top Buying New Commercial IT Hardware Isn't Always Worthwhile (Video)
Is it really still like this? I remember this was an issue 8 years ago... I would have never thought it was still like this.
top Preventative Treatment For Heartbleed On Healthcare.gov
All part of the Fed Ramp program.
Probably one of the smarter things the government has done.
top In a Hole, Golf Courses Experiment With 15-inch Holes
BS... for one thing you can get into cycling paying from the $800 - $1200 range and get a pretty decent setup. Even if you spend more (in the $2-3000 dollar range) you can get a really nice set up. Of course if you wanted to buy a used bike then all these numbers would drop. If I bought cheap used clubs for $200 (not really fair because I am looking at crappy used clubs vs. a decent bike). The cost of entry would be lower, BUT you are forgetting one very important thing. I can use my bicycle as must as I want for free after that initial cost. Golfing costs me money every time I want to go play ranging from $8-10 to hit golf balls to $40+ to actually play at a real course. A well maintained bicycle will last at least 8 years even riding it pretty hard.
$2000 for bike
$300 for clothes, shoes
$200 for maintenance (if you are able to do it on your own this would come down)
5 year total cost = $3300
$200 for used golf clubs just to go with your scenario
$750 for 15 rounds of golf at $50
$240 for 30 set of balls at a driving range $8
5 Year total cost : $5150
Keep in mind that with bicycling I can ride 3+ times a week. I would also argue that cycling is a better workout as well. Your crazy contrived situation is absurd. I am in a group with a number of people and all their bikes range from $600 to maybe $2000. Some of the bikes are well over 15 years old and none of us really care. The only reason you need to spend that much is if you are a) a professional or b) need to keep up with the Joneses.
top Ask Slashdot: System Administrator Vs Change Advisory Board
Buy something like Tenable Nessus or Rapid7. Make reports very easy and works across Windows, Linux, Cisco, etc. If you get Security Center it will track changes over time and you can see trends over time with patching.
top Interview: Ask Theo de Raadt What You Will
I know there is systrace, but that really isn't what I am looking for. Will there be plans to have a proper auditing daemon be able to monitor system calls in a log file? Being security centric, I would think this would be something high on the list. I know it puts a lot more load on the system and may be difficult for smaller systems, but auditd logs are considered good practice in Linux and FreeBSD. Any chance this will make it into OpenBSD at some point?
top FreeBSD Developers Will Not Trust Chip-Based Encryption
Oh ye wise and knowledgeable anonymous coward. Pray tell how would like them to store the key to verify the server on another system? If they break into your system as root who the heck cares that they can now masquerade as your system? They already have access to YOUR system so what more damage can they do by man in the middling you as well? Tell us what you would do to fix it and what benefit it would provide.
$120K is also an exaggeration. Very few people are making that kind of money in DC. *Source: I have been working in the area for a number of years.
top Ask Slashdot: Best SOHO Printer Choices?
With my family it was the opposite. We printed so little that all our cartridges would dry up. The cartridges generally only last about a year assuming you don't use them up before that so we would print maybe 100 pages/year and then need to buy $70 worth of cartridges which comes to $.70 per page. An outrageous amount.
With toner I bought an all in one networked with a duplexer (black and white) for $150 and the starter cartridge will probably end up lasting us years therefore in a little over two years the printer will pay for itself. I can get refilled cartridges for about $30 that supposedly last 3K pages. Even if I buy the OEM cartridges that last 3K pages I will probably never have to buy a cartridge again at our current rate of printing before the printer breaks.
top Ask Slashdot: Best SOHO Printer Choices?
Canon All in one. The printing works easily in Linux. You install a driver and it just works in Ubuntu. I never got the network scanning to work in Linux though. Works well in Windows as well. I don't use the wireless option (it is hard wired into my network). I have heard people complain about the wireless strength in reviews.
top Book Review: The Practice of Network Security Monitoring
I personally have an oscilloscope hooked up to my network as an IDS. I have been staring at it for 3 days straight now as my co-worker has been off. Still haven't seen any computer attacks yet, but I will be ready!
top Tiny $45 Cubic Mini-PC Supports Android and Linux
You can connect into the serial port (same cable as most phones use) and then use putty to serial in on the 2 higher end devices. It is very nice and works well. You can also use SSH once it is all set up. I have the older unit.
top Tiny $45 Cubic Mini-PC Supports Android and Linux
I have their older 700MHz unit (single core) 2 GB of memory I bought not too long ago (of course, that is how it always works). So far the unit has actually exceeded my expectations and is a lot of fun to play with. For me I wanted something that I could install Kali Linux on (the successor to Backtrack Linux) to do some simple type attacks on a network (I teach part time at a community college an information security class).
First what I don't like:
The shipping comes for Isreal. The price of shipping is $30 which raises the cost of the product.
That they came out with a new one shortly after I already bought one that includes a lot of features I wanted.
What I like:
They have this thing called u-boot which is pretty slick. You stick a file on a usb memory stick and stick it into the top USB port. Connect the ethernet and then boot up and it asks you what OS you want to install. You can select Ubuntu, Opensuse, Fedora, XBMC and a bunch more and it just installs them to the SD card. Very slick.
It has the ability to serial into the unit so you don't have to set up a mouse, keyboard and monitor to install OSes. Works in Linux and Windows (with putty fine).
I can then do SSH X forwarding really easy from the network if you want a GUI.
I have been able to run a slew of python things on it and the performance is reasonable. I really have been having fun with it.
top Amazon Angling For Same-Day Delivery Beyond Groceries
My favorite example of this is Best Buy. Best Buy online now has prices that sometimes beat Amazon, particularly on games but their stores do not. I went online and saw Best Buy had and item for $30. Went to the store and it was $40. I was then told that Best Buy doesn't price match their own website, wtf? So from my phone, I ordered it and did the pick up from store option. Told the person that I got it online and they went back retrieved the item for me and I walked out paying $10 less.
top T-Mobile Wi-Fi Calling Was Vulnerable to Trivial MITM Attack
This vulnerability is in a TON of software. Python 2.X (which most people are still using) doesn't even allow you to verify the CN without adding a bunch of code to make it happen yourself.
Most APIs allow you to do it both ways, but I think it is time that they stop making it optional. If you want to use SSL, use it properly otherwise it isn't worth wasting your time with it.
top White House Urges Reversal of Ban On Cell-Phone Unlocking
T-mobile is rumored to be doing just that. They already kind of do with their value plans and having you bring your own phone. We switched to it recently from Verizon and bought two Nexus 4 phones. I have calculated that if I keep the same phone for three years which I feel is reasonable we will have saved $1200 over the three year period. The only issue is we had $750 to lay out up front which most people probably don't have. Our new plan has 1000 minutes which we will never touch vs. Verizon's unlimited and 2GB per phone vs 2GB shared on Verizon (which we probably would have broken that mark occasionally). So far the coverage has been fine but we live in a major metropolitan area so I have no idea what it it is like outside of that.
top Ask Slashdot: What Video Games Keep You From Using Linux?
The real question should be... what games do you want now, and in the future. Just getting all games to work that I want now doesn't really help me when Awesome cool game 15 comes out and I really want it.
This is coming from a person who has been using Linux for years.
about a year and a half ago
top Ask Slashdot: Should Developers Install Their Software Themselves?
When the developers leave and their is no documentation and the thing blows up... No one will know how it works. With handing the product and the documentation off to someone else this provides a final check on the documentation to ensure that the documentation doesn't suck. Developers tend to intimately know their product well and therefore will be likely to leave out steps in the documentation, because they know how to do it anyway. I have seen this a number of times. When they leave it takes reverse engineering to figure out what was done. I am a big proponent of documentation. Here is how I think it should be done:
-Development happens where they are able to test using a test environment
-Developers hand off everything to the System Admin (SA) who will install it. They then install it on a test environment as well.. If there are issues found work with the developers to solve the issue, correct the documentation and proceed to step 3.
-Install in production.
The only issue with this is step 1 and 2 can sometimes become filled with accusations. SAs think the product sucks and Developers think that the SAs are idiots who need everything spelled out for them. It becomes a lot worst when the developers are contracted out (which is common). This needs to be avoided, both parties should see themselves as working together to create a better product.
top Paul Ryan's Record On Science and Government
It exists in the DoD, all contractors are rated yearly in a process called CPARs (I think it is Contractor Performance Assesment Review). The basic idea is that each contractor is rated and then all future contracts, this rating is considered. They have formulas that take into account cost, CPAR, and other methods (I don't think that this is the best way to do this). The CPARs are a very big deal to large contractors, because a bad rating will harm all future contracts. I feel like smaller companies care less because they can simply just become a new company.
top Ask Slashdot: Worth Going For a Graduate Degree In the Middle of Your Career?
I personally have a Master in Information Security and Assurance that was given by the Computer Science department which meant that it had a lot of programming in the curriculum. I also have a CISSP and a few other certs, some security related and some not. I can say for this field that CISSP is far more valuable and took far less time to obtain. When I got my Masters degree I can't say I saw a large upswing in Linkedin activity. I got my CISSP and Linkedin went crazy sometimes to the point of being annoying (which is a good problem to have). Now you can blame this on recruiters just seaching for keywords, but that is how it is. Many jobs require CISSP, I don't think I have ever seen anything that required the Masters. My Masters I am sure would help me if there was a competitive position between two people and I am hoping that my Masters will help me in the long run more. Obviously your mileage will vary depending on location, chosen field, etc.
top Today, Everybody's a Fact Checker
Is you can tell the truth, and still completely misrepresent the information. To see how this works, I will differ to Jon Stewart...
Recently I saw someone post on facebook "how ridiculous it was that olympians needed to pay $9K in taxes to the US". I though.. man that is ridiculous, I am sure very few athletes are going to go and sell their medals, though some athletes would have difficulty paying for that tax bill. Then I do 5 seconds of googling and find out, that they are payed $25K for each gold medal, and are simply paying on that... to top it off, to pay that the athletes would need to be in the upper tax bracket meaning they aren't struggling for cash. In other words, it is simply income and therefore they need to pay taxes on it. I mentioned it and they commented back thanks, that makes more sense though usually people get pissy because it doesn't fit with their idealogy. Then you find out that Romney, Foxnews and everyone trying to convey taxes are evil are repeating this same mis representation of the facts.
dremspider has no journal entries.