Beta

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Comments

top

HP Gives OpenVMS New Life and Path To X86 Port

mcrbids Re:Not in visable uses... (131 comments)

The most bad-ass server I've ever had the pleasure of working with was a Digital VAX 11/750 generations ago. It was *built* to be reliable from the very first rivet.

Oh sure, my pocket phone has far more power, memory, and storage. Despite the ample square footage of my "McMansion" house, It would not have fit in my kitchen. It ate power like global warming really was a myth. But as a server, it was in its own class.

It would automatically detect memory that was failing and rebuild from memory (like ECC) but then would remap that address so it would no longer be used.

You could upgrade its CPUs one at a time without shutting it down.

It was like a hoover with data, versioning files was intrinsic to how the O/S worked.

One time, the A/C in the computer room went out. It mapped *everything* in RAM to disk as the temperature rose and the chips became unreliable. We literally pulled the plug on it because it was completely unresponsive, as all operations were working directly off HDD. When the A/C was fixed and it was powered up late that night, it spooled all of RAM out of the HDD swap, and everybody's workstation resumed exactly where they had left off that afternoon - we couldn't find any data loss at all.

I will forever bow in deference to the greatest server I have ever had the pleasure of working on. How HP managed to acquire such a legacy and turn its back... part of me cries inside.

yesterday
top

Ask Slashdot: Is Running Mission-Critical Servers Without a Firewall Common?

mcrbids Re:Fire(wall) and forget (343 comments)

Put the firewall up FIRST, and open essential ports as necessary. This is network security 101.

Duh?

I think the question is whether or not you trust iptables to be the firewall, or whether or not you have a dedicated device as a firewall.

  Sadly, as a security device, dedicated firewalls are their own can of worms. For example, firmware updates for dedicated firewall devices are often much less frequently issued, and the update process is typically far more painful than you'd see as a mindful admin for a Linux box. Many "dedicated firewall" devices are little more than Linux + iptables + proprietary interface anway, meaning you aren't protected at all if there's a common kernel flaw found. Lastly, being heavily stripped down, you have no way to audit them to see if they *are* compromised, because half your toolchain is missing even if you do have shell access, even though, as a full-fledged, turing complete computing device, they are quite useful to a black hat.

All that said, I do frequently use dedicated firewalls, but also use locked down Linux servers interchangeably. Given the 10+ years of excellent security track record I've maintained going this route, I'm pretty confident this doesn't mean I'm incompetent, as would seem to be the opinion around here.

I am a bit paranoid about security, disabling password access anywhere possible, relying on default-deny firewalls, using port-knocking & non-standard ports for SSH, not using non-ssl connections for *anything* administrative, VPNs required for access to insecure services like IPMI, etc.

2 days ago
top

The Misleading Fliers Comcast Used To Kill Off a Local Internet Competitor

mcrbids Re:The advertising is okay (250 comments)

We paid Comcast to bring broadband to us in the first place. That they haven't done it yet means we'd only have to pay twice to get it if we went the municipal route, whereas we won't get it at all from Comcast.

Even if we did "get" the broadband, they've shown perfect willingness to simply refuse to upgrade their networks to allow bandwidth to flow from Internet companies they don't like. (*cough*Netflix*/cough*)

3 days ago
top

Amazon's Ambitious Bets Pile Up, and Its Losses Swell

mcrbids Re:surpising (168 comments)

On the Internet... Hype = Sucker Investors.

There, FTFY.

about a week ago
top

The Improbable Story of the 184 MPH Jet Train

mcrbids The death of trains (195 comments)

In Europe, they discovered that train wrecks were really, really bad. So they set about building a system of trains that didn't wreck, with numerous controls and systems to prevent collisions, resulting in an excellent safety record and low cost.

In the United States, they discovered that train wrecks were really, really bad. So they set about building a system of trains that survived wrecks with minimal injuries, with heavy crash cages and crumple zones in order to gracefully survive collisions, resulting in an excellent safety record and ridiculous costs.

Making a US train go as fast as an EU train is very difficult to do feasibly, since it weighs at least 4x as much per passenger.

about two weeks ago
top

People Who Claim To Worry About Climate Change Don't Cut Energy Use

mcrbids Re:user error (710 comments)

For the most part, I agree with you. I'm also a bit of a cheap bastard. I ride my bike to work largely for health reasons but also because it's cheaper. I switched to CFLs over a decade ago when I saw the cost savings. I aggressively turn up the AC to "just barely comfortable" to save money. I ditched the home phone for Magic Jack, and I ditched cable TV for Hulu/Netflix. By watching the gas consumption calculator on my car, and reading up about "hypermiling" I get about 10-20% better fuel economy simply by changing my driving patterns - after some practice, I can do it without doing anything people driving with me would notice without paying close attention. I routinely time shift my schedule either early or late so I avoid traffic altogether.

If I owned my house, I would have erected a solar back porch roof long ago to both keep sun off the house and power the A/C.

And by the way, modern cars are so low emission that some of them actually clean up the air around them. The 2011 Ford F150 Raptor is one of them. If I were an environmentalist, (and I need to stress that I am NOT) I would push for more of these cars to be on the road than lobbying for higher gas prices (which serves to ruin the economy, and has almost no actual benefit on reducing emissions.)

But, I LOL at statements like this! This statement is only true if you ignore the 800 pound gorilla in the room: CO2.

about two weeks ago
top

German NSA Committee May Turn To Typewriters To Stop Leaks

mcrbids Re:So what? they can be tapped to. (244 comments)

Pffft. Please. They have glass windows on their walls, right? An infrared laser microphone reflecting off the window would be more than sufficient. The trick would be to connect several electric typewriters together with a randomizer so that there are many typewriters banging away in random in the same room.

about two weeks ago
top

Airbus Patents Windowless Cockpit That Would Increase Pilots' Field of View

mcrbids Re:Failsafe? (468 comments)

Do you have any idea what % of landings are VFR? (Visual Flight Rules) It's almost certainly over half, and may be as much as 90%.

about three weeks ago
top

Are Tethers the Answer To the Safety Issues of Follow-Me Drone Technology?

mcrbids As a pilot and aviation enthusiast... (88 comments)

I really rue the day that "r/c model aircraft" because a "drone". Suddenly, a toy is worth regulating, and it's become rather ridiculous.

Now we're talking about having to tether a model aircraft with a line, so that now we have entanglement issues?

Can somebody please add some reason?

about three weeks ago
top

No Shortage In Tech Workers, Advocacy Groups Say

mcrbids I simply haven't seen it (401 comments)

I'm a partner in a small software company. We employ 8 developers, 26 total staff. Our wages are midline, our benefits excellent, and our work environment is superb. I haven't seen *any* benefit from the H1B's.

And we've tried!

We really need people who can code. We have problems to solve, we need programmers to code answers to the problems. We really don't care about education credentials - if you can code, write reasonable answers to solve real problems, we're interested in you. We took a look at the H1B visa thing, and we were consistently disappointed. Gorgeous, impressive resumes for people with Masters or (gasp) even PHDs in computer science who couldn't write a SQL statement, recursive algorithm, or even factor a number. "Write me a function that replaces the word "apples" with "oranges" in a given input string was met with blank stares.

I don't know what they do, but I'm not interested in finding out. But if you want to live in NorCal and want a decent job at a small, securely growing software company... PM me!

about three weeks ago
top

Boston Trying Out Solar-Powered "Smart Benches" In Parks

mcrbids But ugly as hell (119 comments)

So, you have this boxy thing mounted in the middle of the park bench. The promo photo has two attractive people awkwardly trying to look chic sitting next to something about he size of an old-school VCR bolted to the middle of the bench. Of course, you'd naturally stick your 32 oz triple malt latte on it, and any 9 year old with angry daddy issues will beat it with the nearest rock. Meanwhile, it provides no shade at all.

Great idea, utter failure in implementation. Instead:

1) Put the solar panel (even if small) on a pole OUT OF THE WAY so it lets you sit on the !@# seat, and provides at least a modicum of shade. Better yet, made the overhead cover the length of the bench so the shade is usable and you get some protection from light rain.

2) Put the USB charge port under the seat. This provides automatic protection from accidental strikes and also doesn't provide an automatic target for 9 year olds with angry daddy issues.

As it sits now, it's practically a show case example of some bad engineering product a la Dilbert.

about a month ago
top

Larry Page: Healthcare Data Mining Could Save 100,000 Lives a Year

mcrbids Larry's probably right! (186 comments)

One thing I know about the Googlites is that when they make a public statement like this, it's usually pretty conservative. Self-driving cars seemed like a pipe dream, but they're just about here, and it's for real.

In fact, Google has been working for years to use their information for predicting disease breakouts in a more general sense. If he says 100,000 lives, they've probably already done the math to support that statement.

about a month ago
top

World's First Large-Scale Waste-to-Biofuels Facility Opens In Canada

mcrbids Re:Jerk off material for the Greenies (96 comments)

It is true that landfills are often usable afterwards for parks and even houses!

It is also true that landfill locations have to be carefully surveyed for issues such as water runoff and geological stability in order to ensure that land fills don't pollute groundwater or leak toxic chemicals, etc. Nobody wants to live next to a landfill for the 10-40 years that they are open. They aren't pretty. They smell bad, and attract vermin. As we learn more about the real effects of land fills, we often find that even years after being closed, they are causing ongoing environmental damage that is very expensive. Many toxic "super fund" environmental disasters are previous dump sites.

And, if it's actually profitable recycle instead of dumping, are you really arguing that we should dump anyway?

about a month ago
top

Supermicro Fails At IPMI, Leaks Admin Passwords

mcrbids Re:Wha? (102 comments)

Makes perfect sense why the passwords would suck. These are the same doofus types that put IPMI on the public Internet.

about a month and a half ago
top

Code Spaces Hosting Shutting Down After Attacker Deletes All Data

mcrbids Site gap, not air gap (387 comments)

IMHO:

1) Backups that don't get done automatically often don't get done regularly, so they should be automatically performed via scripts.

2) Offline isn't as important as offsite. Buildings catch fire, get flooded, disappear into sink holes, get hit by falling jet airplanes.

3) Security matters. Paranoia should be the order of the day.

about a month and a half ago
top

Shawn Raymond's Tandem Bike is Shorter Than Yours (Video)

mcrbids 16" wheels are surprisingly useful (85 comments)

I'm a fan of foldable bikes. Think: Dahon and/or Bike Friday. They solve one of the biggest problems with bikes in conjunction with an automotive culture: getting "stuck" with a bike that you rode to work but won't be driving home with.

So, I've spent a lot of time on a 16" wheel on a Dahon Stowaway with performance tires, and a finely tuned internal 3-speed hub that made it into a surprisingly fast speed demon. I loved it - it was fast, casual, and convenient. Sadly, it was stolen.

The small, 16" wheels are surprisingly effective on commuter bike! No, you don't go off road on 16" wheels - but ask yourself: do you really do that much anyway?

about a month and a half ago
top

Portland Edges Closer To Google Fiber

mcrbids Re:Here's yer free market, telco's (106 comments)

BTW: I'm a Comcast Internet-only customer. I ditched our AT&T landline years ago and replaced it with a MagicJack for $20/year/unlimited.

I get about 20 Mbit for $65/month. I'd pay $100 for Gb fiber in a flat second.

about a month and a half ago
top

Musk Will Open Up Tesla Supercharger Patents To Spur Development

mcrbids Re:He continues to show himself to be ... (230 comments)

How is this a dumb move? By making charging stations ubiquitous, Elon is paving the way for even more sales of their already popular electric cars.

Sometimes, it's really important to know what your *core competence* is, and what is not. With this move, it would seem that Tesla motors sees that it is in the business of selling cars, not fueling stations.

about 2 months ago
top

In the year since Snowden's revelations ...

mcrbids The change isn't in what I know (248 comments)

The change that matters is that now everybody knows it. This makes it easier to justify an actual budget for securing things.

about 2 months ago

Submissions

top

Comcast blocking DNS for BitTorrent users?

mcrbids mcrbids writes  |  about 2 years ago

mcrbids (148650) writes "It appears that Comcast is killing BitTorrent use by blocking DNS to BitTorrent users.

For the past week, I've been having issues with my Comcast cable where everything "works fine" except DNS. Even setting up my own caching name server did not work since UDP port 53 was a black hole as far as the public Internet was visible to me. Resetting the modem/router fixed it, only to have the problem reoccur anywhere from a few hours to a day later.

Last Friday I noticed BitTorrent running on my Mac, sharing only a CentOS ISO image, and killed it. I haven't had a problem since. Can anybody corroborate this apparently new tactic being used by Comcast to censor BitTorrent use?"
top

Apache webserver vulnerable to "slow get", too

mcrbids mcrbids writes  |  more than 3 years ago

mcrbids (148650) writes "About a month ago, a story broke that http (apache, IIS and everything else out there) was susceptible to a "slow post", where a malicious client starts a connection to a web server, sends headers indicating a very large upload via POST, and then sends that upload very slowly, starving resources and eventually causing a DDOS.

Well today, doing some research to see how effective this attack was (hint: VERY EFFECTIVE) I tried the same thing using http GET as well, and saw very similar results. With a simple, 20-line PHP script run from my laptop, I was able to take a fairly beefy internal webserver (8 core, 12 GB RAM, CentOS 5) offline in just under a minute, and keep it that way for as long as I wanted to. The technique was simple: send "GET /" and then append letters, 1 or 2 every second or so. After several hundred simultaneous connections were achieved, the web server was no longer responsive. I don't have an IIS server to test against, and don't feel like using any "unwitting volunteers".

It doesn't take a large botnet to take most hosts offline. It takes only a single, relatively low-powered laptop and a 20-line script hacked up in PHP 5.Given that the "slow post" attack is already well known, it's only a matter of time before a black hat discovers that even disabling form post won't protect anybody, either!"
top

Disable Advertising? No way!

mcrbids mcrbids writes  |  more than 4 years ago

mcrbids (148650) writes "Dear Slashdot,

This is the only way I can think of to actually send a communication to you. I noticed tonight a checkbutton labelled: "As our way of thanking you for your positive contributions to Slashdot, you are eligible to disable advertising."

Well, I'm not going to check it. I've spent years writing my often +modded posts, and have enjoyed doing it! Your adveritising is subtle enough to not detract needlessly from the experience, you get a few pennies from my daily views, and I have purchased more than one item due to an ad posted on Slashdot. It's a win/win/win situation, and I will not be checking the button, nor do I steal content from websites by using products like Adblock. If a website has ads posted intrusively, then I avoid that site, rather than legitimize a website that is offensive in nature by giving it the benefit of my eyeballs.

Thank you Slashdot, for maintaining a high quality, highly relevant site for over 10 years now! I've not paid a thin dime for any of your content, and I have spent countless hours pontificating finer points; you have more than deserved whatever revenue you get from your classy, unobtrusive ad impressions!"
top

Root hole found in Linux

mcrbids mcrbids writes  |  about 5 years ago

mcrbids (148650) writes "Looks like a pretty serious hole has been found in Linux — affecting 32 and 64 bit versions of Linux with and without SELinux using a creative way to exploit null pointer references. You can check it out yourself. As of this writing, there are no patches available for this, making it a potential zero-day exploit."
top

Rockstar squelches connection to Michael Savage

mcrbids mcrbids writes  |  more than 5 years ago

mcrbids writes "While poking around online I found this article which details an an easily verified connection between Rockstar Energy Drinks and Michael Savage the "shock jock" commonly found on ultra-conservative talk radio. Michael Savage has been banned from entering the United Kingdom due to the hateful nature of his monologues. Strangely, he broadcasts from the highly liberal San Fransisco on KNEW AM Rockstar has responded with the standard C&D route with lawyers, et al. Is this going to be another example of a company who hasn't discovered the Streisand Effect or is there legitimately no connection between Michael Savage and Rockstar Energy drinks, even if they are at the same address and share the same CFO? (Michael's wife, Rockstar CEO's mother)"
top

Best javascript framework?

mcrbids mcrbids writes  |  more than 5 years ago

mcrbids (148650) writes "For the past 6 years or so, we've been heavily developing a proprietary, custom vertical application based on Linux, Apache, PHP, and PostgreSQL in a home-rolled PHP framework based loosely on Horde. We've been quite successful in the marketplace with our relatively classic technology based on HTML 3.x.

After investing heavily in fully redundant server clustering over the past year or so, we're finding that we'd like to improve our look and feel, improve response time, etc. and the natural way to do this is by incorporating javascript/ajax into our product. We've already begun some using ajax(y) in a few areas where very large tasks need to be coordinated over a long period of time — EG: longer than a typical browser timeout.

But we don't want to re-invent the wheel. There is a bewildering array of javascript frameworks, and with any framework, there's the risk of getting stuck trying to do something not anticipated by the framework developers.

So, which is the best, and why? Which should be avoided? Here are some of the frameworks I've seen so far:

Dojo, Ext JS, Fleejix.js, jQuery, Mochikit, Modello, Mootools, Prototype, Qooxdoo, Rico, and Scriptio. So far, in my research, jQuery and/or Prototype seem to be front runners, Dojo perhaps a close second.

I'd be most interested in the opinions of people who have switched from one to the other, and why?"
top

Turbo-charging logging?

mcrbids mcrbids writes  |  more than 5 years ago

mcrbids (148650) writes "I'm revamping our web-based application and am currently reviewing options as far as logging, particularly with redundant, clustered hosting solutions. I've run into a few problems that it seems no amount of online searching seems to have found.

My first concern is about scalability — our application writes directly to local log files. Unfortunately, many of the log entries are quite large and so cannot be piped over syslogd. Other options are much heavier, come with significant administration overhead, or bottlenecks. Is there a syslogd replacement that will allow for very large (tens of KB or larger) log entries?

My next question is about logfile integrity. A perfect log file is write-only, never rewrite. A one-way street, data goes in, gets saved, and never gets deleted. But any log file is essentially just a file, and a single # echo "" > /path/to/log will kill the log file dead. Yes, you can log remotely, but this increases complexity and therefore the chances of failure. Also, what if your remote log server is also compromised? I've been considering the use of a CD-R, especially the ability to recover from a buffer underrun during a write sequence. I've simulated a few, tying up the HDD with I/O while burning a CD-ROM. It under-ran, renegotiated, then resumed writing without incident. Why not use this capability, leave the drive in a sort of permanent under-run, and renegotiate for log entries? Wouldn't doing so create a file that could not effectively be erased, even if the host was compromised?"

Journals

Slashdot Login

Need an Account?

Forgot your password?
or Connect with...

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>