Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Comments

top

Ask Slashdot: Linux Login and Resource Management In a Computer Lab?

goarilla Re: NFS + SSH is a security hole (98 comments)

No, he was putting public keys (not private) into a home directory. Specifically, the user was root which was only possible because a) /root was exported (via exporting /), b) root squash wasn't enabled. Yes, nfs3 is fundamentally insecure. Any vaguely competent sysadmin knows this and knows to take appropriate precautions.

And what's the appropriate action besides root_squash and proper host access control (/etc/exports,tcp wrappers, firewall, etc ...) ?
It still doesn't do any real authentication.

2 days ago
top

Ask Slashdot: Linux Login and Resource Management In a Computer Lab?

goarilla Re: NFS + SSH is a security hole (98 comments)

I think he means you can spoof uid of some known user and get the private keys in his .ssh directory.

2 days ago
top

MicroxWin Creates Linux Distribution That Runs Debian/Ubuntu & Android Apps

goarilla Re:Drivel (42 comments)

I guess it means that the apk's run on Dalvik or Art straight on the machine instead of in the emulator.

4 days ago
top

Critroni Crypto Ransomware Seen Using Tor for Command and Control

goarilla Re:Antivirus (122 comments)

All trojans/bots/ransomsware is designed to circumvent antivirus. It is a arms wars between viri and anti-virus. At the moment the viri are winning it :(.

Well it's a reactive business (hopefully) so that's to be expected.

4 days ago
top

X.Org Server 1.16 Brings XWayland, GLAMOR, Systemd Integration

goarilla Re:Systemd? Not on my system... (224 comments)

TCP isn't noticably more secure than UDP - the extra fields in TCP are unsigned and can be spoofed too.

But it's a lot harder since you need to have the server believe you've established a connection and can't just dump spoofded data on the wire like with UDP.

Thus, security is implemented on top of the transport layer, where it works just as well for udp as tcp. The advantage of udp then is that you get more payload per encrypted or signed unit, thus higher speed.

What are you talking about: NFSv4 ?, ipsec ? What is this security you speak of.

5 days ago
top

X.Org Server 1.16 Brings XWayland, GLAMOR, Systemd Integration

goarilla Re:Systemd? Not on my system... (224 comments)

Also, avoid distros that set up NFS to use tcp instead of the default udp. That's a huge performance killer, and not needed unless you use hubs instead of switches or need to tunnel the traffic.)

I'm not avoiding a distro if it chooses tcp over udp.
Isn't using UDP instead of TCP removing that last bit of pseudo-security NFS has ?
Aren't you now vulnerable to all sort of spoofing mayhem now ?

5 days ago
top

X.Org Server 1.16 Brings XWayland, GLAMOR, Systemd Integration

goarilla Re:So... (224 comments)

init doesn't manage services. Services are either managed by inetd or by themselves. init only has to start the services.

That's not completely true: init (re)spawns (a|min)getties on the ttys. So it does some monitoring of its "special" children.
Wether this is feature creep and/or an exception I don't know.

5 days ago
top

X.Org Server 1.16 Brings XWayland, GLAMOR, Systemd Integration

goarilla Re:Soon... (224 comments)

The only problem with Macs is that people hoard them instead of throwing them in the trash where they belong. Else I would have picked up a Mac Mini on the ground, install BootCamp on it and then it would be about good enough as a DHCP server and porn storage unit.

So you want one but can't get one through "dumpster diving". Oh, poor you.

about a week ago
top

X.Org Server 1.16 Brings XWayland, GLAMOR, Systemd Integration

goarilla Re:Systemd? Not on my system... (224 comments)

NFS is crap too and in my testing also slower.

about a week ago
top

X.Org Server 1.16 Brings XWayland, GLAMOR, Systemd Integration

goarilla Re:And the dirfference is? (224 comments)

So the solution is to hand the critical stuff to systemd-logind which I assume has root privileges.
Why didn't the Xorg folks split their root sections from the server themselves ?

about a week ago
top

X.Org Server 1.16 Brings XWayland, GLAMOR, Systemd Integration

goarilla Re:Systemd? Not on my system... (224 comments)

You run X on servers ? Nevermind, ... what was your (inital) opinion of Apple creating launchd to replace
init, cron, at, ... ?

about a week ago
top

Nearly 25 Years Ago, IBM Helped Save Macintosh

goarilla Re:Another misleading headline (236 comments)

There exists a noble, altruistic corporation that roams the lands doing the good work.

What about Oxfam and other ngo's ?

about a week ago
top

SRI/Cambridge Opens CHERI Secure Processor Design

goarilla Re:source code of the processor? But software pate (59 comments)

In terms of software patents, there's some annoying precedent that a software implementation of a architectural patent can be infringing. The MIPS architecture that we implement has LWR and LWL instructions that accelerate unaligned loads and stores. These were patented (the patents have now expired) and the owners of the patent won against someone who created a MIPS implementation where these two instructions caused illegal instruction traps and were emulated in software. The software implementations were found to infringe the hardware patent.

I have one of those in my home-router: a Lexra LX4189. It's a real shame though, such legal shenanigans didn't help the MIPS ISA overall.

about a week ago
top

DARPA Successfully Demonstrates Self-Guiding Bullets

goarilla Re:Creepy (188 comments)

It does take away all the awe I will have for future "elite" snipers. Those that have
correct sighting and wind adjustments down. Now you just need a patient man with an advanced firearm.

about two weeks ago
top

DARPA Successfully Demonstrates Self-Guiding Bullets

goarilla Re:Creepy (188 comments)

So don't you sight the laser with the scope anyway ?

about two weeks ago
top

DARPA Successfully Demonstrates Self-Guiding Bullets

goarilla Re:Creepy (188 comments)

I think I'm off by an a millionth (picometer vs micrometer).

about two weeks ago
top

DARPA Successfully Demonstrates Self-Guiding Bullets

goarilla Re:Creepy (188 comments)

Those were unforeseen costs (the price of failure), this would be an up-front cost. You bet they do let the accountants loose on this one.
Same for the insufficient armor your troops have (it was too pricey for the good stuff yet total cost of the war should have covered it a thousand times over).

about two weeks ago

Submissions

goarilla hasn't submitted any stories.

Journals

goarilla has no journal entries.

Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...