×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Comments

top

OpenBSD Team Cleaning Up OpenSSL

hobarrera Re:de Raadt (290 comments)

Because of how OpenBSD's allocator works, the "reading past the allocated space" code would trigger page faults on OpenBSD (not always, but some times). These are fatal, and make the program crash.

One of the messages on the thread linked in TFS mentions how this works in greater detail.

2 days ago
top

OpenBSD Team Cleaning Up OpenSSL

hobarrera Re:de Raadt (290 comments)

If they hadn't used their own allocator, then this bug would have been exposed on OpenBSD ages ago since it would lead to OpenSSL crashing over and over again. At first you migth think that this only helps OpenBSD users, but no: this would have led to research on the matter (the crashed), and the issue being found quite soon after it was introduced.

So it would not have been benefitial only to OpenBSD, but to everyone.

3 days ago
top

OpenBSD Team Cleaning Up OpenSSL

hobarrera Re:Backport\Upstream? Seems unlikely (290 comments)

Looking at the diffs in tech@, is seems they're dropping DOS, WIN16 and WIN32. I've no idea if there was any WIN64 specific code, but yes, it seem's windows in general is being stripped.

3 days ago
top

OpenBSD Team Cleaning Up OpenSSL

hobarrera Re:Backport\Upstream? Seems unlikely (290 comments)

Dropping support for these platforms means getting rid of a lot of files/code/ifs/etc. Less code is easier to review. Better reviewed code has more chances of bugs being caught in time.

3 days ago
top

Ask Slashdot: User-Friendly Firewall For a Brand-New Linux User?

hobarrera Why? (187 comments)

You say you're a new Linux user, and it looks like you're carrying over you windows-way-of-thinking.

Most Linux distros don't have services running with lots of security holes. You don't generally need this.
Most malware out there is actually stuff like "click here for free money.exe". Even if you come across Ubuntu-targeted stuff, it does look like you're the kind of person who wouldn't click that.

Several people here have pointed out possible solutions, but think for a moment if you really need them.

about two weeks ago
top

Theo De Raadt's Small Rant On OpenSSL

hobarrera Re:not developed by a responsible team? (301 comments)

Did you read the entire email? Several of the issues he's mentioning here are not mere "errors". Skiping exploit mitigations for the sake of performance (on some platforms!) on a security library/program isn't an error, it's awfully irresponsable!

about two weeks ago
top

OpenSSL Bug Allows Attackers To Read Memory In 64k Chunks

hobarrera Re:Is SSH affected? (303 comments)

Assuming it uses a version of openssl that supports the relevant TLS feature[...]

That's a pretty generic response and applies to absolutely every piece of software in existance.
It's a good think OpenSSH doesn't use any version of OpenSSL though.

about two weeks ago
top

Ask Slashdot: How To Start With Linux In the Workplace?

hobarrera Re:Huh? (451 comments)

It doesn't really matter which OS they pick, they still need to pay somebody for support (in the sense of fixing installs, etc. Updates will be provided from upstream).

about two weeks ago
top

Ask Slashdot: How To Start With Linux In the Workplace?

hobarrera Re:The department gives the hint. (451 comments)

XFCE may look superficially like XP but actually has all sorts of differences that make it irritating as hell to use. Just off the top of my head:

- No decent file explorer.

Why? What's wrong with thunar?

Thunar is abysmal compared to XP's.
- Window borders too small, like 1px. Resizing windows is a pain.

I haven't used XFCE is ages, but I belive lots of WMs out there use super+m2 to resize. Windows borders are useless, and having to aim at tiny stuff to resize windows is stupid.

- Window maximize behaviour is annoying, because you can still drag the window out of fullscreen after it's been maximized, yet dragging it to the top of the screen doesn't automatically fullscreen the window again.

Rather than "annoying", I'd say it's just "different from windows". Also, I belive this is configurable.

- The 2 clipboards, one of which is a "mouse buffer", is so unintuative I would classify it as a bug. Linux desperately needs a unified clipboard.

Use something like parcellite if you want to unify them. Getting rid of both clipboards to make life easier for people who don't know how to use a computer is a bad idea (see GNOME3).

about two weeks ago
top

Seagate Releases 6TB Hard Drive Sans Helium

hobarrera Re:Let me just (147 comments)

Of course, instead of going bankrupt after spending all my money in 6TB hard drives, I could just enjoy myself for now, and got bankrupt later on when one of by four 3TB disks fail.

about two weeks ago
top

Ask Slashdot: How To Start With Linux In the Workplace?

hobarrera Lubuntu (451 comments)

[url=http://lubuntu.net/]lubuntu[/url] is pretty lightweight, and looks pretty similar to windows as far as I can tell. Plus, it's all Ubuntu under the hood (for better or for worse). You know you'll have updates for a looong time coming.

about two weeks ago
top

Nanodot-Based Smartphone Battery Recharges In 30 Seconds

hobarrera Re:Very bulky. (227 comments)

Somebody notify mobile phone manufacturers, cause some (eg: Samsung's) just keep getting bigger!

about two weeks ago
top

Dyn.com Ends Free Dynamic DNS

hobarrera Re:domain != dyndns (240 comments)

freedns (freedns.afraid.org) offer free DNS hosting, including dynamic DNS. So just buy a domain, and use that. Still cheaper than $25/y.

about two weeks ago
top

OpenSSL Bug Allows Attackers To Read Memory In 64k Chunks

hobarrera Re:I take it this is a server concern (303 comments)

Even if nobody cares about your data/nobody exploits it, the hole is still there.

about two weeks ago
top

FTC Settles With Sites Over SSL Lies

hobarrera Re:Tip from a programmer (78 comments)

you're under some kind of deadline pressure and you can't connect to them, don't turn off SSL validation.

OR: Always turn off SSL validation, because it's totally worthless.

The problem is CAs get suberted all the time into issuing certs they shouldn't issue.

You're asuming that they're using a third-party CA, and using the same pool of CAs browsers use to validate.

In truth, when developing applications, you don't need that. If I were to make an application and server right now, I'd use my own CA certificate. I'd then bundle it with my application, and sign the server certificate with it. TLS validation will mean TRUE security in this case.

about two weeks ago
top

Five-Year-Old Uncovers Xbox One Login Flaw

hobarrera Re:Who? How? (196 comments)

I'm quite curious as to what sort of shortcut they took. I can't picture any sort of code that might end up with an issue as particular as this one. :-/

about two weeks ago
top

Five-Year-Old Uncovers Xbox One Login Flaw

hobarrera Re:$300? (196 comments)

QA? This bug is way too stupid. It should never even have existed, unless it was intentional. I mean, imagine the code; there's no possible variation where you get this sort of bugs.

about two weeks ago
top

Why Movie Streaming Services Are Unsatisfying — and Will Stay That Way

hobarrera Re:Business as usual. (323 comments)

If your connection is fast enough, you can stream 1080p movies, with same same quality as ripped 13GiB movies. If you do the math, you'll notice you only need ~2.1MBps (17Mbps) to stream a 15GiB 2 hour movie. And 15GiB is pretty much as good as it gets.

Honestly, everything you're criticizing is due to whoever your stream provider is having poor infrastructure/bandwidth/players, etc. Streaming itself does not need to have any of the issues you mention:

low quality: This is not tied to the fact that you're streaming per se, but rather to you provider wanting to save bandwidth.
embedded in some kind of stupid player: You can stream in standard formats as well you know?
system resource hungry: Sound like DRM is to blame for this, and not so much streaming itself. If you're not DRM'ing, you could just use VLC or whetever you like.

about three weeks ago
top

Ouya Dropping 'Free-to-Play' Requirement

hobarrera Re:Dumb move... (107 comments)

It was a requirement for developers, it was a feature for end users.

about three weeks ago

Submissions

top

Ask slashdot: Ideal country to rent a VPS

hobarrera hobarrera writes  |  more than 2 years ago

hobarrera writes "I have rent a VPS from a provider located in the US. With all the issues of the US government taking down servers (sometimes without a good reason), legal issues regarding what I may and may not traffic, DMCA, and privacy concerns, I started looking for a VPS provider located elsewhere.

The first thing that came to mind, was to see where domains like thepiratebay where located (expecting it to be a quite "liberal" country in this sense). However, contrary to what I expected, Sweden actually blocked tbp at some point.
I don't want to pirate movies or anything ilegal, but I'd still prefer to operate on a country that has a clean record when it comes to taking down domains, and that I know my server will be running the next day every night when I got to bed, and I can expect an acceptable level of privacy.

For the record, I live in Argentina, and while Argentina does match my needs in this sense, hosting costs here are prohibitive, and quality extremely poor."

Journals

hobarrera has no journal entries.

Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...