretty crazy) add-on, that submits all the text I enter - be it to start a new program or open a document I stored - to a web service the users absolutely don't control, as an improvement for the good of the general public is not only ridiculous, but also demeaning to the intelligence of everyone who they expect to fall for the kind of "argument" Jono Bacon is trying to make on his blog. It's the FOSS-equivalent to the toolbar, or Bonzy Buddy "form filling" browser-add on from days of yore, that Windows users get shoved down their collective throats if they miss unchecking a box in popular "freeware" installation wizards these days, and everyone with half a brain can see right through that.

about 2 years ago

Firefox 20 Will Finally Fix Private Browsing Mode

c0l0 Finally! (186 comments)

That's one of the very few features that I'd always wanted Firefox to adopt from Chromium, and now it's actually happening - yay for Firefox 20. Can't be longer than a few weeks any more anyway; now can it? ;p

about 2 years ago

Hounded By Recruiters, Coders Put Themselves Up For Auction

c0l0 Re:Reminds me a contact from Google (233 comments)

A Google recruiter (from Google Ireland) contacted me a few months ago due to having found my personal website (which is in German, but transported the important information nevertheless, it seems - and yeah, he definitely HAD read my resume. That said, noone cared much about what I did or did not do with my current job, noone asked me to quit it before starting the interviewing process or anything downright crazy like that.), and asked if I was willing to do a phone interview. Sure thing, I said, and after passing the first interview, I did two longer follow-ups on the phone, and finally one just recently on site in Dublin (Google was nice enough to pay for the trip and accommodation, and Dublin is a very nice place that I had always wanted to visit anyway), and last Friday, I've been offered a very attractive position in their Site Reliability Engineering team due to all of this - so I do have first-hand experience with all stages of Google's interviewing process.

Almost everything I had to do in the interviews involved stuff you're supposed to learn when studying Computer Science at a university that deserves its name, and I think that's a very good and reasonable thing. I've always been a fan of the "concepts, not implementations/products"-kind-of-education. I think that's especially important at Google - their infrastructure is so vast and powerful and unlike any other in the industry that the overwhelming majority of people who take a position there won't have seen anything even remotely like it in terms of scale, and they will probably find very little there that's overly "familiar" to them: Most of the software you can get away with running at a small- to medium-sized IT shop, despite any glaring and maybe-no-so-glaring inefficiencies, will fall apart at the scale Google would need to have it work at, so they'll implement something on their own and run that to do that job. Read the GFS paper for one such (albeit a bit dated) example. That's where all that "bachelor's level computer science stuff", a nuisance that apparently, in the eyes of some, only inhabitants of ivory towers should be allowed to care about, comes in again. So I think it's perfectly reasonable and in their best interest to test for that kind of knowledge and skills in their interviewing process.

about 2 years ago

Firefox 16 Released: More HTML5 Support

c0l0 Now that summary is BS - at least in part. (133 comments)

"A number of HTML5 code has been 'unprefixed,' which means that Mozilla has decided it has matured enough to run in the browser without causing instability." - come on, how dumb is that? If there were a vendor-sanctioned CSS attribute or "HTML5 code" (or whatever, really) that was known to cause "instability" in one of the world's most widely-deployed and -used applications, trolls and/or crackers would make ABUNDANT use of that inherent weakness, prefixed or not.

Now, I don't know for sure how HTML5 "standardization" (if you can stomach calling it that...) actually works, but what I happen to have picked up is this: In reality, that kind of "prefixing" (extending the name of a soon-to-be-"standardized" identifier with a vendor-specific keyword) takes place because the vendor probably still works out implementation details, or isn't 100% sure if he wants to really do whatever the feature/thing is doing right now the way it is doing right now forever. It's some kind of "this is just a draft"-hint, like, for example, "X-"-prefixed HTTP and SMTP header data (used to be - they're abused for other, this-aint-in-the-official-standard-but-we-need-it-anyway-things today, of course). If using any of this causes the browser that implements it to crash or be otherwise unstable (and therefore potentially exploitable), that's a _grave_ bug, and certainly not something that any of the industry heavyweights (well, except for Apple and Microsoft maybe... hehe) would tolerate to occur in the wild for more than a few hours, until an appropriate patch is released.

about 2 years ago

Ask Slashdot: Open Communications Set-Up For Small Office?

c0l0 Re:NO, it is NOT. (224 comments)

I was not suggesting "crappy, low-end, unmaintained and undocumented piles of OSS whitebox dogshit" (torrents of foul language like that make me raise an eyebrow or two btw., esp. when you advocate the road to the mythical "stable", "proven" and "enterprise-ready" alternative in the next sentence...). But there ARE offerings that strike a sane balance between being based on standards that a multitude of vendors can implement and actually support, and come with enough handholding to get you off the ground without hickups. Check out the astersik appliances sold by elastix, for example.

If you're not going to research the offer you're buying into, you are going to have a bad time, period. You might as well spend two or three hours more to take stuff into account that isn't sold by gold-diggers who found their way into Cisco's sales channels in your area, and save boatloads of money when the first upgrade is imminent.

What I also find amusing is the notion that this kind of "OSS software" tends to become unmaintained and outdated, whilst you seem to suggest that proprietary software and solutions of that kind don't. The majority of large(-ish)-scale phone systems I know still rely on a Windows 2000 or even NT 4 server somewhere in a rack that noone wants to touch any more (or that, if you are lucky, has undergone P2V-surgery) that never receives any kind of updates or maintenance, but is of critical importance for call management, authentication, configuration, or any combination of all of the above. Yeah, that sounds super-sane to me.

about 2 years ago

Ask Slashdot: Open Communications Set-Up For Small Office?

c0l0 NO, it is NOT. (224 comments)

That kind of thinking is what leads to the very finest of vendor lock-in you could imagine down the road - and it's total bullshit. Investing a few hours of research and setup effort in a standards-based, transparent and reusable technical foundation for what is going to be the backbone of your company's communication both on the in- and outside for many years is definitely something to worry about - unless you have no problem whatsoever with buying your whole frickin' phone system all over again once you pick up the 11th employee, because the (cheap but proprietary) license and hardware you acquired when you started out "does not support more clients", or some such crap.

We just paid a few grand to extend our phone system from supporting <=50 clients to supporting 54 (and possibly more; even up to 70!!1!) clients. That's what you get from choosing the wrong solution in the first place, and if you let it become a vital component of your infrastructure - you'll have to stick with it and it will cost you dearly, because outright replacing it with a saner choice is always the more expensive one _in the short term_. Typically until the next forced upgrade cycle comes around.

about 2 years ago

Battlestar Galactica Community Game Diaspora Has Arrived

c0l0 Is that the game... (121 comments)

...that was (meant to be?) called Beyond the Red Line, or a different approach to making the BSG universe into an awesome space combat game?

(Downloading the source tarball right now, let's see how we get this into an unofficial Debian package...)

about 2 years ago

For work, I communicate mainly through...

c0l0 IRC, email (221 comments)

The hub of our communication at work is a really beefy machine running Debian GNU/Linux. Communication within the tech dept. is done mostly via IRC (our CEO is a really techy person), and email. Even some guys and gals from the Customer Relations/Editoral Staff, and the head of the Legal Department, are available via IRC at all times, which is neat. We also have a web-based issue tracker (that's controllable by email; developed in-house many years ago) that helps us keep track of things. It's pretty awesome - that kind of infrastructure is INCREDIBLY less frustrating than what we've had at companies I worked before (mainly Atlassian webapps that are all shiny and stuff, oh yay!!1!). Not as colourful and web-2.0-y perhaps, but it is fast and very much to the point. And very hackable, in the good, true meaning of the word. :)

more than 2 years ago

SJVN Tells How Reporting on Linux Has Changed in the Last 10 Years (Video)

c0l0 I filed that guy... (79 comments)

...under "absolutely clueless" a few years ago. Can't remember the specifics as to why exactly I did right now - I think it was related to some inflammatory bullshit "articles" about GNU/Linux on CNet or something, but I have no reason to believe I misjudged him back then. So I'll pass.

more than 2 years ago

Richard Stallman's Dissenting View of Steve Jobs

c0l0 Re:Stallman who? (1452 comments)

Agreed! With the last part of your posting, that is: emacs, hands down. :)

more than 2 years ago

OCZ Wants To Cache Your HDD With an SSD

c0l0 Not a novelty (189 comments)

Intel is doing the very same thing on their most recent "enthusiast" desktop chipsets.

For systems using the Linux kernel, there are software implementations of the very same block-level-caching-concept available - one I stumbled over is

more than 2 years ago

Book Review: The Python Standard Library By Example

c0l0 One problem with Python's standard library... (33 comments)

... is that it's there (and I think it's actually great and indeed vast), but it's of seemingly little use in "production" code. The aforementioned SocketServer, for instance - try asking in #python on freenode how to do this-and-that with it. Answer: ditch it, noone uses it because it's crap, use twisted instead. It seems like a solid chunk of the provided functionality is being dragged along for (mostly) historical reasons, as you're supposed to use some third-party library that doesn't come bundled with the Python runtime by default anyway if you want to do actual stuff with the language that's ready for "the real world".

I still like programming in Python a lot though, and I do make extensive use of the "batteries" it includes. Will probably pick up the book; thanks for reviewing!

about 3 years ago

With regard to software licensing ...

c0l0 Re:LGPL Rules! (215 comments)

The opposite of "free" (as in the GPL's definition of free) is not "commercial", but "proprietary". You can very well ask your customers for a licensing fee if you distribute your GPL'd program to them. If your product and especially the support and services around that dump of code and binaries are good enough, they'll probably give you what you ask for anyway.

more than 3 years ago

German Foreign Office Going Back To Windows

c0l0 That's only part of the story. (901 comments)

There were two studies conducted by McKinsey, that both led to the result that an Open Source/Free Software desktop was feasible and a strategy that is saving the AA costs, but the powers that now be seem to disregard any evidence that suggests sticking to the solution currently in place there, because someone from MS seems to be sending in black suitcases... it's disgusting.

On top of that, they're considering switching to Windows XP now, and to a Windows 7 and Office 2010 setup later on! Migrating platforms twice within two or three years (XP support ends in 2014, mind you). This is just utterly insane.

more than 3 years ago

Tribalism Is the Enemy Within, Says Shuttleworth

c0l0 Ubuntu is about Ubuntu, not about Free Software. (655 comments)

Strange how he speaks of "lifting Free Software to the forefront", whilst all he's _really_ doing is trying to lift Ubuntu to the forefront.

Mr. Shuttleworth apparently knows that "the internet doesn't forget", yet he (I assume it was him who heralded the changes made) chose to tone down the role of Free (as in freedom) Software in the "Ubuntu Promise" over the years in a very silent yet continuous manner, and led Ubuntu to act against some of the principles of the early (think 2004 to 2006 or so) days of the project; principles that I happen to value. Getting into bed with vendors of proprietary software in a way that doesn't benefit others in the Free Software eco-system is something I despise, for example: Canonical is actually getting proprietary AMD/ATI graphics drivers before anyone else gets them, probably under NDA or whatnot. I also don't like their "partner"-repository that contains nothing but proprietary software, and is advertised and presented as a Really Great Thing(tm), not as a sometimes (probably) necessary evil. I don't like how Ubuntu's more and more about doing "their thing" without contributing back to the upstream projects they base their product on, and how they actually try to differentiate themselves from their competitors by making technically bad decisions in the wake of all this (think client-side window decorations, and putting window controls to the left because of that - just doesn't make any sense to me). There were many other occasions on which Mr. Shuttleworth and Ubuntu chose to somehow, somewhat upset parts of the Free Software community, either by what they stated or what they did. I just don't think Mr. Shuttleworth is entitled to put Ubuntu under the banner of Free Software, at least not as it stands today. If someone on, or whereever else, is arguing against Ubuntu, it's just that: someone arguing against Ubuntu. It's certainly not an attack on Free Software.

more than 4 years ago

Linux Kernel 2.6.32 Released

c0l0 Llacking in terminology. (195 comments)

I'm not perfectly happy with the term "virtualization memory de-duplication". Linux 2.6.32 introduces what is called "KSM", an acronym that is not to be confused with "KMS (Kernel Mode Setting)" and expands to "Kernel Samepage Merging" (though other possibilities with similar meaning have already emerged). It does not target virtualization or hypervisors in general (and QEMU/KVM in particular) alone. KSM can help save memory for all workloads where many processes share a great lot of data in memory, as with KSM, you can just mark a region of memory as (potentially) shared between processes, and have redundant parts of that region collapse into a single one. KSM automagically branches out a distinct, exclusively modified copy if one of the processes sharing those pages decides to modify a certain part of the data on its own. From what I've seen until now, all that's needed to have an app benefit from KSM is a call to madvise(2) with some special magic, and you're good to go.

I really like how Linux is evolving in the 2.6 line. Now if LVM snapshot merging really makes it into 2.6.33, I'll be an even more happy gnu-penguin a few months down the road!

more than 4 years ago



Does an IT firm's internal IM usage affect your op

c0l0 c0l0 writes  |  more than 2 years ago

c0l0 (826165) writes "It's a seemingly recent fad in IT for everything to be migrated into the cloud. There is, however, one particular branch of technology where a hosted approach used to be the norm in the earlier days of the Internet, and where rock-solid do-it-yourself solutions have only emerged and spread out relatively recently: Instant Messaging. Many companies to this date are using the likes of Skype and ICQ for handling that kind of communication though, with all the strings attached to it: potential eavesdropping by those services' providers or even automatic transfer of copyright of any transported data to the IM networks' operators, amongst others.

I'd like to know how getting wind of an IT firm handling large chunks of its internal communication over such an IM network affects your perception of that firm — would you, as a potential customer, think it's an acceptable practise for the occasional excerpt of your data to be transported over any such network and applaud that firm for their cleverness in outsourcing the management of their IM infrastructure, or would you rather not deal with that firm on grounds mentioned above?"


c0l0 has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>