Please create an account to participate in the Slashdot moderation system


Forgot your password?
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Comment Re:Geez Linux. (Score 1) 89

It is secure - everything you can do anything in initrd using this exploit was already available as a feature w/o the exploit. Initrd has no passwords and no content. Until you enter the password for cryptsetup, you get access to nothign. And sure you have root access to INITRD but not the actual filesystem other than boot - but that was unfettered to start with.

Comment So what? Tested this on Fedora 25 (Score 5, Interesting) 89

How is dropping to initrd "root" access?

1. If you already have physical access to the console, all bets are off anyway. Security 101.

2. If you have WDE enabled, dropping to root gets you initrd only - no passwords, no privileges, nada - all it lets you do is try to mount the file system which can't be because it's encrypted. Only /boot should be unencrypted.

3. The only possible attack vector is to swap out the kernel image. But there are simpler ways to do that than run an exploit.

Did these guys watch too many episodes of the new MacGyver and consider themselves hackers instead of script kiddies?

Did they report the problem as only present if you encrypt specific volumes (which is stupid anyway because your passwords are visible now).

It takes a lot of effort to avoid WDE when installing linux these days. Only an idiot would misconfigure and render his system vulnerable like this. And only an idiot would give his keys to the castle to people he didn't trust.

Social Engineering wins every time and there is nothing you can do about it.

Comment Re:Really? (Score 1) 541

I think you're fascism is well-placed. You the person that ensures I will always have a job. When a drive fails under Windows, Windoes keeps trying to fix it and makes things worse. When you try to recover files from windows (as most users have tried), Windows starts corrupting things all over the place. I tell my friends, when you have a problem with your drive, turn your computer off and bring it to me. I will recover all your files if you give ma drive of equal size. Why? Because Linux will never FSCK removable media unless I tell it. It will not even access files, FAT or any other content. I can clone the drive under linux with removable media without danger of reading the contents more than once and making the drive seek only forwards as fast as it can go. 99% recovery rate. With the proposed SystemD update, I can no longer do this. Because of the hidden secret sauce that causess an FSCK on removeable media. THIS is the problem. It's the automatic FSCK and MOUNTING. The POINT of a Linux system is that automount is at the user's discretion. Not the operating system. SystemD, like Windows is removing the ability of the USER to choose to do something. And like the other areas where SystemD has run rampant, the first step is embrace - then extend, and then extinguish. Lesson learned from Microsoft.

Comment Re:Whatever you're used to seems simple (Score 1) 716

It was all very simple.
contained the home directories for users
contained system special executables
contained system libraries
contained sytem executables
contained user space files
contained user space special executables
contained user space executables
contained user space libraries
contained shared user space files
contained add-on user space files (bin,sbin, lib)
contained the most variable files (high data through put) or most often changed (which leads to /var/www /var/lib/ /var/adm /var/tmp /var/run)
contained process pseudo file system
contained device pseudo file systemIt was all very simple.
system pseudo file system - this one is new
EVERYTHING ELSE that is not a library, user space file, or a binary in one of the other categories

Just because you were never told and never bothered to learn does not pre-suppose a lack of design.Ignorance is no excuse for claiming to be knowledgeable. It's like saying you never read the bible because it was all in Greek.

Just because you were never told and never bothered to learn does not pre-suppose a lack of design.Ignorance is no excuse for claiming to be knowledgeable. It's like saying you never read the bible because it was all in Greek. But you got the gist by looking at it long enough.

If you cut your teeth on Dec UNIX, Solaris, AIX and HP-UX, it's very easy to understand because you learn the history through comparison. This "I don't get it so there must be no rhyme or reason" is just crazy.

It's like the other old timer said - the new folks don't want to learn about how we got here - they just want to repeat our mistakes. I cut my teeth on Linux and then UNIX proper and then VAX since 1990 (TSR 80s and the like on 8086 processors and then 80386 systems before getting to real machines ). It's a proven fact that we are all social learners by nature. Maybe it's time to exercise our social learning instead of our social media which is leading to our social ignorance..

Comment Re:Life on other plansts != No God (Score 1) 755

Not cherry picking. There many more examples in the same book. Right down to predicting the non-mixing of water in orean currents at different layers. That was what convinced Jacques Cousteau. But anyway. It's just one example. There are lots of scientific FACTS in the same book. That we've only recenlty proven. Yes, if this was taken as proof a long time ago, I would agree - cherry picking. Too many other facts have borne out as true since then.

Comment Life on other plansts != No God (Score 1) 755

How does the conclusion that there may be life on other planets disprove the existence of God?

Just because we as humans hope that God made life only on one planet does not make it so.

Just because we don't have accurate records in every religious book on possible life on other planets does not dispreove God's abilty to create life elsewhere.

Even IF ONE religious book postulated possible life on other planets is possible is grounds for DISMISSING the "There is no God if there is life on other planets" theory.

However, IF ONE religous book that DID mention possible life on other planets or even other planets from an illiterate goat herd that wouldn't know the first thing about science, the universe or planets or even that the world was round would be sufficient grounds to prove the existence of God.

Occam's Razor: In the absence of all othre explanations, the simplest explanation holds.

Chapter 1, Verse 1 of "The Opening" from the Qur'an reads: Al hamdu lillaahi rabbil ‘alameen (Praise be to God, Lord of all the worlds)

Sceince postulates NOW that there may be life on other planets. They did not have the technology to know that there were worlds back then. Therefore, God exists.

Ok - let the religous wars commence. :)

Comment Re:Sensationalism? (Score 1) 294

I think you missed something. You CAN force the system to ignore the BIOS and use the power management feature by setting a kernel flag. How does that qualify as a horror story? I used to build computers on "screaming new hardware" and newly purchased laptops. And I had to go through the pains of figuring out what the flags were by researching. Not once did I BOTHER with attempting to get the manufacturer to FIX the problem for me. Unless I'm a developer interested in updating the BIOS, I just care that the computer I want is doing what it should be. E.g. Figuring out how to install Bumblebee so I can run Optimus.

Also, to use the newer hardware, I would simply go to a store and bring my live Linux CD with me. Either it ran or it didn't. If it ran, I bought it. If it didn't, I skipped it. Time is money. I have none to do a manufacturer's homework.

You want to stick it to them. Don't buy the thing that doesn't run what you want.

Apologies if I am oversimplifying, but I do not see "I bought hardware and the manufacturer won't let me run what I want on it" is a horror story. The real horror story to me is that you bought it without checking to see if it was a lemon. We don't have a lemon law for computers when it comes to Windows vs Linux. Caveat emptor.

Personal opinion.

Comment How is this possible: "It took me hours" (Score 1, Redundant) 101

I have not clue how it could take someone HOURS to figure out the name was resolving incorrectly. It take SECONDS to run nslookup, with different nameservers on the TARGET MAACHINE. How is this even newsworthy? A network administrator that doesn't know what he is doing, takes hours to figure out that the name is resolving differently and we write an article on that?

How is this newsworthy?

Secondly, these other TLD's are the right of ICANN to implement. If we didn't want it, we didn't scream loud enough. What is the point of all this chatter on this topic now?

Just curious why we don't have better stories to talk about. ICANN is old news. They're a broken organization that is trying to maintain order in a system that was never designed for centralized control.

Just my two cents.

Comment Re:Why do CS grads become lowly programmers? (Score 5, Insightful) 637

You study ENGINEERING (a discipline) to become a LICENSED PROFESSIONAL ENGINEER.
You study MEDICINE (a discipline) to become a LICENSED MEDICAL DOCTOR.
You would have to agree an automotive engineer is not the same as a mechanic which is not the same as a scientist in combustible fuels.

Software development is an art form. Software engineering is a discipline. Computer Science is a science.

Studying computer science by itself enables you to become:
1. A computer scientist
2. A computer programmer
3. A computer technician

Even becoming a computer science teacher would require you to study EDUCATION as a discipline.

There are no shortcuts. While life experience may teach you SOME things to become an engineer, there is no substitute for a Computer Science degree that focuses on software engineering. You could become an engineer after years of experience. or you could simply learn the discipline and stand on the shoulders of giants and open yourself up to learning from and teaching others in the discipline for a lifetime.

The next time you ask yourself, "Where on God's green earth would I use this knowledge", stop yourself. And think: "Why on earth would I want to work harder and solve problems already solved by others."

An engineer solves problems a new way because the outcomes of all the known methods are not satisfactory. An engineer can predict reliably how long something should take from his body of knowledge.
A developer solves problems a new way because it's fun, it's cool and it's artistic. A developer, like an artist, works until he's done.

There is nothing wrong with being a developer or an artist. But just as we should never confuse industrial art with fine art, we should never confuse software development with software engineering.

If you can only solve the problem at hand, you will not have fun doing engineering. If you are happier solving higher order problems of how things are put together and how to do things efficiently or discovering how to things MORE efficiently by building on the knowledge of others or collaborating, you will have fun doing engineering.

Slashdot Top Deals

"What if" is a trademark of Hewlett Packard, so stop using it in your sentences without permission, or risk being sued.