Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!



Mercedes Pooh-Poohs Tesla, Says It Has "Limited Potential"

mcrbids Re:Tesla needs just a few more things (359 comments)

but the pure electric car isn't going to be ready until a) massive updates to the power grid b) swappable batteries c) battery tech that lets cars go 500-1000 miles on a charge.

Why the boolean logic?

In case you hadn't noticed, pure electric cars are stomping the ever loving crap out of the luxury/performance car market. So long as the cars are selling at a growing pace, they are here to stay and are ready for the people who continue to buy them.

And as long as this happens, manufacturers will make continuing improvements to the cars they make.

A) The power grid is constantly being worked on. As people buy more cars, the grid will be upgraded to match demand.

B) Swappable batteries might be one of those improvements. But they don't seem to be required, at least not yet.

C) 1000 miles on a charge? Show me any common car that gets anything like that range.

Lots of people expect the world to change all of a sudden. But it doesn't really. Instead, continuing incremental changes gradually make the world into a different place. Those incremental changes have rather drastically changed how people interact in just the 30 or so years that I can personally remember.

about a week ago

Ask Slashdot: System Administrator Vs Change Advisory Board

mcrbids GOLD MINE! LOVE IT! (293 comments)

OP starts with: "I am the sole sysadmin for nearly 50 servers (win/linux) across several contracts. ..."

This implies that he's paid hourly. Contracts implies that he's a consultant. If there's anything that a consultant craves, it's billable hours...

about a week ago

How Does Heartbleed Alter the 'Open Source Is Safer' Discussion?

mcrbids Re:Wat? (582 comments)

Your points are valid, in a sense. But do you really think that people are going to stop trusting Open Source technologies? What isn't part of the conversation is just how terribly horrible OpenSSL actually is. It's a readability nightmare. The patch makes my eyes bleed, makes me weep gently to myself as I rock myself in an attempt to succor the horrific nightmare that code of this quality is what drives most Internet "security".

I so sorely wish more consideration was given towards NACL as a replacement for OpenSSL. It's clean, elegant, readable. Bugs will be shallower because readers might have *some idea* what is going on. And with an LGPL license, it should be quite embeddable.

IMHO, OpenSSL should be toss summarily as soon as possible. Beneath its horrific API and code lurk untold numbers of nascent, undiscovered holes no doubt already being exploited by our good friends at the NSA.

Writing security code is *hard*, folks. Making it hard to read only makes it impossible to debug...

about two weeks ago

Comcast Takes 2014 Prize For Worst Company In America

mcrbids Re:What a joke (195 comments)

^^^ This. I bought an officially branded Comcast MODEM on ebay for $21 after shipping. It paid for itself in just 3 months, and hasn't given me a lick of trouble in YEARS.

about two weeks ago

The Verge: Google Is Working on a TV Box Of Its Own

mcrbids Re:I'll wait and see (117 comments)

Well, that is certainly possible if that's important to you. .

You also could have clicked the link I provided,l and perhaps typed the word "ethernet"... There are lots of models covering many different use cases. My unit works great over wifi, which is great since I have no Ethernet in my bedroom...

about three weeks ago

The Verge: Google Is Working on a TV Box Of Its Own

mcrbids Re:Polishing turds (117 comments)

Google TV isn't a failure, it's just not the only success.

I have a Google TV stick and I love it! It is just a tablet that uses my TV as its screen and a wireless keyboard as its input. It is about the size of a thumb drive. It cost $40 on Amazon (.search for mk808b to get the exact model I'm watching Hulu+ on as I write this)

See my post history for details: this is quite successful. I have no idea what Google would want to improve...

about three weeks ago

The Verge: Google Is Working on a TV Box Of Its Own

mcrbids Re:I'll wait and see (117 comments)

Play store: no problem. How else do you think I installed Netflix, CBS.com, Hulu, uTorrent, and all the other apps?

Seriously, just imagine a tablet running on your TV using a mouse/remote instead of a touch screen. That's what I use every day. (And what is currently playing Sherlock Holmes a la Hulu; my wife loves that show)

about three weeks ago

The Verge: Google Is Working on a TV Box Of Its Own

mcrbids Re:I'll wait and see (117 comments)

I have a "Google TV" and I love it! Also called a "TV Stick" they are best sellers on Amazon with many models to choose from starting at around $25. I bought an MK808B for my bedroom TV and it's hard not to love.

1) It cost $40.

2) It uses my already existing TV

3) It streams Hulu, Netflix, CBS, NBC, and any other TV network that bothers with an Android app over wifi.

4) It uses about 2.5 watts of power.

5) It's not much bigger than a thumb stick.

6) It works seamlessly with an "air mouse" wireless remote.

7) It plays MP4 videos fluidly and runs uTorrent without issue.

8) It has room for two USB devices and an SD card.

9) Effortless support for 1080p resolution.

What more do you want from set top box that actually hides behind the TV?

about three weeks ago

Most Expensive Aviation Search: $53 Million To Find Flight MH370

mcrbids But Terrizm! (233 comments)

Seriously: a major airplane "disappears" despite evidence that it wasn't really crashed. Everybody's wondering who dunnit and how, and whether or not it will become another impromptu bomb.

There's a *lot* you can carry on a 777. $50 mil is a lot, but the amount of damage such a plane could do with a little direction makes $50 mil look like peanuts. And it's pretty clear that anybody with the skills to make it disappear as completely as it did is capable of more than just a little direction.

about three weeks ago

Amazon's Fire TV: Is It Worth Game Developers' Time?

mcrbids Lacking a point (88 comments)

The problem here is that the product has no specific point to it - it exists *solely to produce vendor lock in*. Since it's little more than a re-badged Android TV stick there's really nothing special at all about it. This, in a market space that's saturated with me-too also-rans.

It's not that Amazon's offering is horrible, it's that it's not notable in a field littered with the corpses of other not-notable failed products.

about three weeks ago

Your Car Will Tell You How To Hit the Next Green Light

mcrbids Re:Hypermiling (364 comments)

BTW: Very few "normal" people are actually aware of hypermiling. Techies/nerds more so.

You can pretty significantly improve your fuel economy by using a "hybrid" approach, which I do to raise the average fuel economy of my car by about 20%, which is significant. This, by the way, includes enough "pedal to the medal" incidents that I do get to enjoy the 200 HP engine in my beautiful convertible!

Simple things, like trailing cars going through timed lights, letting off the gas a mile or so before your turn off so you bleed speed from 65 to 50 or so before exiting and watching a half mile ahead for red lights can improve fuel economy significantly without pissing people off. If you were in the car while I drove, it's likely you wouldn't notice unless I said something.

about three weeks ago

Your Car Will Tell You How To Hit the Next Green Light

mcrbids Re:Its called paying attention (364 comments)

Ha ha... paying attention goes oh so much deeper than countdown timers...

What most people don't know is that you can improve your fuel economy rather dramatically using a variety of techniques commonly referred as "Hyper-miling". I didn't think much of it myself until I got a car that has a fuel economy computer built into the dash, and then it started to click.

See, brakes are death to fuel economy. Sounds obvious, but what isn't obvious is what that translates to in real world use.

Example: negotiating a red light. Most people don't pay attention to red lights until they are half a block or so away. If it's red, they start to apply the brake, and then as the light stubbornly refuses to turn green, they apply more and more brake until they stop behind the next car. Which is exactly the *wrong* way to get best fuel economy. Instead, you should be looking ahead as far as possible, and apply the brake as early as possible to reduce speed as early as possible to increase the amount of time it takes to cover the block distance while losing as little forward momentum as possible. Instead of waiting until the last minute and losing all forward momentum, you brake early and keep perhaps 30 MPH. This means that you don't have to accelerate to 30 MPH and you save that much fuel.

It was rather surprising to me how much difference I could accomplish using these techniques! On the freeway, if I drive around 50 MPH unless going up a hill, then more like 40-45, the normal 25-28ish MPG becomes closer to 34 MPG. Around the town, normally, my car (a 4-seat Chrysler convertible) gets around 18-20 MPG, but using these techniques about braking and reduced acceleration, I can get over 30 MPG on town surface streets! (flat land) Unfortunately, I do have to get used to being flipped off in order to achieve this.

In any event, you *can* get a rather sharp increase in fuel economy by paying attention to the forces of momentum, timing and friction.

about three weeks ago

Ask Slashdot: Experiences With Free To Air Satellite TV?

mcrbids Re:Project Free TV (219 comments)

Nothing like watching shows on illegitimate, foreign-hosted websites laden with pr0n ads and drive-by zero-day flash exploits... Sorry, no. I, for one, have a detectable amount of self respect.

about three weeks ago

An Engineer's Eureka Moment With a GM Flaw

mcrbids Re:Obligatory Fight Club (357 comments)

It looks like it should be a fairly simple matter.

... which demonstrates that you don't understand the problem. See, people die and will die in every production car ever made. Accidents happen, and with enough money spent, virtually every single death could be prevented, with enough additional shielding, crumple zones, and whatnot. But the result would be a car that nobody could afford, not even by a long shot.

So, in a very literal sense, every single car you've ever driven is a balance between the amount you're willing to pay and the amount of risk you're willing to assume. At what point does a death become a death due to a design flaw? Well, guess what: there is no obvious, intuitive "line" that would be easy to sue over.

An ignition switch occasionally dies? Would you *want* a car company that didn't improve its designs as it learns more about them? But on the balancing side, you literally cannot afford to pay for a car getting a recall every time an improvement is made.

There are a ton of shades of grey, and it's not callous, it's just sensible business to balance costs with safety. Doing it any other way would be the foolish way to do things.

about three weeks ago

Tesla Model S Gets Titanium Underbody Shield, Aluminum Deflector Plates

mcrbids Re:"extrusion"? (314 comments)

Printing presses are also increasingly under pressure (no pun intended) by start ups like Lulu that essentially print books on demand.

about a month ago

Facebook To Begin Deploying Btrfs

mcrbids Re:And facebook will be burnt (115 comments)

If BTRFS bit rot detection is anything like ZFS' then it most certainly can check for bit rot and correct it automatically.

about a month ago

More Than 1 In 4 Car Crashes Involve Cellphone Use

mcrbids Re:Passengers (367 comments)

Actually, I remember reading a study a while back covering this very subject. In fact, having passengers in the car engaged in conversation actually improved driver alertness because the passengers would pause talking, stiffen, make a sharp breathing noise, or other indications of tension causing the driver to be on alert even when otherwise oblivious to the driving risk.

In practice, it's like having "more eyes on the road" even when they aren't driving.

about a month ago



Comcast blocking DNS for BitTorrent users?

mcrbids mcrbids writes  |  about a year and a half ago

mcrbids (148650) writes "It appears that Comcast is killing BitTorrent use by blocking DNS to BitTorrent users.

For the past week, I've been having issues with my Comcast cable where everything "works fine" except DNS. Even setting up my own caching name server did not work since UDP port 53 was a black hole as far as the public Internet was visible to me. Resetting the modem/router fixed it, only to have the problem reoccur anywhere from a few hours to a day later.

Last Friday I noticed BitTorrent running on my Mac, sharing only a CentOS ISO image, and killed it. I haven't had a problem since. Can anybody corroborate this apparently new tactic being used by Comcast to censor BitTorrent use?"

Apache webserver vulnerable to "slow get", too

mcrbids mcrbids writes  |  more than 3 years ago

mcrbids (148650) writes "About a month ago, a story broke that http (apache, IIS and everything else out there) was susceptible to a "slow post", where a malicious client starts a connection to a web server, sends headers indicating a very large upload via POST, and then sends that upload very slowly, starving resources and eventually causing a DDOS.

Well today, doing some research to see how effective this attack was (hint: VERY EFFECTIVE) I tried the same thing using http GET as well, and saw very similar results. With a simple, 20-line PHP script run from my laptop, I was able to take a fairly beefy internal webserver (8 core, 12 GB RAM, CentOS 5) offline in just under a minute, and keep it that way for as long as I wanted to. The technique was simple: send "GET /" and then append letters, 1 or 2 every second or so. After several hundred simultaneous connections were achieved, the web server was no longer responsive. I don't have an IIS server to test against, and don't feel like using any "unwitting volunteers".

It doesn't take a large botnet to take most hosts offline. It takes only a single, relatively low-powered laptop and a 20-line script hacked up in PHP 5.Given that the "slow post" attack is already well known, it's only a matter of time before a black hat discovers that even disabling form post won't protect anybody, either!"

Disable Advertising? No way!

mcrbids mcrbids writes  |  more than 4 years ago

mcrbids (148650) writes "Dear Slashdot,

This is the only way I can think of to actually send a communication to you. I noticed tonight a checkbutton labelled: "As our way of thanking you for your positive contributions to Slashdot, you are eligible to disable advertising."

Well, I'm not going to check it. I've spent years writing my often +modded posts, and have enjoyed doing it! Your adveritising is subtle enough to not detract needlessly from the experience, you get a few pennies from my daily views, and I have purchased more than one item due to an ad posted on Slashdot. It's a win/win/win situation, and I will not be checking the button, nor do I steal content from websites by using products like Adblock. If a website has ads posted intrusively, then I avoid that site, rather than legitimize a website that is offensive in nature by giving it the benefit of my eyeballs.

Thank you Slashdot, for maintaining a high quality, highly relevant site for over 10 years now! I've not paid a thin dime for any of your content, and I have spent countless hours pontificating finer points; you have more than deserved whatever revenue you get from your classy, unobtrusive ad impressions!"

Root hole found in Linux

mcrbids mcrbids writes  |  more than 4 years ago

mcrbids (148650) writes "Looks like a pretty serious hole has been found in Linux — affecting 32 and 64 bit versions of Linux with and without SELinux using a creative way to exploit null pointer references. You can check it out yourself. As of this writing, there are no patches available for this, making it a potential zero-day exploit."

Rockstar squelches connection to Michael Savage

mcrbids mcrbids writes  |  more than 4 years ago

mcrbids writes "While poking around online I found this article which details an an easily verified connection between Rockstar Energy Drinks and Michael Savage the "shock jock" commonly found on ultra-conservative talk radio. Michael Savage has been banned from entering the United Kingdom due to the hateful nature of his monologues. Strangely, he broadcasts from the highly liberal San Fransisco on KNEW AM Rockstar has responded with the standard C&D route with lawyers, et al. Is this going to be another example of a company who hasn't discovered the Streisand Effect or is there legitimately no connection between Michael Savage and Rockstar Energy drinks, even if they are at the same address and share the same CFO? (Michael's wife, Rockstar CEO's mother)"

Best javascript framework?

mcrbids mcrbids writes  |  more than 5 years ago

mcrbids (148650) writes "For the past 6 years or so, we've been heavily developing a proprietary, custom vertical application based on Linux, Apache, PHP, and PostgreSQL in a home-rolled PHP framework based loosely on Horde. We've been quite successful in the marketplace with our relatively classic technology based on HTML 3.x.

After investing heavily in fully redundant server clustering over the past year or so, we're finding that we'd like to improve our look and feel, improve response time, etc. and the natural way to do this is by incorporating javascript/ajax into our product. We've already begun some using ajax(y) in a few areas where very large tasks need to be coordinated over a long period of time — EG: longer than a typical browser timeout.

But we don't want to re-invent the wheel. There is a bewildering array of javascript frameworks, and with any framework, there's the risk of getting stuck trying to do something not anticipated by the framework developers.

So, which is the best, and why? Which should be avoided? Here are some of the frameworks I've seen so far:

Dojo, Ext JS, Fleejix.js, jQuery, Mochikit, Modello, Mootools, Prototype, Qooxdoo, Rico, and Scriptio. So far, in my research, jQuery and/or Prototype seem to be front runners, Dojo perhaps a close second.

I'd be most interested in the opinions of people who have switched from one to the other, and why?"

Turbo-charging logging?

mcrbids mcrbids writes  |  more than 5 years ago

mcrbids (148650) writes "I'm revamping our web-based application and am currently reviewing options as far as logging, particularly with redundant, clustered hosting solutions. I've run into a few problems that it seems no amount of online searching seems to have found.

My first concern is about scalability — our application writes directly to local log files. Unfortunately, many of the log entries are quite large and so cannot be piped over syslogd. Other options are much heavier, come with significant administration overhead, or bottlenecks. Is there a syslogd replacement that will allow for very large (tens of KB or larger) log entries?

My next question is about logfile integrity. A perfect log file is write-only, never rewrite. A one-way street, data goes in, gets saved, and never gets deleted. But any log file is essentially just a file, and a single # echo "" > /path/to/log will kill the log file dead. Yes, you can log remotely, but this increases complexity and therefore the chances of failure. Also, what if your remote log server is also compromised? I've been considering the use of a CD-R, especially the ability to recover from a buffer underrun during a write sequence. I've simulated a few, tying up the HDD with I/O while burning a CD-ROM. It under-ran, renegotiated, then resumed writing without incident. Why not use this capability, leave the drive in a sort of permanent under-run, and renegotiate for log entries? Wouldn't doing so create a file that could not effectively be erased, even if the host was compromised?"


Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account