×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Comments

top

Michael Abrash Joins Oculus, Calls Facebook 'Final Piece of the Puzzle'

jasno Re:Not much (232 comments)

Well, I think both augmented reality and head-mounted displays in general will be hugely successful in the next few years. If nothing else, it will become the defacto way to watch 3d content like movies and sports. Just wait until you get to watch a game via the 'ball cam'! Immersive 3d, not the shitty TV or movie version, is really going to propel 3d content into the mainstream.

Then you have games. Imagine a wireless head-mounted display that connects to your smartphone. Suddenly the small screen is no longer the limiting factor. You can have rich, immersive worlds on the go.

What remains to be seen is how profitable the market will be.

about three weeks ago
top

Michael Abrash Joins Oculus, Calls Facebook 'Final Piece of the Puzzle'

jasno Re:What's so special... (232 comments)

No, Apple had patents. TiVo had patents. If Oculus doesn't have patents, there's a good chance they'll be only a memory in a few years.

about three weeks ago
top

Michael Abrash Joins Oculus, Calls Facebook 'Final Piece of the Puzzle'

jasno What's so special... (232 comments)

Does anyone know what's so special about Oculus? Do they have some intellectual property that will make them money, or are they just improving on 30 year old ideas?

It seems to me that all we're waiting for are component prices(high res, compact LCDs and accurate, fast sensors) to drop. Sure, there will be some software work, but we already have stereoscopic support in game engines and now 3d media content.

Sure, there will be a lot of work crafting new interfaces and presentation schemes, but that's all software and design, not hardware.

about three weeks ago
top

Minecraft Creator Halts Plans For Oculus Version Following Facebook Acquisition

jasno Re:VR not mature at all (300 comments)

Tracking an object like a head is trivial if you have the money to spend on industrial sensors. The technology is there, it just needs to be commoditized. It's like what happened when the wii-mote came out and helped drive down the price of accelerometers.

One could do it with a precision gyro and accelerometer... one could do it with a high-speed camera... with acoustic sensors... there are many ways to do it. Most of the delays happen inside the computer, so it's more of a software problem in my opinion.

There are a lot of VR solutions, they just don't cost $200. VR has been around since the 70's/80's... Here's one from NASA in '85: http://www.youtube.com/watch?v...

about three weeks ago
top

Minecraft Creator Halts Plans For Oculus Version Following Facebook Acquisition

jasno Re:Very hard without additions (300 comments)

Regardless of what you use to sense position, you're going to have to put it into an input at some point. Chances are that it will be USB provided the latency is acceptible. If it isn't USB, it will have to be some other standardized input. In any case, developers of competing glasses will have access to that same input.

VR is just too big, and really too old and mature, to be controlled by one company. People got into a tizzy because Oculus released prototypes, but you can bet other companies had similar devices which they didn't want to prematurely demonstrate.

I'm guessing FB bought Oculus because, like many of the folks cheering Oculus, they don't understand hardware.

about three weeks ago
top

Vast Surveillance Network Powered By Repo Men

jasno Private vs. public... (352 comments)

I have no problem with a private individual or company doing this.

I have a big problem with the government, who has the ability to deprive me of my posessions, my freedom, and my life, being able to do this.

I wonder how else a private company can work with the government to get around restrictions placed on the government?

about a month and a half ago
top

GameFace: Making a Virtual Reality Android Headset

jasno Big whoop... (why is there still a subject entry?) (14 comments)

VR headsets will become popular when the component prices allow it. The technology isn't complicated. What's complicated is packaging two hi-resolution displays, sensors and optics in a package that is light enough to wear for a price that an average consumer can afford. When the prices come down, companies like Oculus will be forgotten as a wave of cheap Asian models floods the market.

VR is nothing new. I'm willing to bet most of the important patents have already expired.

I will say that I am looking forward to these devices, not as a gamer but as a programmer. I'm looking forward to reclaiming my desk space and ditching my huge monitors. I'm looking forward to working in a spherical desktop.... hell, not just spherical, but maybe even multisphered(i.e. roll my chair to the left and I'm in another sphere).

about 2 months ago
top

30 Minutes Inside Valve's Prototype Virtual Reality Headset

jasno Re:Shut up and take my money (59 comments)

The limiting factor is the hardware. We can actually build a really nice VR display now, but the price would be too high for mass adoption so it's not being done. Once the component prices drop, I expect you'll see VR displays from a host of manufacturers. The tech really isn't all that special and the patents probably all expired by now. I really think Oculus will be the TiVo of VR displays - a pioneer that will fade from the limelight when the technology goes mainstream(except I think TiVo brought more innovation to the table, and ended up with more IP to enforce).

These displays are really going to change the way we interact with computers and the world around us. I can't wait to work inside a spherical desktop.

about 3 months ago
top

Target Hackers Have More Data Than They Can Sell

jasno Nothing's changed... (118 comments)

Let's face it - credit cards are insecure. They always have been, and they still are. I have long operated under the assumption that all of my cards are compromised, but that someone hasn't gotten around to making use of them yet. Even 20+ years ago when I was trading cards using stolen voicemail boxes, we had more cards than we knew what to do with. Sure, there are organized gangs now using smurfs to work the cards, but they're still few in number. When you have say, 1/2 of all credit cards at your disposal, it's going to take you quite a while to go through them all, gang or no gang.

Until the economics change, the financial companies have no incentive to change things. Adding another step to a credit card transaction which reduces convenience, leading to even a infinitesimal amount of spending reduction, could easily cost more than all of the fraud combined.

about 3 months ago
top

NSA Trying To Build Quantum Computer

jasno No shit? (221 comments)

Come on... what's next? "NSA attempts to listen to other nation's communications"? That *is* their job, you know.

They've broken the law in letter and spirit. Let's try to keep the focus on that.

about 4 months ago
top

Tech Leaders Push Back Against Obama's Efforts To Divert Discussion From NSA

jasno Re:Obama forgot he works for the Americans ! (312 comments)

Hmmm... I don't think I'd equate government surveillance with data collection and analysis by a private company. The government can deprive me of my life and liberty and thus should be restrained. A private company, generally speaking, cannot.

Sure, a private company can always pass on whatever they like to the government. But it is possible to enumerate such uses in a contract which I have the option of declining. Companies can then compete for my dollars on the basis of privacy and data protection.

Now the third-party doctrine effectively makes that useless, and turns every private company into an arm of the state. If there's anything that needs to change, it's that.

about 4 months ago
top

Get Ready For a Streaming Music Die-Off

jasno Re:The article is FUD (370 comments)

I'm confused... the record labels want online streaming to die because the costs their customers(i.e. Pandora) pay are greater than those paid by radio stations? What?

about 4 months ago
top

Scientist Seeks Investment For "Alcohol Substitute"

jasno Higher alcohols... (328 comments)

There are many substances that effect our bodies in ways that are similar or complimentary to ethanol. Many of those substances are already present in fermented products like wine and beer. Some of those are higher weight alcohols(i.e. - fusel oils) like http://en.wikipedia.org/wiki/Tert-Amyl_alcohol or http://en.wikipedia.org/wiki/Tryptophol. There are other components too, such as the chemicals found in hops. Most of these compounds do not metabolize into acetaldehyde so they do not result in a traditional hangover.

about 5 months ago
top

Mark Shuttleworth Complains About the 'Open Source Tea Party'

jasno Re: Of course... (419 comments)

So anytime someone works on a hobby without getting paid it's slavery now? Just like unauthorized copying is theft, right?

People can complain all they want. People can choose to use another software solution - or no software at all! What I'm taking issue with is people who are saying what the 'FOSS community' needs to do. Complain all you want, but keep your moral obligations to yourself - or, you know, pitch-in and do it.

Crafting open-source software is often like painting. Many people paint for fun, to fulfill their own desires. Maybe I painted a nice painting for my livingroom, and I post a picture of it online for others to use. Now if someone comes along and says my painting is crap and no one should download it - fine. If someone comes by and says all people who share their paintings need to use only blue tones, or coordinate with the colors in *his* livingroom... that's where I have a problem. That guy needs to STFU and paint his own damn picture, or break-out photoshop and fix the painting I shared.

You have some very strange ideas on how 'FOSS' works.

about 6 months ago
top

Mark Shuttleworth Complains About the 'Open Source Tea Party'

jasno Re: Of course... (419 comments)

"...FOSS communities really need to..."

"FOSS communities" don't need to do anything. If you think 'they' should do something, maybe you should pitch in and do it.

Who cares what the 'FOSS advocates' say? Did we vote for them at some point? Did I sign something giving them the right to speak for me? Like the parent I was replying to, your conception of 'FOSS' and the community surrounding it has been warped by the successes and business models of the past few years.

about 6 months ago
top

Mark Shuttleworth Complains About the 'Open Source Tea Party'

jasno Re: Of course... (419 comments)

I'm not trying to be too snarky, but do you work on open source projects?

Whenever I hear someone talk about what the FOSS community should or needs to do, I first ask myself that question. This 'FOSS community' is not some monolithic entity which acts in some coordinated way to make you or anyone else happy. The 'FOSS community' is a collection of folks ranging from developers donating their time and efforts to paid devs hired by companies that derive benefit from FOSS software. Sure, that s/w engineer with too much time on his hands could probably advance the 'FOSS cause' by shuttering his unique distro and instead running regression tests of recent packages against modern hardware, but what makes you think you or anyone else can place those moral obligations on him? Did you ever think that many folks in the 'FOSS community' are having fun and enjoying their hobby?

What you call 'an illusion of choice' is *actually* choice. You can choose not to use those developers efforts and instead donate your time to a project you deem worthy.

Have a problem with the "busted shitter" problem? Are you offering to spend your time and energy on a thankless project with little personal rewards? Why not? This is one of the problems for which distributions were created in the first place. Companies charge money for their software so they can pay people to do these thankless, mind-numbing tasks. Support one of them, or figure out a new way(bug bounties maybe?) to motivate people to work on the broken shitter, or, you know, stop putting moral obligations on the 'FOSS community'.

I'm sorry - I know this is coming off as rude. You sound, to my ears, like an idealistic kid who points his fingers at the world but doesn't actually pitch in. Try to understand what the 'Foss community' is, and how it got to be what it is.

The 'Foss community' is many things, but it is not slave labor. It is not here to provide you with no-cost software that performs as you wish.

about 6 months ago
top

Ask Slashdot: What Are the Hardest Things Programmers Have To Do?

jasno Re:Dealing with reality... (473 comments)

...and that handles the constraints when they change, because they will change.

Maybe the marketing guy changed his mind. Maybe your #1 customer has a special case they need you to accomodate. Maybe the latest TV on the market improperly implemented HDMI and now you've got to accomodate that.

about 6 months ago
top

Ask Slashdot: What Are the Hardest Things Programmers Have To Do?

jasno Dealing with reality... (473 comments)

The hardest thing, consistently over the years, is to bridge the gap between the ideal and the practical. We've all faced problems that could be so easily solved if we could just rearchitect the code or omit a few requirements. Situations that would be so simple if only they were so simple. Crafting a beautiful algorithm and then being told that you have to add an exception here, or a special case there. I generally prefer driver-level programming because it tends to involve the lowest number of hacks and special cases(if you're laughing at this, you're probably a firmware guy that hasn't written an application or middleware in a while).

Working on a commercial product that has limited logging ability and trying to reproduce and diagnose errors in the field is pretty high up on my list of hard things to do. Unfortunately it is nearly all I do nowadays.

Working on unglamorous code or writing documentation is hard, but mainly because it's hard to stay focused.

about 6 months ago
top

What Are the Genuinely Useful Ideas In Programming?

jasno Re:Actors and State (598 comments)

Dammit I wasted a mod point but I gotta add to this...

Understand state. Understand state machines. Understand that many times the best solution is to define and implement a state machine. It won't make you feel warm and fuzzy from all the neato tricks you invented. It will often result in a system that is easily understood, analyzed and extended without causing too many problems.

I know, that's not exactly what you were talking about but your use of the word 'state' got me thinking.

One more thing - software engineering... programming... whatever. It's a big field. There are folks who make more than me and all they do is glue together java libraries or craft SQL statements. I personally work in the lower levels. The things I need to know are worlds apart from other programmers. I better damn well know how to implement circular buffers, properly lock shared state, understand common hardware interface quirks, memory management, etc. etc.... It would be silly for some folks to waste their time learning those things. Would it make them a better programmer? Probably. But would it ever matter when all they're doing is gluing together libraries? Maybe not.

I've been in the game for 16 years now. I've never once written or even directly used a sorting algorithm. The first few years I didn't even deal with strings - nothing I programmed used ASCII input or output. No serial ports even. I went the first 10 years not even really understanding what was so special about databases. I learned it on the side for shits and giggles, but it's never been necessary for me to earn a paycheck.

The only skill every programmer really needs to know is how to be patient and detail oriented. That's the only thing I can think of that truely is common across the discipline.

about 6 months ago
top

Schneier: Metadata Equals Surveillance

jasno Let's get scary... (191 comments)

I feel like what needs to happen is for all of us geeks to get off our collective asses and start companies which openly, agressively track people and sell that data to the public. For instance, start tracking license plates. Make the database searchable for $10 per query. Advertise it. Scare the hell out of people. Only then will enough calls make it to congressional phone lines.

about 7 months ago

Submissions

jasno hasn't submitted any stories.

Journals

top

Firewall config

jasno jasno writes  |  more than 10 years ago

This is my current firewall config.. comments appreciated!

#!/bin/sh
#
# Firewall script for 3 interface router.
#
IPT=/sbin/iptables

INET=eth0
IDMZ=eth2
ILAN=eth1
DMZNET=10.10.2.0/24
LANNET=10.10.1.0/24

# Forward the following ports to the DMZ host
TCPFWD="ssh www https 8000 8001"
UDPFWD="5121"

# Turn off forwarding
echo 0 > /proc/sys/net/ipv4/ip_forward

modprobe ip_tables
modprobe ip_nat_ftp
modprobe ip_conntrack_ftp
modprobe ip_nat_irc
modprobe ip_conntrack_irc

###############################################################
# Setup /proc interface

echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts

# Disable Source Routed Packets
for f in /proc/sys/net/ipv4/conf/*/accept_source_route; do
        echo 0 > $f
done

# Enable TCP SYN Cookie Protection
#echo 1 > /proc/sys/net/ipv4/tcp_syncookies

# Disable ICMP Redirect Acceptance
for f in /proc/sys/net/ipv4/conf/*/accept_redirects; do
        echo 0 > $f
done

# Don't send Redirect Messages
for f in /proc/sys/net/ipv4/conf/*/send_redirects; do
        echo 0 > $f
done

# Drop Spoofed Packets coming in on an interface, which if replied to,
# would result in the reply going out a different interface.
for f in /proc/sys/net/ipv4/conf/*/rp_filter; do
        echo 1 > $f
done

# Self explanitory
echo "1" > /proc/sys/net/ipv4/icmp_ignore_bogus_error_responses

# Log packets with impossible addresses.
#for f in /proc/sys/net/ipv4/conf/*/log_martians; do
# echo 1 > $f
#done

###############################################################
# Flush all chains and delete user chains

for i in filter nat mangle
do
$IPT -t $i -F
$IPT -t $i -X
done

# Default policy is to drop
$IPT -P INPUT DROP
$IPT -P OUTPUT ACCEPT
$IPT -P FORWARD DROP

###############################################################
# Stealth Scans and TCP State Flags - Are these needed?

# All of the bits are cleared
iptables -A INPUT -p tcp --tcp-flags ALL NONE -j DROP
iptables -A FORWARD -p tcp --tcp-flags ALL NONE -j DROP

# SYN and FIN are both set
iptables -A INPUT -p tcp --tcp-flags SYN,FIN SYN,FIN -j DROP
iptables -A FORWARD -p tcp --tcp-flags SYN,FIN SYN,FIN -j DROP

# SYN and RST are both set
iptables -A INPUT -p tcp --tcp-flags SYN,RST SYN,RST -j DROP
iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN,RST -j DROP

# FIN and RST are both set
iptables -A INPUT -p tcp --tcp-flags FIN,RST FIN,RST -j DROP
iptables -A FORWARD -p tcp --tcp-flags FIN,RST FIN,RST -j DROP

# FIN is the only bit set, without the expected accompanying ACK
iptables -A INPUT -p tcp --tcp-flags ACK,FIN FIN -j DROP
iptables -A FORWARD -p tcp --tcp-flags ACK,FIN FIN -j DROP

# PSH is the only bit set, without the expected accompanying ACK
iptables -A INPUT -p tcp --tcp-flags ACK,PSH PSH -j DROP
iptables -A FORWARD -p tcp --tcp-flags ACK,PSH PSH -j DROP

# URG is the only bit set, without the expected accompanying ACK
iptables -A INPUT -p tcp --tcp-flags ACK,URG URG -j DROP
iptables -A FORWARD -p tcp --tcp-flags ACK,URG URG -j DROP

###############################################################
# Setup rules for connecting to the gateway itself

# Loopback is trusted
$IPT -A INPUT -i lo -j ACCEPT

# Allow related packets from any interface
$IPT -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

# Allow all connections from LAN
$IPT -A INPUT -i $ILAN -j ACCEPT

###############################################################
# Setup rules to allow the internal nets to access the internet

# Allow LAN to connect to anything
$IPT -A FORWARD -i $ILAN -j ACCEPT

# Allow all traffic going from DMZ to outside
$IPT -A FORWARD -i $IDMZ -o $INET -j ACCEPT

# Only allow return traffic back inside - '-o ! $INET' probably not needed
$IPT -A FORWARD -o ! $INET -m state --state ESTABLISHED,RELATED -j ACCEPT

###############################################################
# Setup masquerading

# LAN S-NAT
$IPT -t nat -A POSTROUTING -o $INET -j MASQUERADE

###############################################################
# DMZ Port Forwarding
for i in $TCPFWD; do
        $IPT -A FORWARD -i $INET -o $IDMZ -p tcp --dport $i -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
        $IPT -t nat -A PREROUTING -p tcp --dport $i -i $INET -j DNAT --to 10.10.2.40
done

for i in $UDPFWD; do
        $IPT -A FORWARD -i $INET -o $IDMZ -p udp --dport $i -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
        $IPT -t nat -A PREROUTING -p udp --dport $i -i $INET -j DNAT --to 10.10.2.40
done

###############################################################
# LAN Port Forwarding
#$IPT -A FORWARD -i $INET -o $ILAN -p tcp --dport 80 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
#$IPT -t nat -A PREROUTING -p tcp --dport 80 -i $INET -j DNAT --to 10.10.1.40

# LAN D-NAT
#$IPT -t nat -A PREROUTING -p tcp --dport 80 -i $IEXT -j DNAT --to 10.10.1.40:8080

# DMZ D-NAT
#$IPT -t nat -A PREROUTING -p tcp --dport 80 -i $IEXT -j DNAT --to 10.10.2.40
#$IPT -t nat -A PREROUTING -p udp --dport 5121 -i $IEXT -j DNAT --to 10.10.2.40

echo 1 > /proc/sys/net/ipv4/ip_forward

Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...