Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!



Heartbleed OpenSSL Vulnerability: A Technical Remediation

grahamsaa Re:Mountain out of a molehill (239 comments)

What if you work for an organization that has hundreds or thousands of users who connect to a SSL VPN? Re-issuing a single certificate isn't so bad, but re-issuing many certs (and working with end users to roll them out) sounds like a nightmare. Many businesses are also responsible for more than one website, and / or are heavily regulated. Just getting lots of users to change their passwords is bad enough, but if you have to tell them that their credit card number or medical information may have been compromised, possibly provide credit monitoring services for awhile, etc., is ABSOLUTELY a lot of work for a department or an organization.

about two weeks ago

NASA Admits It Gave Jet Fuel Discounts To Google Execs' Company

grahamsaa Recouping the money is probably impossible (126 comments)

But I'm much more interested in hearing about the rationale for offering this deal. Did NASA get anything in return? Did H2-11 request a subsidy? Was this a simple accounting error or due to corruption. The "what" here is far less interesting to me than the "why".

about a month and a half ago

Cops Say NDA Kept Them from Notifying Courts About Cell Phone Tracking Gadget

grahamsaa Sorry, I can't be compelled to testify (235 comments)

Sorry Judge, I can't be compelled to testify against my accomplice -- we signed a non-disclosure agreement.

about a month and a half ago

"The Fat Man" George Sanger Answers Your Questions About Music and Games

grahamsaa "A while ago you a chance"? (20 comments)

C'mon Slashdot editors, please proofread before posting.

about a month and a half ago

Carmakers Keep Data On Drivers' Locations From Navigation Systems

grahamsaa A recommended practice? (189 comments)

Why isn't this required by law?

about 3 months ago

Porn-Surfing Execs Infecting Corporate Networks With Malware

grahamsaa Do different rules apply to senior managers? (151 comments)

I've never understood why people do stuff like this. Years ago I recovered data from a CFO's laptop, only to find the thing filled with porn. Senior managers generally make enough money to have personal devices to look at porn on -- why do they risk the embarrassment of being discovered misusing company resources? I guess now that I think of it, the CFO in question wasn't fired (or even really disciplined) for this, as far as I can tell, so maybe senior managers just think that they're important enough that rules and common sense don't matter. If the laptop had belonged to a lower-level employee, he or she probably would have been disciplined.

about 5 months ago

Your Next Network Operating System Is Linux

grahamsaa Re:Cisco isn't going anywhere, yet (192 comments)

Familiar or not, IOS ps pretty cludgy and difficult to navigate, and lacks a lot of basic tools that are available at a bash shell. For example, why can't I pipe muptiple 'include' statements together yet? I've been able to pipe multiple grep statements together since, well, since I started using Linux at least 13-14 years ago.

about 6 months ago

Your Next Network Operating System Is Linux

grahamsaa Cisco isn't going anywhere, yet (192 comments)

As much as I would like to see Linux / BSD being used to power network devices (and I admit that it's already happening), it's going to be a long time before most enterprises ditch their Cisco gear for equipment that runs an open source OS. Many large enterprises have already made significant investments in hardware and personnel. Even if a vendor were to come along with an excellent product at a great price point it would probably be at least 5-10 years before most enterprises move away from their Cisco switches, routers and other appliances. Don't get me wrong -- I'd like to see Cisco's dominance challenged, and to see a Linux / BSD based CLI used to configure network equipment instead of IOS -- but it seems unlikely in the near future.

about 6 months ago

Comcast Working On 'Helpful' Copyright Violation Pop-ups

grahamsaa I feel bad for the programmers and sysadmins (284 comments)

I feel bad for the programmers and sysadmins that are being asked to implement this. Surely, they must know that it won't work, but senior management probably insists that everyone can afford all the content they want, and that DRM is easy to deal with (and somehow beneficial) because senior management is completely lost.

The front line people responsible for setting this up are probably rolling their eyes in disgust, and looking for better jobs. If I were in their position, I would be. Have fun trying to enforce something that is unworkable and unrealistic. When you're not having fun anymore, hopefully you'll find a job that uses your skillset to do something that makes sense.

about 8 months ago

Did Goldman Sachs Overstep in Criminally Charging Its Ex-Programmer?

grahamsaa free subversion repository? (186 comments)

Goldman Sachs wasn't equipped to host their own repository? For code that is supposedly proprietary, valuable and highly sensitive? That's pretty shocking. Either this guy violated company policy by using a free repo host when he was explicitly told not to, or whoever is responsible for IT infrastructure at Goldman should be fired for incompetence. Hosting your own repo is easy enough, and trusting a free repo host for sensitive code is about as stupid as using a pastebin to share medical records.

about 8 months ago

Japan and EU Commit 18m Euro To Develop 100Gbps Internet Access

grahamsaa Re:$36 Mil is chump change (69 comments)

$45?!? That same plan costs me $60 in western PA! And I thought I was getting a good deal :(

about 9 months ago

Ask Slashdot: What Should a Non-Profit Look For In a Web Host?

grahamsaa You have a few options (100 comments)

As others have pointed out, you've missed a few details. So, you're getting 503's -- do you know why? Is processor or disk load too high? Is your server misconfigured? I'm guessing at this point that your host is managed by a third party -- have you asked them to explain the problems you're having? Have they offered a solution (even if it might cost you more money)?

What is your budget? What are you currently paying? What about your level of in-house experience? If you're a linux / unix admin (or have one at your disposal) you might be best served by using either a managed VPS or colocated server (or a couple, behind a load balancer, but that gets to be more expensive and complicated to set up).

If you're less willing or able to manage hosting yourself, be aware that generally, you'll get better service from managed hosting providers if you're willing to spend money. Even though you're a non-profit, probably with a limited budget, you shouldn't skimp on hosting if you decide that a managed host is right for you. If you typically have ~1000 active users on your site, any downtime will hurt you -- even if it doesn't cost you in terms of donations, it will make you seem less legitimate.

Anyway, here are your options:

Unmanaged VPS -- cheapest option, will require some technical expertise on your end. Potentially less reliable than colocated servers.
Colocation -- Can be expensive, requires a fair amount of technical expertise. If configured properly, your site should be very, very reliable, but there's a lot of room for error.
Managed hosting -- Forget about paying $80/year for managed hosting, considering the amount of traffic you're getting. You may have to spend $100/month or more. Good managed hosting won't require much experience from you or your staff, and will be less expensive (probably) than colocating multiple servers. Do research, read reviews, etc. to find a provider you feel comfortable with. While price is an important consideration, you shouldn't go with the cheapest option just because it's the cheapest. If you need to talk to a technician at 3am, you want to be sure that you're going to get someone on the phone when you call. It's also probably important that the person you get when you call during an outage / emergency isn't an idiot, and with most bargain-basement hosts, you're lucky to get a human on the phone at all.

Good luck :)

about 10 months ago

Kim Dotcom's 'Mega' Storage Site Arrives

grahamsaa Is there a standalone app? (314 comments)

I really have no interest in just uploading or downloading files through my browser. When this was announced I heard that they were going to support mounting / folder syncing, but I'm not seeing anything like that yet. Am I missing something?

about a year ago

Last Day To Tell Google To Forget You

grahamsaa Thanks slashdot! (238 comments)

Looks like you slashdotted the EFF. Site is down.

more than 2 years ago

SEC Decides Telcos Must Give Shareholders a Vote On Net Neutrality

grahamsaa Re:This is a TERRIBLE idea (107 comments)

I agree completely and would mod you up if I hadn't already posted here.

more than 2 years ago

SEC Decides Telcos Must Give Shareholders a Vote On Net Neutrality

grahamsaa Re:This is a TERRIBLE idea (107 comments)

Fair point, but it's more or less a non sequitur. The US is, or at least claims and appears to be a democratic society.

more than 2 years ago

SEC Decides Telcos Must Give Shareholders a Vote On Net Neutrality

grahamsaa This is a TERRIBLE idea (107 comments)

Yes, shareholders should have a say in the policy of companies they own, but net neutrality should most certainly not be left to shareholders. If shareholders were allowed to set the minimum wage a company will pay, they have a financial interest in voting for $0.

In a democracy, the government should work to ensure that the interests of the people are served. Net neutrality should be enforced by legislation.

more than 2 years ago

Pirate Apple TV Operation Nabbed In Australia

grahamsaa Re:$100 (128 comments)

This is an excellent example of why piracy is alive and well today. I occasionally get a call from my cable (internet) provider asking me if I'm interested in taking advantage of a special 'deal' to get cable TV access for around $65/month (for a limited time, of course). Each time I respond by saying "so, you've removed all the advertisements, then?"

The person on the other end of the phone usually sounds confused until I explain that I will happily pay for content, but not so long as they try to treat me as the customer and the product at the same time. I _might_ pay $10/month for a full cable package with ads, and $50/month might be reasonable for 100% ad-free content, but anything like what the standard providers are charging for ad supported content is completely unthinkable. Until then, services like Hulu are a much better deal.

And if content providers are too stupid to put their content up on those sites, I have no qualms pirating it. If I can't find a way to watch content cheaply or for free, I don't bother with that content at all. Big content -- adapt or die!

more than 2 years ago



How should I wean myself off of Google services?

grahamsaa grahamsaa writes  |  about 8 months ago

grahamsaa (1287732) writes "My primary e-mail account is with gmail, and has been for years. I catch up with remote friends and family by using Google chat (within gmail). I have an Android phone and tablet, and am generally happy with them. Unfortunately, due to Google's cooperation with the NSA and other agencies, I'm becoming increasingly uncomfortable with my dependency on their services.

I do have a riseup.net e-mail account, but their webmail interface (squirrelmail) isn't nearly as polished as gmail's is (I can't fault them for this — Riseup is small and funded entirely on donations — but giving up some of gmail's features will be difficult). I'm not opposed to setting up my own mail server and I'm experienced enough with Linux to do this, but that presents the some of the same problems. In addition to that, it will take time to update my contacts with new address information, and surely some people will slip through the cracks, probably resulting in complete loss of communication.

Getting away from Google on mobile platforms is even more difficult. Google Now already knows where I live and work, what sports teams I follow, etc. Occasionally I rely on GPS to get around, which works very well, but it also leaks my location data to Google Maps. I need to use a smartphone for work (and my employer pays for my phone), but there don't seem to be any good alternatives to Android. iOS is locked down, and no better from a privacy perspective, and Windows Mobile (or whatever they're calling it these days) is no better.

I'm not interested in switching away from insecure / monitored services because I'm engaged in anything illegal, or because I have anything "to hide" per se. . . I just think that Google already knows too much about me. Switching to a search engine like Duckduckgo is easy enough, but getting away from other services looks like it's going to be very cumbersome. I ditched Facebook years ago and haven't looked back, but I expect this transition to be far more difficult.

Has anyone done this successfully? What services / applications work well? What do you recommend?"

Is Postgres on par with Oracle?

grahamsaa grahamsaa writes  |  about 9 months ago

grahamsaa (1287732) writes "I work at medium sized company that offers a number of products that rely fairly heavily on backend databases, some of which are hundreds of gigabytes and deal with hundreds or thousands of queries per second. Currently, we're using a mix of Postgres, Oracle, and MySQL, though we're working hard to move everything to Postgres. The products that are still on MySQL and Oracle were acquisitions, so we didn't get to choose the RDBMS at the time these products were designed.

So far, we've been very happy with Postgres, but I know next to nothing about Oracle. It's expensive and has a long history of use in large enterprises, but I'm curious about what it offers that Postgres might not — I'm not saying this because I think that sticking with Oracle would be a good idea (because in our case, it probably isn't), but I'm curious as to how some companies justify the cost — especially considering that EnterpriseDB makes transitioning from Oracle to Postgres feasible (though not painless) in most cases. For those that use Oracle — is it worth the money? What's keeping you from switching?"

How can I keep the US government off of my domains?

grahamsaa grahamsaa writes  |  more than 2 years ago

grahamsaa (1287732) writes "SOPA and PIPA are dead, or at least in hibernation now, but I'm very troubled by what happened to JotForm recently.

I'm a contract sysadmin, and I manage and develop for a number of small companies and domains. While it's unlikely that any of them will be taken down (I don't host any content that is illegal), it is incredibly troubling that registrars like GoDaddy seem willing to take down entire domains without a court order.

What can I do to keep the US government, or any government, corporation, or third party from taking my domains offline? Are some registrars better than others?"

Former DHS official: no "property interest" in data

grahamsaa grahamsaa writes  |  more than 2 years ago

grahamsaa (1287732) writes "Stewart A. Baker, a former assistant secretary at the Department of Homeland Security is quoted in the New York Times today as saying “You can’t really have a property interest in data,” he argued. “It’s going to get cheaper to reproduce it. It’s going to get reproduced and stored. It’s going to get copied.”

Of course, he was talking about your personal data — in his opinion, personal data can be stored, aggregated, copied and used to track your activities online. But this raises an interesting point — if one can't have a property interest in data, why are people getting sued, fined and arrested for copyright infringement? It seems that you can't have it both ways. If data is going to get copied, and if there's no enforceable property interest, what's the problem with online piracy?"

Link to Original Source

Maryland Robocall Conviction Puts Political Dirty

grahamsaa grahamsaa writes  |  more than 2 years ago

grahamsaa (1287732) writes "Today an attempt to deceive likely-democratic voters in Maryland resulted in a conviction of the man who served as campaign manager for the effort of Maryland's former Republican Gov. Robert Ehrlich Jr.'s to regain the governorship.

A Baltimore jury found Paul Schurick guilty of election fraud on state charges related to 2010 voter-suppression robocalls meant to keep some African American voters, predominantly Democrats, away from the polls on election day.

Whatever you think of the result, this is unprecedented."

Link to Original Source

Dealing with a partially defunct employer

grahamsaa grahamsaa writes  |  more than 2 years ago

grahamsaa (1287732) writes "I recently updated my resume and checked the web site of one of my previous employers to see how it might look to, well, anyone who looks at my resume. I was horrified to find that while the company is still (sort of) in business, their web site is horribly out of date. It lists a phone number that doesn't work anymore. Signing up for automated e-mail from them results in an auto-reply from an employee who long since quit (saying that he no longer works there). Not too recently, I did good work for this company as a contractor, but now their website lives on, undead, and if any prospective employer looks at my resume and decides to check this company out, it doesn't give a very good impression. So what have other people in this position done to mitigate the damage of a (fairly recent) work history with a zombie company?"

Netflix - streaming only; Qwikster - DVDs by mail

grahamsaa grahamsaa writes  |  more than 2 years ago

grahamsaa (1287732) writes "Reed Hastings, CEO of Netflix, sent an e-mail to subscribers this morning apologizing for the way they handled recent pricing changes. It also announced that Netflix will be split in two. A new service called Qwikster will handle all DVD mailings for Netflix. Netflix will now only provide streaming content. According to Hastings, "Streaming and DVD by mail are really becoming two different businesses, with different cost structures . . . "

Is this a good move for Netflix, or a sign of tough times ahead?"

Could rooting Android devices become mainstream?

grahamsaa grahamsaa writes  |  about 3 years ago

grahamsaa (1287732) writes "NPR's Weekend Edition aired a story today on how rooting the Nook Color can turn it into a full fledged and relatively inexpensive Android tablet. The story claims that the process takes about half an hour, and only requires the purchase of a Nook and a microSD card, and points listeners to a YouTube tutorial on how to root the device. Could this signal a change in how mainstream users see devices like this? Could rooting Android devices like the Nook ever become mainstream?"
Link to Original Source

NY Times Switches to digital subscription model

grahamsaa grahamsaa writes  |  more than 3 years ago

grahamsaa (1287732) writes "The New York Times just announced that they are switching to a digital subscription model, which will require readers to pay a fee ($15-35 per month, depending on whether they want to view news on computer, smartphone or tablet devices) if they wish to read more than 20 articles a month on the site. Is this model sustainable? Is it time to start looking for another source for online news?"
Link to Original Source

Google is spam filtering its own messages

grahamsaa grahamsaa writes  |  more than 4 years ago

grahamsaa (1287732) writes "After renewing my subscription to Google Earth Pro today I was surprised to find that my receipt went to my spam box. This wouldn't normally be unusual, except that Google is my e-mail provider, and the message went to my Google Apps account. Google tagged its own message to me as spam!

They also affixed this warning to the message: "Warning: This message may not be from whom it claims to be. Beware of following any links in it or of providing the sender with any personal information."

Does this strike anyone else as odd / funny?"

Alternative to slow virus scans?

grahamsaa grahamsaa writes  |  more than 4 years ago

grahamsaa (1287732) writes "I work for a small company (about 30 employees) and have found our current anti-virus solution (AVG) to be fairly unworkable. I disabled daily scanning because it slows people down in general, the scans take a long time, and it seems fairly redundant (particularly as resident shield seems to be fairly good). Once every few weeks I do a full scan, and I rarely find anything more threatening than tracking cookies.

Still, these scans take a long time (often over an hour) and slow people down. Most employee machines are laptops, and most people take their computers home at night, so there's no good way to set an automatic scan late at night (as the machines will likely be off by that point). Does anyone have an idea at how to scan for viruses more efficiently?"

Temporary passwords for FreeRADIUS authentication?

grahamsaa grahamsaa writes  |  more than 5 years ago

grahamsaa writes "Hi everyone,

I've been poking around with FreeRADIUS for a few months now, with limited success. It seems that most of the documentation available is hopelessly out of date (referring to version 1.7 or earlier), and while it's clear that MySQL can work as a backend authentication database, I haven't seen any implementations which allow the use of temporary credentials.

Basically what I'm looking to do is to set up a hotspot system (and yes, I've already tried Chilispot . . . it doesn't meet my needs) that allows users to connect to my WLAN for a limited period of time using a randomly generated password. This password could be printed on a cafe receipt or given out some other way. Also, if possible, I'd like to use an up to date version of FreeRADIUS if possible (not 1.x). Has anyone done this? Do you know of any good resources for documentation? Thanks!"


grahamsaa has no journal entries.

Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account