Slashdot Mirror


User: Bengie

Bengie's activity in the archive.

Stories
0
Comments
6,462
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 6,462

  1. Re:Yawn on Observed Atmospheric CO2 Hits 400 Parts Per Million · · Score: 2, Informative

    Just remind them of the thousands of record highs set in the past few years all around the world. For every small increase in average temps caused by global warming, larger extreme temperatures are seen throughout the year. Higher highs and lower lows but an overall average of warmer.

  2. Re:Uh, 87 zillion volts? on Fermi and Swift Observe Record-setting Gamma Ray Burst · · Score: 2

    All photons of the exact same frequency are equal. Higher frequency GRB photons are more equal than lower frequency ones. They are the 0.1%.

  3. Re: Need expert opinion on Fermi and Swift Observe Record-setting Gamma Ray Burst · · Score: 1

    Depending on close one is, it could ionize our entire atmosphere, not just the ozone. But from what I understand, ionizing a significant part of our ozone is all that is needed to mess things up really badly.

  4. Re:Bose never got a Nobel on Physicists Attempting To Test 'Time Crystals' · · Score: 1

    Not sure, but most likely end up also getting a Darwin Award

  5. Re:A constant reminder on Speeding Object Makes Small Hole In the ISS Solar Array · · Score: 1

    Space is scary and dangerous.

    I was going to say that I love my atmosphere because it makes me feel all cozy and warm, but I'm supposed to get snow this week.. In May.

  6. Re:It's completely ideological. on Btrfs Is Getting There, But Not Quite Ready For Production · · Score: 1

    It's hard to calculate free space on a per volume level because unlike ZFS, BTRFS allows for per object RAID levels. You can't really calculate space used without walking the entire tree, which is prohibitively expensive.

    Say a user has a volume with a logical size of 1GB, then create a file of 1MB, but then sets the file to be replicated 8 times. Do you report 1023MB free or 1016MB free? Now assume tends of thousands of files with a different configuration. One may be RAID5, one may be RAID6, one may be RAID10.

    It's a useful feature.

  7. Re:Oh that's all right then on German Ministry of Education Throws Away PCs For 190,000 € Due To Infection · · Score: 1

    If the network was properly configured, general purpose computers would have been free to clean and faculty computers would have costed about 5min-15min of time.

  8. Re:760 Euros per PC on German Ministry of Education Throws Away PCs For 190,000 € Due To Infection · · Score: 1

    I wonder how the estimated 760 euros when I've done similar things, which has taken less than 15min of my time. When I was in IT, an all out infection just meant a computer getting re-imaged, which I could start remotely.

    Process to re-image a computer

    1) Call end user, ask when they won't need their computer for 1 hour
    2) Start re-image remotely
    3) Restore data/setting/installed software, which was all automated and part of the re-image process

    Most of my time was playing phone-tag with the end user to make sure everything was working.

  9. Re:Hashed and salted is obsolete on LivingSocial Hacked: 50 Million Users Exposed · · Score: 1

    salted+hashed passwords are fine for strong passwords.

    I just have a gut reaction against security through artificial inefficiencies instead of regular math, physics, and scaling.

    But then again, so many people have such horrible passwords. All about scrypt.

  10. Re:If I have a day job? on Hiring Developers By Algorithm · · Score: 1

    Programming when you get home doesn't make you a good programmer in the same way not programming at all makes you a good programmer.

    One's abilities is typically highly correlated with amount time spent honing their skills.

  11. Re:This is why on vTel Deploying Gigabit Internet In Vermont At $35/Month · · Score: 1

    I think we should get rid of all government funded services, like police, education, road, power, water, you know, society.

  12. Re:One by one the dominos fall... on vTel Deploying Gigabit Internet In Vermont At $35/Month · · Score: 1

    Some many year many country research showed a 0.7% increase in GDP for every doubling in Internet speed. The cost of nation wide 1Gb fiber would be paid off in 1-2 years if we got even one 0.7% increase.

  13. Re:Hashed and salted is obsolete on LivingSocial Hacked: 50 Million Users Exposed · · Score: 1

    I would go so far as to say that user/pass/email should not be stored in the same system and should not be be able to be read out of the system that stores it. It should be in an entirely separate system where your auth request can pass in a user+hash and get back if it was valid, but should not every return what the current user/hash/email is.

    The SQL user account that has access to the user/hash/email should not have access to the table, but only a function or sproc. This way a compromised user cannot just dump the data directly from the table, but must request one user at a time, which means knowing each user.

    Also, because this is a separate system, it can use very well-formed messages since they're only used for auth reasons anyway. Because of this, one could make some very strict firewall rules that make it near impossible to dump the current table and send it anywhere.

    It could be taken yet another step further. When a session is started, that session may only be associated with one login, which gets assigned on a valid auth attempt. Whenever you try to auth, your session identifier must be passed in and if it's already set, then the auth will reject the request, forcing the hacker to reestablish a new session before attempting another auth. Then you can place a new-session rate limit per IP.

    So, a compromised web app or even database does not give the hacker a user/hash/email
    If they want to attempt access to said info, they would need to bounce a hack from an external service like a web app to the auth system, which can't talk to the Internet directly. Then the auth system would be heavily locked down as all incoming and outgoing messages are well-formed, potentially UDP of fixed lengths, and even then, gaining access to the DB as the current user would only be good for one request at a time.

    I'm sure there is always a way in, but one could make it quite hard without much work.

  14. Re:How do admins keep salts secure? on LivingSocial Hacked: 50 Million Users Exposed · · Score: 1

    I like to use 32bytes of crypto-grade random.

  15. Re:Hashed and salted is obsolete on LivingSocial Hacked: 50 Million Users Exposed · · Score: 1

    There isn't enough energy in the Universe to break a strong password that has been hashed and salted. Just make sure you use strong passwords.

  16. Re:How do admins keep salts secure? on LivingSocial Hacked: 50 Million Users Exposed · · Score: 2

    A one time rainbow table is entirely useless.

  17. Re:Happy with XFS on Btrfs Is Getting There, But Not Quite Ready For Production · · Score: 2

    It is impossible to compete with a FS+VolumeManager+RAID hybrid. There is just some stuff that impossible to do without coupling those layers and those impossible things are becoming requirements.

  18. Re:Read their website on Btrfs Is Getting There, But Not Quite Ready For Production · · Score: 4, Informative

    My cousin said when he had to go "FS shopping" for his research data center, they had some requirements, most notably, being used by several enterprises that all store at least 1PB of data on the FS and have not had any critical issues in 5 years.

    He said the only FS that fit-the-bill was ZFS. His team could not find an enterprise company that stored at least 1PB of data on ZFS and had a non-user caused critical problem within the past 5 years. That was many years ago and he has not had a single issue with his multi-PB storage that is being used by hundreds of departments.

    ZFS is not perfect, but it sets a very high bar.

  19. Re:Scientific progress on Europe Needs Genetically Engineered Crops, Scientists Say · · Score: 1

    There is only so much fertilizer around the world. Soil is being depleted fast enough that countries like the USA are importing enough fertilizer every year to measure Earth destruction in the unit of cubic kilometers. I think that's mostly lime type imports.

    When tens of cubic of kilometeres of land is torn up every year to extract lime to help fertilize one country that represents only 4.5% of the total population, I can't see us lasting too long on current consumption amounts.

  20. Re:Stronger rival? on MySQL Founders Reunite To Form SkySQL · · Score: 1

    Facebook uses hundreds of MySQL "servers" and dumb nodes in a load-balanced name-value pair object database.

    Think of using a relation database like a NoSQL DB.

  21. Re:Stronger rival? on MySQL Founders Reunite To Form SkySQL · · Score: 2

    That shit scales horizontally, it must be web-scale.

  22. Re:Finally a group that gets it! on What's Actually Wrong With DRM In HTML5? · · Score: 1

    A lot of set-top devices are Linux, even if desktops aren't.

  23. Re:isn't the content streamed via CDN? on Netflix: 'Arrested Development' Won't Crash Our Service · · Score: 1

    I think each one is good for around 10Gb. For large networks, the recommend putting a different server at each logical choke point. The ISP does need to show demand before getting a free server.

    I also read that if your upstream provider is L3, you may already be making use of one of these, and since Netflix is already paying L3 to be a CDN, if your upstream is L3, bandwidth consumed by Netflix doesn't count towards your bill. If you need to upgrade your connection to L3, you're still responsible for those costs.

  24. Re:Already done on USB SuperSpeed Power Spec To Leap From 10W To 100W · · Score: 1

    Infinaband cables are way too large. Won't work for your average consumer.

  25. Re:remote desktop vs windows on Wayland 1.1 Released — Now With Raspberry Pi Support · · Score: 1

    The developers of X don't even like X.

    The users of X like X just fine.

    Let them develop X then, if they so want to use it.

    The only thing I have against X is the vocal community around X that complains when something else tries to get more attention. Continue to use X, it works for what you want, but holy crap, for people who don't actually develop X, they want to tell developers what to work on.

    Even if Wayland was total crap in every way, what entitlement the users of of X must feel to to constantly rag on the developers of Wayland.