Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Comments

top

City of Turin To Switch From Windows To Linux and Save 6M Euros

dutchwhizzman Yes they need individual desktops (244 comments)

Yes they do, because ergonomics require decent keyboards, screen and mouses. They may not need fat clients and would be off just as well with thin clients, but laptops or that form factor do *not* replace desk top systems since they still need the keyboard, mouse and screen and will essentially be used as a desktop almost all of the time.

They need access to their individual applications and data too. While it may be possible migrate all those to web applications or some client-server model, I doubt Turin has managed to finalize that sort of thing yet. Most EU cities have over a thousand custom applications that often run on antiquated proprietary systems and they will still have a burden of those for a long time.

Getting people the cheapest computer possible sounds like an easy way to save money, but in the end the price of the hardware is only a fraction of the costs and often the extra costs incurred by buying cheaper will make it more expensive. Starting with migrating just the desktops to linux and running the proprietary cruft on things like Citrix servers will save them a lot of money without a significant down side.

Oh, because they're not running windows, they can probably use their older systems a bit longer too, if electricity costs don't make it cheaper to upgrade anyway to more energy efficient devices.

2 days ago
top

The State of ZFS On Linux

dutchwhizzman Linux Distributions (366 comments)

You must have an enormous collection of Linux Distributions at home to need that much storage.

4 days ago
top

SpaceX and Boeing Battle For US Manned Spaceflight Contracts

dutchwhizzman Subcontractors (123 comments)

You are describing how either Boeing or Space-X would get sub-contractors to compete so they can get good quality components for a decent price. If you take the creativity out of the current bid phase, you'll never get innovation and "new" designs going up in to the sky. Oh and don't forget, it just may be that whoever wins this, might have to comission things from the losing party just to fullfill the contract.

5 days ago
top

Comcast Using JavaScript Injection To Serve Ads On Public Wi-Fi Hotspots

dutchwhizzman ISP? (230 comments)

Why do you think this would be your ISP and not some malware on your computer or a neighbor phishing you? Have you bothered inspecting the traffic to see what gets sent back and forth?

about a week ago
top

UCLA, CIsco & More Launch Consortium To Replace TCP/IP

dutchwhizzman Prior Art? (253 comments)

Can we please make sure that this talk is well mirrored and universally known? We don't want any patents to be put on this technology to make a few people filthy rich and the rest pay through the nose if this ever succeeds.

about two weeks ago
top

Raspberry Pi Gets a Brand New Browser

dutchwhizzman Why tab unloader if FF could implement a limit? (107 comments)

FireFox thus far have refused to implement a configuration feature where they themselves limit the amount of memory they use. They say it's already built in and auto-tuning based on the amount of memory the OS reports. It's about time that FireFox stop being so arrogant and just let me set a limit, because I don't want them to eat all memory that I want to use for other applications that now have to resort to swap because a browser eats over 2G of my ram.

about two weeks ago
top

Hackers Behind Biggest-Ever Password Theft Begin Attacks

dutchwhizzman Did they already catch them then? (107 comments)

Why would these "Russian criminals" be the ones behind this attack? Sure, some company that used the argument that there seems to be a list of over 1 billion accounts floating around on the internet to sell their services some time ago. It may even be that this list was found for sale on a Russian market place. It may even been that there are actual Russians selling this list. The accounts could even be mostly real, although probably most of it will be relatively dated.

But why would that same group of people that are actively selling this list be the same group that is using it? It makes much more sense that some group that bought part of this list, or bought some other list, or has their own trojan to steal passwords is now attacking namecheap. Unless there is substantial evidence that the same group is behind it, this is just FUD and sensationalism.

Namecheap is under attack with what's most likely a brute force list with accounts that were compromised in some yet unknown way. I think those are the facts and the rest is purely speculation.

about two weeks ago
top

Wi-Fi Router Attack Only Requires a Single PIN Guess

dutchwhizzman You forgot one thing (84 comments)

You are trusting your ISP to deliver you a router that has all these things properly configurable and not leave back doors for their own remote admin and whatnot still open. ISPs don't do that, they always leave themselves a backdoor and often are lax in upgrading firmware. If at all possible, let your ISPs router do only the minimal required to let your network connect to the internet and do the rest (firewalling, NAT, WiFi) on your own trusted devices.

about two weeks ago
top

Scientists Found the Origin of the Ebola Outbreak

dutchwhizzman Which One? (86 comments)

There's another one in Congo that appears to be a different strain.

about two weeks ago
top

Project Zero Exploits 'Unexploitable' Glibc Bug

dutchwhizzman Raspberry Pi, obscure NAS boxes (98 comments)

While you have a point, you shouldn't forget the Raspberry Pi. It is probably the most popular internet facing non-mobile ARM platform today. Literally millions of these run glibc and at least hundreds of thousands are in some way or form directly connected to the internet. While I don't believe that this bug can be exploited without first gaining RCE on the raspberry pi, once an attacker gets access to the rpi, this bug should be able to get them to escalate to root privileges.

There are quite a few people that put a full debian (or other) distribution on their NAS server. I own a zyxel NSA 325 and it is possible to install a full debian release on this and some other NAS boxes. These might be a limited amount of systems overall, but it's significant enough to deserve mentioning because they too often are internet facing.

about three weeks ago
top

Seagate Ships First 8 Terabyte Hard Drive

dutchwhizzman On a super-high capacity drive? (316 comments)

I doubt this would be cheaper than a fast 15Krpm 4TB 2.5" drive to manufacture and the 4TB drive would probably be faster overall. Sure it'd work on a 3TB consumer drive and probably be a good tradeoff, but on "the largest capacity drive in the world" I have my doubts it'd be economical and most certainly not double the speed.

about three weeks ago
top

Linux 3.17-rc2 Release Marks 23 Years of the Linux Kernel

dutchwhizzman You're not making much sense (106 comments)

Sendmail is historiy just as bind is history. Sendmail uses m4 for it's configuration files (you shouldn't edit the "compiled" stuff), so it's not sendmail that is culprit here. Bind is history because there's powerDNS now. Exim and samba aren't a mess, but they do use "text files" for configuration.

Anyway, they all use a standard, since it's human readable ascii. It may be obscure since there isn't much if anything that uses their format apart from themselves, but it's a standard. You could argue that all these apps should standardize on XML, but then you'd have all the tags that need to be standardized too. Going for binary files means humans will need extra software just to edit that and machine generating those will be harder too. The Windows Registry is a mess if I ever saw one and after about 20 years it's such a myriad of patches and additions that it's hardly managable.

Standards are great, which is why everyone invents at least one new one. Pushing very different requirements into one standard usually makes it either too crippled to be useful or too bloated to be maintainable. Maybe it's you that needs to find something else to do if you can't muster up the energy to deal with these inconveniances anymore. There will always be incompatibilities and annoyances if you have to deal with technology so either put up or move on.

about three weeks ago
top

$125,000 Settlement Given To Man Arrested for Photographing NYPD

dutchwhizzman There ought to be a law... (231 comments)

There ought to be a law where any citizen can force a prosecutor to prosecute people that are suspect of committing a crime. Any prosecutor that gets too much cases where this law has to be effected should be subject of a research into his true loyalty. I wonder what party would dare to come up with a federal law to make this happen....

about a month ago
top

Hackers Steal Data Of 4.5 Million US Hospital Patients

dutchwhizzman VPNs don't solve this on their own (111 comments)

Disclosure: I'm a professional Penetration Tester

We find plenty of this sort of setups at our customers. Customers set up VPNs, have a password policy and a virus scanner. They have firewalls and keep user policies restricted. Then we come and we trojan someone, or find a weak WiFi password or whatever we use to get a foothold inside their network all it takes is one little mistake and we're "in". Once we get there, we log keyboards, get password hashes from network or system memory and start to pivot all over the place. Usually, our software will trigger virus alerts, but staff doesn't react to those "in a timely fashion" and we get to keep going even though alarms are going off on several computers. We could cloak our malware and sometimes we do, but usually it's too much trouble and we get domain admin passwords within a few days and rule the network in such a way that admins wouldn't be able to get rid of us if we would rootkit and backdoor properly.

It takes more than some policies and a VPN these days. You need IDS, proper procedures, layered security and skilled, motivated staff that knows how to deal with security incidents. You need properly trained and aware users that aren't afraid to admit they messed up and that have no problem reporting others doing wrong either. Don't trust on a single technical measure, but implement them all and make sure you test and train on a regular basis. Get a data classification policy and protect data according to that policy. That means that stuff like SSNs and anything that can be used for identity theft should get extra layers of protection and alerting implemented. If you don't do all this, a serious intruder will usually get what they want.

about a month ago
top

Daimler's Solution For Annoying Out-of-office Email: Delete It

dutchwhizzman In France (232 comments)

In France it is illegal to have staff answer mail out of office hours. How's that for mandatory free time?

about a month ago
top

Apple's Diversity Numbers: 70% Male, 55% White

dutchwhizzman not just hiring (561 comments)

Once you hire someone, they may want to leave because the atmosphere in the workplace isn't what they like, or the pay for their gender or ethnicity seems off compared to others. A large part of why some companies can't seem to get their "diversity" numbers anywhere near what they want them to be, is because they have a reputation that will put certain groups off whether deserved or not.

These are things that are much more important in the long run than just getting candidates in the door that have the right skills on their resume. That part is easy, just advertise and throw money at it. Keeping them and making them fit in the team is the hard part.

about a month ago
top

Study: Firmware Plagued By Poor Encryption and Backdoors

dutchwhizzman Not safe (141 comments)

SD Cards can be several devices, including wifi cards, so those are just as (un)safe as USB devices if the device they are connected to would be susceptible to hot plugged hardware and have the drivers available for those.

SSL/TLS is plagued with bugs due to the backward compatibility issue. Heartbleed anyone?

Self Signed shouldn't be a problem, providing the device has the pubkey for the CA that was used to self sign present.

Doing a wget on an image requires at least a minimal install like busybox on top of a linux kernel. This is currently one of the most used ways to upgrade firmwares and often there are older version of busybox, the kernel and many other applications on the device. Those are one of the big sources of devices being hacked.

As you see, it's not as simple as it seems. Apart from standard apps being outdated and not validating certificates, a lot of the custom parts of firmware aren't written with any security in mind. Things like old fashioned buffer overflows, SQL/XML injections, XSS and whatnot in user interfaces are much more common than in directly web facing websites these days. With IPv6 around the corner and the end of NAT in sight, plenty of these devices will be connected directly to the internet and we will see a large increase in "things" getting hacked once we get to that point.

about a month ago
top

Is "Scorpion" Really a Genius?

dutchwhizzman He claims this himself (391 comments)

http://www.scorpioncomputerservices.com/the_founder.html

He probably is a smart guy, but these claims here would make me not want to hire him. He's so obviously full of himself that he'd probably never admit he might be wrong about something and that is just plain dangerous. So it's not just the hollywood drama, it's based on his on ludicrous claims.

about a month ago
top

San Onofre Nuclear Power Plant Dismantling Will Cost $4.4 Billion, Take 20 Years

dutchwhizzman Not entirely emissions free (343 comments)

While the actual generation of nuclear power in the plant may not have emitted CO2 or other burn products, you can hardly call this emissions free. Don't forget that mining the uranium ore, transporting the uranium ore and some more steps in the production process is done with fossil fuels. Nuclear waste is also a form of emission. Even if it's not directly related to greenhouse effects, it will cause severe effects on humans and nature if not taken care of (in an expensive way). All things considered, nuclear may or may not be smarter to use than coal or even wind energy, it may emit a lot less greenhouse gasses, but I wouldn't want to claim it to be anywhere near emissions free.

about a month and a half ago
top

Ask Slashdot: IT Personnel As Ostriches?

dutchwhizzman Probably no way to get compensated? (246 comments)

The perv probably didn't have enough money to pay for damages to his victims and you? In some countries the government will actually make sure you get a reasonable compensation for the financial and social losses you had, even if the perpetrator didn't have any.

about a month and a half ago

Submissions

top

Facebook breaks net neutrality to buy users

dutchwhizzman dutchwhizzman writes  |  about 7 months ago

dutchwhizzman (817898) writes "Facebook is convincing partner mobile operators in third world countries to unlock not the entire internet, but just facebook for it's subscribers with a special "facebook only" subscription. By doing so, they are promoting a model where an ISP or operator can charge a fee per web site, instead of flat access rates to the entire network. With the recent agreement between Netflix and Comcast where netflix has to pay Comcast to provide proper service to it's already paying subscribers, we're seeing a worrisome future for flat fee data plans emerge."
top

New Super Doping Winter Olympics undetectable?

dutchwhizzman dutchwhizzman writes  |  about 7 months ago

dutchwhizzman (817898) writes "A journalist bought a substance known as "full size MGF" that is said to be undetectable by current doping detection methods. The substance has only been used in clinical animal trials and is supposed to reinforce muscle tissue. The press in Europe is running a big story that the drug can't be detected and people that spend 100,000 dollars will have an unfair advantage at the Winter Olympics. While current methods may not be able to detect the substance used, it is inevitable that future detection will be possible. Shouldn't the question be rephrased to "Will the samples taken from athletes at the 2014 Winter Olympics contain traces of full size MGF?""
Link to Original Source
top

Hackers vs Police paintball match

dutchwhizzman dutchwhizzman writes  |  about a year ago

dutchwhizzman (817898) writes "In a small town in the Netherlands, people from the hacking scene, police, cyber soldiers and several government agencies gathered to discuss their differences. (https://www.opcyberpaint.nl/ Dutch Language, as well as the video link below) This time, not only words were used, but paint ball guns were chosen to make arguments that words just could not bring across. Pictures can be found at http://www.flickr.com/photos/40532667@N08/sets/72157633705123865/"
Link to Original Source
top

Oracle knew for months about java 7 zeroday

dutchwhizzman dutchwhizzman writes  |  about 2 years ago

dutchwhizzman (817898) writes "Polish security researcher Adam Gowdiak submitted bug reports for the current Java 7 zero day exploit that's wreaking havoc all over the Internet months ago. It seems that Oracle can't or won't take such reports seriously? Is it really time to ditch Oracle's java and go for an open source VM?"
Link to Original Source
top

Kimble out on bail

dutchwhizzman dutchwhizzman writes  |  more than 2 years ago

dutchwhizzman (817898) writes "Kim Dotcom, Also known as the hacker Kimble, owner of MegaUpload has just been released on bail. The judge thought he wouldn't be able to flee, because he won't have access to his money. The question is now, if someone has dozens of bank accounts and a safe room, wouldn't he be burying some maple leafs around the globe as well?"
Link to Original Source
top

Monty Python to reunite for movie

dutchwhizzman dutchwhizzman writes  |  more than 2 years ago

dutchwhizzman (817898) writes "The surviving members of Monty Python have announced they will make a new movie. It will be titled "Absolutely Anything". Graham Chapman won't be there to join them anymore, but they think the movie will still be in the spirit of "Life of Brian", "The meaning of Life" and other movies they made in the past."
Link to Original Source
top

TomTom reorganizes 10% of staff away

dutchwhizzman dutchwhizzman writes  |  more than 2 years ago

dutchwhizzman (817898) writes "Today, Tomtom, fabricator of location and route planning software and devices, announced a big reorganization. Once the biggest player in the market, TomTom is now one of the many companies offering a little box or an app that guides you to where you want to go. Also the built in navigation features of many new cars eat away at TomToms empire, it seems. Roughly 10% of the staff will have to find employment elsewhere. About half of them will be fired, the other half will not be replaced when their contracts end."
Link to Original Source
top

Southern hemisphere yellowstone sized caldera foun

dutchwhizzman dutchwhizzman writes  |  more than 2 years ago

dutchwhizzman (817898) writes "Uturuncu is a Bolivian supervolcano. Research suggests that it has an eruption frequency of roughly 300.000 years and the last eruption was, give or take a few years, 300.000 years ago. Research suggests that it started raising in a 70 km circumference by 1 to 2 centimeters per year, making it the fastest growing volcano on the planet.

Break out the tin foil hats, and store plenty of canned beans, because it may just erupt before Yellowstone pops it's cork."

Link to Original Source
top

Binary usenet groups prohibited in the Netherlands

dutchwhizzman dutchwhizzman writes  |  more than 2 years ago

dutchwhizzman (817898) writes "Amsterdam based Usenet wholesale provider News Service Europe has been mandated by the court to remove all copyright infringing content on their servers, or face severe financial penalties. Dutch copyright MAFIAA organization BREIN has won a court case making the usenet provider responsible for the content posted on other platforms than their own.

Could this be the end of usenet as we know it, or will an appeal be won by NSE? Why didn't the judge make the provider that allowed the posts responsible? Why did the judge not honor the "cancel message" procedure that technically exists in the NNTP protocol?"

Link to Original Source
top

Dutch court bans Samsungs Android 2.3 devices

dutchwhizzman dutchwhizzman writes  |  about 3 years ago

dutchwhizzman (817898) writes "Today a Dutch court banned the Galaxy S, Galaxy S2 and the Ace. The ban will only apply to these devices when running Android 2.3 and is effective starting October 15th. The ban is based on apples scrolling patent and this is "fixed" in Android 3. It is expected that Samsung will upgrade to Android 3 very soon, probably before October 15th."
Link to Original Source
top

Google to cut off most of Labs

dutchwhizzman dutchwhizzman writes  |  more than 3 years ago

dutchwhizzman (817898) writes "Bill Coughran, SVP for Research and Systems Infrastructure, announced severely limiting of Google labs. They won't pull the plug completely, but the nifty features in several google apps that were available via labs, will most likely not get updated, and fewer new ones will appear."
Link to Original Source
top

Plan to test Shakespeare remains for marijuana

dutchwhizzman dutchwhizzman writes  |  more than 3 years ago

dutchwhizzman (817898) writes "A team of scientists has submitted a formal request to test the remains of William Shakespeare for drugs. Notably, for marijuana, since remains of clay pipes found in his garden have been tested positive for four-twenty. If they get permission, we may have to adjust our view on his world famous plays quite substantially."
Link to Original Source
top

MicroSoft Office 365 goes live

dutchwhizzman dutchwhizzman writes  |  more than 3 years ago

dutchwhizzman (817898) writes "MicroSoft today officially announced the worldwide launch of their in-browser office collaboration suite. They have recently been communicating that they are planning on a cross browser, cross platform support for all their apps in the future. Now is the time to see if they can live up to that plan and if it's any good."
Link to Original Source
top

Bittorrent and uTorrent sued for protocol

dutchwhizzman dutchwhizzman writes  |  more than 3 years ago

dutchwhizzman writes "Bittorrent and uTorrent are sued for using techniques in their clients and the bittorrent protocol. From the article it appears that technologies are used that were submitted in a 1999 patent, that was approved in 2007. This itself is not uncommon, but reading what technologies are used, HTTP could very well be prior use, or violating at least part of the same protocol."
Link to Original Source
top

Fedora refuses to fix broken flashplayer in 14_64

dutchwhizzman dutchwhizzman writes  |  more than 3 years ago

dutchwhizzman (817898) writes "After over 150 entries in a bugzilla bug over Adobes' broken 64 bit flash player, there still is nobody that is fixing the problem. Even Linus Torvalds himself has given his comment that no matter who broke it, Fedora should just fix it, since the end users don't care. Fedora developers so far refuse to revert a change to glibc that triggers the bug in Adobes's software, "because the bug is in Adobes' software and Adobe knows it's in there".

In the mean time, end users are left with glitches and broken sound in their 64 bit OS experience, and only a few found the cause and remedy for this in the bug description. Right now there is even a plea to stop submitting comments to the bug, in the hope that the developer might want to revisit it and read what should have been done weeks ago. Is it really so that developers, in this time and age, can dictate what gets commented to a bug and what gets fixed in such a big community project, just because they are the ones with write access to a repository?"

Link to Original Source

Journals

dutchwhizzman has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>