×

Announcing: Slashdot Deals - Explore geek apps, games, gadgets and more. (what is this?)

Thank you!

We are sorry to see you leave - Beta is different and we value the time you took to try it out. Before you decide to go, please take a look at some value-adds for Beta and learn more about it. Thank you for reading Slashdot, and for making the site better!

Comments

top

Google Proposes To Warn People About Non-SSL Web Sites

mysidia Re:Sly (349 comments)

These are embedded devices.

You install the patch or firmware update from your appliance vendor to address the insecure transport security vulnerability (Failure to utilize secure protocols such as SSH or HTTPS over Telnet/HTTP for administrative connections; transmission of usernames and passwords in cleartext withotu encryption).

6 hours ago
top

A Domain Registrar Is Starting a Fiber ISP To Compete With Comcast

mysidia Re:Yeah, sure, any day now... (65 comments)

And Comcast has to be careful how it fights them or it can lad itself in trouble in ALL of it's other markets.

There is one simple way Comcast can fight them.... deliver a better service with better support at lower cost to the consumer, and do it in a way that makes the customers happier and more excited about their service than Tucows.

It does mean Comcast has to probably offer the 1 Gigabit or better service at a lower price than what Tucows is rolling out.

If Comcast uses any other method to fight them, then Comcast deserves to be more tightly regulated.

Of course if Comcast actually gets competitive and causes Tucows to fail fair and square, then once there is no effective competition once again, Comcast could raise their prices or take other new actions as a result of becoming a monopoly ---- in that case, I would expect the regulators to tighten their reigns heavily and create a cap on Comcasts' revenue and requirements similar to the Telco regulations requiring the phone companies to build-out and service all customers (no cherrypicking high-revenue customers; no excluding the "Top or Bottom 2% of users" who have been deemed unprofitable customers).

2 days ago
top

French Cabbies Say They'll Block Paris Roads On Monday Over Uber

mysidia Re:This sort of protesting should come with... (295 comments)

What is more, these cabbies should have their licenses threatened. A cab license is not a right.

Yes.... being a taxi gives you no right to obstruct usage of the roadways.

They should dispatch police to detain the offenders, and tow trucks to seize all the vehicles involved and impound them for at least 15 days.

Furthermore, their taxi license and their driver's license should be suspended until they pay costs of towing, storage, and a $1000 fine.

4 days ago
top

Seagate Bulks Up With New 8 Terabyte 'Archive' Hard Drive

mysidia Re:Just in time. (219 comments)

Most companies choose b) as their core business is not in the design of their own server equipment and they don't have the resources to do a).

This is somewhat of a false dilemma. There are very few companies in (a) who are willing to invest in resources to a truly thorough engineering job designing their own customized applications and servers for basic business needs, and there are plenty of companies who are in (b) which do not have the resources to design their own applications, let alone server equipment.

There are nevertheless numerous companies in (b) with IT management and staff who would like to at various times treat random projects as if the company were in (a); so Dell didn't spec the equipment with SATA drives, but now that our X application has new servers for it, we'll take this old storage chassis and toss some consumer drives in it. The key message is THAT will probably be a lot less reliable than the storage chassis outfitted with the disk drives that the vendor qualified, and what's more, even if the storage chassis doesn't do a firmware check on the drives to try and reject 3rd party drives to protect the customer from themselves; it is still likely to be completely unsupported by Dell when it eventually fails catastrophically.

And yet some of those companies have published individual drive data showing the exact reliability.

Yes, and they have a specific measurement of reliability and performance that applies to their environment, but not to most of mine or that of most enterprises. A hard drive has a reliability issue if it causes the storage system it is used in to fail; even if the hard drive itself is performing perfectly. Component failure is not the only reliability issue, so are bugs and unexpected behaviors.

In their environment; Backblaze would be concerned if a hard drive fails completely and stops reading or writing data with integrity while not idle, and a read/write test of the hard drive surface would fail, this would be how they define hard drive reliability: since they don't consider a hard drive to have failed if the entire disk can still be read or written.

In my environment I am concerned if a hard drive does anything or fails to do anything that causes it to be ejected from the RAID subsystem, or falls below a performance threshold, or accumulates bit rot, or causes a failure in the firmware-based health monitoring on the drive or in the storage chassis.

If a hard drive power cycles or resets itself just once unexpectedly and therefore shows up as "Ejected" or "Failed"; then I consider the drive to be unreliable, even though it would not meet Backblaze or Google definition of an unreliable or failed component, they would simply keep using it, as long as the drive continued to pass their tests.

5 days ago
top

Seagate Bulks Up With New 8 Terabyte 'Archive' Hard Drive

mysidia Re:Just in time. (219 comments)

No. Go look at an upper mid-sized enterprise, and ask what kind of hardware they have running their Microsoft SQL Servers, their Exchange server, or their Oracle cluster.

What Google, Facebook, and Yahoo are doing is not relevant at the enterprise level. These are super-colossal cloud-scale companies, that are 3 orders of magnitude larger than Enterprise computing, not ordinary enterprises.

Enterprise hard drives are designed for Enterprise use, not Google or Facebook's cloud or HPC clusters.

These massive companies also have their own custom hardware built at their disposal. They are not using RAID arrays like most enterprises are using, and they essentially have massive farms of workstations instead of servers running their computational workloads.

At sufficient scale, you can achieve reliability from consumer disk drives for in-house applications, by designing your application around your components, BUT the major requirement is that you are in control of the application stack, so you can actually use the disk drives like you want --- and not have to stick them in a tightly-coupled RAID array.

The consumer disk drives are not sufficiently unusable that you can't work around the limitations by having thousands of them in a cluster, with terabytes of cache spread over 5000 computers, and some smart application logic doing what ordinary RAID subsystems cannot.

5 days ago
top

Seagate Bulks Up With New 8 Terabyte 'Archive' Hard Drive

mysidia Re:Just in time. (219 comments)

There is no difference in reliability between "enterprise" and "consumer" drives. Those are purely marketing terms

The statement you have made is an overly broad genralization.

There are a multitude of differences between the average consumer drive and the average enterprise disk drive, which affect operational reliability of the drive in various scenarios.

For a consumer drive; the reliability has to be measured as correct operation of a single disk drive in a consumer workstation.

For an enterprise drive; the reliability has to be measured as correct operation within a larger storage subsystem, such as a hardware RAID environment, or a disk drive shelf being utilized by a Software or RAID subsystem e.g. Equallogic PS5xxx, Netapp FAS array.

One of the most important differences is the on-disk format and metadata.

Secondly, different types of disk drives have different proprietary firmwares, so they have different reliability footprints when in operational use in different scenarios.

Consumer disk drives cannot be substituted in while retaining the same level of reliability. Just like Enterprise disk drives cannot be substituted into a workstation while retaining the same level of reliability for that application.

5 days ago
top

Seagate Bulks Up With New 8 Terabyte 'Archive' Hard Drive

mysidia Re:Just in time. (219 comments)

Why would the interface change the reliability of the HDD?

Because a SAS drive is not identical to a SATA drive with a different interface attached.

5 days ago
top

BGP Hijacking Continues, Despite the Ability To Prevent It

mysidia Re:Shoplifting occurs despite the ability to preve (57 comments)

That's not the message. The message is: that some security problems can be solved technically, but the solution is so problematic, that the solution can't reasonably be accepted.

The major problem with RPKI is the legalese, and the fact that operators have some reasons not to trust the RIRs to administer it.

We see some of the matters of policy as self-serving. We recognize that RIRs are not infallible, and we're concerned about giving a single organization too much power over the community-operated internet.

Yes, ARIN and other RIRs are in control of WHOIS and the official record, which are only of value due to the consensus recognizing them, but us operators remain effective control of the operational internet.

If ARIN craziness results in an IP address allocation being revoked for insane reasons, such as registrant forgot to pay a bill, well, their network just keeps working --- since the RIR has no power to stop a working network.

RPKI changes this.

Also, since IPv6 makes RIRs such as ARIN a lot less relevant, we are concerned about their "rent seeking" behavior from operators, not just today, but in the future, and possible exorbitant price increases to discourage IPv4 usage and promote "outreach programs" and conferences and parties and other excess spending of questionable relevance to resource holders.

No ARIN-administered RPKI keeps the power more in balance --- today the network operators have a "check" on ARIN's power, by simply ignoring resource revokations and refusing to disrupt network(s) ARIN says to disrupt.

about a week ago
top

BGP Hijacking Continues, Despite the Ability To Prevent It

mysidia Shoplifting occurs despite the ability to prevent (57 comments)

These events continue, despite the ability to detect and prevent improper route origination

Locked cases with hardened glass are a technology that allow a store to protect products for sale from surreptitious pilfering. That is, assuming you can fit the products in the case. Lock manufacturers for the cases require stores to accept something called a "key security agreement", but the shop owner community seems unhappy with the inconvenience posed to customers, and is choosing not to implement it, just to avoid the KSA, leaving the goods on store shelves worldwide as a whole less secure.

about a week ago
top

Once Again, Baltimore Police Arrest a Person For Recording Them

mysidia Re:Fire all the officers? (514 comments)

I'm referring to taking people into custody under suspicion or with charges who were at the scene recording the officer.

If an officer beats / tazes someone, and evidence establishes there is no real justification for it and force was excessive and unwarranted, then the officer should be suspended without pay, and the victim given the opportunity to press charges and have the officer answer to them in court.

about a week ago
top

Once Again, Baltimore Police Arrest a Person For Recording Them

mysidia Re:Fire all the officers? (514 comments)

And get new ones. What's so difficult about that?

In general I agree with this, but first the officers should be given additional mandatory training to be completed within a short period of time.

If an officer fails to complete the training, they should be suspended until they do. If an officer does it after being trained appropriately about the new directive, then they should be penalized.

about a week ago
top

MIT Removes Online Physics Lectures and Courses By Walter Lewin

mysidia Re:Creating more victims (416 comments)

So what were their titles, and where can I get a copy of the content?

about a week ago
top

Ask Slashdot: Are Any Certifications Worth Going For?

mysidia Re:There is a reason for this! (317 comments)

Digital Watches, which are a pretty neat idea, were using ASICs in the 70's.

Yes; however, these were a different kind of ASIC. The kind of ASIC you would find in a watch is not performing a complex computational task by current standards.

You will also find certain ASICs in modern computers and servers which are part of the chipset.

When we are concerned about the difference between an ASIC-based forwarding architecture; we are primarily interested in tasks which cannot be executed efficiently at the same capacity on a general purpose FPGA or microprocessor, not the number of units which are being manufactured.

It turns out there are multiple different reasons ASICs become more cost-effective; when you would need a ton more general purpose processor wiring and power consumption to accomplish the same job that a well-designed application-specific processor constructed from ASICs could be more well-suited than a general purpose system using a generic computer board to complete the task, or a bunch of generic FPGAs and ICs glued together and programmed to do it in software.

about a week ago
top

Comcast Sued For Turning Home Wi-Fi Routers Into Public Hotspots

mysidia Re:Comcast Business Class (291 comments)

considering they can easily take up less than a tenth of a square foot, plugging that into the average square-foot rate for real estate in the area where the customer lives would probably only amount to perhaps a only a few additional pennies per month.

You are referencing wrong rates; you are referencing residential real-estate rates, but Comcast is using the real-estate for a commercial purpose, and when you rent out a small bit of real-estate for a commercial purpose, the expected rates are higher than personal usage. Lookup colocation rates for 1U of rackspace in low-tier data centers. Comcast is colocating a modem, which is comparable to colocating a 1U router. Obviously, you don't expect them to pay for delivering a service to you, but if they are using their colocation to generate revenue by taking advantage of the prime location of your property to deliver revenue-generating services outside your customer relationship, then you are entitled to a share of the extra revenue that placement on your property is used to generate independent of their usage to deliver your service.

For example, to declare even a *portion* of your rent or mortgage as a business expense in a home business you have to actually almost *exclusively* dedicate some square footage of your home, such as a den or what have you, to that business, and not use it for any personal purposes

This is only true if you are both the owner of the home and the owner of the business. And it is nothing more than a rule designed to prevent self-dealing on your taxes where you claim some rent to be a business expense without actually sacrificing anything to the business. The IRS rules also have some differences from the actual law, and you could challenge them.

about a week ago
top

Comcast Sued For Turning Home Wi-Fi Routers Into Public Hotspots

mysidia Re:I am by no means a fan of Comcast... (291 comments)

Since the 2nd modem is virtualized, it should not affect your transfer rates or bandwidth quotas.

WiFi can be fairly CPU intensive, and it can interfere with your own emitters.

This kind of interference is much more a problem than a neighbor's WiFi, as WiFi is low powered unlicensed emission, therefore a little bit of distance and walls tend to reduce the noise; this can increase the noise, resulting in worse throughput for wireless LAN clients in your home.

Unless there's a vulnerability in the router (which is possible)

Possible? It is almost certain. We just don't have the details yet.

about two weeks ago
top

Comcast Sued For Turning Home Wi-Fi Routers Into Public Hotspots

mysidia Re:This lawsuit will be dismissed. (291 comments)

Do you have a solution that doesn't require caller ID service?

ATT wants an arm and a leg to have caller ID svc.

about two weeks ago
top

Comcast Sued For Turning Home Wi-Fi Routers Into Public Hotspots

mysidia Re:Comcast Business Class (291 comments)

why would there still be an additional public IP on the modem?

Just because your service is being bridged, doesn't necessarily mean that the modem isn't acting as a router for other services.

It can also be assigned an additional public IP outside the forwarding plane for your service for management purposes.

Plenty of reasons for a device made to act as a bridge to still have an IP. Also, seeing as its DOCSIS, the additional IP it has if any can be completely discrete and not discoverable by the subscriber of the bridged service

about two weeks ago
top

Comcast Sued For Turning Home Wi-Fi Routers Into Public Hotspots

mysidia Re:Comcast Business Class (291 comments)

I would think,that comcast subscribers who have their modems used in this way should probably receive a monthly rebate on their bill of 50 cents

Nice try.... the customer should also have fair compensation for some other things of value that are being used by Comcast to generate these extra revenue for Comcast.

Mainly, the use of the customer's real-estate which the customer pays for and pays taxes on, for a purpose not related to service delivery to the customer, and in a manner which generates noise into their local RF environment on frequencies the customer may wish to use.

Next; bandwidth from the customer's service drop, which may affect their speeds if public users have high usage. Finally, the concern about additional potential risks for customer's network and service stability.

about two weeks ago
top

Comcast Sued For Turning Home Wi-Fi Routers Into Public Hotspots

mysidia Re:Comcast Business Class (291 comments)

I can think of a few ways of disabling it.... most of them involve the use of a screwdriver and a pair of snips, or placing the modem/router in a shielded metal box.

about two weeks ago
top

Ask Slashdot: Are Any Certifications Worth Going For?

mysidia Re:There is a reason for this! (317 comments)

I realize Vyatta can reach 10-Gigabit, but this is in a lab with idealized 1500byte or large packets, not real-world traffic which comes in a lot of shapes and sizes, especially during an attack, and then we have protocols which are highly latency sensitive or re-ordering sensitive such as VoIP, and "tricks" to try and reach 10-Gigabit throughput are compromising jitter-sensitive protocols.

We use Linux on our routers and it works just fine (we have about 400Mbit traffic on our AS).

How do you know for a fact that it works just fine? Are you quite certain that it really is 400Mbit, and not 800Mbit of traffic that inconsistently performing routers are quashing at peak time? :)

Have you hooked up a Spirent avalanche to a port on the router in a lab and sent 10-Gigabits of IP datagrams formulated as 70 Byte packets with randomized payload to randomized destinations transmitted at 17.8 Million packets per second, and measured a packet loss of 0% on the next hop?

Or, are you relying on the fact that the TCP stacks on your customers' equipment detect the increase in latency on your Vyatta router during congestion and automatically scale back their usage, causing download times to increase, while praying nobody uses Bittorrent, or gets infected and sends a UDP flood, or uses other more aggressive protocols and notices artifacts caused by being linked up through an ISP not using fully non-blocking (wirespeed) equipment?

about two weeks ago

Submissions

top

Senators petition to censor DUI checkpoint apps

mysidia mysidia writes  |  more than 3 years ago

mysidia (191772) writes "Senators, Harry Reid, Charles Schumer, Frank Lautenberg and Tom Udall, sent etters on Tuesday requesting Apple, Google, and RIM remove or modify apps that notify users of police checkpoints. According to the senators, the apps are "harmful to public safety", because drunk drivers could use them to evade police detection.
BlackBerry maker RIM ceded to the request on Wednesday."

Link to Original Source
top

R.I.P. OpenSolaris 2005-2010

mysidia mysidia writes  |  more than 4 years ago

mysidia (191772) writes "Last month, on July 14th, it was mentioned that the OpenSolaris governing board issued an ultimadum to Oracle. It turns out that Oracle continued to ignore requests to appoint a liason after the OpenSolaris governing board's demands. This morning, the OpenSolaris governing board unanimously passed the resolution to dissolve itself.

Source code changes are no longer available, and It would appear that OpenSolaris and community involvement in the development of Solaris have been killed as rumored.

A recent article on slashdot discussed a "Spork" of OpenSolaris, Illumos. Perhaps now, this will have a chance of becoming a true fork."

Link to Original Source
top

US court strikes down media swearing ban

mysidia mysidia writes  |  more than 4 years ago

mysidia (191772) writes "A federal appeals court in Manhattan struck down a policy of the FCC which banned broadcasters from allowing curse words on live TV. The court concluded the rule was unconstitutionally vague and had a chilling effect on broadcasters. In the 2 to 1 ruling, the court found that policy was "arbitrary and capricious", but that the FCC might be able to craft a policy that does not violate the First Amendment.

"'By prohibiting all `patently offensive' references to sex, sexual organs and excretion without giving adequate guidance as to what 'patently offensive' means, the FCC effectively chills speech, because broadcasters have no way of knowing what the FCC will find offensive,' the appeals court wrote."

Fox Stations, owned by News Corp., and other networks had brought suit in 2006 after the FCC cited use of profanity during the airing of awards programs."
Link to Original Source

top

IPv4 free pool drops below 10%, 1.2.3.4 allocated

mysidia mysidia writes  |  more than 4 years ago

mysidia (191772) writes "A total of 16,777,216 IP address numbers were just allocated to the Asian Pacific Network Information Centre IP address registry for assignment to users. Some venerable IP addresses such as 1.1.1.1 and 1.2.3.4 have been officially assigned to the registry itself temporarily, for testing as part of the DEBOGON project.
The major address blocks 1.0.0.0/8 and 27.0.0.0/8, are chosen accordance with a decision by ICANN to assign the least-desirable remaining IP address ranges to the largest regional registries first, reserving most more desirable blocks of addresses for the African and Latin American internet users, instead of North America, Europe, or Asia.

In other words: of the 256 major networks in IPv4 (4,294,967,296 IP address numbers), only 24 network blocks (402,653,184 IP addresses) remain unallocated in the global free pool, and many of the remaining networks have been tainted or made less desirable by unofficial users who attempted an end-run around the registration process, and treated "RESERVED" IP addresses as "freely available" for their own internal use. This allocation is right on target with projected IPv4 consumption and was predicted by the IPv4 report, which has continuously and reliably estimated global pool IP address exhaustion for Late 2011 and regional registry exhaustion by Late 2012.

Services such as anoNet, and other private Enterprises that have been using 1.0.0.0 IP addresses, such as "1.2.3.4", for their private networks or intranet applications, are on the verge of impairing their activity to legitimate users of those IP addresses in the next few years.

So, does your enterprise intranet use any unofficial address ranges for private networks?"
top

How To Hijack 'Every iPhone In The World'

mysidia mysidia writes  |  more than 5 years ago

mysidia (191772) writes "A new article from forbes.com reports on an unpatched iPhone vulnerability that researchers Charlie Miller and Collin Mulliner plan to reveal at Black Hat. The bug may allow hackers to remotely seize control of iPhones by using SMS text messages. "If you receive a text message on your iPhone any time after Thursday afternoon containing only a single square character, Charlie Miller would suggest you turn the device off. Quickly."
A similar vulnerability is reported to exist on devices running Windows mobile software."

Journals

mysidia has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?