Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!



oVirt 3.4 Means Management, VMs Can Live On the Same Machine

jimicus Re:Still trying to wrap my head... (51 comments)

A couple off the top of my head:

  - You wouldn't believe the number of poorly written applications that will happily bring a server to its knees no matter how powerful. This way you can reset just that application, not the whole business.
  - An application that was never written with any sort of HA in mind can be made highly available without any changes.

about three weeks ago

Environmentalists Propose $50 Billion Buyout of Coal Industry - To Shut It Down

jimicus Re:Replaced by what? (712 comments)

Because every environmentalist I've ever seen is never for anything. They've got nothing constructive to say, it's purely "Let's get rid of dirty power sources!".

about a month ago

School Tricks Pupils Into Installing a Root CA

jimicus You are about to learn an important lesson (417 comments)

The important lesson you are about to learn is this: Pick your battles.

This is a battle you cannot possibly win.

Why not? Because you're still a pupil.

Virtually every argument you can come up with for why that certificate shouldn't be there - no matter how well-reasoned - is going to be dismissed by staff. Even if you can come up with a well-reasoned argument that no sensible adult would counter (you probably can't; there are very good reasons for a school to want to monitor everything that are likely to be perceived as overriding any concerns you have about privacy), you'll be crushed.

At this level, arguments like this inevitably wind up being less about who is technically right or wrong and more about who has the power. As far as the school is concerned, the person who wins the argument has the power - and there is no way they will ever let a pupil win such an argument because it means conceding power to a pupil.

In your position, I'd install some sort of plugin that allowed me to verify that my HTTPS session was using the "right" certificate - and if not, I'd tether my laptop to a personal mobile phone.

about a month and a half ago

BPAS Appeals £200,000 Fine Over Hacked Website

jimicus Re:Low hanging fruit... (104 comments)

Replying to myself, but.... £200,000 is a pretty big fine by ICO standards.

Reading the report, it seems that while the BPAS did everything right once the breach was discovered, the circumstances that led to it happening in the first place were caused by pretty blatant incompetence. They knew (or should have known) that the details of people who wanted to use their services would be confidential information, they sacked the firm that built the website over concerns for their ability but they kept the site without ever auditing it.

The fine isn't just based on how flagrant the data breach was, it's also based on how much the organisation being fined can afford without causing undue hardship.

I'm not surprised the CEO wants to appeal the fine. The circumstances that led to it suggest gross incompetence at several levels; if she doesn't appeal or the appeal is unsuccessful, I imagine her job is on the line.

about a month and a half ago

BPAS Appeals £200,000 Fine Over Hacked Website

jimicus Re:Low hanging fruit... (104 comments)

That's not how ICO fines work.

The way they work is this: If you suffer a data breach that the ICO hears off, they'll investigate.

Once the investigation is complete, they'll do a few things:

  1. Write a beautifully-worded press release explaining exactly what you did wrong and put it on the news wires.
  2. Write an equally beautifully-worded report explaining what you did wrong in explicit detail.
  3. Issue a thumping great fine.

It's important to note that they don't have to take an organisation to court to raise this fine. It's the other way around - if your organisation gets fined, it's down to you to raise an appeal.

about a month and a half ago

Bitcoin Plunges After Mt. Gox Exchange Halts Trades

jimicus Re:Magic the Gathering Online Exchange (249 comments)

Virtually anything you might buy or sell derives at least some of its value from faith, and currencies are no exception to this. In other words, as long as a sufficient number of people believe that 1BTC is worth ~$680, then 1BTC is indeed worth ~$680.

This is even true of gold to a certain extent - its value goes up and down too, though it's seldom as volatile because it has other uses beyond currency.

When something happens to shake that faith, the value drops. When something happens to strengthen that faith, the value rises.

Any currency that isn't backed by something tangible (eg. a precious metal) by definition derives more-or-less all its value from faith. This isn't usually a big deal - most countries came off the gold standard decades ago - but one side-effect is that if your country's government is unstable, there's a very good chance your currency will follow suit in short order. For extreme examples, see Zimbabwean dollars, Afghan Afghanis and German Papiermarks.

about 2 months ago

Algorithm Aims To Predict Fiction Bestsellers

jimicus Already done - albeit in fiction (146 comments)

It's already been done - though only in fiction.

Roald Dahl wrote about a machine called the Great Automatic Grammatizator. A machine that you plug in various parameters - such as type of book, characters, proportions of violence/sex/humour - and it churns out something that's pretty much guaranteed to be a bestseller according to those parameters in fifteen minutes flat. Being a writer himself - and a somewhat dark one at that - the end result was a dystopian universe in which writers were forced to give up writing and just license their name to the man with the machine, simply because the machine brought the cost of production down so much that this was the only way to earn a living as a writer.

about 3 months ago

Reverse Engineering a Bank's Security Token

jimicus Re:Read between the lines (55 comments)

Now, had he figured out a way to divine the secret device ID from the generated codes, well now that would be bad.

Worse than "bad".

Looking at the (admittedly obfuscated) screen grabs and the comments that say the bank provide RSA hardware tokens if anyone wants one - I reckon it's a software implementation of an RSA SecurID token, probably bought in directly from RSA. And if it's bought in from a third party, it follows that anyone else who's bought in the same product would almost certainly be vulnerable to the same issues.

about 3 months ago

DRM Has Always Been a Horrible Idea

jimicus The world is not black & white (281 comments)

There seems to be this idea - and I've been guilty of it myself - that the world is black and white.

In this case, the argument is DRM either works 100% or it works not at all. As "working 100%" is obviously wrong, it follows that it does not work at all and is in fact a stupendous waste of money on the part of the people who commission ever-more-complex DRM systems.

But what if DRM was never meant to work 100%? What if it was only ever meant to slow things down - for instance, to ensure that you can't find a good quality version of a new movie on the Pirate Bay the first weekend it's in the cinema? To ensure you can't pirate a game on the day it's released in stores - and for maybe a couple of weeks after?

about 4 months ago

NSA Says It Foiled Plot To Destroy US Economy Through Malware

jimicus Re:NSA failed to halt subprime lending, though. (698 comments)

More often than not these things get named by the antivirus vendors when they hit the wild and not before, which is why there isn't a name for it.

about 4 months ago

Standardized Laptop Charger Approved By IEC

jimicus Re:There's probably patents involved (289 comments)

Hint to manufacturers: there's a portion of the market that likes nice things, or at least not bottom-of-the-barrel cheap things.

There is, but when you've spent thirty years turning PCs into commodity items the habits become ingrained and hard to change.

Then you discover that the word "commodity" has a number of connotations, most of which are pretty bad for your business.

about 4 months ago

Is Bruce Schneier Leaving His Job At BT?

jimicus Re:Makes Sense (96 comments)

In which case, it makes a lot of sense from Schneier's point of view to leave. Why would you want to hang around a company that's so heavily tainted when your entire CV is based on your being a guru in the field of security?

about 4 months ago

Why Cloud Infrastructure Pricing Is Absurd

jimicus Re:meow meow f1rst p0st (191 comments)

I know this because I just inherited one of these. My predecessor promised cheap, I'm stuck with managing expensive (and am moving the #$@! thing back into our existing colo space as soon as I can practically do so...)

Sounds like your predecessor fell for a scam that's existed since time immemorial. Outsourcing isn't always cheaper. How can it be when the company you're outsourcing to faces the exact same costs as you do but needs to make a profit on top?

Oh, sure, it is under some specific circumstances. But the idea that it always is is downright lazy management.

about 4 months ago

Why Cloud Infrastructure Pricing Is Absurd

jimicus Re:get used to the monthly payment (191 comments)

'Course it isn't.

Oh, sure, someone like Amazon can probably get a better price on the hardware than you or I. But they still need to buy it, power it and arrange bandwidth, same as anyone else.

Where they come into their own is in a few very particular (and for that matter very common) use cases:

  - Where you don't need the power of a whole server and can get by just fine on a tenth that amount.
  - Where your requirements may spike occasionally - but the keyword is "occasionally". They don't spike often enough to merit building out a system based upon theses spikes.
  - Where you don't have the credit to be able to buy a shedload of new equipment on some sort of leasing agreement and you don't have the cash to pay for the whole lot up front.

Something similar is true of any outsourcing-type arrangement.

about 4 months ago

Google's Plan To Kill the Corporate Network

jimicus I think they have a point (308 comments)

The idea of a secure network and a VPN to get into it if you're working away from the office is all very fine, but the list of problems it throws up is huge - and it just gets bigger as your company expands:

  - You almost invariably wind up with a two-tier experience. People who are in the office and get nice fast access to everything and people who are out of the office and everything's dog slow. Oh, sure, you can reduce this problem somewhat by putting servers in a colo, but now you've got to engineer systems so you don't wind up with everyone getting the dog slow experience. (I'm particularly looking at legacy file servers here; SMB was never really designed for use over a slow, high-latency link, though I understand newer versions of Windows Server have mostly cracked this).
  - You don't gain an enormous amount of security. Even with a heavily locked-down perimeter firewall it's seldom that difficult to figure out a way to get information out, as long as you can get something nefarious in. And that really isn't difficult with a little light social engineering.
  - Expanding beyond one office gets very expensive very fast. You need to be looking into Terminal Server, very fast (=expensive) links or have branch offices put up with terrible application performance. IT as an industry automatically assumes that multiple branches = huge business with a huge budget that takes IT very seriously (seriously, throw that bit of information into any proprietary system you're pricing up and watch the price skyrocket). I can tell you now that every single town has loads of small businesses spread across multiple branches that don't have a huge budget, don't feel the need to dedicate enormous resources to IT and they are absolutely loving the various web-based products such as espoused by Google.

Oh, sure, there's a lot of business applications that are designed on the assumption that you're a company in just one office - or if you have several offices, you have gigabit links between them - but I don't think Google really need to care too much about those.

about 4 months ago

RF Safe-Stop Shuts Down Car Engines With Radio Pulse

jimicus Re:Pros vs Cons (549 comments)

He doesn't need to.

A car with power steering has MUCH heavier steering when the power steering's failed versus an equivalent model that never had power steering fitted in the first place. To the point where even steering a moving vehicle is damn hard work.

about 5 months ago

Ask Slashdot: Why Are Tech Job Requirements So Specific?

jimicus Re:Employers want day 1 results (465 comments)

We have very specific requirements that the engineer must experience with. vBlock, EMC, VMWare, Brocade, Cisco MDS, Commvault, Avamar, data center migrations, and Azure and/or Amazon glacier and a few other specifics that would be nice. Any single one of those we will let slide but not more than one.

That's a lot of very specific technologies there. Many people with all of them out there?

about 5 months ago

BlackBerry's CFO, CMO, and COO Leave Company

jimicus Re:Blackberry is the dumbest company. (159 comments)

But Apple and Google provided so much, the top executives demanded their IT departments support these devices. When it was no longer the exclusive mobile email provider for corporations, it had nothing else to offer. It just withered.

The writing was on the wall long before then.

Blackberry's biggest selling point was half-decent email integration. At the time, nobody had a mobile IMAP client worth a damn - and even if they did, Blackberry offered features that weren't possible with IMAP (eg. remote wipe, policy enforcement).

Exchange 2003 - yes, 2003 - integrated ActiveSync. Now, while there weren't any ActiveSync capable phones worth a damn either - and wouldn't be for some years - the technology had promise:

  • No need for a third-party server, it's integrated with Exchange.
  • No need to be tied to a particular handset manufacturer.
  • No need for email to pass through the black box that is BES.

Granted, it wasn't as featureful as Blackberry Enterprise Server - but except for very specific industries, how many companies really care about being able to turn on or off every damn feature the phone offers?

It was only a matter of time before someone introduced a smartphone that spoke ActiveSync without functioning like complete arse. Did Blackberry recognise this and look for ways to make their products stand out regardless? Did they hell.

about 5 months ago

Study Suggests Link Between Dread Pirate Roberts and Satoshi Nakamoto

jimicus Re:And so the FUD begins (172 comments)

I've been saying something very similar for a few weeks.

Governments have a habit of disliking things that involve vast amounts of money flowing around that they can neither control nor tax. Yet Bitcoin is the perfect currency for allowing uncontrolled, untaxed transactions worth billions. The instability might be a bit of a problem, but if I'm going to top up a Bitcoin wallet now and use it to pay for goods within the hour, I don't really care what it's doing a week next Tuesday.

How it'll ultimately play out I don't know - I can see pressure being put on the likes of Paypal, Visa, Mastercard, SWIFT et al to block any transactions to Bitcoin processors, ultimately making it very difficult to get money out of Bitcoin - which wouldn't do the value any favours at all.

about 5 months ago

Ask Slashdot: Can You Trust Online Tax Software?

jimicus Re:I Used a Popular Online Tax Service... (237 comments)

Both you and the poster you're replying to have a point.

Certainly in the UK (and I wouldn't be surprised to find it in the US, for similar reasons), the accountancy industry is in bit of a panic. Software that does 90% of what they do has finally become cheap and accessible enough for pretty much anyone.

All of a sudden, Dave down the street starts offering accountancy services at a 40% discount (which he makes possible by having the cheapest kid fresh out of school punch numbers into a computer - or even outsource punching numbers into a computer to someone in a much cheaper country). Your accountant is stuck with a problem: How does he persuade his clients that it's worth using him rather than going to Dave down the street? As far as his clients are concerned, both people are doing the exact same job, it's just that one is much cheaper.

Copying Dave and cutting prices is only going to go one way - all other things being equal, clients will choose one or other of them more-or-less at random and they'll be sharing a much smaller pie. Which is only going to get smaller as the software becomes more sophisticated and the clients think "Why do I need an accountant at all? I can sign up to use the software and do it myself". But accountants are subject to the same foibles as anyone else, so there's no shortage of them doing exactly this.

Some accountants aren't doing this. They're looking at providing business advice and using ever more inventive ways of twisting tax law to save their clients money. They're not cutting their fees at all - instead, they're looking to do more things that justify their fees and even jacking them up. It's dead easy to charge a client £4,000 if you've just saved them £10,000.

People like your good self clearly see the value in this. Lots of people don't see this value - either because they have simpler lives and hence the value doesn't exist or because they're quite short-sighted.

about 5 months ago



Simple, cost effective multiroom audio?

jimicus jimicus writes  |  more than 4 years ago

jimicus (737525) writes "I'd like a multiroom audio system but I'm thoroughly confused by the options available — and the difference in prices is huge. For instance, Philips have a wireless system which starts at around £280 — and Russound have a product which comes in around £1,000.

I've already got all my music as MP3s and it lives on a NAS box — I don't really want to repeat that process. I also have a perfectly capable amp and speakers in my living room, so I don't really need anything else there.

Whatever I go for has to pass the wife test — so something which requires a separate amp, speakers and PC in each room and requires a keyboard to control is right out.

I don't mind spending a little money but I don't really want to find that every little extra thing adds up to £thousands.

Has anyone else dealt with a similar problem? How did you solve it?"

UK Police attack man who later died at G20 protest

jimicus jimicus writes  |  about 5 years ago

jimicus writes "A UK newspaper has received video footage of a police assault against Ian Tomlinson, a man at the recent G20 protest in London. Tomlinson can clearly be seen walking away from the police when he is hit with a baton and violently pushed to the ground.

Moments after the assault, Mr. Tomlinson suffered a heart attack and died."

Link to Original Source


jimicus has no journal entries.

Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account