Announcing: Slashdot Deals - Explore geek apps, games, gadgets and more. (what is this?)

Thank you!

We are sorry to see you leave - Beta is different and we value the time you took to try it out. Before you decide to go, please take a look at some value-adds for Beta and learn more about it. Thank you for reading Slashdot, and for making the site better!



Ask Slashdot: How To Deal With a DDoS Attack?

pushf popf There's still no free lunch. (303 comments)

Before I found that there was a lot more money and a lost less hours and stress doing consulting than being a cubicle drone, I worked for a large hosting company.

Handling a DDOS attack is a piece of cake. We handled a few a week and this was in the early 2000s. We would watch the router traffic graphs and see a spike that might be eating 5% or 10% of our capacity and just grin. All you need is money. Your ISP needs giant pipes, spare server capacity distributed around the world and sharp network guys, and for the right price, they'll simply make the problem go away for you.

However the cost of doing this means that if $1500 to Rackspace sounds like a lot of money, you're not in this league.

If you're at the "less than $200/month" level for hosting, your best course of action is to not piss people off, and if you're attacked just hope you can wait it out.

The "up side" of having a small site with cheap hosting is that it probably won't actually do much damage to your business if it's down for a few days.

more than 2 years ago

Software Engineering Is a Dead-End Career, Says Bloomberg

pushf popf Re:Wrong.!! (738 comments)

> I'm 43 and I work in the way he describes. I've never had more freedom, more time, or more money.

Absolutely! Start your own business and whore yourself out to the companies that were dumb enough to fire all their really talented guys.

I've never been happier. I wake up every morning at the crack of "whenever the hell I feel like it", make breakfast, take the dog out for a walk, then drop in on some clients.

While the money has never been better, the freedom and peace of mind is infinitely more valuable.

more than 2 years ago

Ask Slashdot: Finding an IT Job Without a Computer-Oriented Undergraduate Degree?

pushf popf Re:Planning for success (504 comments)

My bet here is that some Slashdot posters are going to enter this conversation and tell you that you don't need a CS degree to be successful. That you might even be able to get away with taking a few formal classes, working on some more open source projects, and to keep trying.

I have no CS degree. I have no degree of any kind and have been working in IT for 25+ years. I was snatched out of college before I had the chance to finish my P/E requirement. Apparently knowing how to run around a track or dribble a basketball was important somehow. In any case, I never went back and never finished.

In any case, once you have some successes under your belt, nobody gives a crap where (or if) you graduated.

While there's nothing wrong with a degree, it really doesn't certify that you have any special knowledge or level of expertise, it certifies that you're a good drone and can put up with huge quantities of pointless tasks and bullshit assignments, which makes you perfect for the corporate workforce or government.

more than 2 years ago

Hackers' Flying Drone Now Eavesdrops On GSM Phones

pushf popf I see a huge job offer in their future. (90 comments)

I'm sure any number of military and intelligence agencies would be thrilled to give them a pile of money and all the cool toys they could handle.

more than 3 years ago

Chinese City Wants To Build a Censorship-Free Hub

pushf popf Re:Political Theory (94 comments)

* Ahem * As a degree holder in Political Science with a minor in International Relations, ,i>kaff-kaff,/i>, I may be able to contribute here. The suspicions above are not without foundation. However, historically whenever a totalitarian regime has tried to espouse free and independent thought in a "contained" place, they often wind up growing free thinkers that they cannot later control. Hitler tried coddling his engineers, but they wound up sending secrets to the English and Americans. Stalin tried pampering Sakarov. So while I wouldn't drop my drawers in Chongqing's proposed Cloud Computing Special Zone, but I would applaud and encourage it. It could become an incubator for a representative there who actually believes what he's promising and would be frustrated to learn he's a front... a breeding ground for future Nobel Peace Prize nominees. So polite hurrahs are warranted.

Oddly enough, the Chinese government isn't stupid and takes a very long-term view of things.

This could be exactly what they're planning and want this to happen so they can have the benefits and freedom due to the "changing times" without having to embarrass themselves by back-peddling with their current policy. It also lets them selectively enforce "who has freedom" by allowing the access policy to the area be "leaky".

more than 3 years ago

Ask Slashdot: Verifying Security of a Hosted Site?

pushf popf Not possible on a shared host (182 comments)

If you don't control everything on the box, you can't ensure security.

Regardless of what they claim or what they do, you're essentially sharing the box with hundreds or thousands of other users who potentially have access to run whatever they feel like.

I would suggest a Virtual Private Server on Linode. Your server is yours and security will live or die by how you configure it.

more than 3 years ago

On Monday, AT&T Customers Enter Era of Broadband Caps

pushf popf It's false scarcity based on greed. (537 comments)

When most of the long haul and medium haul fiber was laid, they didn't just bury what they needed, they buried a bunch of it. However most was never connected to equipment (lit up).

This dark fiber is still sitting in trenches and conduits (many were taxpayer funded) running along a huge number of US superhighways, and has not seen a single byte of data.

This is mostly because having additional capacity would remove the artifical limits, increase the supply and cause prices for internet access to drop.

While some companies have problems with "the last mile" (to the home), companies that ran fiber to the home like Verizon, are still attempting to limit bandwidth and create artifical shortages.

more than 3 years ago

Anxiety and IT?

pushf popf Re:Chill out... (347 comments)

My answer was to "say no"

In fact, I went on to say "If you really need 24x7x365 support, you need three shifts of employees, not one poor bastard that you think you can call at 3am because something is unhappy"

It worked just fine and I never got a call. when I went home at night, I was gone. When I came back in the morning, I was there.

Setting limits with employers will do wonders for reducing stress and workload. They probably won't fire you unless they're complete dickheads, in which case a better job awaits somewhere else.

more than 4 years ago

Emergency Broadcast System Coming To Cell Phones

pushf popf WTF! Are you serious??? (256 comments)

If I get a text about a giant tornado headed my way, do you honestly think I care if they charge me 20 cents for the "head's up"?

more than 4 years ago

Evaluating Or Testing Utility SCADA Security?

pushf popf Re:Don't put it on the Internet! (227 comments)

That is completely impractical.

People in userland need data from the SCADA network to keep the business running. They absolutely must have a way to get it. Saying "no" isn't an option.

Sure it is.
  Watch this: "You're being paid to do a job. Being inconvient helps to safeguard the public utilities and prevents tampering from remote locations. If I find any systems that are connected to the public internet in any manner no matter how convoluted, I will fire the responsible individual(s) and their manager(s) on the spot."

See how easy that is?

Need data? Write it to a DVD and sneakernet it to whoever/whatever needs it.

Good advice. Try it with 30 plants covering a 1500sq mile area. While you were out all day updating your servers, an instrument tech forgot to clean his thumbdrive before plugging it in to an IEM to update the firmware. Since you didn't have regularly updating anti-virus, your whole network is now down and the company is losing millions of dollars an hour in lost production while you try to clean the 60 servers and 400 consoles on your SCADA network.

That's even more of a reason to not be connected to the net. The damage would be limited to the area one man could travel in a day, instead of everything, everywhere.

And you know what? I don't care if it's practical. Not all jobs get to be "convienient".

more than 4 years ago

Evaluating Or Testing Utility SCADA Security?

pushf popf Re:Don't put it on the Internet! (227 comments)

Good safe practice for separating a process control network from the internet is something like: internet > corporate network > buffer network > process network. Completely separating it is not advisable, because it can actually make it harder to administer and protect (updates, antivirus, etc). It's an option though if you are diligent with sneakernet updates and whatnot.

That's absolutely a recipe for disaster.

Nothing on the SCADA system should connect to anything, on any other network, using any method. No VPN, VLAN, Dameware, Citrix, or anything else you can come up with. Nada. Zip.

If this makes updates harder, that's awesome. It's supposed to. Someone is getting paid to do maintenance. It's their job. If by chance, you wish to do an update at some point, download the update, verify all the signatures with the vendor, burn it to a DVD and walk it over and install it. Then put the DVD somewhere safe, so when your system goes down you can find out what did it.

more than 4 years ago

Fighting Ad Blockers With Captcha Ads

pushf popf They seem to be missing the point. (450 comments)

Advertising exists in order to create a demand for stuff people don't need.

People already know they need food, water and shelter. Nobody needs a steak from Outback or a new Disney toy.

They can't "force" anybody to do anything and if viewing specific content requires watching an ad, then I guess they'll have to get along without my business.

more than 4 years ago

Tech's Dark Secret, It's All About Age

pushf popf Re:Experience is a Gift... (602 comments)

Will be very happy when the market tightens up again (which unfortunately means ageism since the boomers ahead of me have to frikkin retire). And I sympathize with the poor graduating 20 year olds- they are screwed. No jobs so no experience and a $40k college bill.

Sorry to be a downer, but I'm at the tail end of the boom, but really like consulting, and won't be retiring until they drop me into a nice plot near a shade tree and a headstone. 8-)

Happily, if you're good, you can do the same thing. The amount of great work available for competent consultants is nearly infinite. Most of it involves fixing and taking care of stuff some twenty-somethings wrote at 3am after two years of 80 hour weeks, but I don't care since it pays well enough that 20 hours now pays more than 80 hours a couple of decades ago.

more than 4 years ago

Tech's Dark Secret, It's All About Age

pushf popf Re:Experience is a Gift... (602 comments)

because 20-something morons who have never seen a project managed competently think it's supposed to be that way." I would venture to guess...there are PLENTY of 40-50yr olds that have yet to see a project managed competently...

Most projects are doomed before they start, when the budget, timeline and requirements silently collide in huge explosion that nobody acknowledges seeing or hearing.

I remember back in the dark ages (early 90's) I sat through a meeting describing software that had an only slightly smaller scope than the creation of the universe. After the meeting, I told the project manager that the only way to be on-time, within budget and meet specs would be if he had a magic wand and a time machine.

For some reason that wasn't a popular opinion and I wasn't invited to any more meetings.

OTOH, the project was a massive money sucking hole, and when it was months overdue and way over budget, the company killed it and was sued for breach of contract. Then went bankrupt.

Successful project management starts with realistic expectations, budget and time-line, which due to market-pressures is usually absent.

more than 4 years ago

Tech's Dark Secret, It's All About Age

pushf popf Re:I'm an old timer and like vacations more than w (602 comments)

What makes you think they'll write the right code? That's what experience buys.

They probably won't, but it's easy enough to say "No that's not right, fix it."

more than 4 years ago

Tech's Dark Secret, It's All About Age

pushf popf I'm an old timer and like vacations more than work (602 comments)

Why on earth should I work insane hours to write code that younger people can write faster and cheaper (and honestly probably better)?

Start your own business and hire the "young guns" instead of complaining about them.

If I need a bunch of code written, I'll hire 20-somethings to write it while I go SCUBA Diving in the Caribbean.

Life is short, you might as well enjoy it because, well, because . . . "fun is better than anxiety"

more than 4 years ago

Look-Alike Tubes Lead To Hospital Deaths

pushf popf Take a clue from SCUBA (520 comments)

In SCUBA diving, it's simply not possible to connect the wrong hose to the wrong thing.

Low pressure hoses (140PSI) simply do not fit in (3000PSI) ports. 200Bar regulators do not fit on 300 bar valves.

In fact, this is exactly the reason that household natural gas flexible connector fittings are no longer compatible with plumbing fittings.

There's absolutely no excuse for anything that connects to a human to have the possibility of a fatal mistake.

more than 4 years ago

Highly Directional Terahertz Laser Demonstrated

pushf popf No kidding. (125 comments)

Dude, I'm 33 years old. I'm married and I've got two kids. It has been years since anyone has been interested in my genitals, and I kind of miss the attention.

I think there are a lot of people with delusions of being supermodels.

Most of the people I see on planes are ugly as hell and getting me to stare at them naked all day on a scanner would require some serious compensation.

more than 4 years ago

Why Wave Failed

pushf popf Re:SSDD (350 comments)

You could take notes of the important parts and screen shots or video of the shared whiteboard.

more than 4 years ago



Written Specs vs Reality for HD Surveilance Cams?

pushf popf pushf popf writes  |  more than 4 years ago

pushf popf (741049) writes "I've been playing with HD video surveillance cameras, and purchased a Stardot NetCam SC 5MP Day/Night (IP). It's described as a 5 megapixel video camera with a 30 frame/second capture rate.

The specs say it's 30FPS, however the best I've ever been able to squeeze out of it is 3FPS. I sent it back to the factory and they said it was operating normally and that my network or server was probably slow. So . . .

I built a massively overpowered server with a high-performance RAID array and fast drives, and put the camera and the server on their own network switch. Guess what? (spoiler alert) It's still only 3FPS.

Is it possible this is as fast as it goes? If so, does anybody have any recommendations for cameras that actually meet their specs?

Any thoughts? While I don't need anywhere near 30FPS, 3 is just way too slow and I'm feeling just a little ripped off by Stardot."

Legality/Ethics of Replacing a Hotlinked Image

pushf popf pushf popf writes  |  more than 4 years ago

pushf popf (741049) writes "My website contains a moderate number of images in various resolutions, up to about 8MP. People have always hotlinked them, which, while not a performance or resource issue, just really annoys me. I pay for my bandwidth and they should too.

So . . . A while back I started serving up a plain image that says "Image removed due to unauthorized hotlinking", which doesn't seem to have much effect. The "unauthorized hotlink" image gets a lot of traffic.

Which brings me to my actual question:

Does anybody have any idea if it's legal (or ethical) to replace the image they're stealing with:
  1. A huge pile of dog poop
  2. Goatse
  3. Advertising.

The first two would make me happy, and the last one would make me money.

Aside from pissing people off, are there any actual legal or ethical problems with any of these?"


Xen Virtual vs Dedicated Server Security

pushf popf pushf popf writes  |  more than 4 years ago

pushf popf (741049) writes "I'm considering moving an app from a physical server (app owns whole machine) to a Xen Virtual Machine. The data is reasonably sensitive (a breach would get people pissed off, maybe sued, but no financial info is stored).

Does anybody have any actual information on whether or not a properly managed Xen server and Linux instance in a secure hosting facility is more/less/as secure as a dedicated server in the same facility?

Does Xen introduce any significant attack vectors?"


pushf popf has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?