×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Comments

top

Code Quality: Open Source vs. Proprietary

jonwil Did they test OpenSSL? (131 comments)

With all the noise about OpenSSL lately, running this Coverity test on it (and other security software like GNUTLS) and sharing the results seems like it would be a good thing...

yesterday
top

Ask Slashdot: What Good Print Media Is Left?

jonwil Re:Your local newspaper (275 comments)

Here in Australia, my experience is that the genuinely local newspapers (limited to specific suburbs or council areas and usually available for free every week) are great as a way of finding out whats going on in the local area. The normal daily newspapers are full of crap and not worth reading.

yesterday
top

Slashdot Asks: How Do You Pay Your Taxes?

jonwil Australia isn't bad (382 comments)

Here in Oz we dont have state income taxes or state returns to worry about and if you don't want to use an accountant or tax agent to do the return (because you have a simple return), you can just file it electronically with the free government-supplied etax app. (or as a paper form if you really want to)

2 days ago
top

How Does Heartbleed Alter the 'Open Source Is Safer' Discussion?

jonwil FOSS is still safer... (569 comments)

How do we know that serious security flaws don't exist in the SSL implementations used by Microsoft or other proprietary vendors?

2 days ago
top

Obama Says He May Or May Not Let the NSA Exploit the Next Heartbleed

jonwil Re:Well, yeah (134 comments)

IMO the NSA should be split into 2 agencies.
One would be tasked with protecting the security of data, information, communications and networks of the United States government, its agencies and any entity deemed to be vital to national security. And this does include finding and fixing (or giving to vendors to fix) bugs in software being used by those entities it is tasked with protecting. And developing new protocols and algorithms and systems and hardware and software to protect the stuff it is tasked with protecting. And certifying software, hardware, algorithms, protocols and systems (developed in-house or externally) as being safe (or unsafe) for use in storing, manipulating, handling, transmitting or receiving the stuff it is tasked with protecting.

The other would be tasked with spying on threats to national security. Including monitoring communications, email, data, computers and software belonging to those threats. Yes that includes hacking into the computer of a bad guy who stole classified secrets or launched malware that compromised government systems.

This agency would have constraints placed on it so that it was only monitoring threats and not anyone else and so that it was not compromising global security in the course of carrying out its mission (e.g. it would be prohibited from trying to weaken the security of software/hardware/protocols/algorithms/etc in order to be able to spy on entities using those things)

Remember that when Truman created the NSA, a computer was a device that took up several rooms, there were only a handful in the entire world and only a small number of of people even knew what one was, let alone were able to use one. And the closest thing to digital communications networks were teleprinters. And the biggest threat to national security was a Soviet Tupolev Tu-95 bomber with a nuclear bomb underneath.

These days, computers are everywhere and being used for all sorts of things never imagined in the 50s. And the biggest threat to US national security is not a Russian bomber or missile but a terrorist with a suitcase bomb or hijacked airliner. Or a hacker from a foreign intelligence agency.

4 days ago
top

Why the IETF Isn't Working

jonwil Re:With HDL standards are way ahaead of the indust (103 comments)

FPGA vendors probably don't want to open up their specs and stuff because they are worried that opening up everything will give their competitors the secrets to what makes their FPGA "good".

Patents may come into it as well (I dont know how the patent situation is in the FPGA marketplace). And possibly a desire to stop people from being able to just buy the FPGAs at x amount per unit and force them to pay up for the toolchain too.

4 days ago
top

Private Keys Stolen Within Hours From Heartbleed OpenSSL Site

jonwil Re:https is dead (151 comments)

The problem with replacing HTTPS is that you will need to maintain regular HTTPS for all those clients that cant upgrade to a newer browser. (which exposes web sites to these threats) And you have to convince browser and web server vendors to support the new HTTPS replacement.

Google would probably do it (on desktop, ChromeOS, Android and its custom web/SSL server software) especially if it made it harder for the kind of man-in-the-middle-using-fake-certificates type attacks the NSA have been using (the ones that let the NSA serve up fake copies of popular web sites as a vector to infect other machines). Opera and others that use the Google rendering engine would probably use the Google support.

Mozilla would probably do it if you could convince them that its not just going to be bloat that never gets used.

Apache would probably support it via a mod_blah and if they dont, someone else would probably write one.

Other FOSS browsers and servers (those that do HTTPS) would probably support it if someone wrote good patches.

But good luck convincing commercial vendors like Microsoft and Apple to support a new protocol. And the Certificate Authorities would fight hard against anything that made them obsolete (which any new protocol really needs to do)

4 days ago
top

Ask Slashdot: Are You Apocalypse-Useful?

jonwil Useful professions (727 comments)

What might be useful would depend on how bad the catastrophe is. If its something like the TV show "Revolution" where electricity magically stops working, different people would be useful vs a situation where electricity is still available.

5 days ago
top

Intel and SGI Test Full-Immersion Cooling For Servers

jonwil Overclockers have been doing it for ages (101 comments)

If you search for "computer immersion cooling" with Google it will throw up a bunch of people (and companies) doing PC systems totally immersed in mineral oil and things as a way to get even more power out of a system (even more than regular liquid cooling gets you)

about a week ago
top

Heartbleed OpenSSL Vulnerability: A Technical Remediation

jonwil What I want to know is... (239 comments)

If OpenSSL is (as quite a few people who know what they are talking about have claimed) poorly written and hard to maintain, why no-one has tried to come up with a simple, easy to evaluate solution.

Or is SSL/TLS really that hard to properly implement?

about a week ago
top

In-Flight Wi-Fi Provider Going Above and Beyond To Help Feds Spy

jonwil Re:International flights (78 comments)

Last I checked, no international flights are using Gogo.

about a week ago
top

Fifty Years Ago IBM 'Bet the Company' On the 360 Series Mainframe

jonwil Re:Not really all that important in the big pictur (169 comments)

And if you get paid electronically via bank transfer, its a good bet that the machines at both your bank and your employers bank that handle the transactions are mainframes of some sort.

about two weeks ago
top

Australia May 'Pause' Trades To Tackle High-Frequency Trading

jonwil Even better idea (342 comments)

Just introduce a 0.001% tax on all transactions
(not just shares but other traded instruments like bonds and commodities).

Anyone buying shares or bonds or whatever to keep long term will see almost no impact from the tax. Even on a million dollar transaction, the tax would only be $1000 (so even big funds or corporate buy-outs or whatever wouldn't be affected by the tax). It would make high frequency trading (and day traders etc) unviable though.

about two weeks ago
top

Why No Executive Order To Stop NSA Metadata Collection?

jonwil He needs support in congress... (312 comments)

If he issues an executive order to undo the spying, it is likely that those in congress who want the spying to stay will refuse to support Obama on other things he wants.

about two weeks ago
top

CryptoPhone Sales Jump To 100,000+, Even at $3500

jonwil Re:The problem... (68 comments)

There ARE phones out there that dont give the baseband processor and other hidden CPUs access to the main RAM. The Neo900 for example doesn't give the cellular radio module ANY access to the main ARM CPU or its RAM. In fact, design of Neo900 means that only the Linux software running on the main ARM CPU can touch the main RAM. And there is no reason you cant run 100% FOSS stack on that CPU.

So if your stuff is encrypted by software on the main CPU, any backdoors in the baseband or SIM or whatever have no way to compromise that.

about two weeks ago
top

Mystery MLB Team Moves To Supercomputing For Their Moneyball Analysis

jonwil Re:The Million Dollar Question (56 comments)

Just be glad you yanks broke away from the motherland all those years ago otherwise you would probably be doing what us Aussies are doing and playing the one team sport on this earth MORE boring to watch than Baseball, Cricket.

about two weeks ago
top

UK Government Pays Microsoft £5.5M For Extended Support of Windows XP

jonwil Re:Cottage Industry Software (341 comments)

If I had a dollar for every time I have heard of someone that has used a Microsoft product (Access included) for the wrong thing (or used the wrong Microsoft product) I would probably have enough money that I wouldn't need to work for such people anymore (to be fair, the last job I had was a job replacing an Access based system with a much better VB.NET/SQL Server system (my part was converting reports from Access to SQL Server Reporting Services)

about two weeks ago
top

NASA To Catalog and Release Source Code For Over 1,000 Projects

jonwil Space Shuttle source code... (46 comments)

It would be very cool to see the source code for the Space Shuttle. Its retired now so releasing it shouldn't have any operational impacts on the shuttle itself and I doubt the Chinese or the North Koreans or the Iranians are interested in building their own shuttle (and certainly not one using a hardware architecture developed in the 1970s reverse engineered from a source code release)

about two weeks ago

Submissions

jonwil hasn't submitted any stories.

Journals

jonwil has no journal entries.

Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...