×

Announcing: Slashdot Deals - Explore geek apps, games, gadgets and more. (what is this?)

Thank you!

We are sorry to see you leave - Beta is different and we value the time you took to try it out. Before you decide to go, please take a look at some value-adds for Beta and learn more about it. Thank you for reading Slashdot, and for making the site better!

Comments

top

Oracle Releases Massive Security Update

thogard Re:So much for progress (79 comments)

Yet if the OS isn't broken so bad it needs patches every few weeks, then I don't need to make that decision.

IT is to support my business. It isn't my business. Downtime due to idiot coders who didn't test new features that I don't need isn't good for my business.

3 days ago
top

Ask Slashdot: Has the Time Passed For Coding Website from Scratch?

thogard Do your pages load fast? (296 comments)

If your page isn't fully loaded in less than 2 seconds over a real world network without using cache, potential clients have will leave before the 1st page load.

If you can write pages that load fast, keep doing the custom work. If your pages are slow, fix it or fix your technique.

3 days ago
top

Oracle Releases Massive Security Update

thogard So much for progress (79 comments)

We buy the Solaris 9 patch support. The changes for this cycle are 1) TimeZone files updated, 2) Fix to zip and 3) Java fixes

The last kernel patch which required a reboot was 122300-68 from June 2013.

My Solaris 11.2 box gets rebooted way too often to replace other production servers and its better than Sol 10.

Someone at Oracle should learn the difference between an operating system and an operating environment and making sure the OS is rock solid.

3 days ago
top

Justified: Visual Basic Over Python For an Intro To Programming

thogard Re:More on CARDIAC cardboard CPU simulator (629 comments)

My early Jr High computer books included things such a picture of a pigeon hole as a repression of memory. It used the classical "input/processing/storage/output" model. Flow charts where used to demonstrate breaking a problem down into parts that the computer can cope with.

4 days ago
top

Book Review: FreeBSD Mastery: Storage Essentials

thogard Re: Not really for mastery ... (75 comments)

ZFS is miserable on things that assume overwritten blocks will stay where they are on the disk. Some people even count on that to able scrub data. Is there a simple ioctl/fctl that allows that to be turned off in ZFS? no. There should also be an ioctl saying "this file needs to start on a physical block, not be encrypted, and it would be very cool if it was in the 1st gig of the disk, and can you tell me what real sector you can allocate for it?" because computer still need to boot.

Why wasn't there a zfsdump / zfsrestore that wrapped up the send / receive from day one? Even if /usr/lib/fs/zfs/fsck was a shell script wrapper around something else, it would have indicated a clue about where this stuff should fit in the grad scheme of things.

Not everyone uses ufsdump to make backups, I use it to verify the contents of some files on the disk.

5 days ago
top

Steam For Linux Bug Wipes Out All of a User's Files

thogard Re:When I see that [literaly] textbook mistake.... (329 comments)

or make use of &&

cd /tmp && cd $SOMEPLACE && do_dangerous_work

Of course having code do rm * tends to question why they don't know which files they need to purge in the 1st place.

about a week ago
top

IEEE: New H-1B Bill Will "Help Destroy" US Tech Workforce

thogard Re:It's a badly written article/summary (481 comments)

As a US citizen living in the US, I get offers to work in the USA until they find out I don't need the H1-B visa.

about two weeks ago
top

Human Language May Have Evolved To Help Our Ancestors Make Tools

thogard Toolmaking language is still evolving (154 comments)

It is not an accident that the countries that advanced the fastest during the industrial revolution had some unique language features such as compound words. English has a number of other advantages such as the ability to absorb words from other languages, lack of gender on most nouns and precision.

about two weeks ago
top

Ask Slashdot: Sounds We Don't Hear Any More?

thogard Re:Matrix printers (790 comments)

Epson, Oki and Lexmark are still making them.

You can still get parts for very old Epson printers like the RX80.

about two weeks ago
top

Tips For Securing Your Secure Shell

thogard Re:Simpler (148 comments)

My reading of their abilities is they can can deal with public keys in some cases.

Why can't openssh require both public key and a password?

about two weeks ago
top

Red Hat Engineer Improves Math Performance of Glibc

thogard Always room for improvement (226 comments)

Newer hardware can make use of newer features which will change what should be considered the best optimisations. Addition used to be much faster than multiplication until they put barrel multipliers in chips. Once floating point cores were added, other things became faster but the early FPUs could do things like add and multiply and anything else could be very slow. I wrote a floating point library for OS9 for the radio shack color computer which had a 2 mhz 8 bit cpu with good 16 bit instructions and no floating point hardware and I could do trig and log functions faster than a 4.77 mhz 8087 floating point unit. I could use tricks like bit shifting and de-normalising floating point numbers for quick adds. There was one function that the typical Taylor series used a /3 + /5 + /7 type thing but there was an alternate that used /2 + /4 + /8 but took more steps but an integer CPU can divide by a power of 2 something like 50 times faster than dividing by an odd number so the doing the extra steps was faster. My library took advantage of precision shortcuts like simply not dealing with some of the low order bits when the precision was going to be lost in the next step or two which are things that you simply can't do efficiently with current floating point hardware.

about three weeks ago
top

Red Hat Engineer Improves Math Performance of Glibc

thogard Re:How much benefit? (226 comments)

When I was in high school we had a FORTRAN class and one of the assignments was print out as many Pythagorean triples as you can in the allowed 1 minute of run time. Most students would start with power and square root function which would provide about a page and a half of results of which one was wrong because of rounding errors. Going from A^2 to A*A would get you far more pages. The system had a multiply-accumulate function that worked very well so a few changes in a formula could double the number of results.

about three weeks ago
top

13,000 Passwords, Usernames Leaked For Major Commerce, Porn Sites

thogard Re: yep. I provide security to some ofthe listed s (149 comments)

If you are going to do your own round counts, there are better ways to make it so you can't use hardware to attack your system. One trivial way with hashes is to xor the 1st byte with 0xaa on the 12th round. That alone means anyone building hardware or a GPU approach needs to take that odd step into account and that should about double the work needed by a GPU using today's techniques for optimisation. Another thing that works is to use a different table. For example MD5 uses an internal table that is something like 256*sine((0..255)/256.0). A simple swap of two bytes somewhere in the table means it is incompatible with off the shelf solutions and should be the same strength. There is a risk that doing this will cryptographically weaken the hash. For example if you use the XOR trick too early or too often in the rounds, you end up forcing bits to a known state and that makes it much weaker much like messing with S-boxes in DES does and for the same reasons. Moving around values in large tables tends to be safe as does some conditional byte manipulation in later rounds assuming you are doing more than the standard count. A great way to find out what doesn't work is write a md5 like function with 32 bits and just a few rounds. That can show lots of tweaks are very bad ideas.

about a month ago
top

13,000 Passwords, Usernames Leaked For Major Commerce, Porn Sites

thogard Re:Probably malware (149 comments)

It could have been a small subset of a larger leak. Perhaps 13,000 out of millions that just happen to have the same seed values so they could be cracked easier. Of course then someone would have had to try those 13,000 against some of the top 100 web sites in the world but that should have left their fingerprints in logs all over the world.

about a month ago
top

My laptop lasts on battery for ...

thogard How can it get so hot so fast? (97 comments)

I have a very old sparc based Tadpole laptop. While the thing will run off batteries, I wonder if they would have done better business by getting in the battery powered electric camp stove business since they have most of that part working fine.

about a month ago
top

MIT Unifies Web Development In Single, Speedy New Language

thogard Re:Death by Manual (194 comments)

I wrote a C compiler that would sometimes not compile correctly but it was based on a an attempt to use neural nets to do complex parsing.

about a month ago
top

Human Eye's Oscillation Rate Determines Smooth Frame Rate

thogard Nyquist? (187 comments)

The ear follows the rules Nyquist created about sample rates (i.e. there are hairs in your ear that are turned to hear 40 kHz but you can't hear that high). There is no reason the eye can't be doing the same thing.

about 1 month ago
top

US Internet Offers 10Gbps Fiber In Minneapolis

thogard Ethernet for the symmetrical win (110 comments)

They are using an ethernet solution over fiber so the next steps above 10 are 40 and 100 gig. This is what you can do when you roll out a data network and not an overgrown cable tv network like all the xPON and FTTH, FTTP networks we keep hearing about.

about 1 month ago
top

Cyberattack On German Steel Factory Causes 'Massive Damage'

thogard Re:Sometimes 'air gap' is impossible (212 comments)

It is a result of the stupid and outdated firewall model of "Trust/Untrust/DMZ" when applied nearly anywhere.

Modern production networks should be firewalling everything from everything else. Nothing should be on the "Trusted" side. Get something like an SSG-140 and load it up with a bunch of 8 port cards which will give you 42 ports and 42 zones for things to talk to. That way you can allow the CNC machine to talk to its support site for its update but it can't ever talk to the laser cutter or other CNC machines.

The sad thing is the SSG is EOL and I don't know anyone else that makes a low cost multi-port firewall and most switches with firewall capability just don't do proper intrusion detection and malware detection.

about a month ago
top

In Iowa, a Phone App Could Serve As Driver's License

thogard Re:transfer the ID information to the police (207 comments)

The FAA has been trying to point out this fact for decades. The paper pilots carry around isn't a pilots license, it is a certificate of license. The license is held in a computer somewhere and when that is revoked, the paper saying you have a license is meaningless.

about a month and a half ago

Submissions

thogard hasn't submitted any stories.

Journals

thogard has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?