×

Announcing: Slashdot Deals - Explore geek apps, games, gadgets and more. (what is this?)

Thank you!

We are sorry to see you leave - Beta is different and we value the time you took to try it out. Before you decide to go, please take a look at some value-adds for Beta and learn more about it. Thank you for reading Slashdot, and for making the site better!

Comments

top

OpenSSH Will Feature Key Discovery and Rotation For Easier Switching To Ed25519

drolli Re:Dangerous overkill (77 comments)

It is dangerous to have partially redundant mechanisms. If you have only explicit redundancy, then errors will show up.

This tool automates an administrative task. But only one.

2 hours ago
top

OpenSSH Will Feature Key Discovery and Rotation For Easier Switching To Ed25519

drolli Dangerous overkill (77 comments)

Dangerous because automatic key updates should require a great deal of verification of the new keys. I could imagine some scenarios (e.g. cloned virtual machines), which lead to the authenticated key being correctly updated (e.g old instructions/documentation) by the admin, but the EC key not overwritten (since it's not in the standard procedure). If this EC key then is copied automatically to the client, any of the cloned machines would accepted as a verified server after the login.

Overkill because exposing the public keys in terms of the sftp protocol would be less invasive and give the client full control what to do whith the keys.

7 hours ago
top

The NSA Is Viewed Favorably By Most Young People

drolli Well they are used to facebook. (282 comments)

Seems reasonable to me.

Facebook: If you click here, for playing farmville and getting up-to date advertisements around the world and hearing which of your friends prepares pizza right now, you give us all your data. We will sell it or not, as we see fit, ask you about it or not, as we see fit, change the rules at any time, as we see fit, and if you dont disagree immeduatly, we will make an effort to protect our interest by just giving you enough privacy not to run away.

NSA: To stop terrorists killing you all, we need to log all data of you which we can get.

Yes, if you give me the choice if the ratio of loss of privacy to gained comfort/security is better for Facebook or the NSA, i choose the NSA.

yesterday
top

NVIDIA GTX 970 Specifications Corrected, Memory Pools Explained

drolli Re:Better article (113 comments)

Yes. I think if I do SW development, a price difference of 3 man-hours of less does not justify the trouble...

5 days ago
top

NVIDIA GTX 970 Specifications Corrected, Memory Pools Explained

drolli Re:Better article (113 comments)

I would imagine that it get most troublesome only if you use the card for computing and rely on a homogenous memory access....

5 days ago
top

Anonymous Asks Activists To Fight Pedophiles In 'Operation Deatheaters'

drolli Dont fight pedophiles (408 comments)

but fight pedophile criminals.

That being said, i doubt that i wnat to put justice in this respect in anonymous hands.

about a week ago
top

Ask Slashdot: Is Pascal Underrated?

drolli Advantages are gone. (488 comments)

IMHO the biggest advantage of pascal was that data structures were well denfined and that strings were not nul terminated.

about a week ago
top

China Cuts Off Some VPNs

drolli Re:Defective by design. (218 comments)

Two year ago: Openvpn was fine, but webpages of providers were blocked (not a bad strategy...).

Last year: private Openvpn server worked, but connections dropped after ~1Gbyte was transferred, and well known providers were blocked

This year: openvpn was detected (not sure how!) and private server seems to have ended on some "gray" list, ssh connectionsafter that were very slow (although that could coincide with slow internet); sshing to singapore AWS cloud was fine, but i had the feeling that switching between ports for ssh helped after big data transfers or long conenctions. Connecting by mobile (state telecom) was better than by WLAN.

Blocking seems to happen solely based on target (outside China) IP.

The rationale behind blocking vpns but not ssh is simple: China is not interested in blocking perfectly. They don't care about (or even may like) that you can set up cloud servers which you need for your thing outside China. They dont care about 1% of the population and all foreigners getting unfiltered access to the outside world. As long as they can filter the information for the vast majority. Which implies that the material they mostly care about is video, which means that intentionally slowing ssh still enable you to do your admin work, but you can not copy 1000 youtube videos quickly. Also, for ssh there is no "1-click-vpn" client available......

about a week ago
top

Ask Slashdot: Can I Trust Android Rooting Tools?

drolli No. But: (186 comments)

The relevant question is: could you trust the devices firmware in the first place? The las tfew year put a solid upper bound to my trust in this respect?

about two weeks ago
top

Being Pestered By Drones? Buy a Drone-Hunting Drone

drolli Re:Cheaper: Ballons (151 comments)

i did not say that this is a new idea.

about two weeks ago
top

Obama: Gov't Shouldn't Be Hampered By Encrypted Communications

drolli Only make laws which can be enforced (562 comments)

The way out would be that i would have to license and register private keys for encryption. This is dificult to enforce since there is no way to judge if you use unregistered private keys without entering your home and looking at your harddrive.

The result would be that criminals would continue to use it, and that normal people would be criminalized.

about two weeks ago
top

Being Pestered By Drones? Buy a Drone-Hunting Drone

drolli Re:Cheaper: Ballons (151 comments)

on 4 weather ballon, you can place ~ 8 km of nylon fishing line.

So you can randomly traverse a 100x100x100m volume 80 times.

Not unlikely that you crash the papparazis expensive drone with this approach.

about two weeks ago
top

Linus On Diversity and Niceness In Open Source

drolli You care about the kernel?Incentives to take part? (361 comments)

The average tone on the kernel mailing list is not an incentive to participate to an unbiased observer.

If you care about results, dont drive people away. And yes that applies for the whole OS community. Whenever I consider to take part in an OS project, because i find it interesting, i look at the development process/communication and find the tone, way of discussion, and egocentric behaviour inacceptable.

Do you really think i contribute to a project which barely builds in exactly your environment with hundred of obscure dependencies, and when i try to fix it, getting barfed at over the inacceptable choice of standard tool X (yeah, i know, build processes which work out of the box on all linux distributions are *evil*), which seems to be directly from hell?

Do you really think i participate in a discusssion where three dickheads call my approach "SHIT" because they dont like it, without a proper argument, and often referring to episodes which happened 20 years ago as justification?

Do you really think i invest time into projects where the goals are defined by the means, and not vice versa (see the systemd debate)?

I really think i have better things to do with my life.

about two weeks ago
top

Innocent Adults Are Easy To Convince They Committed a Serious Crime

drolli Old news. (291 comments)

Wrong confessions are a big problem for courts.

about two weeks ago
top

New Collaborative Project Wants to Systematize Complex Problem Solving Online

drolli Oh my.... (42 comments)

so solving the comple problem will be reduced to the not less complex problem of weedign out the spam created by idiots?

about two weeks ago
top

Being Pestered By Drones? Buy a Drone-Hunting Drone

drolli Cheaper: Ballons (151 comments)

Put 4 big helium ballons and place nylon wires between them. Operates 24h a day and is cheap.

about two weeks ago
top

The 'Radio Network of Things' Can Cut Electric Bills (Video)

drolli Pre-existing signals. (172 comments)

Yes. if they told me that t oconnect the fridge you build a new network, i would have declared them mad.

OTOH: I worked in a related topic and we figured that the biggest part of the potential savings could be implemented by a timed switch, and a little thought. It's not like the the time of the peak consumption in a country changes day by day, usually you should think about decades.

(The 80-20 rule also applied here: do the simple measures first, and get the biggest part of the saving)

about two weeks ago
top

Ask Slashdot: Sounds We Don't Hear Any More?

drolli The standard Nokia ringtone and the palm alarm (790 comments)

Honestly, when i bought my 6310i i changed the default ringtone in two days. Not because i disliked it, but because i reached for my phone every 5 minutes in the city.....

about three weeks ago

Submissions

drolli hasn't submitted any stories.

Journals

top

Unbundling Windows from a Notebook?

drolli drolli writes  |  more than 5 years ago

I know, the question is asked from time to time, thats partially because the situation really changes, so i ask it again. I want to buy a subnotebook. Some of the most interesting candidates (e.g. Sony P-Series) are sold bundled with Windows, which i am not interested in buying at all (the last personally bought MS product was Windows 3.1, included in OS/2 2.1).

So what is the current strategy about refusing EULA, annoying the support etc? How did it/does it work out? The Reports on the net vary strongly. I am less interested in how the world should be, how it from a philosophy of law perspective should be or how the theoretical legal situation is. I am interested in what really worked, how much time it took and how annoying it was.

Slashdot Login

Need an Account?

Forgot your password?